Recent Posts
- Cybersquatting cases down in .uk
- As .boots self-terminates, ICANN will not redelegate it
- GoDaddy launches security service after Sucuri acquisition
- Zero registrars pass ICANN audit
- Zone file access is crap, security panel confirms
- Ombudsman steps in after harassment claims in Whois group
- US “threatens” Costa Rica over Pirate Bay domains
- Forget emojis, you can buy Egyptian hieroglyph .com domains
- Donuts to pay $213 million for Rightside
- Bladel quits as Council chair as GoDaddy ruled “ineligible” for election
- Should ICANN get breastfeeding areas? Have your say!
- Domain President? Dicker fallout continues as Schwartz unleashes tweetstorm
- InternetNZ wants to fire two of its three (!) CEOs
- CIRA and Nominum offering DNS firewall
- DENIC gets approved for registry escrow
- ICANN scraps remote meeting hubs
- MMX says .vip renewals to be at 70%+
- About that $3,800 emoji domain sale…
- ICANN finds no conflict of interest in .sport decision
- .music and .gay CPE probe could end this month
- Time to show ICANN who’s boss!
- .xyz sets price for numeric domains at $0.65
- Sixteen-year-old emoji .com sells for €3,400
- $5 billion e-commerce site to dump .com for dot-brand
- Three-million-domain .au deal up for grabs
- Emoji domains get a 👎 from security panel
- Web.com in takeover talks – report
- After price hike, now Tucows drops support for Uniregistry TLDs
- Country names to finally be released in new gTLDs
- Want to be one of the internet’s SEVEN SECRET KEY-HOLDERS? Apply now!
- Richemont kills off two more dot-brands
- Iran reported to Ombudsman after new gTLD conspiracy theory
- Key-Systems buys reseller EDC
- Let’s all have a nosey at how much ICANN staff get paid
- Massive ransomware attack hits 150 countries, brought down by a domain reg
- ICANN’s origin story is well worth a watch
- Neustar’s .au deal in peril as Aussies look in-house
- .gay, .music and others in limbo as ICANN probes itself
- XYZ acquires .storage, its 10th gTLD
- ICANN changes Panama meeting dates to avoid Muslim holiday
- More change at the top at Donuts as Tindal steps down
- Second emergency registry tested with dead dot-brand
- MMX stung for $7.7 million by crappy .london contract?
- Hey, you! Listen to the ICANN board webcast more private sessions
- MarkMonitor tells .feedback to take a hike after “breach” claim
- ICANN attendance shrank in Denmark
- Afnic CEO quits, heads to new mystery job
- Verisign to keep price increase power under new .net contract
- ICANN loosens Whois privacy rules for registrars
- Pirate Bay founder launches piracy-friendly domain privacy service
Cybersquatting cases down in .uk
The number of cybersquatting complaints filed against .uk domains fell in 2016, according to data out this week from Nominet.
The .uk registry said that there were 703 complaints filed with its Dispute Resolution Service in the year, down from 728 in 2015.
However, the number of individual domains complained about appears to have increased, from 745 to 785. That’s partly due to registrants owning both .co.uk and .uk versions of the same name.
The number of cases that resulted in domains being transferred was 53%, the same as 2015, Nominet said.
The large majority of cases were filed by UK-based entities against UK-based registrants, the stats show.
Zone file access is crap, security panel confirms
ICANN’s Centralized Zone Data Service has some serious shortcomings and needs an overhaul, according to the Security and Stability Advisory Committee.
The panel of DNS security experts has confirmed what CZDS subscribers, including your humble correspondent, have known since 2014 — the system had a major design flaw baked in from day one for no readily apparent reason.
CZDS is the centralized repository of gTLD zone files. It’s hosted by ICANN and aggregates zones from all 2012-round, and some older, gTLDs on a daily basis.
Signing up for it is fairly simple. You simply fill out your contact information, agree to the terms of service, select which zones you want and hit “submit”.
The purpose of the service is to allow researchers to receive zone files without having to enter into separate agreements with each of the 1,200+ gTLDs currently online.
The major problem, as subscribers know and SSAC has confirmed, is that the default subscription period is 90 days.
Unless the gTLD registry extends the period at its end and in its own discretion, each subscription ends after three months — cutting off access — and the subscriber must reapply.
Many of the larger registries exercise this option, but many — particularly dot-brands — do not.
The constant need to reapply and re-approve creates a recurring arse-ache for subscribers and, registry staff have told me, the registries themselves.
The approval process itself is highly unpredictable. Some of the major registries process requests within 24 hours — I’ve found Afilias is the fastest — but I’ve been waiting for approval for Valuetainment’s .voting since September 2016.
Some dot-brands even attempt to insert extra terms of service into the deal before approving requests, which defeats the entire purpose of having a centralized service in the first place.
Usually, a polite email to the person handling the requests can produce results. Other times, it’s necessary to report them to ICANN Compliance.
The SSAC has evidently interviewed many people who share my concerns, as well as looking at data from Compliance (where CZDS reliably generates the most complaints, wasting the time of Compliance staff).
This situation makes zone file access unreliable and subject to unnecessary interruptions. The missing data introduces “blind spots” in security coverage and research projects, and the reliability of software – such as security and analytics applications – that relies upon zone files is reduced. Lastly, the introduced inefficiency creates additional work for both registry operators and subscribers.
The SSAC has no idea why the need to reapply every 90 days was introduced, figuring it must have happened during implementation.
But it recommends that access agreements should automatically renew once they expire, eliminating the busywork of reapplying and closing the holes in researchers’ data sets.
As I’m not objective on this issue, I agree with that recommendation wholeheartedly.
I’m less keen on the SSAC’s recommendation that registries should be able to opt out of the auto-renewals on a per-subscriber basis. This will certainly be abused by the precious snowflake dot-brands that have already shown their reluctance to abide by their contractual obligations.
The SSAC report can be read here (pdf).
Ombudsman steps in after harassment claims in Whois group
ICANN Ombudsman Herb Waye has started monitoring an ICANN mailing list after multiple complaints of disrespectful behavior.
Waye this week told participants in the Registration Data Services working group that he is to trawl through their list archives and proactively monitor the group following “multiple complaints regarding behavior that contravenes the ICANN Expected Standards of Behavior and possibly the Community Anti-Harassment Policy”.
The RDS working group is exploring the possibility of replacing the current Whois system, in which all data is completely open, with something “gated”, restricting access to authenticated individuals based on their role.
Law enforcement agencies, for example, may be able to get a greater level of access to personal contact information than schmucks like me and you.
Privacy advocates are in favor of giving registrants more control over their data, while anti-abuse researchers hate anything that will limit their ability to stop spam, phishing and the like.
It’s controversial stuff, and arguments on the RDS WG list have been been very heated recently, sometimes spilling over into ad hominem attacks.
The Expected Standards of Behavior requires all ICANN community members to treat each other with civility.
I haven’t seen anything especially egregious, but apparently the disrespect on display has been sufficiently upsetting that the Ombudsman has had to step in.
It’s the first time, that I’m aware of, that the ICANN Ombudsman has proactively monitored a list rather than simply responding to complaints.
Waye said that he plans to deliver his verdict before ICANN 59, which kicks off in a little over a week.
US “threatens” Costa Rica over Pirate Bay domains
The US government has been threatening to “close down” Costa Rica’s .cr registry over its refusal to take down a Pirate Bay domain name, according to the registry.
Representatives of the US embassy in Costa Rica have been badgering NIC.cr to take down thepiratebay.cr since 2015, according to a letter from Pedro León Azofeifa, president of Academia Nacional de Ciencias, which runs the registry.
The letter claims:
These interactions with the United States Embassy have escalated with time and include great pressure since 2016 that is exemplified by several phone calls, emails and meetings urging our ccTLD to take down the domain, even though this would go against our domain name policies
According to the letter, a US official “has mentioned threats to close our registry, with repeated harassment regarding our practices and operation policies and even personal negative comments directed to our Executive Director”.
