April 2012 archive

Have You Signed Your Domain With DNSSEC Yet? (Here are instructions…)

Have you signed your domain name with DNSSEC yet?  If not, how about doing that today?  Or as a weekend project?

This one little step can go a long way in both helping make your own Internet presence that much more secure and also in helping move the overall DNSSEC effort forward industry-wide.

To help you out, we’ve put together a few “how to sign your domain name using DNSSEC” tutorials for some of the leading registrars supporting DNSSEC:

http://www.internetsociety.org/deploy360/resources/dnssec-registrars/

If your registrar is not listed on that page, you can also check ICANN’s list of registrars supporting DNSSEC to see if your registrar is listed.

If your registrar is not listed on either site, you may want to look at your registrar’s website to see if they have any mention of DNSSEC. Note that I’ve found a couple of registrars out there who mention “Premium DNS” and on closer inspection turn out to essentially be GoDaddy resellers – in which case the GoDaddy DNSSEC tutorial applies. (And if you do find that they support DNSSEC, could you please send us a note so that we can add them to our list? Thanks!)

And if you still can’t find any information, why not drop an email to your registrar’s support address asking when they will have DNSSEC support?  Either that… or consider moving your domain to a registrar that does support DNSSEC already!  (Yes, I know, moving registrars can be a headache… )

If we can each take a moment to go out and sign some more domains (or to encourage more registrars to support DNSSEC), we’ll move that much closer to having a more secure Internet!

WordPress Dominates Top 100 Blog/Media Sites

If you had any doubt about the outcome of the "platform wars" of the past few years for "blog"-type sites, one graphic can remove that doubt:

Wordpress top100blogs 201204

This comes from a just-released study from Pingdom and before you say "well, of course, this is all about blogs, so naturally WordPress would dominate"... please do scroll down the article and see the range of sites that Pingdom's study covers (the ones that are italicized use WordPress):

  • Huffington Post
  • Mashable
  • TechCrunch
  • Engadget
  • Gizmodo
  • Ars Technica
  • The Next Web
  • GigaOm
  • CNN Political Ticker
  • ReadWriteWeb

... and many more... the point is that what is classified as a "blog" for this study includes many of the "media" sites that many of us visit frequently - and many of those "media" sites turn out to be using WordPress.

The Pingdom article has many other great pieces of information, including this chart comparing the platforms of the Technorati Top 100 blogs in 2009 versus 2012:

Blog platforms

The outright (and not surprising) decline of some platforms like TypePad (on which this DisruptiveConversations site is still hosted) is very clear for all to see as well as the strong rise in WordPress usage.

The ecosystem around WordPress continues to expand at a phenomenal rate and studies like this are useful to measure that actual growth. What would be interesting to see, too, would be a study of "websites" in general, i.e. not just "blogs" but perhaps the Alexa Top 100 or some other set, to see what % of sites there use WordPress and these other platforms. As noted in the Pingdom article, the WordPress team has spent a great amount of time working on making the system more useful as a more generic content management system (CMS) and so the type of sites that are now using WordPress is expanding far beyond its roots in blogging. It will be interesting to see how that changes the web hosting dynamics over the next few years.

Thanks to Pingdom for undertaking the work - and I look forward to seeing what the field looks like in another three years!


If you found this post interesting or useful, please consider either:


Jima’s IPv6 TLD Hall-of-Shame

Patrick “Jima” Laughton is an advocate for IPv6 who, inspired by a conversation on Facebook, decided to do something to highlight which top-level domains (TLDs) were NOT IPv6-ready.  And thus was born the “IPv6 TLD Hall-of-Shame“, available at:

http://jima.tk/u/v6tlds

He has two lists:

  1. TLDs without IPv6 nameservers
  2. TLDs with IPv6 nameservers but no IPv6 “glue” records in the root zone

He’s been updating the list periodically and has been removing TLDs as they add IPv6 service. As World IPv6 Launch grows closer and closer, we’d like to see these lists shrink even more!

Kudos to Jima for creating and maintaining this list and we look forward to the day when he’ll have empty lists and can shut the site down.

WebRTC (real-time VoIP in web browsers) On April 13th VUC Call – Join In!

Want to learn about how voice and video calls will take place right in your web browser? WITHOUT a Flash or Java plugin?

