Tag Archives: CIRA

Registry Consolidation Continues as SIDN and Uniregistry Choose CIRA to Enhance DNS Security and Performance

Canadian Internet Registration Authority CIRA logoThe top level domain business continues to consolidate as registry operators look for partners to provide services rather than provide bespoke services every time. One of those registries that has recently been aggressive in seeking partners is CIRA, the registry operator for the Canadian ccTLD, who this week announced Uniregistry and SIDN have signed on to receive CIRA’s D-Zone DNS services for their TLDs.

Both partnerships were announced at the ICANN public meeting currently underway in Abu Dhabi and follows the announcement in February of two other joint ventures with the New Zealand and Portuguese ccTLD registries, InternetNZ and Associação DNS.PT, to deliver Anycast DNS services.

SIDN who manages the .nl country code top level domain (ccTLD) for the Netherlands, with more than 5.7 million domains under management, has itself been branching into other services. Speaking at the Domain Pulse conference in Vienna earlier this year SIDN’s Michiel Henneke said the registry has been experimenting with opportunities in similar areas.

“DNS is required for e-billing so SIDN became a co-creator of a DNS billing service in the Netherlands, but there are few other markets that are as attractive when it comes to revenue as domain names and the e-billing service is just a small part of revenue. We’ve also taken over an e-identity company with 12 million users, so we believe this will be a significant contributor to future revenue.”

Uniregistry, the other partner, operates .ky, the Cayman Islands ccTLD, along with 25 new generic top level in domains (gTLDs) in the global marketplace, including .link, .game, .mom and .photo.

The CIRA D-Zone Anycast DNS that the registries have signed up to use is built for resilience with a strong footprint at each node across a global, well-peered network that is recognized as best-in-class by some of the most discriminating buyers in the industry.

CIRA’s solution started with the needs of the .CA TLD at its heart, and is now finding great partners around the world who are committed to building a better internet for their users.

Establishing one or more secondary DNS footprints is considered an internet infrastructure best-practice that can help to mitigate the risks posed by DDoS that increasingly focus on DNS providers, where they can do the most damage. The DNS is fundamental to ensuring that websites, email, and web applications remain online and optimized for performance.

EURid Wins Registry of the Year at 2017 CENTR Awards

Eurid, the .eu registry operator, has won Registry of the Year at the 2017 CENTR Awards held in Brussels. This was the first year Registry of the Year has been awarded and was voted on by registrars with 105 participating in the survey with CENTR saying there was a tight race for the winner.

In a statement EURid said:
“It’s not only an honour and privilege to have won the award itself, but a testament to our incredible registrar community, who made it possible to win the award in the first place. We greatly appreciate their dedication and support towards our TLDs and initiatives.

“Additionally, this achievement couldn’t have been met without our wonderful community, utilizing both the .eu and .ею extensions, who make up Europe’s diverse online sphere.”


During the ceremony, the finalists in each of the five categories presented short videos of their projects or people that were nominated. The evening was a great opportunity to showcase inspiring projects and teams that truly make a difference in the online world and to demonstrate the great spirit of collaboration that gives life to the CENTR community.

This year’s CENTR Awards winners are:

  • Marketing Campaign Excellence Category: .CA Product Marketing team for its brand awareness and lead generation campaign (CIRA)
  • Safe and Sound DNS Category: Barbara Povše (Registry.si) & Bert Ten Brinke (SIDN) for the project “Security for Registry.si”
  • Greater Online Good Category: DENIC's source code donation to the Mozilla foundation to support IDNA 2008 in Firefox and Thunderbird
  • Above and Beyond Innovation Category: UK Domain Categorisation (Nominet data team)
  • Contributor of the Year Category: Annebeth Lange (Norid)
  • Registry of the Year Category: EURid (.eu)

CENTR is the association of European country code top-level domain name registries. CENTR’s main purpose is to provide its members with a forum for exchange of information.