The letter was sent to the chair of ICANN’s Governmental Advisory Committee 10 days ago, CC’d to senior ICANN, Costa Rican and US governmental figures, and has been circulated this week in the Latin American domain name community.
The form of the alleged threats to close the registry is not clear, but it should be noted that prior to October 1 last year the US Department of Commerce, via its now-relinquished oversight of ICANN, played a key role in the administration of the DNS root zone.
The Pirate Bay is of course a popular directory of BitTorrent links largely used to disseminate pirated copies of movies and music, much of it American-made.
The site has been TLD-hopping for years, as registries around the world shut down its domains for violations of their own local rules. It has been live on thepiratebay.cr since December 2014, when its Swedish operation was shut down by authorities.
The NIC.cr letter says that its own policies follow international “best practices” and allow it to take down domains when presented with a Costa Rican court order, but that “the pressure and harassment [from the US] to take down the domain name without its proper process and local court order persists”.
The US Department of Commerce even pressured its Costa Rican counterpart to investigate NIC.cr, but that probe concluded that the registry was acting within its procedures, according to the letter.
It’s not the first attempt to get rid of the Pirate Bay this year.
Public Interest Registry in February announced a “UDRP for copyright” proposal that would allow copyright holders to have piracy disputes heard by independent arbitrators. It looked like a way to get unloved thepiratebay.org domain taken down without PIR having to take unilateral action.
That proposal was shelved after an outcry from the industry and civil rights watchdogs.
In April, one of the Pirate Bay’s founders launched a piracy-friendly domain registration service.
Just this week, the European Court of Justice ruled, after seven years of legal fights, that the Pirate Bay infringes copyright, raising the possibility of the site being blocked in more European countries.
The NIC.cr letter is dated June 6. It has not yet been published by ICANN or the GAC.
Bladel quits as Council chair as GoDaddy ruled “ineligible” for election
GNSO Council Chair James Bladel has resigned, after it emerged that GoDaddy, his employer, is not eligible for office under registrar rules.
He will continue to occupy the post on an interim basis until a new election is held.
Bladel was elected to represent the Registrars Stakeholder Group on the Council back in 2013 and was elected by the Council as chair in late 2015.
However, the RrSG has just discovered that he’s actually ineligible for elected office under its charter because GoDaddy is also a dot-brand registry.
The RrSG charter states that in order to avoid conflicts of interest, a registrar that also has a Specification 9 exemption from the registry Code of Conduct in an ICANN registry conduct may not hold office.
GoDaddy signed its .godaddy registry agreement, which includes the Spec 9 exemption, in July 2015. The gTLD is not currently being used.
GoDaddy is of course the largest registrar in the industry, but it appears its ability to wield power in ICANN’s policy-making bodies now appears to be hamstrung by its foray into new gTLDs.
Bladel’s resignation is not expected to have any significant impact on GNSO Council work.
He’s been reappointed by the RrSG executive committee on an interim basis until elections can be held for a replacement. His term is due to expire in November anyway.
Recent Comments
I saw your wonderful interview with Cyger and you mentioned there are about 40 or 50 emoji dot coms. Where did you find ... read more
it is a very good bargain and time will tell. at the moment emojis dot com are super rare so you have bought it super ... read more
Kinky.boots would have been interesting! http://www.kinkybootsthemusical.com/about.php... read more
Sucuri enjoyed good customer satisfaction when they were a standalone company.... read more
It would have been nice to have a simple FTP or SFTP solution but the CZDS seems a bit overengineered to cope with the w... read more
What about the awful file transfer process with the baffling requirement of customer software to download zones? And the... read more
The automatic 90 day renewal/reapplication thing was never a part of the ZFA working group recommendations. Someone who ... read more
From a marketing standpoint I registered the ankh hieroglyph .com represented as http://xn--wb8d.com which forwards to m... read more
And adjusting the 90 day limit is non-obvious, just to make matters more interesting.... read more
But would like to add that Rick and berkens should be understanding and accept that the videos shouldn't be promoted. C... read more