The Republic of South Sudan has officially been designated the .SS country code Top Level Domain (ccTLD) in an announcement from the ISO (International Organization for Standardization). As well as the ccTLD, South Sudan was allocated country codes for passports and financial transactions. These codes are a basic requirement for the world’s newest country, the Republic of South Sudan. Remarking on what the establishment of a country code means for a new country like South Sudan, Gérard Lang, Chair of the ISO 3166 Maintenance Agency, explains, “ISO country codes are fundamental for the international recognition and activities of a country. Without them, a country cannot have a currency code or Internet ccTLD, or even issue machine-readable passports. “Country codes are essential in banking transactions, as they form part of codes like IBAN (international bank account number), BIC (universal bank identifier). They are also used in various legal, cultural and scientific exchanges which range from numbering of archaeological sites to online identification of a user’s geo-location. One could say that country codes are one of the building blocks underpinning globalisation and, in particular, communication and exchanges on the web. “It was therefore crucial to establish ISO country codes for South Sudan as soon as possible. Now that the process has been finalised, the country can go ahead with other basic tasks like issuing a currency code,” emphasised Mr. Lang. ISO 3166 country codes are widely used as abbreviations to identify countries in contexts such as postal addresses, transportation, passports, library coding systems and online payment systems. Many codes, such as those for currencies and banking, are based on these. They have largely replaced some 70 different systems of country codes developed over time by individual countries, and public and private sector organisations, eliminating potential for confusion. The ISO codes are assigned under transparent procedures by the ISO 3166 Maintenance Agency which makes them available free of charge. ISO assigns the codes, but does not determine whether a territory is a country. ISO 3166 codes are automatically assigned to any new member admitted to United Nations and its name listed in either the Terminology Bulletin Country Names or in the Country and Region Codes for Statistical Use (M49 numerical country code assignments) maintained by the United Nations Statistics Division. The two-letter codes are the most commonly used, while the three-letter codes are for special uses where a closer identification of the code with the full name of the country concerned is required. They are used notably in machine-readable passports meeting the requirements of the International Civil Aviation Organization.

August 17, 2011 — Cloud hosting and colocation provider ScaleMatrix announced on Tuesday that it has opened a 50,000 square foot data center in San Diego, California. ScaleMatrix has access to 11 additional data centers throughout the country through a partnership with Forsythe. According to the press release, the facility will create more than a hundred new jobs in the region.

Reliability, stability, trustworthiness are three of the most important features of a TLD, and one of the main messages that auDA, the policy and regulatory body for .AU, has been striving to convey writes Chris Disspain, auDA CEO and these days also ICANN board member. “In fact, I’m pretty sure we have been banging on about the importance of trust ever since auDA was established and assumed responsibility for the operation of .AU,” writes Disspain. “The relevance of this message has been highlighted by recent developments that have negatively affected thousands of British companies” where there have been “legal and administrative battles surrounding the operation of ‘gb.com’, which offers third-level registrations as an alternative to .co.uk.” With the downtime that ensued from the .gb.com outage, Disspain writes “what the recent events surrounding gb.com do highlight is the types of added risks registrants expose themselves to by choosing to register in a space that is selling third level domains on a commercial basis as opposed to in a well-regulated domain with well-defined policy frameworks.” Another third level domain to launch as an alternative to the country code in recent days is com.de, promoted as an alternative to .DE. .DE and .UK are the two largest ccTLDs. A problem that can arise is if the business selling the third level domains goes out of business – you lose your domain name. “All of the marketing and promotional efforts you have made go down the drain and your business may follow soon after.” “In contrast, registrants in a regulated space such as .com.au are afforded certain protections in the unlikely event of registrar failure and can recover their name and livelihood with the assistance of auDA and whichever registrar they choose to switch to. “Also, .AU has mechanisms built-in to deal with circumstances where you might find your business, trademark or other intellectual property rights infringed upon by a com.au registrant.” Disspain then writes that “another advantage of operating your business in a well-run domain is that doing so can resolve issues of confusion and trust for your most important stakeholders – your customers.” In conclusion Disspain writes, “all of these arguments tie back to one main issue – and the main motivation for this post – the importance of trust. Trust in the domain space you register in, trust in the security and stability of your commercial investment, and the trust your customers will have in your operations and the protection of their rights. All of these are vital drivers of success in the bricks-and-mortar world of business – and just as important online.” To read this full article by Chris Disspain, auDA CEO and as of June 2011 ICANN board member, go to: blog.auda.org.au/2011/08/09/without-trust-there-is-nothing/