Your correspondent was a Jury member for the 2017 CENTR Awards.

CIRA Publicly Releases DNS Firewall To Protect Canadians From Ransomware and Malware

Canadian Internet Registration Authority CIRA logoThe Canadian Internet Registration Authority (CIRA), the .ca registry, has publicly released its D-Zone DNS Firewall, a cloud-based cybersecurity solution that protects organisations from the growing threat of malware and ransomware.

CIRA’s DNS Firewall helps organisations block access to malicious content such as ransomware before it can reach their network. Ransomware targets an organisation’s network and locks files and network assets until a ransom is paid. Recently the WannaCry virus created global chaos, locking down patient records and business assets. Malware can infect a network with the intention to steal information, use an organisation’s computing resources for other malicious attacks, or other criminal activities.

“Cybersecurity is the business challenge of our time. CIRA is equipping Canadian companies and organisations with new solutions to protect their networks from the threat of ransomware, malware, and other online malicious content,” said David Chiswell, vice president of product development at CIRA. “CIRA has partnered with the world leader in DNS Firewall technology to build a made-in-Canada cloud-based solution that is accessible to organisations of any size.”

Malware is prevented from using its command and control servers for execution leveraging the most expansive set of global threat reporting available. Combined, this helps limit a hacker’s ability to take control of network resources. Protection is extended to any device using a corporate network.

As a cloud service that works beyond the organisational network, CIRA’s solution can be easily added to existing security frameworks as part of a defence-in-depth strategy. CIRA’s service features advanced dynamic content blocking for better management of network traffic and leverages feeds of known malware and ransomware that are updated instantly based on an analysis of billions of global DNS queries per day.

The service operates in Canadian Internet exchange points and functions as a high-performance, policy-enabled recursive DNS service to ensure that organisations using the DNS Firewall maintain or even improve user experience through faster web and application access.

CIRA’s D-Zone DNS Firewall was created in partnership with Nominum, a world leader in cybersecurity technology and threat detection used by the world’s largest ISPs.

“Given the high-stakes risk we’re facing from emerging online threats, adding a scalable new defence from a DNS firewall was an easy decision for us,” said Peter MacNeil, Information Technology with the City of Hamilton. “We needed a solution that keeps us one step ahead of online criminals and CIRA’s offering combines their leadership in DNS, with world-class threat intelligence, into a flexible and affordable cloud-based solution.”

CIRA Announces New Ventures With .NZ And .PT To Deliver Anycast DNS Services As ccTLD Registries Look For New Opportunities

The Canadian ccTLD manager has announced two joint ventures this week with New Zealand and Portugal’s ccTLD registries to deliver Anycast DNS services.

The joint venture with New Zealand’s ccTLD augments .nz’s DNS infrastructure with a global network of nodes and peering to over 2,300 networks. As part of this deal, CIRA and NZRS will also be working together to build a new Pacific node for CIRA’s Anycast cloud.

“In selecting DNS hosting providers, NZRS looks for providers with deep DNS expertise who are committed to building a world class network and can provide a global reach for the .nz TLD,” said Jay Daley, CEO at NZRS Ltd. “In CIRA we see an organisation that not only amply demonstrated this but also shares our vision of building a better Internet.”

For the Portuguese ccTLD, CIRA’s D-Zone Anycast DNS instantly augments .pt’s DNS architecture, adding new global nodes and comprehensive global peering with over 2,300 networks.

CIRA’s D-Zone for TLDs service offers advanced query monitoring and reporting that enables ccTLDs to access packet capture (PCAP) data for expanded analysis and R&D projects.

D-Zone was built to sustain the performance and resiliency standards of the .CA domain name space, and as such is well-suited for modern ccTLD and gTLD businesses.

“The ccTLD community, and in particular .PT, is driven by a common objective of improving the global Internet and ensuring the safety and security of the global domain name system,” said Luisa Gueifão, Chair of the board of directors at Associação DNS.PT. “This partnership with CIRA give us an excellent tool to contribute to respond to new global cybersecurity threats, scaling our DNS architecture to meet the needs of a growing global domain name.”

