Latest news of the domain name industry

Recent Posts

Drop-catcher drops almost all remaining registrars

Kevin Murphy, April 23, 2018, Domain Registrars

Drop-catch specialist Pheenix has terminated almost all of its remaining registrar accreditations, leaving it with just its core registrar.

By my count, 50 shell registrars have terminated their ICANN contracts over the last few days, all of them part of the Pheenix dropnet.

Only Pheenix.com remains accredited.

That’s one registrar, down from a peak of about 500 at the end of 2016.

Almost 450 were terminated in November.

With registrars equating to connection time with the .com registry, it looks like Pheenix’s ability to catch dropping names through its own accreditations has been severely diminished.

By my count, ICANN currently has 2,495 accredited registrars, having terminated 524 and accredited about 40 since last July, when it said it expected to lose a net 750 over the coming 12 months.

Fifty registrars is worth a minimum of $200,000 in fixed annual fees to ICANN.

Comment Tagged: , , ,

Another failing new gTLD stopped paying its dues

Kevin Murphy, April 23, 2018, Domain Registries

Another new gTLD registry has been slapped with an ICANN breach notice after failing to pay its fees.

California-based dotCOOL, which runs .qpon, seems to be at least six months late in making its $6,250 quarterly payment to ICANN, according to the notice (pdf).

It’s perhaps not surprising. The TLD has been live since mid-2014 and yet has failed to top more than about 650 simultaneous domains under management, at least 100 of which were registry-owned.

Right now, its zone file contains about 470 domains.

It typically sells new domains in the single digits each month, with retail prices in the $15 to $20 range.

With that volume and the inferred registry fee, a full year’s revenue probably wouldn’t cover one quarter of ICANN fees.

The string “qpon” is a pun on “coupon”. The idea was that companies would use the TLD to push discount coupons on their customers.

But they didn’t.

The number of live sites indexed by Google is in the single figures and none of them are using .qpon for its intended purpose.

ICANN’s breach notice also demands the company start publishing a DNSSEC Practice Statement on its registry web site, but that seems like the least of its worries.

As a novel, non-dictionary string, I worry that .qpon may struggle to find a buyer.

Last week, .fan and .fans, both operated by Asiamix Digital, got similar breach notices from ICANN.

Comment Tagged: , , , ,

ICANN found a zero-day hole in Adobe Connect

Kevin Murphy, April 23, 2018, Domain Tech

It’s looking like ICANN may have found a zero-day vulnerability in Adobe Connect, until recently its default collaboration tool.

The organization on Friday announced the results of a “forensic investigation” into the bug, and said it has reported its findings to Adobe, which is now “working on a software fix to address the root cause of the issue”.

If Adobe didn’t know about it, it looks rather like ICANN — or at least the unnamed member of the security advisory committee who found it — has bagged itself a zero-day.

ICANN had previously said that the glitch “could possibly lead to the disclosure of the information shared in an ICANN Adobe Connect room”.

The review found that the only person who exploited the bug was the person who discovered and disclosed it.

AC is used not only in ICANN’s public meetings but also, I understand, in closed sessions of ICANN staff, board and committees, where secret information is most likely to be shared.

After the bug was discovered, ICANN shut off the system and started using alternatives such as WebEx, to a mixed reception.

In the absence of an immediate patch from Adobe, ICANN has been testing workarounds and said it hopes to have two working ones deployed by May 3.

This would allow the tool to come back online in time for its board workshop, GDD Summit and ICANN 62, the organization said.

Comment Tagged: , , , , , ,

Nominet to charge brands for no-name Whois access

Kevin Murphy, April 23, 2018, Domain Registries

Nominet has become the second major registry to announce that trademark lawyers will have to pay for Whois after the EU General Data Protection Regulation comes into effect next month.

The company said late last week that it will offer the intellectual property community two tiers of Whois access.

First, they can pay for a searchable Whois with a much more limited output.

Nominet said that “users of the existing Searchable WHOIS who are not law enforcement will continue to have access to the service on a charged-for basis however the registrant name and address will be redacted”.

Second, they can request the full Whois record (including historical data) for a specific domain and get a response within one business day for no charge.

Approved law enforcement agencies will continue to get unfettered access to both services — with “enhanced output” for the searchable Whois — for no charge, Nominet said.

These changes were decided upon following a month-long consultation which accepted comments from interested parties.

Other significant changes incoming include:

  • Scrapping UK-presence requirements for second-level registrations.
  • Doing away with the current privacy services framework, offloading GDPR liability to registrars providing such services.
  • Creating a standard opt-in mechanism for registrants who wish for their personal data to be disclosed in public Whois.

Nominet is the second registry I’m aware of to say it will charge brand owners for Whois access, after CoCCA 10 days ago.

CoCCA has since stated that it will sell IP owners a PDF containing the entire unredacted Whois history of a domain for $3, if they declare that they have a legitimate interest in the domain.

It also said they will be able to buy zone file access to the dozens of TLDs running on the CoCCA platform for $88 per TLD.

Comment Tagged: , , , , , , ,

auDA may sue to delay boardroom bloodbath

Kevin Murphy, April 23, 2018, Domain Registries

auDA is thinking about taking its membership to court in order to delay a vote on the jobs of four of its directors.

The Australian ccTLD registry has also delayed further consideration of its policy to introduce direct, second-level registrations in .au until late 2019.

Both announcements came in the wake of a government review of the organization, which found it “no longer fit-for-purpose”.

auDA last week asked its members to agree to a postponement of the special general meeting, called for by a petition of more than 5% of its members, at which there would be votes on whether to fire the CEO, its chair, and two independent directors.

Under the law, auDA has to hold the SGM by June 7 at the latest, according to a letter (pdf) sent to members on Friday.

But auDA wants to delay the meeting until mid-September, at the earliest, to coincide with its regular Annual General Meeting.

If its members do not consent to the delay — it gave them a deadline of 4pm local time today, meaning responses would have to be drafted over the weekend — auDA said it “intends to apply for a court order… extending the time for calling the requested SGM”.

The delay is needed, auDA said, in order to give the organization the breathing space to start to implement the reforms called for by the government review.

The government wants the makeup of the auDA board substantially overhauled within a year to better reflect the stakeholder community and to ensure directors have the necessary skills and experience.

In response, auDA has told the government (pdf) that it agrees with the need for reform, but that it will not be able to hit its deadlines unlesss the SGM is delayed.

It also said calling the SGM on time would cost it somewhere in the region of AUD 70,000, based on the cost of a similar meeting last year.

auDA announced separately last week that it is delaying any more discussion on second-level registrations — something the reform campaigners largely are opposed to — “until the second half of 2019 at the earliest”.

Josh Rowe, coordinator of the Grumpier.com.au petitioners, said in his response that he found the request for the SGM delay “extremely disappointing”, adding:

auDA is at an important juncture following the Australian Government’s review. However, it is critical that people with the right skills and experience lead auDA through its reform.

Members have lost confidence in the auDA CEO, and the three auDA independent directors. They do not have the right skills and experience to lead auDA through its reform.

He noted that members do not have the resources to fight auDA in court.

Comment Tagged: , , ,