Latest news of the domain name industry

Recent Posts

ICANN will post more uncensored .africa info

Kevin Murphy, August 27, 2015, Domain Policy

ICANN has committed to post more unredacted documents from its Independent Review Process case with DotConnectAfrica, following a request from DI.

The organization told DI today that it will publish the documents on its web site by August 31, in response to our July 27 Documentary Information Disclosure Request.

I’d asked ICANN to publish, unredacted, the entire declaration of the IRP panel, along with all equally unredacted exhibits and hearing transcripts.

Aware that ICANN enjoys invoking its “Defined Conditions for Non-Disclosure” in order to stop material being released sometimes, I added “that the public interest and transparency benefits to ICANN of disclosing this information far outweigh any benefit that could be accrued by invoking the Defined Conditions for Non-Disclosure”.

In response, ICANN said today (pdf) that it evaluates the public interest when processing DIDP requests, adding:

we have determined that to the extent additional information warrants disclosure and can be released without further consultation with third parties ICANN will publish that unredacted information no later than 31 August 2015. We will send you an email notification upon that publication. To the extent that disclosure of some information designated as confidential by third parties may be warranted and requires further consultation with third parties, or consultation with other third parties not previously consulted, ICANN has already initiated that consultation process. ICANN will publish such further unredacted information promptly upon, and to the extent that we receive, authorization from the relevant parties to release the information, and will send you an email notification upon that publication.

Since the DIDP was filed, ICANN has published over 700 pages of redacted transcripts from two in-person IRP hearings that took place in May.

Today, it also published a letter from DCA’s competing .africa applicant, ZA Central Registry, comprising an ultimately unsuccessful request for a couple of seats at the hearing.

What has not yet been published are the IRP exhibits showing exactly what ICANN did to oil the gears for ZACR’s application.

Due to Kieren McCarthy’s articles at The Register and ICANN’s subsequent admissions, we know that ICANN staff drafted a letter that the African Union Commission could use to express its support for ZACR in the correct format.

However, the IRP exhibits that would give clarity into what exactly ICANN sent and why remain redacted.

Communications between ICANN and InterConnect, which ran the Geographic Names Panel, and references to the Kenyan government’s did-they-didn’t-they support for DCA also remain redacted.

US gives ICANN an extra year to complete transition

Kevin Murphy, August 18, 2015, Domain Policy

US government oversight of ICANN and the domain name system will end a year later than originally expected.

The National Telecommunications and Information Administration said last night that it has extended ICANN’s IANA contract until September 30, 2016, giving the community and others more time to complete and review the transition proposals.

NTIA assistant secretary Larry Strickling wrote that “it has become increasingly apparent over the last few months that the community needs time to complete its work, have the plan reviewed by the U.S. Government and then implement it if it is approved.”

Simultaneously, NTIA has finally published a proposal — written by ICANN and Verisign — for how management of the DNS root will move away from hands-on US involvement.

The extension of the IANA contract from its September 30, 2015 end date was not unexpected. The current contract allows for such extensions.

As we recently reported, outgoing ICANN CEO Fadi Chehade had guessed a mid-2016 finalization of the transition.

Regardless, expect op-eds in the coming days to claim this as some kind of political victory against the Obama administration.

Part of the reason for the extension, beyond the fact that the ICANN community hasn’t finished its work yet, is legislation proposed in the US.

The inappropriately named DOTCOM Act, passed by the House but frozen for political reasons in the Senate by Tea Party presidential hopeful Sen Ted Cruz, would give Congress 30 legislative days (which could equal months of real time) to review the IANA transition proposals.

There are basically three prongs to the transition, each with very long names.

The “Proposal to Transition the Stewardship of the Internet Assigned Numbers Authority (IANA) Functions from the U.S. Commerce Department’s National Telecommunications and Information Administration (NTIA) to the Global Multistakeholder Community” is the first.

That was created by the multistakeholder IANA Stewardship Transition Coordination Group (ICG) and deals with how the IANA contract will be managed after the US government goes away.

The second prong comes from the Cross Community Working Group on Enhancing ICANN Accountability, which deals with how ICANN itself can improve its accountability to the internet community without the Damoclean sword of US intervention hanging over it.

The CCWG’s latest draft report would strengthen the ICANN board against capture by, for example, making certain bylaws harder to amend and giving the community the right to fire directors.

Both of these proposals are currently open for public comment here.

The third prong, which only appears to have been published this week, deals with the nuts and bolts of how changes to the DNS root zone are made.

The current system is a tripartite arrangement between IANA, NTIA and Verisign.

When a TLD operator needs a change to the DNS root — for example adding a name server for its TLD — the request is submitted to and processed by IANA, sent to NTIA for authorization, then actually implemented on the primary root server by Verisign.

Under the new proposal (pdf) to phase the NTIA out of this arrangement, the NTIA’s “authorization” role would be temporarily complemented by a parallel “authentication” role.

The proposal is not written in the clearest English, even by ICANN standards, but it seems that the current Root Zone Management System would be duplicated in its entirety and every change request would have to be processed by both systems.

The output of both would be compared for discrepancies before Verisign actually made the changes to the root.

It seems that this model is only being proposed as a temporary measure, almost like a proof of concept to demonstrate that the NTIA’s current authorization role isn’t actually required and won’t be replaced in this brave new world.

Did Chehade really quit ICANN for this?

Kevin Murphy, August 17, 2015, Domain Policy

ICANN CEO Fadi Chehade will become a senior adviser with a private equity firm after he leaves ICANN next March.

He blogged today that he will take the role with Boston-based ABRY Partners and “provide guidance to ABRY’s partners and their companies’ leaders on digital strategy”.

Chehade, back in June, had described the ICANN CEO role as a “better job that I’ve ever had, or will ever have”.

He had years left on his contract.

My first thought is: really? This is the gig you quit ICANN for?

I’m drawn down the path of thinking that rather than finding the job of his dreams elsewhere, the dude is just suffering from ICANN burnout.

Chehade suggests in his post that ABRY is not a full-time job, writing: “I expect to add other roles to my portfolio and will update you all as appropriate.”

ABRY, at first glance, does not appear to have any significant connection to the domain name industry or to ICANN itself.

ICANN gets hacked, again

Kevin Murphy, August 5, 2015, Domain Policy

ICANN has been hacked again and your user names and passwords may have been compromised.

The organization said tonight that it thinks “usernames/email addresses and encrypted passwords for profile accounts created on the ICANN.org public website were obtained by an unauthorized person.”

The stolen information includes “user preferences for the website, public bios, interests, newsletter subscriptions, etc”, ICANN said.

No critical systems seem to have been affected, ICANN said.

ICANN said that an “external service provider” was responsible for the hashed passwords that were nabbed.

It recommends an abundance of caution: changing passwords, or simply (and unrealistically) not using the same password across multiple sites.

ICANN gets hacked constantly. It’s barely even news any more. Many of the stories can be found with this search.

African Union slams “dysfunctional” IRP as ICANN tries to fend off cover-up claims

Kevin Murphy, August 5, 2015, Domain Policy

The African Union Commission has criticized ICANN’s “dysfunctional accountability process” that has kept the proposed .africa gTLD in limbo for the last few years.

In a communique yesterday (pdf), the AUC also reiterated that .africa applicant ZA Central Registry has the support of both the AUC and its member states, and that governments used almost every avenue available to them to object to the rival DotConnectAfrica bid.

The letter reads:

The Africa region, African Internet stakeholders, the ZACR and AUC are the unfortunate victims of a dysfunctional accountability process and an independent review panel that did not delve more deeply to understand the new gTLD process, the role of governments in that process, and how the ICANN multistakeholder model functions in general.

A few weeks ago, an Independent Review Process panel controversially ruled that ICANN had treated DCA’s application unfairly, in violation of its bylaws, when it accepted Governmental Advisory Committee advice to reject it.

The panel said that ICANN should have at least asked the GAC for the rationale behind its advice, something that the new gTLD program’s rules did not require it to do.

One of the issues at the heart of the subsequent debate is whether ICANN inappropriately helped out ZACR’s bid by drafting an AUC letter of support and then tried to cover its actions up by inappropriately redacting information from the IRP ruling before publication.

On Friday, ICANN published a new version of the ruling that had these references restored, while retaining redactions related to the actions of Kenyan government officials.

We know what the still-redacted text says because Kieren McCarthy, writing for The Register, obtained a clean copy and published it a couple of weeks ago.

ICANN also promised to publish its reasoning if it makes redactions to any documents in future.

In a blog post on Friday, general counsel John Jeffrey said that ICANN helping the AUC draft its letter of support was not a unique case, nor was it inappropriate:

ICANN staff has helped many applicants and their supporters understand how to properly document support. Not only did we make a template support letter publicly available to all as part of the New gTLD Program Applicant Guidebook (see Appendix to Module 2), we have answered questions, received through our customer service channel, as to how interested parties can document support for a given gTLD application. In the case of ZA Central Registry, ICANN appropriately assisted the applicant in documenting support from the AUC.

Our actions surrounding the .AFRICA applications were not unique, since we assist any applicant who requests assistance, or who needs clarification in learning how best to document support or other matters. We have provided assistance to all applicants regarding their applications to the maximum extent possible.

On the claims that ICANN tried to “cover up” this assistance by redacting the IRP’s ruling and previous IRP filings, Jeffrey said that the information was covered by a confidentiality agreement agreed to by itself and DCA and endorsed by the IRP panel.

He said that ICANN was “motivated by our obligation to the community to post the document quickly and the competing, yet mandatory obligation, to respect confidential information while being as transparent as possible.”

He said ICANN attempted to reach out to those affected by the “confidential” parts of the ruling to seek permission to remove the redactions.

But McCarthy also seems to have seen emails exchanged between DCA and ICANN, and he says that ICANN redacted it over DCA’s objections.

McCarthy further says that ICANN only became interested in removing the redactions after he had already published the clean version of the ruling at The Reg — five days after the initial publication by ICANN.

Jeffrey’s post, which refers to “erroneous reporting” in an apparent allusion to McCarthy’s articles, nevertheless fails to address this claim, lending credibility to the cover-up allegations.

The .africa gTLD has been contracted to ZACR, but DCA’s rejected application has been returned to evaluation per the IRP’s ruling, where it is broadly expected to fail for want of governmental support.

Disclosure #1: I recently filed a Documentary Information Disclosure Policy request seeking the release of all the unredacted exhibits in DCA v ICANN. Given ICANN’s wont to usually respond to such requests only at the end of the full 30 days permitted by the policy, I should not expect to see an answer one way or the other until the last week of August.

Disclosure #2: As regular readers may already be aware, due to my long-held and never-disguised view that DCA was mad to apply for .africa without government support, I was once accused of being a part of a “racial conspiracy” against DCA on a blog I believe to be controlled by DCA. Naturally, after I stopped laughing, this libelous allegation pissed me off no end and enhanced my belief that DCA is nuts. Around the same time DCA also, under its own name, filed an “official complaint” (pdf) with ICANN, omitting the race card, alleging that I was part of a conspiracy against it.