Latest news of the domain name industry

Recent Posts

Hundreds of new gTLD applicants still in GAC limbo

Kevin Murphy, September 16, 2013, 10:10:32 (UTC), Domain Policy

A little over five months after the Governmental Advisory Committee issued its controversial Beijing communique, demanding strict controls over hundreds of new gTLDs, ICANN has still not taken any action.
ICANN’s New gTLD Program Committee “accepted” a bunch of the GAC’s advice on new gTLDs during its meeting last week, but yet again punted the most crucial issue — how to handle the so-called “Category 1” strings.
In a resolution last Tuesday, published on Friday, the NGPC addressed 21 pieces of GAC advice from the July Durban meeting but took no action on the April Beijing advice.
One application was killed off as a result — Better Living Management’s bid for .thai — on geographic grounds.
Applications for .spa, .yun, .广州 (.guangzhou), and .深圳 (.shenzhen), which are all geographic strings, have been put on hold “until the agreements between the relevant parties are reached”.
Amazon’s applications for its brand in Latin and other scripts are also on hold again pending ICANN’s review of its lengthy response to the GAC’s decision to object to them in Durban.
Two applications — .date and .persiangulf — which had raised geographic concerns in Beijing have been given leave to proceed after the GAC decided not to object in Durban.
Applications for .wine, .vin, .ram and .indians appear to be safe, but it’s not 100% clear based on the NGPC’s resolution.
Category 1 strings
“Category 1” strings were those strings that the GAC deemed applicable to “Consumer Protection, Sensitive Strings, and Regulated Markets”.
The GAC wants these gTLDs, if approved, to be subject to oversight by regulatory or self-regulatory bodies and to implement strict security controls.
The Category 1 advice has been criticized by many, including members of the NGPC, for being too vague to implement and for unfairly moving the goalposts on applicants at the last minute.
In Durban, the NGPC had indicated that it was very unhappy with the Category 1 advice.
Last week, it chose to essentially ignore the Beijing communique in which the Category 1 advice was delivered, and instead “accept” the Category 1 advice from Durban, which simply stated:

The GAC will continue the dialogue with the NGPC on this issue.

The NGPC in response stated in an annex to its resolution:

The NGPC accepts this advice. The NGPC looks forward to continuing the dialogue with the GAC on this issue.

So the 500-odd applications captured by Category 1 are still in limbo, unable to sign registry contracts with ICANN, pending the outcome of these GAC-NGPC negotiations.
On the upside, it looks like ICANN is keen to get the issue resolved before ICANN’s next public meeting, which takes place in Buenos Aires in November. ICANN said:

The NGPC and staff are working with the GAC to identify a time and place for further dialogue on these items.

Community support
The NGPC also addressed the GAC’s demands relating to community support for applications. In doing so, it again deployed its tactic of “accepting” the letter of the GAC’s advice whilst plainly rejecting it in spirit.
The GAC had said in Durban:

the GAC advises the ICANN Board to consider to take better account of community views, and improve outcomes for communities, within the existing framework, independent of whether those communities have utilized ICANN’s formal community processes to date.

The GAC was basically worried about the new gTLD program not giving sufficient weight to informal objections from organizations that could be affected by applied-for strings.
The NGPC responded:

The NGPC accepts this advice. The NGPC will consider taking better account of community views and improving outcomes for communities, within the existing framework, independent of whether those communities have utilized ICANN’s formal community processes to date. The NGPC notes that in general it may not be possible to improve any outcomes for communities beyond what may result from the utilization of the AGB’s community processes while at the same time remaining within the existing framework.

In other words, due to the inclusion of the phrase “within the existing framework”, ICANN can do absolutely nothing else to address the GAC’s concerns and can still say it “accepted” the advice.
The NGPC had previously used the same tactic to avoid dealing with the GAC’s Beijing advice on giving “communities” the ability to kill off applications without going through the proper channels.

Tagged: , , , , , ,

Comments (5)