These announcements follow news two weeks from DENIC the .de registry, that EURid was now its largest customer for the shared use of its global anycast mesh. DENIC now provides DNS slave services covering some 6.5m domains for seven TLD clients, in addition to running its own .de nameservice for more than 16.1m DUM, this way increasing its contribution for the security and stability of the Internet as a whole.

And they follow concerns by a number of ccTLD managers of where their next growth is to come from, a topic of discussion at the Domain Pulse conference in Vienna in February. Domain name registration growth has been fairly static for a few years now, as outlined in a CENTR report presented at the conference. So some country code top level domain registries are looking for new business opportunities outside their own market. SIDN, the .nl registry, has expanded by co-creating a DNS billing service in the Netherlands and taking over an e-identity company with 12 million users. Others, such as the Austrian ccTLD registry nic.at, have set up as new generic Top Level Domain registries

.KIWI Joins New gTLDs Changing Registries

Canadian Internet Registration Authority CIRA logoRecently the .versicherung (insurance) new generic Top Level Domain announced it was changing its backend registry provider to nic.at sister company TLD-Box. And this week .kiwi announced it was changing registry providers to the Canadian Internet Registration Authority’s (CIRA) new Fury Registry Platform.

It appears to be the first of the new gTLDs to move to the Fury Registry Platform with CIRA claiming their system offers some unique features such as Fury Tags, which they’ve trademarked, to allow the gTLD monitor and report on campaigns, among other services as well as a flexible series of pricing, promotion, and domain management tools to help them run their business and grow their registry.

.kiwi is currently with Minds + Machines (MMX), but MMX recently announced they were transferring the provision of registry services to Nominet of up to 28 new gTLDs they provided back-end registry services for. But obviously .kiwi decided not to follow.

“After reviewing the global market for back-end TLD solutions, CIRA is the only provider that offers us the agility to run our business the way we need it to be run,” said Angus Richardson, Managing Director, Dot Kiwi Limited. “As a new gTLD it is essential that we have the right balance of flexibility and simplicity in our back-end that allows us to experiment with pricing and promotions going forward, while providing our customers with the quality of service they deserve. CIRA is the only provider that delivers a system driven by the need for modern technology and business innovation, and when coupled with world-class management and support teams, it was a very straightforward decision for us.”

.kiwi launched in May 2014 and peaked with almost 12,000 registrations a year later and now has around 10,600 registrations according to nTLDstats.com.

CIRA Launches Domain Lock To Help Canadian Organisations Secure Websites Against Domain Hijacking And Attack

Canadian Internet Registration Authority CIRA logo[news release] On 20 June the Canadian Internet Registration Authority (CIRA) announced general availability for Domain Lock, a new service  offered to CIRA’s D-Zone customers, which allows users to quickly lock their .CA domains at the registry.

CANARIE, a vital component of Canada’s digital infrastructure supporting research, education and innovation, has turned on Domain Lock, preventing malicious actors from making changes to domain settings or hijacking their valuable domains.

Key facts

  • Domain hijacking is a serious concern and organizations that do not protect themselves could face something as simple as a hacktivists redirecting their websites to a political message or a thief intercepting emails or replacing a website with a phishing site to steal customer information.
  • Domain Lock prevents unauthorized changes to the name server records by locking them at the domain registry. This is the most secure method available to protect organizations DNS from takeover via social engineering or from malicious insiders.
  • Domain Lock is accessed through CIRA’s D-Zone portal, making it simple to add this additional layer of protection to an organization’s DNS security portfolio. An organization can then use user authentication levels to define who is able to manage what aspects of the DNS, update zones, add zones, and lock/unlock domains. Importantly, it also allows unlocking and changes to be made in minutes when needed.
  • Domain Lock is a brand new service offered as part of CIRA’s D-Zone Anycast DNS secondary service. Domain locking is not available from any other global DNS provider and helps streamline organization’s DNS security workflows.
  • Organizations choosing D-Zone get the fastest and most secure DNS for Canadians and a global footprint for DDoS protection and global queries.

