Systems and methods may include sending, to a network registrar, an extended duplicate address request (EDAR) message including a first nonce generated by a host computing device, and receiving, from the network registrar, an extended duplicate address confirmation (EDAC) message including a second nonce and a first signature, a first nonce pair including the first nonce and the second nonce being signed by the network registrar via a first key pair of the network registrar via the first signature. The systems and methods may further include sending a first neighbor advertisement (NA) message to the host computing device including the second nonce. The second nonce and a public key of the network registrar verifies the first signature from the network registrar, the verification of the first signature indicating that a router through which the host computing device connects to a network is not impersonating the network.

Systems and methods may include sending, to a network registrar, a first message including a first nonce generated by a host computing device, and receiving, from the network registrar, a second message including a second nonce, the second nonce being signed by the network registrar via a private key of a first public key infrastructure (PKI) key pair of the network registrar via a first signature. The method further includes sending a first neighbor advertisement (NA) message to the host computing device including the second nonce. The second nonce and the private key of the network registrar verifies the first signature from the network registrar, the verification of the first signature indicating that the router is not impersonating the network.

Systems and methods may include sending, to a network registrar, a first message including a first nonce generated by a host computing device, and receiving, from the network registrar, a second message including a second nonce, the second nonce being signed by the network registrar via a private key of a first public key infrastructure (PKI) key pair of the network registrar via a first signature. The method further includes sending a first neighbor advertisement (NA) message to the host computing device including the second nonce. The second nonce and the private key of the network registrar verifies the first signature from the network registrar, the verification of the first signature indicating that the router is not impersonating the network.

A domain processing system is enhanced with a first-pass domain filter configured for loading character strings representing a pair of domains consisting of a seed domain and a candidate domain in a computer memory, computing a similarity score and a dynamic threshold for the pair of domains, determining whether the similarity score exceeds the dynamic threshold, and iterating the loading, the computing, and the determining for each of a plurality of candidate domains paired with the seed domain. A similarity score between the seed domain and the candidate domain and a corresponding dynamic threshold for the pair are computed. If the similarity score exceeds the corresponding dynamic threshold, the candidate domain is provided to a downstream computing facility. Otherwise, it is dropped. In this way, the first-pass domain filter can significantly reduce the number of domains that otherwise would need to be processed by the downstream computing facility.

A system for publishing a plurality of Domain Name System (DNS) records for a domain name, the system comprising: a record selection module for obtaining selected data of registry data associated with the domain name in a registry database; a DNS Security (DNSSEC) signing system having at least one signing module for digitally signing the selected data of the registry data, the digitally signing using one or more signing keys (SK) to generate a signed DNS record, the one or more signing keys associated with the registry data of the domain name; a distribution system for coordinating the publishing of a set of DNS records in the DNS by facilitating transmitting of the set of DNS records to one or more authoritative servers of the DNS in a transmission path that bypasses storing of the signed DNS record in the registry database, the set of DNS records generated based on a signing identifier on how to generate the set of DNS records by either: a) sending the selected data to the DNSSEC signing system for subsequent direct inclusion as the signed DNS record in the set of DNS records by the DNSSEC signing system using a set of generation instructions; or b) including the selected data as an unsigned DNS record in the set of DNS records by the distribution system using the set of generation instructions, wherein the transmission path also bypasses the at least one signing module of the DNSSEC signing system.

The technology disclosed relates to resolution of conflicts between a requested internet service, requested by an internet service requesting server, and a package internet services. The method disclosed includes sending a conflict check result message to an internet service requesting server, indicating a presence of a conflict between a requested internet service requested by the requesting server and a package of internet services. The method includes receiving from the internet service requesting server a response including a selection from (i) an alternate internet service in the package of internet services to substitute for the requested internet service; (ii) a request to replace an existing connection with a service in the package of internet services with the requested internet service; and (iii) a request to initiate a custom resolution application. The method then responsively performs a respective conflict resolution step.

A method for verifying eligibility of a domain name registrant via a verification web interface for a domain name either registered or in the process of registration with a registrar over a communications network. The method comprising: provide a network link to the registrar or to a registry operator of the domain name; receive an event request for the domain name via the verification web interface including a claim ID associated with the domain name for a domain event; receive a verification request using the network link via the verification web interface including a registrant claim ID and registrant identification information, the registrant claim ID previously provided to the registrant; confirm matching of the registrant claim ID with the claim ID; obtain registrant verification information; access external verification information and compare against the registrant verification information a confirm domain event message or a deny domain event message.

The technology disclosed relates to resolution of conflicts between a requested internet service, requested by an internet service requesting server, and a package internet services. The method disclosed includes sending a conflict check result message to an internet service requesting server, indicating a presence of a conflict between a requested internet service requested by the requesting server and a package of internet services. The method includes receiving from the internet service requesting server a response including a selection from (i) an alternate internet service in the package of internet services to substitute for the requested internet service; (ii) a request to replace an existing connection with a service in the package of internet services with the requested internet service; and (iii) a request to initiate a custom resolution application. The method then responsively performs a respective conflict resolution step.

Techniques for automatically configuring a computing device in a computing environment are provided. One embodiment includes determining that the computing device has been added to a computing environment and that at least one feature of the computing device is unconfigured. Device name data specifying at least two potential device identifiers for the computing device is received from a plurality of endpoint devices communicatively coupled to the computing device. A first device identifier is selected from the at least two potential device identifiers and device configuration data associated with the first device identifier is requested from a device configuration server. The at least one feature of the computing device can then be configured using the device configuration data.

Approaches presented herein enable generation of a multi-dimensional tag metric in a cloud resource management environment. More specifically, a tagging namespace is provided for managing a resource in the cloud resource management environment. This namespace comprises at least two dimensions and a plurality of positions. A set of tags associated with the resource are received into the tagging namespace. A match of each tag of the set of tags to a position within the namespace into which that tag was received is verified and an alert is triggered in the case verification fails. Alternatively, in the case verification is successful, the tag-containing namespace is validated as a multi-dimensional tag metric.