POSTS TAGGED: burt_kaliski

Verisign’s Preliminary Comments on ICANN’s Name Collisions Phase One Report

Burt Kaliski | Apr 16, 2014

Verisign posted preliminary public comments on the "Mitigating the Risk of DNS Namespace Collisions" Phase One Report released by ICANN earlier this month. JAS Global Advisors, authors of the report contracted by ICANN, have done solid work putting together a set of recommendations to address the name collisions problem, which is not an easy one, given the uncertainty for how installed systems actually interact with the global DNS.  However, there is still much work to be done.

Below, I have outlined the four main observations from ICANN’s "Mitigating the Risk of DNS Namespace Collisions" Phase One Report discussed in Verisign’s public comment along with recommendations:

Read more

Proceedings of Name Collisions Workshop Available

Burt Kaliski | Mar 26, 2014

Presentations, papers and video recordings from the name collisions workshop held earlier this month in London are now available at the workshop web site, namecollisions.net.

The goal for the workshop, described in my “colloquium on collisions” post, was that researchers and practitioners would “speak together” to keep name spaces from “striking together.”  The program committee put together an excellent set of talks toward this purpose, providing a strong, objective technical foundation for dialogue.  I’m grateful to the committee, speakers, attendees and organizers for their contributions to a successful two-day event, which I am hopeful will have benefit toward the security and stability of Internet naming for many days to come.

Keynote speaker, and noted security industry commentator, Bruce Schneier (Co3 Systems ) set the tone for the two days with a discussion on how humans name things and the shortcomings of computers in doing the same.  Names require context, he observed, and “computers are really bad at this” because “everything defaults to global.”  Referring to the potential that new gTLDs could conflict with internal names in installed systems, he commented, “It would be great if we could go back 20 years and say ‘Don’t do that’,” but concluded that policymakers have to work with DNS the way it is today.  

Bruce said he remains optimistic about long-term prospects as name collisions and other naming challenges are resolved:  “I truly expect computers to adapt to us as humans,” to provide the same kind of trustworthy interactions that humans have developed in their communications with one another.

Read more

Jeff Schmidt to Present Name Collision Management Framework at Research Workshop

Burt Kaliski | Mar 04, 2014

I’m delighted to announce that the name collisions workshop this weekend will include Jeff Schmidt, CEO of JAS Global Advisors, presenting the Name Collision Occurrence Management Framework that his firm just released for public review.

Jeff’s presentation is one of several on the program announced by the program committee for the Workshop and Prize on Root Causes and Mitigations of Name Collisions (WPNC).

The program starts with a keynote presentation by Bruce Schneier, and will also include research papers and invited panels on various aspects and implications of the name collisions issue.

As a gathering of researchers and practitioners with broad expertise in DNS, network operations and Internet systems, the workshop provides an ideal venue for community engagement on the proposals in the new framework document, as well as on solutions to the issue more generally.

Thanks to the program committee for their careful review of the papers submitted to the workshop and the well-rounded program for the event, which runs March 8-10.  To register to attend, visit namecollisions.net/registration


Uncontrolled Interruption? Dozens of “Blocked” Domains in New gTLDs Actually Delegated

Burt Kaliski | Feb 26, 2014

The Mitigating the Risk of DNS Namespace Collisions report, just published by JAS Global Advisors, under contract to ICANN, centers on the technique of “controlled interruption,” initially described in a public preview shared by Jeff Schmidt last month.

With that technique, domain names that are currently on one of ICANN’s second-level domain (SLD) block lists can be registered and delegated for regular use, provided that they first go through a trial period where they’re mapped to a designated “test” address.  The staged introduction of new SLDs is intended to provide operators of installed systems the opportunity to assess the potential impact of an impending name collision on their own, before any external operators have an opportunity to exploit it.