This CIRA news release was sourced from:

2015 CENTR Awards finalists revealed

CENTR small logo[news release] CENTR today announced the shortlisted candidates in each of the five categories of the 2015 CENTR Awards, which aim at highlighting ccTLD registry projects, teams and people that are making a difference in the industry.

Marketing category:
• AustriaLoves.at – “Darlinks” of the nation, NIC.AT (.at)
• Domain Pirates campaign, IIS (.se)
• “Without a name it remains a dream” campaign, Registro.it

Corporate and Social Responsibility (CSR) category:
• OPTIMISE Fund, IEDR (.ie)
• Browse in Catalan, Fundació PuntCAT (.cat)
• Community Investment Program, CIRA (.ca)

Research and Development (R&D) category:
• Zonemaster by Afnic and .IIS (.fr, .se)
• Knot DNS by CZ.NIC (.cz)
• turing by Nominet (.uk)

Security category:
• Rapid adoption of DNSSEC, Norid (.no)
• Collaboration on auditing the ISO27001 ISMS, Christa Falkensammer (SWITCH [.ch]), Boban Krsic (DENIC [.de]) and Christian Proschinger (NIC.AT [.at])
• Turris Project, CZ.NIC (.cz)

Contributor of the Year category:
• Lise Fuhr (DK Hostmaster, .dk) and Mathieu Weill (Afnic, .fr) (combined nomination)
• CZ.NIC (Registry as a whole)
• Marcos Sanz (DENIC, .de)
• Kristof Tuyteleers (DNS Belgium, .be)

All shortlisted nominations in the first four categories were forwarded to Jury members, who have until 18 September to submit their choices. “This shortlist is very promising”, says Carolina Aguerre, LACTLD General Manager and Chair of the 2015 CENTR Awards Jury. “We really look forward to diving into the details of each project.”

This year, the CENTR community will also be voting for the Contributor of the Year Award. Votes are open to full and associate CENTR members, with one ballot per member.

The winners this year’s edition will be announced at the 2015 CENTR Awards Ceremony in Brussels on 7 October.

Congratulations to all participants!

This CENTR news release was sourced from:

CIRA Warns of Phone Call Security Scam Warning for Internet Users

CIRA dotCA logo[news release] The Canadian Internet Registration Authority (CIRA) has received reports of a phone call security scam using the CIRA name.

In this particular scam, a caller, claiming to be associated with CIRA, asks for information about the user’s computer. The caller then guides the user through a process that ultimately provides the scammer remote access to the user’s computer and the information located on its hard drive.

CIRA is advising Internet users not to respond to these phone calls and to report them to the Canadian Anti-fraud Centre.

About CIRA

The Canadian Internet Registration Authority (CIRA) is the organization that manages Canada’s .CA domain name registry, develops and implements policies that support Canada’s internet community and represents the .CA registry internationally.

This CIRA announcement was sourced from:

Vanishing evidence online or “LinkRot” may put stability of precedent in legal system at risk, according to new research from the University of Ottawa

CIRA dotCA logoProject funded through CIRA’s Community Investment Program aims to help judges and lawyers ensure that information found online is stable and reliable

[news release] Recent cases of cyber-bullying and cybercrime have put the importance of evidence produced and stored with social media tools at the centre of high-profile legal debates and decisions.

“As evidence gleaned online is more commonly used, it is critical to ensure that courts have the skills and resources to evaluate and preserve information,” said Professor Karen Eltis “The stability and reliability of precedent is absolutely fundamental to our legal system and a dead link or a changing Wikipedia entry can fundamentally disrupt a case.”

