Technofriends

As per the recently released report Mapping the Mal Web, its very clear that .cn which is the top-level domain of China is one of the riskiest domains ( ranks 3rd) due to the presence of numerous malware and other risky sites on the top-level. However, China’s recent change of how the auditing of domain name registrations happens.

As per the current auditing rule, for every domain, now the domain applicant will have to provide information like original application form with business seal, company business license (photocopy), and registrant ID (photocopy). Am sure not many malware providers would be interested in providing such information.

The change announced by CNNIC (China Inernet Network Information Center) states

In order to further enhance the authenticity, accuracy, and integrality of the domain name registration information, now notify as following:

1. Domain name applicants need to submit the formal paper based application material when making the online application to the registrar. The application material includes the original application form with business seal, company business license (photocopy), and registrant ID (photocopy).

2. Registrar should carefully review the application material. When application is deemed qualified, registrar need to submit the application material via fax or E-mail to CNNIC, and withhold the original application material.

3. From the day of the submission of online application, if CNNIC does not receive the formal paper based application material within 5 days or the application material auditing is not qualified, the domain name to be applied will be deleted.

4. The above regulations will be executed since 9:00AM (Beijing Time), Dec 14th, 2009.

If you have any question, free to contact us at 86-10-58813000 or email to service@cnnic.cn.

One point however to note is that though the domains will be deleted if the auditing is not done, the application serving the malware and other worms will continue to exist and any webmaster can easily be port it to a new domain (can even go outside China, though thats tough). I wish someday CNNIC also brings out some rule on the type of content that can be served out of China. This might appear like quite an ask, but if the net has to be made more secure and neutral and malware free, this is one step which can help take it a long way.

Adapted from AvertLabs

You can follow me on Twitter at http://twitter.com/vaibhav1981

Do stay tuned to Technofriends for more, one of the best ways of doing so is by subscribing to our feeds. You can subscribe to Technofriends feed by clicking here.

Related posts:

1. [GiveAway] IObit Security 360™ PRO (Offers Ends on Nov 11, 2009)
2. [iPhone] Apple iPhone Launching Today in China (Officially!!!)
3. Most of the Attack Traffic Originates from US and China ( Akamai State of the Internet Report)
4. Google Starts Uncensoring Search Results in China
5. [Privacy] China Will Scan all Text Messages