Latest news of the domain name industry

Recent Posts

Could .cpa be the most successful new gTLD sunrise yet?

Kevin Murphy, September 25, 2020, Domain Registries

The registry for the new .cpa gTLD reckons it has received “thousands” of applications for domains during its current launch period, potentially making it the most successful gTLD sunrise since 2012.

The American Institute of Certified Public Accountants, which manages the TLD, said today:

Well over half of the 100 biggest U.S. firms — as well as an equally large percentage of the next 400 — have begun advancing their applications as part of the early phase of the .cpa registration process, which launched on Sept. 1.

Assuming “thousands” means at least 2,000, this would make .cpa a top three or four sunrise, judging by figures collected by ICANN showing Google’s .app the current volume leader at 2,908.

But we can’t assume that all the .cpa domains boasted of are trademark-verified sunrise period applications under ICANN’s rules.

AICPA is running a simultaneous Limited Registration Period during which any CPA firm can apply for domains that are “most consistent with their current digital branding” — ie, no trademark required.

Both of these periods end October 31, after which the registry will dole out domains in a batch, presumably giving preference to the sunrise applicants.

We have to assume the amount of purely defensive registrations will be relatively low, due to AICPA’s policies.

Not only are registrants limited to licensed CPA companies and individuals, but registrants have to commit to redirect their .cpa domain to their existing web site within a month and deploy a full web site within a year.

.cpa domains sell for $225 a year, according to the registry. General availability is scheduled for January 15.

1 Comment Tagged: , , , ,

ICANN 69 returning to YouTube

Kevin Murphy, September 25, 2020, Domain Policy

ICANN is to make its annual general meeting next month available streaming on YouTube, the org has announced.

That’s in addition to the Zoom rooms that have been used exclusively for meetings since the coronavirus pandemic hit at the start of the year.

The YouTube streams will be listen/view only and will have up to 30 seconds delay compared to the live Zoom rooms, which will of course continue to have interactivity.

The move will be a welcome return for those of us who need to listen in to sessions and not necessarily engage.

Unfortunately, only five “high-interest” sessions will be available, and there won’t be any live interpretation for the non-English speakers.

For the Zoom rooms, they’ll be mandatory registration before you can even view the meeting schedule. The links will be hidden behind a login screen.

This is largely due to repeated incidents of “Zoom-bombing”, where trolls interrupt proceedings with inflammatory off-topic material.

Comment Tagged: , , ,

Three-letter .blog domains priced up to $100k

Kevin Murphy, September 25, 2020, Domain Registries

Knock Knock Whois There, the .blog registry, said it is going to release its inventory of three-character domains next month.

Roughly 47,000 names will be released at premium fees, with prices ranging “from a few hundred dollars to over $100K”, the company said.

That number suggests that pretty much all of the alphanumeric combinations and hyphenated L-L, N-N, L-N and N-L variants will be available.

The premium pricing only applies to year one; the names will renew at the standard rate of between $10 and $30.

The names will be released October 7 on a first-come, first-served basis.

.blog is doing pretty well by new gTLD standards, with over 190,000 registered names.

Comment Tagged: , , , ,

Whois plan approved, but it may be a waste of money

Kevin Murphy, September 24, 2020, Domain Policy

ICANN’s GNSO Council has approved a plan to overhaul Whois and sent it to the ICANN board for the royal assent, alongside a warning that it may be a huge waste of money.

All seven members of the Contracted Parties House voted in favor of the plan, created by the so-called EPDP working group, which would create a centralized System for Standardized Access/Disclosure for Whois records.

In the Non-Contracted Parties House, only the two members of the Intellectual Property Constituency and the two members of the Business Constituency voted against the headline resolution, with the remaining nine voting in favor.

This was sufficient to count as a supermajority, which was the threshold required.

But the board will be receiving the SSAD recommendations alongside a request for a consultation on “whether a further cost-benefit analysis should be conducted”:

Noting some of the questions surrounding the financial sustainability of SSAD and some of the concerns expressed within the different minority statements, the GNSO Council requests a consultation with the ICANN Board as part of the delivery of the GNSO Council Recommendations Report to the ICANN Board to discuss these issues, including whether a further cost-benefit analysis should be conducted before the ICANN Board considers all SSAD-related recommendations for adoption.

The cost of SSAD is currently estimated by ICANN loosely at $9 million to build and $8.9 million a year to run. Under the approved recommendations, it would be paid for by accreditation fees paid by end-user data requestors.

And the benefits?