Recently, at the Canadian Bar Association’s 15th Annual Administrative Law, Labour and Employment Law Conference in Ottawa, Karen Eltis, Professor of Law at the University of Ottawa presented a body of research, funded through the Canadian Internet Registration Authority (CIRA)’s Community Investment Program.

Eltis emphasizes the importance of training for judges and attorneys on how to deal with the emerging influx of digital and social media evidence.

In a related talk last month, Eltis presented at a conference hosted by Georgetown Law School in Washington D.C. focusing exclusively on this problematic phenomenon known as “LinkRot” (when online information goes missing) and its implications for the justice system.

“There is so much focus on how the Internet never forgets, but when it comes to complex chains of evidence, my concern is that we are overlooking the increasingly thorny problem of unwanted deleting or erasure” said Eltis. “Paradoxically, where we need the Internet to be more permanent and its information more durable, the medium is letting us down.”

When cases require evidence from social media sites or information scraped from digital videos, the risk that these sources of information will change is particularly high.

“Understanding how technology is affecting our court system is critical to the administration of justice and Professor Eltis has taken on the important role of ensuring that judges and lawyers are informed and prepared,” said David Fowler, Director of Communications and Marketing at CIRA. “Our community investment program was designed to help support researchers as they work through these emerging areas of national concern.”

Eltis is available for interviews and further discussion of her research.

About CIRA and the Community Investment Program

Through the CIRA Community Investment Program, CIRA funds projects that demonstrate the capacity to improve the Internet for all Canadians. The Canadian Internet Registration Authority (CIRA) manages the .CA top-level domain, Canada’s online identifier, on behalf of all Canadians. A Member-driven organization, CIRA represents the .CA registry internationally.

This CIRA news release was sourced from:

CIRA Introduces DNSSEC To Protect Canadians Online

CIRA dotCA logo[news release] The Canadian Internet Registration Authority, the organization that manages the .CA domain, is making the Internet safer for all Canadians with the implementation of DNSSEC, the latest in a string of new security measures rolling out in 2014.

Half of Canadians would rather deal with .CA than a .COM website when it comes to online activities that require the disclosure of personal information, such as shopping or banking, according to CIRA’s 2014 Internet Factbook.

DNSSEC builds a “chain of trust” between users and the websites they wish to visit. It helps counter malicious online activities such as DNS spoofing and man-in-the-middle (MITM) attacks. These fraudulent activities are usually intended to capture personal information, such as bank account logins.

.CA is just one link in this chain of trust. Other stakeholders in Canada’s Internet ecosystem must now take action to protect .CA websites, and Canadian consumers and businesses.

“The success of DNSSEC now depends on implementation at the system level by players throughout the Internet ecosystem,” said Byron Holland, President and CEO of CIRA. “The full implementation of this ‘chain of trust’ is required to improve the safety and reliability of the Internet infrastructure that has become so vital to the economic and social fibre of our nation. I applaud those stakeholders that have already embraced DNSSEC.”

Visit this website to learn more about how DNSSEC works and how to make your .CA web address part of the chain of trust.

Domain Registrars also have a role to play as service providers who help Canadian businesses and individuals secure their .CA domain names with DNSSEC. easyDNS was one of the first accredited DNSSEC Registrars in Canada.

“Our focus at easyDNS is to offer our members DNS capabilities that meet their needs, and offer them and their customers the best – and safest – experience possible,” said Mark Jeftovic, President and CEO. “The foundation of this rests on trust. With the offering of DNSSEC, our clients can trust that .CA, is a secure choice. Kudos to CIRA for taking this step, and we’re proud to be one of the first in Canada to offer this service to our members.”

About CIRA

The Canadian Internet Registration Authority (CIRA) manages the .CA top-level domain, Canada’s online identifier, on behalf of all Canadians. A Member-driven organization, CIRA also facilitates the development of a better Internet for all Canadians, and represents the .CA registry internationally.

This CIRA news release was sourced from: