Latest news of the domain name industry

Recent Posts

First collision block-lists out now. How painful will they be for new gTLDs?

Kevin Murphy, October 19, 2013, 11:53:58 (UTC), Domain Registries

ICANN has published the name collision block-lists for the first four new gTLDs, and they making pretty interesting reading.
The four registries in question will be required to block between 104 and 680 unique second-level domains from their gTLDs if they want to use the fastest path to delegation on offer.
The four gTLDs with lists published this morning are: .сайт (Russian “.site”), .онлайн (Russian “.online”), شبكة. (Arabic “.web”) and .游戏 (Chinese “.games”).
These were the first four new gTLDs with signed Registry Agreements. ICANN seems to be following the order contracts were signed, rather than the official prioritization number.
So what’s on the lists?
The first thing to note is that, as expected, ICANN has helpfully removed invalid strings (such as those with underscores) and gibberish Google Chrome strings from the lists, greatly reducing their size.
The block-lists are based on Day In The Life Of The Internet data, which recorded DNS root queries for applied-for gTLDs over 48-hour periods between 2006 and 2013.
According to ICANN, “a significant proportion” of the DITL queries were for the nonsense 10-character strings that Chrome generates and sometimes accidentally sends to the public DNS.
Because these “appear to present minimal risk if filtered from the block lists”, ICANN has made an effort to automatically remove as many as possible, while acknowledging it may not have caught them all. The human eye is good at spotting meaningless strings, software is not so adept.
All four lists still contain plenty of gibberish strings, according to this human eye, but mostly they’re not of 10 characters in length.
All four lists published today are for non-Latin domain names and are presumably expecting their registries to be mostly populated with IDN.IDN domain names.
As such, the impact of their mostly Latin block-lists may be even smaller than it first appears.
For example, if we look at the list for .сайт, which has 680 strings to block, we discover that only 80 of them are IDNs (beginning with xn--). I assume they’re all, like the gTLD, in Cyrillic script.
I haven’t decoded all of these strings from Punycode and translated them from Russian, but the fact is there’s only 80 of them, which may not be unduly punitive on CORE Association’s launch plan.
At the other end of the spectrum, Donuts will only have to block 13 IDN strings from its .游戏 (Chinese .games) gTLD, and the ASCII strings on its list are mostly numeric or gibberish.
There’s very probably some potentially valuable generic strings on these lists, of course, which could impact the landrush purse, but it’s beyond this monoglot’s expertise to pick them out.
A small number of Latin-script brands appear on all four lists.
Donuts will have to block, and in its Chinese “.games”, for example. CORE will have to block and DotShabaka Registry will have to block شبكة.redbull.
The impact of this on the registries could be minimal — a few fewer sunrise sales, assuming the brand owner intended to defensively register.
If the blocked brand was a potential launch partner it could be much more annoying and even a launch-delaying factor. It’s not yet clear how registries and brand owners will be able to get these names unblocked.
Bear in mind that registries are not allowed to activate these domains in any sense for any use — they must continue to return NXDOMAIN error responses as they do today.
I’m sure (“”) could have some value to Apple — and to Donuts, in the unlikely event it managed to persuade Apple to be an anchor tenant — but it’s no longer available.
ICANN will deliver full mitigation plans for each gTLD, which may often include releasing blocked names to their ‘rightful’ owner, but that’s not expected for some months.
Generic terms
A number of generic dictionary terms are getting blocked, which may prove irksome for those registries with long lists. For example, CORE will have to block and
So far, .онлайн has by far the longest list of ASCII generics to block — stuff like “football”, “drinks”, “poker” and “sex”. Even weirdness like “herpesdating” and “musclefood”.
As it’s an IDN, this might not be too painful, but once ICANN starts publishing lists for Latin gTLDs we might start seeing some serious impact on registries’ ability to sell and market premium domains.
Shurely shome mishtake
There are a few strings on these lists that are just weird, or are likely to prove annoying to registries.
All four of these gTLDs are going to have to block “www” at the second level, for example, which could impact their registry marketing — www.tld is regularly used by TLD registries.
It is going to be really problematic if “www” shows up on the block-lists for dot-brand registries — many applicants say “www.” is likely to be the default landing page for their dot-brand.
The only string that ICANN says it won’t put on any block-list is “nic”, which was once the standard second-level for every TLD’s registry web site but doesn’t really have mass recognition nowadays.
The block-lists also include two-letter strings, most of which correspond to ccTLDs and all of which are already banned by the base Registry Agreement for precisely that reason.
There’s no reason for these two-letter names to be on the lists, but I don’t see their presence causing any major additional heartaches for registries.
So is this good news or what?
As the four block-lists to be released so far are for IDN gTLDs, and because I don’t speak Chinese, Arabic or Russian, it’s a difficult call today to say how painful this is going to be.
There are plenty of reasons to be worried if you’re a new gTLD applicant, certainly.
Premium names will be taken out of play.
You may lose possible anchor tenants.
Your planned registry-use domain names may be banned.
If you’re a dot-brand, you’d better start thinking of alternatives to “www.”.
But the block-lists are expected to be temporary, pending permanent mitigation, and they’re so far quite small in terms of meaningful strings, so on balance I’d say so far it’s not looking too bad.
On the other hand, nothing on the published lists jumps out at me like a massive security risk, so the whole exercise might be completely pointless and futile anyway.

