Tag Archives: dns

Call for Participation – DNSSEC Workshop at ICANN 59 in Johannesburg

Do you have ideas about DNSSEC or DANE that you would like to share with the wider community? Have you created a new tool or service? Have you found a way to use DNSSEC to secure some other service? Do you have new statistics about the growth or usage of DNSSEC, DANE or other related technology?

If so, and if you will be in Johannesburg, South Africa, for ICANN 59 in June 2017 (or can get there), please consider submitting a proposal to speak at the ICANN 59 DNSSEC Workshop!

Please send a brief (1-2 sentence) description of your proposed presentation to dnssec-johannesburg@isoc.org by Friday, 19 May 2017.

As with all of these sessions at ICANN meetings, it will be streamed live so that you can participate remotely if you will not be there in South Africa. (And I will note that this time I will not be attending in person.)

The full Call for Participation with more information and examples is below.

* * *

Call for Participation – ICANN DNSSEC Workshop at ICANN59 Policy Forum in Johannesburg, South Africa

The DNSSEC Deployment Initiative and the Internet Society Deploy360 Programme, in cooperation with the ICANN Security and Stability Advisory Committee (SSAC), are planning a DNSSEC Workshop at the ICANN59 Policy Forum 26-29 June 2017 in Johannesburg, South Africa. The DNSSEC Workshop has been a part of ICANN meetings for several years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments. For reference, the last Policy Forum DNSSEC Workshop was at the ICANN meeting in Helsinki, Finland on 27 June 2016. The presentations and transcripts are available at: https://icann562016.sched.com/event/7NCj/dnssec-workshop-part-1.

The DNSSEC Workshop Program Committee is close to finalizing the 3-hour program. Proposals will be considered for the following topic areas and included if space permits. In addition, we welcome suggestions for additional topics either for inclusion in the ICANN59 workshop, or for consideration for future workshops.

1. DNSSEC Deployment Challenges

The program committee is seeking input from those that are interested in implementation of DNSSEC but have general or particular concerns with DNSSEC. In particular, we are seeking input from individuals that would be willing to participate in a panel that would discuss questions of the nature:

  • What are your most significant concerns with DNSSEC, e.g., implementation, operation or something else?
  • What do you expect DNSSEC to do for you and what doesn’t it do?
  • What do you see as the most important trade-offs with respect to doing or not doing DNSSEC?

We are interested in presentations related to any aspect of DNSSEC such as zone signing, DNS response validation, applications use of DNSSEC, registry/registrar DNSSEC activities, etc.

2. Preparation for Root Key Signing Key (KSK) Rollover

In preparation for the root KSK rollover, we would like to bring together a panel of people who can talk about what the potential impacts may be to ISPs, equipment providers and end users, and also what can be done to potentially mitigate those issues. In particular, we are seeking participation from vendors, ISPs, and the community that will be affected by distribution of new root keys. We would like to be able to offer suggestions out of this panel to the wider technical community. If you have a specific concern about the Root Key Rollover, or believe you have a method or solution to help address impacts, we would like to hear from you. For more information on the root KSK rollover see the guide at: https://www.icann.org/en/system/files/files/ksk-rollover-quick-guide-prepare-systems-03apr17-en.pdf.

If you are interested in participating, please send a brief (1-2 sentence) description of your proposed presentation to dnssec-johannesburg@isoc.org by Friday, 19 May 2017

Thank you,

Julie Hedlund

On behalf of the DNSSEC Workshop Program Committee:

Mark Elkins, DNS/ZACR

Jean Robert Hountomey, AfricaCERT

Jacques Latour, .CA

Xiaodong Lee, CNNIC

Russ Mundy, Parsons

Ondřej Surý, CZ.NIC

Yoshiro Yoneya, JPRS

Dan York, Internet Society

Note: an earlier version of this post appeared on the Internet Society’s Deploy360 blog.

