About this blog…

I am employed by Netnod as head of engineering, research and development and am among other things chair of the Security and Stability Advisory Committee at ICANN. You can find CV and photos of me at this page.

As I wear so many hats, I find it being necessary to somewhere express my personal view on things. This is the location where that happens. Postings on this blog, or at Facebook, Twitter etc, falls under this policy.

The views expressed on this post are mine and do not necessarily reflect the views of Netnod or any other of the organisations I have connections to.


Jan Žorž of Internet Society has written a text describing results of lab tests of DANE and SMTP at Go6Labs. The findings seems to be that if either of the MX or the TLSA records in the DNS is unsigned, then delivery of SMTP will not happen over the TLS protected connection if the cert […]

New version of IDNA tool, and tests with upcoming Unicode 6.2.0

Today I updated the version of the tool I use for generating tables for Unicode Characters according to the algorithm described in RFC 5892 and RFC 6452.

The only change that exists from 6.1.0 to 6.2.0 is the addition of one codepoint, U+20BA that is allocated to TURKISH LIRA SIGN. The codepoint because of this […]

Quality of whois data

FTC Letter

Federal Trade Commission have sent a letter to ICANN. Described at .NXT.

Whats specifically comes up, I think, is the specific issue regarding quality of data in the various whois services out there. This is not only a domain name issue, but also IP address issue of course. The problems with whois […]

A web browser access a web site, and…

I have got many questions during the years what actually happens when for example a web browser fetches a webpage from a web server. After discussing with some friends, this is created: A web browser access a web server…

I have got many questions during the years what actually happens when for example a web browser fetches a webpage from a web server. After discussing with some friends, this…

Blocking – not very effective…

We Internet people have said all of this before, that blocking access (specifically by using DNS) does not work. ISOC point that out in a statement on Wikileaks. In reality, any blocking, at any layer in the Internet Architecture, will always be a combination of not be effective and hurt more than what is the […]

IDNA2008 RFCs are ready

The RFCs with numbers 5890-5894 where just released. The one that I worked most with was RFC 5892, and the announcement was like this:

From: rfc-editor@rfc-editor.org Date: Wed, 4 Aug 2010 08:37:42 -0700 (PDT) To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org Cc: idna-update@alvestrand.no, rfc-editor@rfc-editor.org Subject: RFC 5892 on The Unicode Code Points and Internationalized Domain Names for Applications (IDNA) […]

DNSSEC celebration

At the IETF-78 meeting in Maastricht, Netherlands, there was a celebration of the signing of the root zone. Champagne was served, and at while walking out of the plenary we also got cookies and a sticker.

17 years of hard work, and all we got was a sticker ;-)

At the IETF-78 meeting […]

New TLDs, acceptable or not to everyone?

Last week was an ICANN meeting in Brussels. I did not go this time either. But people still send questions to me on various subjects. One of the more popular ones the last couple of days is whether the string that is to be allocated as a potential new TLD must be acceptable to everyone, […]

Review of Unicode TR#46

I have reviewed Draft Unicode Technical Standard #46 – UNICODE IDNA COMPATIBILITY PROCESSING as could be found at http://www.unicode.org/reports/tr46/ on March 15, 2010 (below called TR#46).

The review is based on my personal experience from many years of activity in the IETF, and of course my work with both IDNA2003 (RFC3490 etc) and IDNA2008 (working […]

Swedish regulator PTS take most weird decision so far

Swedish Regulator PTS have today notfied .SE, the Swedish (.SE) TLD registry that they have to change the rules. You can find the press release here and the actual notice to .SE here (PDF). In short, the decision implies that any form of the sequence of the characters “b”, “a”, “n”, “k” are illegal in domain names in Sweden. Further that checks of what domain names are registered are to be checked before registration. This is, as people know (except PTS obviously), is not how domain name registration works. Instead, one is strengthening the dispute resolution process so that it is more well known what will happen if some infringement is happening. Next step is of course to have more terms than “bank” be added to this black list. Like registered trademarks in the world, and other terms. For example everything in Wikipedia! I hope .SE is refusing to follow this rule. […]