Tagged: , , , , ,

Comments (4)

  1. Kevin,
    Allow me two quick precisions and one comment from CORE’s side:
    * blocking all those Latin-script enerics you mention, such as, is completely irrelevant. both .онлайн and . сайт will only allow Cyrillic-script registrations. All other characters, for instance, Latin, are excluded anyway. So most of the strings in the lsit are totally irrelevant in our case
    * Both TLDs are in Cyrillic script, which Russian suses, but not only. They are not language-based, but mainly aimed at Russian, yes, and Bulgarian, Belarusion and Ukrainian. Other languages may use characters not included in our IDN Table.
    And the comment:
    We are at a lost udnerstanding what these concrete lsits have to do with security and stability. list, for instance, contains lots of famous Russian companies, from search engines to mobile oeprators, and the same English names you saw, translated. Quite frankly we ahve the impression to be more in presence of a wannabe speculator than any security threat 😉
    But yes, we will block all those names, and move forward.

  2. Avtal says:

    I agree with your assessment that this exercise is pointless and futile.
    A typical example of a blocked second-level-plus-top-level domain: игры.онлайн, which is Russian for
    I imagine that one day, a naive user tried to type игры онлайн into the search engine box, but instead typed it into the browser’s url bar by mistake. The browser cleverly replaced the space by a dot, and asked the DNS system to look up this non-existent domain. As a result, this query made it into the Day in the Life of the Internet database.
    So the consequence of this user blunder is that игры.онлайн is blocked, until someone takes the time to figure this all out and unblock it.
    If the same method is used to create a block list for .ком, the list will be quite extensive.

  3. Drewbert says:

    This block list concept is absurd!
    Here’s the english translations of some of the domains that will be unable to be registered.
    The idea of using blocklists with IDN gTLD’s completely DESTROYS the reason for FINALLY releasing full IDN’s to the culture who don’t use latin alphabets.
    All of those cyrillics area appearing in blocklists because new Internet users in Russia/Ukraine etc naturally EXPECT to be able to use their own language when typing in a URL to a web browser.
    But of course, right now, it doesn’t work – so the most popular ones show up in the NX domain list and some einstein at ICANN decides they’re ERRORS, when they’re exactly the opposite!
    Can you imagine the “error” list they’ll come up with for the cyrillic version of .com? It’s going to be 100,000 domains long!
    IDN gTLD’s are supposed to ENABLE these domains to work FINALLY. Now, they’re going to put the ones people expect to work the most in some silly block list?

Add Your Comment