Written by Dan York, Author and Speaker on Internet technologies – and on staff of Internet Society

Follow CircleID on Twitter

More under: DNS, DNS Security, ICANN, Security

Continue reading

Posted in circleid | Tagged , , , | Comments Off on Call for Participation – DNSSEC Workshop at ICANN 59 in Johannesburg

Domain Names Are Fading From User View

The internet has changed and evolved ever since it’s ancestors first came to life in the late 1960’s. Some technology fades away and is forgotten; other aspects continue but are overlaid, like geological sediments, so that they are now longer visible but are still present under the surface.

The Domain Name System — both the technology of DNS and the deployed naming hierarchy we all use — are among those aspects of the internet that, although they feel solid and immutable, are slowly changing underneath our feet.

Act I: In Which DNS Fades to Translucent Grey

Internet Domain Names had a good twenty-year run from the early days of the World Wide Web (1995) through 2015.

Some people made a lot of money through domain name speculation. Others made money by wallpapering Google Ad Sense advertisements over vacuous websites. And a busload of attorneys made a good living chasing down shysters trying to make a buck off of the trademarks of others.

And through its perceived control of domain name policy, ICANN grew into a ever-bloating, money absorbing bureaucracy worthy of Jonathan Swift.

But things are changing. The days of domain names as the center of internet policy and internet governance are ending. Domain name speculation will slowly become a quaint shadow of its former self.

What is driving these changes?

It is not that the Domain Name System (DNS) is becoming less important as a technical way of mapping structured names into various forms of records, most often records containing IP addresses.

Nor is the Domain Name System used less then heretofore.

Nor are the knights of intellectual property becoming any less enthusiastic about challenging every domain name that they feel does not pay adequate homage to the trademarks they are protecting.

And national governments continue to believe that domain names are the holy grail of levers they can use to impose their views of right and proper behavior onto the internet.

All of that remains. And it will remain.

What is happening to DNS is more subtle: Domain names are slowly becoming invisible.

For many years internet users could not avoid domain names. DNS names were highly visible. And domain names were everywhere. DNS names were part of e-mail addresses, DNS names were prominent parts of World Wide Web URLs, and DNS names that were based on words formed a rough, but useful, taxonomy of web content.

But the sea-level of internet technology is slowly rising. We now live in a world of web search engines. We now have personalized lists of “contacts”. We now use a profusion of “apps”. And we now spend much of our online lives inside walled gardens and social networks (such as Facebook, Twitter, or various games.)

Even in places where users formerly uttered or typed email-addresses (containing domain names) or web addresses, we now enter keystrokes or words that are used by user interface code to search for the thing we want and make suggestions.

For example, when I send an e-mail, I usually don’t need to type more than two or three characters of the name of the desired recipient; for every keystroke the software goes to my contact list, does a search, and shows me the possible outcomes. Similarly, on web browsers the old “address bar” has become a place for the user to send search targets to a web search company. In both of these examples the user no longer really deals with domain names (even though in both of these examples there are domain names — sometimes visible, sometimes hidden — underneath the search results.)

In the world of Apps, games, and walled gardens there may not even be a way for a user to utter a domain name.

And if a user does mention a domain name it is frequently in the form of a shortened URL that has no resemblance to the actual domain name of the target resource.

You can confirm this by asking yourself: “When was last time I used a domain name while using Facebook or Twitter, or when playing my favorite game?” Few of us have ever used a domain name when giving an order to an Amazon Echo (“Alexa”) or a Google Home (“OK Google”).

Act II: DNS Remains, But Quietly Hovers In The Background

DNS is not being abandoned; the domain name system is as robust, powerful, and important today as it ever was.

However, DNS is being veiled. So that rather than being a central figure, visible to all, it does its job behind the scenes where few but internet operators and repair techs see it.

In days past, you or I may have gone to a web browser and entered a URL that looked like, http://upstairs-thermostat.myhouse.tld/. But today I use an Internet of Things device and say “Alexa, set the upstairs thermostat to 68 degrees.”

Same activity, same request, same devices, but the domain name has gone away and been replaced with a more convenient handle.