The new technique is subject to a public comment period before being adopted (including discussion at the upcoming Name Collisions Workshop).  However, if this technique (or any other) were adopted, it would stand to reason the staged introduction would need to be monitored carefully.  Someone would need to check that SLDs on the block lists actually did go through the trial period, and were not put into regular use without the appropriate opportunity for assessment by operators of installed systems.

(Note that Verisign isn’t endorsing the technique; we are reviewing the just-published Mitigating the Risk of DNS Namespace Collisions report, and we’ve already expressed reservations about the statistical invalidity of SLD block lists as an indicator of name collision risk.  That being said, the point still remains that if such a technique were adopted, it would need to be monitored to ensure correct implementation.)

Given the anticipation of “controlled” interruption, it’s ironic that while ICANN specifically precludes the delegation of domain names on the SLD block lists, dozens of them were actually registered and delegated!

That fact was recently duly noted by one of Verisign’s researchers who has been analyzing the daily progress of new gTLDs.  As it turns out, nearly all delegated SLDs that should have been blocked were cancelled over the past weekend after independent reports citing the existence of inappropriate delegations began to circulate.

That the delegations of SLDs on the block lists could have caused name collisions with installed systems is not our primary concern.  (And, as noted above, we don’t consider the block lists – which are based solely on query frequency at specific points in time – to be the final word on which delegations might or might not cause name collisions.  As our chief security officer Danny McPherson has well explained in one of his blog posts, “Query frequency data without query context isn’t enough.”)

Our concern, rather, is that domain names on the SLD block lists were delegated at all, given ICANN’s clear direction to the contrary.  As Pat Kane and I have noted in a broader-ranging letter to NTIA on operational miscues in the new gTLD delegation process, a policy that’s unenforced is worse than no policy at all.

If this is the state of affairs when the answer is “no” – effectively, a state of “uncontrolled interruption” – what happens when the answer changes to “wait 120 days”?


Keynote Speaker for Name Collisions Workshop: Bruce Schneier

Burt Kaliski | Feb 20, 2014

There may still be a few security practitioners working in the field who didn’t have a copy of Bruce Schneier’s Applied Cryptography on their bookshelf the day they started their careers.  Bruce’s practical guide to cryptographic algorithms, key management techniques and security protocols, first published in 1993, was a landmark volume for the newly emerging field, and has been a reference to developers ever since.

Beyond just the popularity of the book, Bruce has also been widely recognized over the past two decades for his insightful commentary on the security issues of the day, featured on his  monthly Crypto-Gram newsletter, his blog, “Schneier on Security,” 11 more books including the newly published Carry On, as well as numerous essays, op-eds and interviews.

It’s a genuine privilege therefore that Bruce will be keynoting the upcoming Name Collisions Workshop, to be held on March 8-10, in London.

The keynote will take place at the start of the formal program at 9:00 a.m. local time on Sunday, March 9. 

To manage risk, one needs to consider not only each individual element of a system, but also how the elements interact with one another.  Security from a cryptographic perspective, as Bruce has long observed, involves more than just good algorithms, but also good software and hardware implementation, random number generation, key management and user interfaces.  Likewise, the security of the Domain Name System (DNS) involves more than just availability and integrity of a distributed network of name servers.  It also requires that the DNS interact well with the installed systems that depend on it, given their various assumptions about which name spaces are public and which ones are private.  Both require an engineering approach to public policy, according to Bruce:

“We need to convince policy makers to follow a logical approach instead of an emotional one -- an approach that includes threat modeling, failure analysis, searching for unintended consequences, and everything else in an engineer's approach to design.”

The Name Collisions Workshop is intended to facilitate such a logical approach by advancing research on risks and mitigations.  Bruce’s keynote will certainly set the tone.  

As a coda, Bruce will share with the workshop participants a perspective on surveillance and on his online interviews with Edward Snowden.

The full program for the workshop, including accepted papers, invited papers and panels will be announced shortly.  To register to attend, please visit namecollisions.net/registration.