You are not, strictly speaking, the owner of a domain name, you simply have a right to use it, which translates into an annual fee that can be renewed indefinitely or terminated in case of infringement. As soon as you no longer pay the annual fee required to maintain it, and therefore its renewal, the domain name will expire and fall back into the public domain.
However, this deletion is not automatic, because the day after its expiry period, the domain name will go through 3 successive phases before falling back into the public domain.
Find in this “5 minutes to understand” document, available for download on the Nameshield’s website, the different phases in the life of a domain name.
Last January, we indicated that we would keep you informed of the expected updates from Eurid regarding the conditions of registration of the .EU for UK citizens following the Brexit.
Eurid has indeed announced that from January 1st, 2021, it will NO LONGER allow the registration of any new domain name by UK holders.
The registry will also refuse the update of a domain name to a UK registrant.
Registrants who do not comply with these rules will be notified as of 21/12/2020.
The new eligibility conditions for a .EU domain name will be as follows:
TO BE:
a citizen of the European Union, independently of their place of residence; or
a physical person who is not a citizen of the European Union and who is a resident of a Member State; or
a company established in the European Union; or
an organization established in the European Union, without prejudice to the application of national law.
So be vigilant with your currently registered .EU in order to comply with these new rules that will come into force, as a reminder, in January 2021.
PLEASE NOTE:
Union citizens who are residing in the United Kingdom will remain eligible to hold a .EU domain name after the end of the transition period. They will have to update their registration data and prove their Union citizenship.
UK citizens residing in a Union Member State will remain eligible to hold a .EU domain name after the end of the transition period. UK citizens residing outside of the Union Member States, on the other hand, will no longer be eligible to hold a .EU domain name after the end of the transition period.
Domain name is the first link between the web user and your website. It is thanks to the domain name that you are found on the Internet, that you are visible, that your identity is displayed and that you develop your business on the net. It is a digital asset of your business.
The management and configuration of these domain names usually requires access to a management interface. The absence of a security policy can be dramatic.
Find in this “5 minutes to understand” document, available for download on the Nameshield’s website, practical solutions to secure your access.
According to a joint report by iYouPort, the University of Maryland, and the Great Firewall Report, TLS connections using the preliminary encrypted SNI extension (ESNI) are being blocked in China. A new step towards censorship and a desire to be able to track Internet users.
What is SNI (Server Name Indication)?
When an Internet user consults a website in HTTPS://, it means that the site is secured by an SSL/TLS certificate. The consultation of the website begins with the establishment of the secure connection, the “handshake”. This handshake consists of several steps and aims to check the certificate and establish the encryption level of the connection. The first message of a TLS handshake is called “client hello”. With this message, the client asks to see the TLS certificate of the web server. The server must attach the certificate to its response.
Presenting the right certificate poses no problem in the case of dedicated hosting: one IP address, one certificate, possibly containing several SAN (Subject Alternative Name) belonging to the same organization. The problem occurs with shared hosting where the host has the same IP address but wants to install several different certificates, otherwise he will have to be the owner of the certificate by adding SAN for all his customers. Not a recommended practice.
The SNI responds to this specific request from hosting providers and their shared hosting. With the SNI protocol, the client indicates the hostname with which it tries to start a TLS negotiation. This allows the server to present several certificates for the same IP address (but different host names). The SNI could be compared to the apartment number of a postal address: a building has several apartments, so each apartment must be identified by a different number. Similarly, if the server is indicated by the IP address, client devices must include the SNI in their first message to the server to indicate which website (which apartment) they are trying to reach.
What is ESNI (Encrypted Server Name Indication)?
The establishment of an encrypted TLS connection begins at the end of the handshake. Problem, the SNI is not encrypted because the “client hello” message is sent at the beginning of the TLS handshake. A hacker can reconstruct the path of an Internet user by reading the SNI part of the handshake, even if he is not able to decrypt subsequent communications. The main interest for the pirate is to be able to trick the Internet user by creating a phishing site. On the other hand, the major web players like confidentiality, and wish to preserve the confidentiality of users’ browsing data. The ESNI was therefore born.
The ESNI (Encrypted server name indication) encrypts the Server Name Indication (SNI) part in the TLS handshake. The ESNI extension is accessible through the latest version of the TLS protocol, 1.3, which is being increasingly adopted today. The principle is to retrieve an encryption key through DNS (which can be secured through DNS via HTTPS). Still at the draft stage, some large hosting providers are already implementing it.
And China in all this?
In their report, iYouPort, the University of Maryland and the Great Firewall Report, detail how China views handshake encryption in a very negative light. This effectively prevents the Chinese government’s Great Firewall monitoring tool from seeing what Internet users are doing online. China has therefore decided to simply block HTTPS connections established through the latest version of the TLS protocol (1.3) associated with ESNI. In addition, the IP addresses involved in the connection are temporarily blocked for two to three minutes.
Some circumventing methods exist… but until when?
All three organizations appear to have found circumventing methods to apply on either the client side (in applications and software) or the server side to evade the current blocking implemented by the Great Firewall. ” Unfortunately, these specific strategies may not be a long-term solution: as the cat and mouse game progresses, the Great Firewall will likely continue to improve its censorship capabilities“, write the three organizations in their report.
In our article of January 24, 2020, we announced the launch of the .GAY by the TOP LEVEL DESIGN registry. This extension is intended for individuals, organizations, businesses supporting the LGBTQ community. It will increase their visibility and create a safe online space.
Originally scheduled for May 20, the date of general availability has been postponed to September 16, 2020.