I use the word “handle” quite intentionally. One of the aspects of the post-DNS internet is that names are becoming contextual. These new names often exist within the context of a particular person (as in a personal contact list) or a particular walled garden (such as Twitter).

Contextual names let us escape the rules and disputes — and costs — that came from the “globally unique identifier” view of the domain name system. You and I can each use the name “upstairs thermostat”; the context prevents collisions; the context differentiates between your “upstairs thermostat” and mine.

These new names will often be used on software that internally uses domain names to tie things together. There is no doubt that Twitter, for example, has lots of internal domain names. But those domain names have become merely internal gears and wheels, they have become as invisible as the pistons in the motor of a gasoline powered automobile.

The DNS system will remain as a means of using structured names — words connected by dots — to obtain various forms of records that can contain things as varied as IP addresses, geographic locations, e-mail exchange server lists, VoIP PBX locations, etc. But it will be software rather than humans that originates those structured names and uses the lookup results. That software may, and frequently will not, make those underlying structured DNS names, or the lookup results, visible to the human user.

The fading of domain names brings benefits.

Some troublesome things will begin to end.

Domain names will no longer be perceived as being particularly valuable ways to express semantically meaningful labels.

  • This will remove much of the energy that powered the DNS trademark wars that we have seen over the past twenty years. (But don’t expect the trademark protection industry to give up their relentless effort to own even private, local uses of some names — that company in Atlanta will probably want to try to prevent people in their own homes from using the word “coke” to refer to any brown carbonated sugar drink other than their own.)
  • And it will also tend to de-energize marginal internet activities such as typosquatting in order to pick up advertising impressions or click dollars from people who accidentally mis-typed a domain name into a browser.
  • And it will obviate the need for most of the functions of ICANN.

Opportunities will arise for application-specific or community specific naming systems:

  • New names can be more descriptive of classes of possible targets rather than being tightly bound: You could, for example, say “ATM” and not be locked into ATMs operated by wellsfargo.com.
  • New names do not need to fit into the confined strictures of domain names.
  • New names need to be less like “names” and more like “descriptions” — more on that below.

Act III: There’s Still Gold In Internet Naming

The loss of domain names as baubles for speculation does not mean that entrepreneurs and Procrustean government bureaucrats must fold their tends and skulk away in to the night.

Even after DNS becomes merely an internal organ of the internet, there will be plenty of opportunities for fun and profit.

Companies that are presently operating as domain name registries and registrars, are well poised to capitalize on the new systems: they already have much of the customer and user facing “front office” infrastructure that will be required to service whatever naming systems may arise.

There are two broad areas in which internet naming will probably evolve: entity naming and describing.

Entity Naming

The need to attach names to specific things will be with us forever. And there will always be a need to turn names into some sort of concrete handle to those things. This will be, as it always has been, tied to the problems of figuring out where that thing is (i.e. its address) and how to get there (i.e. the route.)

One of the prime values of DNS as it exists today is that almost everybody voluntary chooses to use a single base root. So we have a global shared system that assures that all names attached to that root are unique.

That uniqueness is important, but it is not always necessary — sometimes people want a solid distributed name-to-record lookup system that is not dependent on a global root outside of their control. Sometimes people just want a private name space for some private purpose. DNS technology, as opposed to “the” domain name system, provides a useful tool for these purposes.

The name model of DNS is extremely useful, but it is simplistic: It is a hierarchy, represented by names separated by dots, that leads to sets of records that can contain various types of data. That simplicity has allowed DNS to be robust and reliable. But that same simplicity creates limits.

The world is evolving so that that simple model of names-to-records will become increasingly inadequate. I’ve written a couple of papers on this topic:

  • On Entity Associations In A Cloud Network – The argument made here is that as we move towards cloud based resources the simple mapping of DNS names to a relatively fixed set of answers is not sufficient to accommodate the motion, partitioning, and coalescing of cloud based computing and data resources.
  • Thoughts On Internet Naming Systems ‐ This presentation addresses certain presumed characteristics of domain names that are not necessarily true in practice and likely to become even less true in the future. For example, many of us tend to presume that DNS names will generate the same answers no matter who requests a DNS lookup. And all of us are increasingly aware that DNS names are not permanent, the underlying records, and sometimes even the DNS names themselves, sometimes change or even disappear.