The "WebRTC" initiative is making this a reality through efforts of the major browser vendors, VoIP industry companies and standards working groups within both the IETF and W3C. On the VoIP Users Conference (VUC) Call on Friday, April 13th, the group will have a discussion of what exactly is happening with WebRTC... and then some live demos from the Voxeo Labs and Phono teams who have been working on this topic for some time now.

This is, to me, an incredibly important area of work as we have the opportunity to really bake real-time communications (RTC) into the fabric of the tools we use every day to work with the Internet.

I'm looking forward to the VUC call ("tomorrow" as I write this, but probably "today" when most of you read it) and would encourage you to join in to listen and/or participate in the conversation.

You can join the live call via SIP, Skype or the regular old PSTN. There is also an IRC backchannel that gets heavy usage during the call. It will be recorded so you can always listen later.


If you found this post interesting or useful, please consider either:


SegTEL/TVC Stringing Fiber Through Keene, NH – A New Internet Choice?

Segtel fiberWhen I look out my office window and see a bucket truck driving by with a guy up in the bucket attaching what looks like fiber optic cable to the polls, my reaction as a networking geek was naturally:
  • who is stringing new fiber?

Followed, of course, by "that's kind of a cool way to ride around town" (probably literally cool, today).

My initial thought was that it was upgraded wiring from either Fair Point Communications, our local phone company (who bought out Verizon's landline business up "he-ah"), or Time Warner Cable, who owns the cable franchise for Keene, NH.

It turned out to be neither, but rather someone new.

I walked out and met the crew up the street when they happened to be reloading connectors into the bucket. One of them said this was new service for "SegTEL". He said SegTel was a private company who had been recently bought out by someone and was planning to provide high-speed Internet access to businesses.

As I walked back to my house, my immediate reactions were:

  • Cool! Will there be a plan I can afford as an individual?
  • Will they offer IPv6?

To my surprise, SegTEL appears to have no functioning website! I did find that it has been acquired by Tech Valley Communications in New York, whose announcement of the acquisition completion in January included this bit:

segTEL was founded in 1998 and provides fiber optic telecommunication services to carrier, wholesale, and large enterprise customers throughout New Hampshire, Vermont, Massachusetts and Maine. segTEL has unique and extensive expertise in providing customized fiber optic loop, backhaul and transport services to Top-25 wireline and wireless carriers. All segTEL staff will continue their current operational activities with the combined company.

SegTEL was/is apparently located in Enfield/Lebanon, NH, about an hour north of me. In reading through TVC's news page it seems TVC received a substantial private equity investment in 2010 that made all of this possible. A Business Review article adds a bit more context to the acquisition. They also have some interesting links on the TVC news page about the growth of fiber.

An NTIA document refers to 10Gbps and 1Gbps Ethernet offerings (I'd take it!) and an FCC document from September confirms the transfer to TVC. It seems, though, that SegTEL and TVC both have been primarily targeting other service providers and large enterprises, not individuals. (Which does make me wonder why they were stringing the fiber through our very residential neighborhood.)

Sooo... given that a big fat fiber cable is connected to a pole that is literally about 25 feet away from my server, will I be able to play with a big pipe? Or will it be priced out of my range? (Probably!) And, important to my role, will it support IPv6?

And SegTEL or TVC folks, should you read this... you've got a willing beta tester for your new service offering! ;-)


If you found this post interesting or useful, please consider either:


White House Summer Jobs Code Sprint Deadline is Monday, April 16, 2012

Summerjobs codesprintInteresting to see that the White House is sponsoring its first ever code sprint… from the announcement back on April 2nd:

Today we’re announcing the first ever White House Code Sprint. This is a call to developers around the country to use the Summer Jobs+ API to build job search apps for your favorite browsers, social networking platforms, smart phones and feature phones. Submit your apps using this form by Monday April 16th at 8 a.m. EST, and we’ll pick the most innovative ones to feature on WhiteHouse.gov.

The Code Sprint web page says a little bit more:

The White House and the Department of Labor have just released an API opening access to thousands of summer internships, training and mentorships opportunities through their Summer Jobs+ Bank. We’re challenging the developer community to build apps that reach kids throughout the nation on their browsers, Facebook, Android, iOS, SMS or any other platform.