  1. A Category 1 "Applicant" says:

    As always, a solid “take” on all of the drama Kevin.
    I would appreciate gaining a better understanding about your optimism and assumptions here that the “Category 1 issue” will be “resolved” before Buenos Aires in November”…
    As you cited from the NGPC’s resolutions document, “The NGPC and staff are working with the GAC to identify a time and place for further dialogue on these items.”
    Considering the degree of complexity and politics in play, and lacking any evidence of progress over the past six months toward the parties agreeing on an objective methodology for determining whether or not ANY of the Beijing Cat. 1 advice is warranted as a matter of risk mitigation, why should applicants have any confidence or optimism for “resolve” come Buenos Aires?
    Having revisited the Durban transcripts, it would seem far-fetched at best that come Buenos Aires there will be full “resolution” on the issues.
    Other than the NGPC’s flatly rejecting most if not all of the Cat. 1 Safeguard advice in Buenos Aires (…the unrealistic assumption), perhaps the only REALISTIC assumption that can be drawn here is that come Buenos Aires, the NGPC will have issued a more detailed scorecard which clarifies its approach for its accepting or rejecting one or more portions of the Category 1 safeguards Advice — but not all of it. Perhaps the NGPC will prove me wrong…
    After 6 months of deliberations and useless volleying about the feasibility (or lack thereof) of the proposed safeguards following the issuance of the Beijing Communique, simply expressing an additional commitment to further engage in a dialogue with the GAC as a resolution beyond unacceptable and most certainly doesn’t provide confidence that the issues are being resolved, or will be resolved come November. At minimum, prior to Buenos Aires, the NGPC should be held accountable by the Board to providing a report on its progress and the specific steps being taken to reach a resolution.
    The reality is that there are risk assessment frameworks and processes that the NGPC can turn to in order to satisfy these concerns in a practical and efficient manner, and which have been proven useful in quantifying risks, validating requirements, and resolving supply chain concerns of governments.
    As one example:
    In accepting or rejecting the Category 1 Safeguard Advice, the parties must establish and agree on an objective, evidence-based method to validate or reject the (perceived) threats, vulnerabilities, risk likelihoods and consequences for ALL TLDs vs. any one or more categories or individual strings – because no evidence or sound reasoning has been provided in order to justify their categorization or inclusion here to begin with.
    Rather than attempting to assess feasibility, the NGPC should make efforts to validate or reject the GAC’s risk and abuse hypotheses without allowing blatant political agendas to continue to impede the progress of doing so. Many well-intended applicants have already developed policies and models of abuse mitigation and governance that far exceed those in place today. Most have readily and fairly acknowledged what levels of risk exist in their applications with specificity which the GAC Advice flatly ignores.
    Further delaying the delegation process without the GAC’s providing sufficient evidence or objective reasoning at this stage is unacceptable and warrants nothing other than the NGPC’s flat out rejection of its safeguard advice.

    • Kevin Murphy says:

      I have no reasons to expect an inter-sessional meeting beyond that one quote and the fact that they held one once before, in 2011.
      There may well be no additional talks before BA.

      • A Category 1 "Applicant" says:

        Thanks for clarifying Kevin. The Board’s meeting calendar ( suggests it might be possible for the NGPC to “piggyback” off of meetings scheduled on 9/28/13 and 10/24/13 before Durban, although what you’ve pointed out with respect to what transpired back in 2011 only helps reaffirm some of the points I made in my previous response.
        In suffering through these delays ourselves, I can honestly say that based on the issues themselves, i have compassion for both the GAC and the NGPC here in attempting to reach a suitable compromise. But the reality is that the GAC is simply not capable, nor are they motivated to push forward a a methodology or a process for moving forwards that acknowledges there are really serious issues with implementing some of the things they have suggested. Whether or not the NGPC is willing to take this step isn’t something they can or should do in isolation – and certainly without support from the applicants.
        As such, whether they figure out a time and place to meet or not is almost irrelevant — and unless the NGPC ultimately rejects the Category 1 Safeguard advice in its entirety before BA, we may all need to come to grips with the fact that it could be YEARS of our being in limbo I guess. That’s absurd.

        • Kevin Murphy says:

          I suspect the way out of this is for ICANN to reject the advice to the great extent possible without it looking like it’s rejecting the advice.

          • A Category 1 "Applicant" says:

            Agree with your suspicions here, although as they say, “the devils in the details…”
            Although a limited fraction of of the Cat 1 safeguards are presumably “feasible” to implement (e.g., #2 – notification of an AUP at point of registration), and others which are already incorporated in the 2013 RAA (e.g., notification of single point of contact) and which perhaps should be acknowledged in their next resolution, the NGPC can likely expand on many of the examples that applicants have duly and consistently provided.
            If there were indeed one area to really reject with explanation, it would be those “further safeguards” (#6-8) — but rather than purely focusing on issues of feasibility and implementation, the NGPC should emphasize that the GAC has not provided sufficient evidence which serves to demonstrate how such safeguards would actually address the GAC’s underlying concerns for risk mitigation or what the perceived risks are for that matter.
            In the event the NGPC were to actually follow through with what you suggested and for which i’ve elaborated, presumably such a “rejection in part” wouldn’t require a lot of time and effort (perhaps in weeks, not months) to prepare a response for, although would likely benefit from the contributions of a few experienced and INDEPENDENT risk management experts like Deloitte ( or Information Systems Audit and Control Association (
            We’ll see.

Add Your Comment