And even though name-to-record look machinery such as DNS will remain valuable, it must evolve so that it can have greater security and consistency.

The larger area of future change lies in the area described by the first of the papers above — in the realm of lookups based on descriptions and attributions.

Attribute and Description Based Systems

Whether in real life or on the internet, often you want something that is a member of a class rather than a specific member of that class. You often just want “a Pepsi” rather than a specific bottle of that drink; you usually don’t care which bottle for your needs, the various bottles are equivalent and interchangeable. A word for this is “fungible”.

As is described in my paper On Entity Associations In A Cloud Network the internet is evolving so that there may be many resources that would satisfy any one of our (or our application’s) needs. DNS is often not the best solution for this kind of resource search. Attribute and description based systems would be better, particularly if they had some leeway to find things that are “near” or “similar to” the description or attributes.

We are familiar with this kind of search. For example, web search engines, such as Google, try to show us web search results that locate the best or nearest solutions, not necessarily the perfect solution. And many apps on mobile devices aspire to discover resources based on their distance to your current location.

We can anticipate that use of this kind of thing will increase.

Descriptions and attributes can be self-published by devices and services as they are deployed (or as cloud entities split or coalesce) or they can be published by those who manage such devices or services. This publication could be in the form of simple ad hoc text, as is done for much that is on the web, or be formalized into machine-readable data structures in JSON or XML.

There is lots of room for innovation in this realm; and possibly lots of room to glue-on revenue producing machinery, much as Google did when it attached advertising to web searching.

Epilogue: The Internet Twenty Years Hence (2037)

Relatively few of us remember the internet as it was twenty years ago when the World Wide Web was just getting started. What will it look like twenty years in the future?

We can be sure that whatever it looks like to users, that there will be a lot of ancient machinery, such as DNS, lurking inside.

It is likely that human users will increasingly interact with computer and networks resources much as they interact with other humans — in ad hoc and informal ways. Humans are notoriously vague and ambiguous; that will not change in the future. This means that our computerized systems will have to become more human in the ways that they resolve that ambiguity into concrete results and actions. This, in turn, means that computerized systems will have to become more aware of context and use fewer “names” and more “descriptions” when trying to satisfy human requests.

The introduction of context into network naming will mean more opportunities for damage to human privacy. The tension between convenience and privacy will increase.

As the network world becomes more contextual, it will become harder to diagnose and isolate problems and failures.

Footnote: What Do We Do With An ICANN That Has Lost Most Of Its Purpose?

The vast bulk of ICANN’s machinery and staff is present to support the domain name selling industry. As this paper indicates, we can anticipate that that industry will shrink and consolidate. And fights over domain names will fade as domain names lose their semantic weight or become hidden artifacts rarely seen by anyone except internet technicians.

The ICANN traveling circus of international meetings will become as interesting as a meeting about the future of Lotus 123.

ICANN’s income stream will shrink; ICANN will no longer be able to support its grandiose office suites, staff, and hyperbolic procedures.

ICANN will have to retreat back to what it should have been in the first place — a technical coordinator, a source of operational service levels for DNS roots and TLD servers, and secretariat for protocol parameters such as DNSSEC keys and IP protocol numbers.

Written by Karl Auerbach, Chief Technical Officer at InterWorking Labs

Follow CircleID on Twitter

More under: DNS, Domain Names, ICANN, Web

Continue reading

Posted in circleid | Tagged , , , | Comments Off on Domain Names Are Fading From User View

Sorry, Not Sorry: WHOIS Data Must Remain Public

In March, I posted a call to action to those of us in the community who have the inclination to fight against a movement to redact information critical to anti-abuse research. Today, I felt compelled to react to some of the discussions on the ICANN discussion list dedicated to the issue of WHOIS reform:

Sorry, not sorry: I work every working hour of the day to protect literally hundreds of millions of users from privacy violating spam, phish, malware, and support scams.