Currently in Sunrise II Phase, here are the new launching dates:
Second Sunrise phase (period opened to any trademark holder, Sunrise I was restricted to holders of trademarks registered with the TMCH): until 04/09/2020
EAP (Early Access Period): from 08/09/2020 to 15/09/2020
General availability: from 16/09/2020
Find more information about this new extension .GAY in our previous article of January 24.
In a new study of August 2020, INTERPOL measured the impact of COVID-19 on cybercrime. The results reveal that while the primary targets of cyberattacks usually remain individuals and SMEs, these have significantly expanded to large organizations and governments during the COVID period, revealing a new underlying trend.
The fact that working from home was massively implemented has obviously increased vulnerabilities which cybercriminals have been able to exploit seeking to take advantage of the situation.
According to this study, between January and April 2020, 907,000 spam messages, 737 malware incidents and 48,000 malicious URLs, all related to COVID-19 were detected.
The most common cyberattacks during the COVID-19 period were as follows:
Phishing
Ransomware
DDoS
Data harvesting malware
Cybersquatting / fraudulent domain names
Fake news
In Europe, two-thirds of member countries report a major increase in the number of cybersquatted domain names containing the keywords COVID or CORONA and ransomware deployments on critical infrastructures.
Cloning of official government websites is increasing massively as cybercriminals seek to steal sensitive data that can be used in future attacks.
In this report, you will discover all the measures implemented by INTERPOL.
It is more crucial than ever to secure your domain names carrying critical services and to protect your infrastructures.
Our consultants are, of course, at your disposal to assist you on these points.
Search Engine Optimization (SEO) is a set of techniques aimed at optimizing the visibility of a web page in the search results.
For your positioning in search engines and for your communication, the domain name is of significant importance.
Find in this “5 minutes to understand” document, available for download on the Nameshield’s website, the good practices to optimize your referencing on search engines.
Domain names are subject to various operations. The modalities for these operations may vary according to the extensions and the rules set up by the registries.
Find in this “5 minutes to understand” document, available for download on the Nameshield’s website, the different operations on domain names.
A trademark must be “distinctive”, which is why no one can register a generic term as a trademark.
However, a decision of the US Supreme Court on June 30, 2020 allows Booking.com to register its domain name as a trademark.
If for USPTO (U.S Patent and Trademark Office), “booking” is a generic term, and adding the .COM would amount to adding “Company” to a name, thus arguing that booking.com cannot be registered as a trademark, the Court decided otherwise.
Indeed, it considered that “.COM” could not be compared to “company” since the essential criterion would be the identification of consumers.
In particular, the online travel company presented consumers surveys indicating that 75% of consumers thought Booking.com was a brand.
Of course, this first argument, easily challenged by Judge Breyer, was not the one that hit the nail on the head in the final decision. Since a domain name can only belong to one holder, the risks of confusion that must be avoided by trademarks could not arise here, since no one else can use the name Booking.com.
Despite the registration of the booking.com trademark, the company will not be able to use it as a trademark right in disputes that could oppose it to other companies using the generic term “booking” in their trademark.
Reverse DNS is often unknown to domain name managers, especially when the names are hosted by major hosting companies. Reverse DNS allows you to resolve from an IP address to an FQDN. This is the exact opposite of the classic use of DNS, which associates domain names to IP addresses. The reverse DNS allows to answer the question: I have an IP address, what is the FQDN related to it?
Reverse DNS operates by creating a reverse DNS zone in which DNS PTR records (for Pointer Record) will be configured.
Classic DNS: Record A: we know the name of a site and we want to obtain its IP address…
Reverse DNS PTR: we know an IP address and we want to retrieve the name of the site.
The resolution system is constructed in a similar way to the classic resolution. To perform DNS resolution, the IP address to be queried is configured in the reverse zone with the suffix .arpa and points to the required destination. The principle is the same for IP v4 and v6 addresses according to the following construction:
Ex: IPv4: 11.80.92.81.in-addr.arpa. IN PTR capp.perf1.com.
Ex: IPv6: 0.0.0.0.0.0.0.0.0.1.0.1.0.0.0.0.0.8.c.0.0.1.0.a.2.ip6.arpa. 4080 IN PTR capp.perf1.com.
This construction enables to operate a classic DNS resolution on a domain name with a “.arpa” extension.
Why is this so important?
Reverse DNS is mainly used to track the origin of a website visitor, the origin of an e-mail message, etc. It is usually not as critical as the classic DNS, visitors will reach the website even without the presence of reverse DNS for the IP of the web server or the IP of the visitor.
However, Reverse DNS is important for one particular application: the e-mail system.
Many mail servers on the Internet are configured to reject incoming mail from any IP address that does not have reverse DNS. For those who manage their own mail server, reverse DNS must exist for the IP address from which the outgoing e-mail is sent.
Regardless of the address to which the reverse DNS record of the IP address points, a reverse DNS record is expected. In case of hosting several domains on a single mail server, it is enough to configure the reverse DNS to point to the domain name considered as the main one (mail servers checking the reverse DNS recognize that it is normal to host many domains on a single IP address and that it would be impossible to list all these domains in the reverse DNS for IP). We recommend that you check the possibility of setting up reverse DNS with your DNS hosting solution.
Nameshield uses cookies
Nameshield wishes to use cookies to ensure the proper functioning of the site and, with our partners, to measure its audience🍪.
Nameshield wishes to use cookies to ensure the proper performance of the website and, with our partners, to monitor its audience. More information in our Cookie Policy 🍪.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-advertisement
1 year
Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent
1 year
Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Cookie
Duration
Description
_ga
2 years
The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_25904574_14
1 minute
Set by Google to distinguish users.
_gid
1 day
Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Cookie
Duration
Description
NID
6 months
NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, to mute unwanted ads, and to measure the effectiveness of ads.