Well, to listen to the IPC, BC, governments and security experts — collectively the expected customers of SSAD — the system will be a bit rubbish and maybe not even worth using.

They complain that SSAD still leaves ultimate responsibility for deciding whether to grant access to Whois records to trained humans at individual registries and registrars. They’d prefer a centralized structure, with much more automation, more closely resembling the pre-GDPR universe.

Contracted parties counter that if GDPR is going to hold them legally responsible for disclosures, they can’t risk offloading decision-making to a third party.

But this could prove a deterrent to adoption, and if fewer companies want to use SSAD that could mean less revenue to fund it which in turn could lead to even higher prices or the need for subsidies out of ICANN’s budget.

The IPC called the recommendations “an outcome that will not meet the needs of, and therefore will not be used by, stakeholders”.

It’s a tricky balancing act for ICANN, and it could further extend the runway to implementation.

The most likely first chance the ICANN board will get to vote on the recommendations would be the AGM, October 22, but if the GNSO consultation concludes another cost/benefit analysis is due, that would likely push the vote out into 2021.

There’s the additional wrinkle that three of ICANN’s four advisory committees, including the governments, have expressed their displeasure with the EPDP outcome, which is likely to add complexity and delay to the roadmap.

And the GNSO’s work on Whois is not even over yet.

Also during today’s meeting, the Council started early talks on whether to reopen the EPDP to address the issues of data accuracy, whether registrars should be obliged to distinguish between legal and natural persons, and whether it’s feasible to have a uniform system of anonymized email addresses in Whois records.

2 Comments Tagged: , , , , ,

Should YOU have to pay when lawyers access your private Whois info?

Kevin Murphy, September 23, 2020, Domain Policy

The question of who should shoulder the costs of ICANN’s proposed Whois overhaul is being raised, with governments and others suggesting that the burden should fall on registrants themselves.

In separate statements to ICANN recently, the Governmental Advisory Committee and Security and Stability Advisory Committee both put forward the view that registrants, rather than the trademark lawyers behind most requests for private Whois data, should fund the system.

ICANN currently expects the so-called System for Standardized Access/Disclosure (SSAD), proposed after two years of talks in an ICANN community working group, to cost $9 million to build and another $9 million a year to operate.

The working group, known as the EPDP, has recommended in its final report that registrants “MUST NOT bear the costs for having data disclosed to third parties”.

Instead, it recommended that requestors themselves should pay for the system, probably via an annual accreditation fee.

But now the GAC and SSAC have issued minority statements calling that conclusion into question.

The GAC told ICANN (pdf):

While the GAC recognizes the appeal of not charging registrants when others wish to access their data, the GAC also notes that registrants assume the costs of domain registration services as a whole when they register a domain name.

While the SSAC said (pdf):

Data requestors should not primarily bear the costs of maintaining the system. Requestors should certainly pay the cost of getting accredited and maintaining their access to the system. But the current language of [EPDP Recommendation] 14.2 makes victims and defenders cover the costs of the system’s operation, which is unfair and is potentially dangerous for Internet security…

No previous PDP has protected registrants from having the costs associated with “core” registration services or the implementation of consensus policies being passed on to them. No previous PDP has tried to manipulate the functioning of market forces as is proposed in Recommendation 14.

SSAC suggested instead that registrars should be allowed to pass on the costs of SSAD to their customers, and/or that ICANN should subsidize the system.

Over 210 million gTLD domain names, $9 million a year would work out to less than five cents per domain, but one could argue there’s a principle at stake here.

Should registrants have to pay for the likes of Facebook (probably the biggest requestor of private Whois data) to access their private contact information?

The current proposed system would see the estimated $9 million spread out over a far smaller number of requestors, making the fee something like $450 per year.

EPDP member Milton Mueller did the math and concluded that any company willing to pay its lawyers hundreds of thousands of dollars to fight for greater Whois access in ICANN could certainly swallow a measly few hundred bucks a year.

But the minority objections from the GAC, SSAC and Intellectual Property Constituency do not focus wholly on the costs. They’re also bothered that SSAD doesn’t go nearly far enough to actually provide access to Whois data.

Under the current, temporary, post-GDPR system, registries and registrars basically use their own employees’ discretion when deciding whether to approve a Whois data request.

That wouldn’t change significantly under SSAD, but there would be a huge, multi-tiered system of accreditation and request-forwarding that’s been described as “glorified, overly complex and very expensive ticketing system”.

The GAC wants something much more automated, or for the policy to naturally allow increased automation over time. It also wants increased centralization, taking away much of the human decision-making at registrars out of the equation.