Should access to WHOIS data be redacted in any way beyond what it is at present, my work will be made impossible. I spend 90% of my day in WHOIS data, the other 10% sculpting the data in a manner to provide reason and proof to hosting provider and registrars to take action against real-life criminals on their networks.

I also prepare cases for law enforcement to act upon. Contrary to popular belief in some quarters, LE cannot possibly begin to know about the stuff I (and my many, many colleagues) see until we tell them. That’s how it works. Any of the big botnet and crime ring take-downs and arrests you’ve ever seen have involved a public-private collaboration between individuals, researchers such as myself, and law enforcement.

So, I’d like to issue congratulations to all those who want to redact. You will, without a single iota of uncertainty, will expose many more people to real — not potential or hypothetical — privacy issues of a far more serious nature than you could possibly imagine, all in the badly mangled, misguided, and muddleheaded notion of what privacy actually is in the real world. ‘Cut off your nose to spite your face’ has never been more apt.

I hope you tell your Mom, family and your friends what you are trying to do here, while I spend my time trying to protect them from real evil: Revenge porn. Identity Theft. Plain old theft. Stalking. Photographic representation of the rape of children. Trolling, leading to the destruction of people’s lives. Emptied bank accounts.

Tell them you don’t want me to be able to do my job, and that you are trying to make it impossible, because you think access to the data that has been public and without challenge under the world’s privacy laws for twenty years is better off limited to the point of uselessness, sacrificed on some misshapen altar of privacy.

If I sound angry at what you are attempting to do, then I’ve hit my mark. I am furious. The security sector is furious. We are terrified that you may have any degree of success in this regard, because you apparently don’t know, or don’t care what the actual results will be. Placating with ‘gated access’ means there will be some among my peers and colleagues, far more talented and effective than I, who simply cannot gain access, and the resulting mess will be on your head, and at risk of overstating my case, the blood on your hands.

So again, congratulations. Mother’s Day is coming up. Be sure to make mention of this in the card you send. Now, if you’ll excuse me, I’ll go back to diving in the data lake of WHOIS, trying to keep spam and far worse evil off’ve your network.

K bye tnx.

Neil Schwartzman

Executive Director

Coalition Against Unsolicited Commercial Email

http://cauce.org

Twitter : @cauce

Written by Neil Schwartzman, Executive Director, The Coalition Against unsolicited Commercial Email – CAUCE

Follow CircleID on Twitter

More under: Cyberattack, Cybercrime, DDoS, DNS, Security, Spam, Whois

Continue reading

Posted in circleid | Tagged , , , , , , | Comments Off on Sorry, Not Sorry: WHOIS Data Must Remain Public

U.S. Pharmaceutical Sector Extending an Outmoded, Dysfunctional Pricing System to Cyberspace

We recently wrote in response to how LegitScript is painting inaccuracies about the Canadian International Pharmacy Association (“CIPA”). With our members’ 100% perfect safety record selling life-saving medications to millions of Americans for over 15 years, we are proud to participate in a regulated industry. We are also confident in the affordable solution we provide for consumers struggling with outrageous medication prices in the U.S.

Given this affordable solution to predatory pricing, it is evident that LegitScript’s dissemination of inaccuracies is part of a broader pattern of actions undertaken by the U.S. pharmaceutical sector to extend an outmoded and dysfunctional pricing system to cyberspace. This includes misrepresenting CIPA’s role in the Healthy Domains Initiative (“HDI”) and operation of the .Pharmacy gTLD in a manner that is not only contrary to the Internet Corporation for Assigned Names and Numbers’ (“ICANN’s”) Bylaws and mission statement, but elevates the protection of profits over consumer interests. (See an earlier piece here on CircleID by Jeremy Malcolm, Senior Global Policy Analyst, Electronic Frontier Foundation and Mitch Stoltz, Senior Staff Attorney, Electronic Frontier Foundation.)