Section I: Description, Explanation, and Purpose ICANN Staff is seeking comments on the Preliminary Issue Report on the Inter-Registrar Transfer Policy Part C [PDF, 572 MB]. Specifically, this Report addresses: “Change of Control” function, including an investigation of how this function is currently achieved, if there are any applicable models in the country-code name space that can be used as a best practice for the gTLD space, and any associated security concerns. It should also include a review of locking procedures, as described in Reasons for Denial #8 and #9, with an aim to balance legitimate transfer activity and security. Whether provisions on time-limiting Form Of Authorization (FOA)s should be implemented to avoid fraudulent transfers out. For example, if a Gaining Registrar sends and receives an FOA back from a transfer contact, but the name is locked, the registrar may hold the FOA pending adjustment to the domain name status, during which time the registrant or other registration information may have changed. Whether the process could be streamlined by a requirement that registries use IANA IDs for registrars rather than proprietary IDs This Public Comment solicitation represents an opportunity for the ICANN community to provide its views on the issues outlined above and on whether a Policy Development Process should be initiated. Further data and supporting information on issues b) and c) are especially welcomed as these issues were originally raised in 2005. This Preliminary Issue Report will be updated to reflect community feedback submitted through this forum. A Final Issue Report will then be presented to the Generic Names Supporting Organization (GNSO) Council for its consideration. Section II: Background The Inter-Registrar Transfer Policy (IRTP) is an existing community consensus policy that was implemented in late 2004 and is now being reviewed by the GNSO. The IRTP aims to provide a straightforward procedure for domain name holders to transfer their names from one ICANN-accredited registrar to another should they wish to do so. The policy also provides standardized requirements for registrar handling of such transfer requests from domain name holders. The IRTP Part C is the third in a series of five Policy Development Processes (PDPs) that address areas for improvements in the existing Inter-Registrar Transfer Policy.  The GNSO Council requested an Issue Report on IRTP Part C at its meeting on 22 June 2011 (see gnso.icann.org/resolutions/#201106 ). Section III: Document and Resource Links Preliminary Issue Report on the Inter-Registrar Transfer Policy Part C [PDF, 572 MB] Inter-Registrar Transfer Policy Comment Period Deadlines Open Date: 25 July 2011 Close Date: 25 August 2011 Important Information Links Public Comment Box To Submit Your Comments (Forum) View Comments Submitted This ICANN announcement was sourced from: www.icann.org/en/announcements/announcement-25jul11-en.htm