This is the first ever White House Code Sprint and we’re excited to see what innovative apps you build over the next seven days. There is no ideal app, but keep in mind that our goal is to share opportunities in our job bank with as many youth as possible.

It’s good to see the White House seeking to tap into the energy and passion of the developer community… I don’t personally have the time to participate in this event, but I hope they do get some interesting application submissions. My one comment is that they didn’t allow much time… they issued the notice on April 2nd with a deadline, then, of April 9th. Not much time to publicize it and get interest… but we’ll see.

If you are interested, the deadline has been extended to this coming Monday, April 16th.

Comcast Enables IPv6 For Xfinity and Xfinity TV

Great news out of Comcast this week related to IPv6 – they have now made two of their major content portals available over IPv6!  From their comcast6.net page on April 10, 2012:

The newest part today moves two of our major portal sites to IPv6, including Xfinity andXfinityTV. This critical move was made possible via close cooperation with Akamai, our CDN vendor. Over time, we will introduce support for native IPv6 for all of our other key websites.

As we get closer to World IPv6 Launch on June 6, 2012, it’s critical to get content (i.e. web sites) available over both IPv4 and IPv6 so that people joining IPv6 networks will be able to natively connect to these sites.

Kudos to Comcast for moving these two large sites over to IPv6 and we look forward to seeing even more of their content moving to IPv6 in the weeks and months ahead.

Video/Slides: IPv6 Autoconfiguration Tutorial

Want to understand more about how IPv6 addresses are configured using SLAAC and DHCPv6? (Want to understand what “SLAAC” is?) If so, Fred Bovy recently posted a video of a presentation he did about IPv6 autoconfiguration.  In the hour-long video, he explains how autoconfiguration works, provides some examples in Linux and then later gets into mobile IPv6 and other mechanisms involved with IPv6 addressing.  If you are looking for a deep dive on IPv6 address autoconfiguration, you may find this very helpful.

Fred’s slides are also available from SlideShare:

My Report into For Immediate Release (FIR) Podcast #646

In this week's For Immediate Release episode #646, my report covered:

If you are a FIR subscriber, you should have the show now in iTunes or whatever you use to get the feed. If you aren't a subscriber, you can simply listen to the episode online now.


If you found this post interesting or useful, please consider either:


FCC Publishes DNSSEC Recommendations for ISPs

FCC CSRIC logoAre you are network operator or Internet service provider (ISP) seeking to understand what you need to do to implement DNSSEC within your network? Are you looking for guidance to help you understand how to proceed?

If so, the U.S. Federal Communications Commission (FCC) just published a set of “DNSSEC Implementation Practices for ISPs” through one of the working groups of its Communications Security, Reliability and Interoperability Council (CSRIC).  The 29-page PDF is available at:

http://transition.fcc.gov/bureaus/pshs/advisory/csric3/CSRIC-III-WG5-Final-Report.pdf

The document provides:

  • A brief overview of DNS and DNSSEC
  • A view of the current state of DNSSEC deployment
  • How Internet Service Providers (ISPs) can use DNSSEC
  • An analysis of the key drivers and challenges for implementing DNSSEC
  • Specific best practice recommendations to ISPs for deploying DNSSEC

The key recommendations of the working group include:

  1. ISPs implement their DNS recursive nameservers so that they are at a minimum DNSSEC-aware, as soon as possible.
  2. Key industry segments, such as banking, credit cards, e-commerce, healthcare and other businesses, sign their respective domain names. The FCC ask industry-leading companies in key sectors commit to doing so, in order to create competitive pressure for others to follow. These industries may be prioritized based on the prevalence of threats to each one, which would mean focusing on financially related sites first, followed by other sites that hold private user data.
  3. Software developers such as web-browser developers study how and when to incorporate DNSSEC validation functions into their software. For example, a browser developer might create a visual indicator for whether or not DNSSEC is in use, or perhaps only a visual warning if DNSSEC validation fails.

We’re very pleased to see these recommendations as they are very much in line with what we’ve been promoting here on the site about DNSSEC – and are very much in line with our recent analysis of DNSSEC challenges and opportunities.

If you are an ISP or network operator, these recommendations from the FCC are definitely ones to consider and act on.  Kudos to the CSRIC Working Group and the FCC for publishing this document.

Thanks to the DNSSEC Deployment Initiative for pointing out that these recommendations were published.