The Truth About HDI

For the record, CIPA advised the Domain Name Association (“DNA”) after it invited non-member input in 2016 that we would be happy to participate in HDI and to contribute to its online pharmacy initiative. Like many other non-members, we were ultimately disappointed to learn that DNA unveiled the HDI without asking for our input.

To date, we have taken no position regarding the HDI’s Rogue Pharmacy Abuse Report Proposal (the “Proposal”) because the information released by DNA has failed to provide sufficient details regarding the actual operation of its envisioned system for verifying the legitimacy of online pharmacies. We remain ready to work with DNA to refine the Proposal in a manner that both protects and benefits consumers seeking safe, authentic, and affordable medications via the Internet. In fact, CIPA recognizes the mischief of what are truly “rogue” online pharmacies, which prompted us to track misuse of our respected Certification trademark. For many years, we have worked directly with the Canadian Anti-Fraud Centre, a collaboration of the Ontario Provincial Police and the Royal Canadian Mounted Police, in order to take down those websites using our Certification trademark without authorization. In addition, we aggressively monitor use of our Certification trademark and pursue legal action against its unauthorized use.

Contrary to LegitScript’s view that we do not like private companies developing and implementing reasonable policies that remove the incentive for governments to regulate, we actually support and enforce self-regulation, and voluntarily coordinate with law enforcement to protect consumers.

.Pharmacy – Misuse of a Global Internet Resource

CIPA and the Electronic Frontier Foundation (“EFF”), an internationally recognized digital rights group based in San Francisco, are jointly concerned about private interests promulgating standards for key Internet intermediaries that are designed to serve their own financial interests. LegitScript’s ongoing efforts to tarnish the reputation of CIPA and its members fit into a broader pattern of actions by U.S. pharmaceutical interests to suppress competition under a false narrative of consumer protection. The most blatant example of this is the operation of the .Pharmacy gTLD by the National Association of Boards of Pharmacy (“NABP”), the trade association primarily promoting the interests of U.S. retail druggists.

The application for .Pharmacy was supported by such Big Pharma interests as The National Association of Chain Drug Stores, Eli Lilly and Company, and — no surprise — LegitScript. It was approved by the Internet Corporation for Assigned Names and Numbers (“ICANN”), the California non-profit that oversees operations of the Internet’s Domain Name System (“DNS”), in March 2015.

If NABP truly wished a .Pharmacy domain registration to be indicative of regulated and safe sales of authentic medicines, then CIPA members could easily register their domain names. Despite early communications by U.S. consumer advocacy organization RxRights requesting more reasonable registration policies, NABP established .Pharmacy domain registration standards that unjustly mimic LegitScript’s “rogue pharmacy” definition. The usefulness of .Pharmacy is further diminished by an application fee that is currently $2,000.00, plus an annual recurring domain registration fee of $1,050.00.

Not surprisingly, given these facts, .Pharmacy domain registrations have been languishing. According to ICANN, in November 2016 (the most recent month for which statistics have been released) a total of only 256 domains were registered in .Pharmacy. An independent and reliable source of new gTLD registration statistics, nTLDstats.com, reports that only 211 .Pharmacy domains remain as of March 2017. Unless one believes that a handful of online pharmacies are the only ones that can provide consumers with a source of regulated, safe and authentic medications, the .Pharmacy gTLD is clearly failing at providing a safe harbor of validation for those other online pharmacies able to provide the same services, including the members of CIPA.

In an apparent effort to boost registrations of .Pharmacy domains and further limit the ability of consumers to use Internet search engines to locate safe and reliable online sources of medicines, NABP recently announced a significant change in its e-Advertiser program. That program is relied upon by Google and other major search engines as a pre-requisite for advertising against relevant medicine-related search terms.

Beginning on August 1, 2017, NABP will terminate its e-Advertiser program for verifying online pharmacies and pharmacy-related service websites. It will instead require registration of a .Pharmacy domain. In other words, unless an online pharmacy pays hefty and recurring fees to a U.S.-based retail druggist association, and can pass validation requirements that are more about price maintenance than consumer protection, it will be denied the ability to engage in commercial speech that assists consumers searching for safe and affordable medications using major global search engines.