A collaboration between ICANN, the Swiss domain name registry SWITCH, Packet Clearing House, Infocomm Development Authority of Singapore (IDA) and the National University of Singapore (NUS) joined together last week at the ICANN meeting in Singapore to inaugurate the first of three hardened facilities to bring about extra security for global internet users. The new facility will provide secure digital signatures for the country-code top level domains of dozens of countries. The first three new facilities are located in Singapore; Zurich (still under construction) and San Jose, California. The facilities provide cryptographic security using the recently deployed Domain Name System Security (DNSSEC) protocol. “One of ICANN’s core missions is to enhance the security and stability of the Internet’s Domain Name System. This new DNSSEC facility in Singapore helps us do just that,” said Rod Beckstrom, President and Chief Executive Officer of ICANN. “The bottom line is that this centre and the two others like it will give billions of internet users the confidence to know that they have ended up at the web site they intended to reach, reducing the risk that they have been misdirected to a different site by cyber criminals.” The implementation of a more secure internet will bring about more than just giving internet users more trust. It will see, for example, web browsers and email gain an additional level of security. On trust, it will mean much more confidence for internet users when they interact online. “Businesspeople, governments, and regular Internet users have been demanding secure domain names for more than ten years, and I’m really happy to have finally built a system that delivers that, and delivers it globally, to any country that wants it, at no cost,” said Packet Clearing House’s research director, Bill Woodcock. “DNSSEC was an obvious next step for our global anycast DNS service network, since we already provide service to more than eighty countries.” The Swiss registry, like the other three locations, was selected because Switzerland is viewed as a stable and secure country. Additionally, Switzerland Singapore benefited from their history of neutrality. Simon Leinen, network engineer at SWITCH is delighted that PCH has selected Zurich as a server location. “The decision in favour of Zurich is based on the excellent, longstanding cooperation between PCH and SWITCH. PCH has been running a number of the name servers responsible for .ch and .li throughout the world.” The locations are spread out geographically in case of a disaster. A diverse selection of countries was chosen in case of one country not necessarily trusting one of those chosen. Mr Leong Keng Thai, Deputy Chief-Executive and Director-General of Telecoms & Post, IDA, said, “We are honoured that PCH, with the support of ICANN, has decided to host the Asia node of the DNSSEC platform here in Singapore. The facility will assist other countries to secure their DNS, and its location here further affirms Singapore as a secure and trusted hub.” Since its standardisation by the Internet Engineering Task Force (IETF), the DNSSEC protocol has been adopted by many top-level domains (TLDs) to form a secure chain of trust within the domain name system. So far this year, several major TLDs, including the German ccTLD .DE, as well as .COM and .NET have already secured their own domains by generating cryptographic keys, which are used in the DNSSEC system to electronically “sign” the domains, authenticating them to the internet users who access the web sites, email, and other internet resources the signed domains contain. Although people browsing the internet often take it for granted that the sites they visit are created and operated by their purported owners, it is possible for criminals with knowledge of the internet’s addressing system to create counterfeit websites that look like the real thing but capture users’ private information. DNSSEC guards against this cyber threat. PCH’s DNSSEC facilities will allow many additional countries to immediately gain the benefits of DNSSEC protection for their country code TLDs without needing to build and maintain their own million-dollar security facilities. During an elaborate “key-signing” ceremony on the opening day of the ICANN meeting (Monday 20 June), cryptographic master keys were created for Tanzania, Uganda, Afghanistan, and ten other countries that have already chosen to use the system. For more information see a New York Times article that interviews, in part, internet security researcher Dan Kaminsky at www.nytimes.com/2011/06/25/science/25trust.html . An ICANN news release of the announcement is available at www.icann.org/en/news/releases/release-22jun11-en.pdf .

An image from Symantec showing the geographic impact of Stuxnet (WEB HOST INDUSTRY REVIEW) — In a report published Monday by Iran’s Mehr News Agency, an Iranian general involved in investigating the Stuxnet worm, which targeted Iran’s nuclear infrastructure last year, said the country has been targeted by a second worm, called Stars . Quoted in the Mehr report, Brigadier General Gholam-Reza Jalali, director of Iran’s Passive Defense Organization says the country’s experts detected and are investigating the new worm, though little is known of it at this point. In the Mehr report, Jalali claims that “certain characteristics about the Stars worm have been identified, including that it is compatible with the (targeted) system and that the damage is very slight in the initial stage.” According to several reports, western security experts have been unable to confirm at this point whether Iran has identified a new attack, and if so, whether it is indeed one designed to specifically target Iran

An image from Symantec showing the geographic impact of Stuxnet (WEB HOST INDUSTRY REVIEW) — In a report published Monday by Iran’s Mehr News Agency, an Iranian general involved in investigating the Stuxnet worm, which targeted Iran’s nuclear infrastructure last year, said the country has been targeted by a second worm, called Stars . Quoted in the Mehr report, Brigadier General Gholam-Reza Jalali, director of Iran’s Passive Defense Organization says the country’s experts detected and are investigating the new worm, though little is known of it at this point. In the Mehr report, Jalali claims that “certain characteristics about the Stars worm have been identified, including that it is compatible with the (targeted) system and that the damage is very slight in the initial stage.” According to several reports, western security experts have been unable to confirm at this point whether Iran has identified a new attack, and if so, whether it is indeed one designed to specifically target Iran.