The response from the industry has basically been that if GDPR makes them legally liable for their customers’ data, then it’s the registries and registrars that should make the disclosure decisions.

The GAC has a great deal of power over ICANN, so there’s likely to be a bit of a fight about the EPDP’s outcomes and the future of SSAD.

The recommendations are due to be voted on by the GNSO Council at its meeting tomorrow, and as I’ve noted before, it could be tight.

Council chair Keith Drazek seems to be anticipating some lively debate, and he’s already warned fellow members that’s he’s not minded to approve any request for a delay on the vote, noting that the final report has been available for review for several weeks.

By convention, the Council will defer a vote on the request of any of its constituency groups, but this is sometimes exploited.

Should the Council approve the resolution approving the final report — which contains a request for further financial review of SSAD — then it will be forwarded to the ICANN board of directors for final discussion and approval.

But with the GAC on its case, with its special advisory powers, getting SSAD past the board could prove tricky.

1 Comment Tagged: , , , , , , ,

Nominet shuts down “hostile” discussion forum

Kevin Murphy, September 23, 2020, Domain Registries

Nominet has angered members by unilaterally shutting down a discussion forum that has been for many years the main place for discussions about .uk policy.

The forum, which Nominet hosted on its web site, went dark abruptly during the company’s annual general meeting yesterday.

Speaking to members tuning in to the live webcast, CEO Russell Haworth said that the forum was “dominated by a handful of posters, and has increasingly become aggressive and hostile, not least towards our staff”.

And then it was gone.

Haworth said he expected criticism over the move, which was “fine”, adding that posters have plenty of other venues to air their grievances.

He also suggested periodic Zoom calls to communicate with members.

The decision to close the forum is being greeted poorly by affected members (presumably the ones who most actively used it) on social media and seen as a way for power to be further consolidated among Nominet’s biggest revenue-generators.

Nominet recently came in for criticism for its efforts to grab a slice of the drop-catching pie by charging registrars an extra £600 a year (now, members note, up to £1,000) for additional EPP tunnels.

It also recently admitted privately to members that it last year miscalculated how many votes members they should get in directorship elections, but insisted the error did not have an effect on the outcome of the most recent poll.

The move is not entirely without precedent. Those of you with as many grey hairs as me may recall the old Domain-Policy mailing list, once the central hub for community discussions, going dark back in 2001.

But Verisign, which hosted the list and its archives, explained that move as a measure to reduce redundancy, rather than straight-up admitting that it was a PR move to silence its legion of critics.

Comment Tagged: , ,

Donuts to launch .contact next week

Kevin Murphy, September 23, 2020, Domain Registries

Almost a year and a half after buying it, Donuts is ready to launch its newest gTLD, .contact.

According to ICANN records, the sunrise period for the domain will run from September 29 to November 28.

Registrars report that general availability will begin December 9. Retail pricing is expected to be competitive with .com.

Donuts will also run its traditional Early Access Period, from December 2, a week during which prices start very high and decline day by day.

It will be an unrestricted space, as it Donuts’ wont, and I imagine the suggested use case is something similar to the .tel model — the publication of contact information.

Donuts acquired .contact from Top Level Spectrum for an undisclosed amount in April 2019.

Comment Tagged: , , , , , ,

GoDaddy denies weird front-running claim

Kevin Murphy, September 21, 2020, Domain Registrars

GoDaddy has been forced to deny (again) that it engages in front-running after a social media post attracted hundreds of comments.

Front-running is the practice of a registrar monitoring customers’ availability searches then registering the name itself in order to mark it up to a premium price.

No reputable registrar does this any more, if only because it would be reputation suicide.

But a poster on HackerNews claimed to have been exploited in precisely this way,

searched a few days ago for felons.io, looked for unique names for simple game didn’t know if I wanted it or not

guess godaddy decided for me: 1 days old Created on 2020-09-16 by GoDaddy.com, LLC

just a warning if you have a special name do not use godaddy to check if its available

Domains can appear to be front-run due to the law of large numbers. Registrants may think they’re the only one with a unique domain idea, but they’re likely not.

After the HackerNews post attracted hundreds of comments (largely promoting Namecheap as a superior competitor) and a post from Eliot Silver, GoDaddy decided to issue a response.

“These accusations are 100% false. This type of behavior is predatory, unethical, and goes against everything we stand for as a company,” registrar head Paul Bindel posted over the weekend.

Bindel went on to post the results of search queries for “felons” and related terms over a couple of weeks. There weren’t a huge amount.