It must be emphasized that ICANN’s Bylaws require it to maintain the openness of the DNS, and to refrain from actions that regulate (i.e., impose rules and restrictions on) services that use the Internet’s unique identifiers, or the content that such services carry or provide. Yet ICANN is standing by and permitting NABP to leverage its control of .Pharmacy, through discriminatory and self-serving policies unrelated to consumer protection, in a manner that restricts the openness of the DNS. This permits the NABP to use the unique .Pharmacy identifier to regulate available services and content, including legitimate commercial speech. Allowing such misuse of a global Internet resource is also contrary to the ICANN Board’s responsibility to reject policy recommendations that are not in the best interests of the ICANN community or ICANN itself.

CIPA plans to raise these concerns within the ICANN community as well as in other forums and organizations that seek to prevent the misuse of DNS resources to further narrow economic interests at the expense of consumer health and safety.

Written by Tim Smith, General Manager

Follow CircleID on Twitter

More under: DNS, ICANN, Internet Governance, Policy & Regulation, Top-Level Domains, Web

Continue reading

Posted in circleid | Tagged , , , , , | Comments Off on U.S. Pharmaceutical Sector Extending an Outmoded, Dysfunctional Pricing System to Cyberspace

Study Finds $9.8B Opportunity In Universal Acceptance of All New Generic and Internationalized TLDs

Proportion of Internet users, website and native language speakers / Analysysy Mason paper

Report from a new study by Analysys Mason, commissioned by the Universal Acceptance Steering Group (UASG), says there is a potential USD $9.8 billion growth opportunity in online revenue through a routine update to Internet systems, including those for speakers of languages that do not use the English script. “The Domain Name System (DNS) has expanded dramatically and now includes more than 1,200 gTLDs. Many of those top-level domains are longer than the legacy three-character domain name (e.g. .com, .edu and .org) or are in non-Latin based scripts (such as Chinese, Arabic or Cyrillic). … [A]lthough many online systems do not recognize these domain names as valid. For example, problems may arise when a user enters a domain name or related email address into an online form on a website and it is rejected. When this happens, it not only frustrates the user and reduces the opportunities for the organization to win a new customer, but it also lessens the cultural, social and economic benefits made possible by the Internet.”

Ram Mohan, Chair of UASG: “To excel in the long run, organizations should seize the opportunity — and responsibility — to ensure that their systems work with the common infrastructure of the Internet — the domain name system. Universal Acceptance unlocks a significant economic opportunity and provides a gateway to the next billion Internet users by ensuring a consistent and positive experience for Internet users globally. Additionally, governments and NGOs will be better able to serve their citizens and constituencies if they adopt Universal Acceptance.”

Research estimates that support for Internationalized Domain Names could bring 17 million new users online. These include users whose lack of local language services was previously a barrier to a complete online experience. “The report’s estimate is based on the examination of just five major languages and language groups that would benefit from IDNs because they use non-Latin scripts (Russian, Chinese, Arabic, Vietnamese and Indic language groups) and the proportion of non-Internet users for whom a lack of local language services is a barrier. The research shows that online spending from these new IDN users could start at USD 6.2 billion per year.”

Potential increased revenues from existing gTLD users: “According to one study, 13 percent of websites reject new domain names with more than three letters — when a simple update of these websites (effectively a “bug fix”) could increase online revenues by USD 3.6 billion per year as a result of Universal Acceptance.”

Andrew Kloeden, Principal at Analysys Mason: “Our analysis shows that the main impediment to Universal Acceptance is a lack of awareness of the issue, rather than any technical challenges. This is not a heavy lift. The efforts required by software and application owners to implement UA are not particularly onerous; in fact most companies treat UA issues simply as ‘bug fixes.’”

Follow CircleID on Twitter

More under: DNS, Email, Top-Level Domains, Web

Continue reading

Posted in circleid | Tagged , , , | Comments Off on Study Finds $9.8B Opportunity In Universal Acceptance of All New Generic and Internationalized TLDs