Complicating the story, he also says that the felons.io domain was suspended not long after registration, and will soon be deleted, after it was flagged as a fraudulent registration by a compromised account.

Interestingly, the HackerNews account used to post the original allegation appears to have been created on the same day as the post, which is literally the only thing he or she ever posted on the site.

4 Comments Tagged: , ,

Is India’s largest registrar about to go titsup? And where the hell is ICANN?

Kevin Murphy, September 21, 2020, Domain Registrars

India’s largest independent domain name registrar appears to be “doing an AlpNames”, with many customers complaining about domains going dark, transfer codes not being issued, and customer support being unavailable for weeks.

Net 4 India, which claims to have 400,000 customers, has been in insolvency proceeds for over two years, but it’s only in the last couple months that the complaints have started piling up by the scores from disgruntled customers.

A major complaint is that renewals are not processed even after they are paid for, that transfer authcodes never arrive, that customer support never picks up the phone or replies to emails, and (occasionally) that the Net4 web site itself is down.

As we saw with AlpNames last year and RegisterFly back in the mists of time, These are all the warning signs of a registrar in trouble.

On its web site, Net4 prominently warns customers that its call centers are operating on a skeleton staff due to India’s coronavirus lockdown measures, which may account for the lack of support.

But there are reports that customers have visited the company’s offices in person to find them closed.

There’s been radio silence from the registrar. Even its Twitter account is private.

Many local commentators are pointing to the fact that Net4 is in protracted insolvency proceedings as the true underlying issue.

There have been calls for government intervention, action by .in registry NIXI, ICANN enforcement, and even the Indian equivalent of a class action lawsuit. This local cyber law blogger is all over it.

But what is ICANN doing about it?

Net4 was taken to a quasi-judicial insolvency court in 2017 by a debt-recovery company called Edelweiss over the rupee equivalent of about $28 million of unpaid loans from the State Bank of India.

ICANN has been aware of this fact since at least April 2019, when it started calling the registrar for an explanation.

Under the standard Registrar Accreditation Agreement, being in insolvency for over 30 days is grounds for unilateral termination by ICANN.

ICANN could terminate the agreement and transfer all of Net4’s gTLD domain names to a different registrar pretty much at will — all the registrant data is in escrow. This would not protect Net4’s many thousands of .in registrants of course.

ICANN suspended Net4’s RAA in June last year, but Net4 somehow managed to talk its way out of it. ICANN later rescinded the suspension on the proviso that the registrar provide monthly updates regarding its insolvency.

Net4’s cure period has been extended three times by ICANN. The latest expired July 31 this year.

At least one ICANN staffer is on the case, however. ICANN’s head of India Samiran Gupta has recently been reaching out to customers on Twitter, offering his email address and assistance getting in contact with Net4 staff, apparently with some success.

But Net4 had 95,000 gTLD names under management at the last count (though it’s been hemorrhaging thousands per month) so this individual approach won’t go very far.

Comment Tagged: , , , ,

Webcentral rejects Web.com buyout bid for LOWER offer from Aussie telco

Kevin Murphy, September 18, 2020, Domain Registrars

Pioneering registrar Webcentral has turned down Web.com’s offer to acquire it in favor of a lower offer from telecommunications company 5G Networks.

The company announced this week that 5GN will pay one share for ever 12 shares of Webcentral, which works to to between AUD 18.7 million and AUD 19.5 million ($14.24), depending on which trailing average price you use.

That’s between AUD 0.153 and AUD 0.16 per share, compared to Web.com’s recently increased bid of AUD 0.18 per share.

It’s a 138% premium based on 5GN’s September 16 closing price and Webcentral’s closing price before the Web.com deal was announced two months ago.

So why take the lower offer? Webcentral offered a few reasons, the most compelling of which was that there seems to have been a certain amount of arm-twisting going on.

The Web.com deal would have required 75% of Webcentral’s shares to be voted in favor of the acquisition and 5GN already owned over 10% and said it would vote them against. The 5GN deal only requires it to acquire 50.1% of the shares.

5GN will also pay off Webcentral’s debts and pay Web.com the AUD 500,000 penalty incurred for breaking the original July deal.

Webcentral was previously known as ARQ Group and, as one of the original five ICANN=accredited registrars, Melbourne IT. It owns the registrars Netregistry and Domainz. it became Webcentral after selling its wholesale business to CentralNic and its enterprise unit to private equity.

5GN, despite the name, is a largely wire-based telco and hosting provider. It doesn’t currently own any registrars.

Comment Tagged: , , ,