Latest news of the domain name industry

Recent Posts

Attendance dips for ICANN in Johannesburg

Kevin Murphy, July 25, 2017, Domain Policy

The number of people showing up for ICANN’s latest meeting was down compared to previous meetings, just-released statistics show.

The organization reported today that there were 1,353 attendees at the ICANN 59 meeting in Johannesburg last month, down from 1,436 at the comparable Helsinki meeting a year ago.

It was also down from the 2,089 people attending the Copenhagen meeting in March, but that’s to be expected due to the mid-year meeting having a shorter schedule more tightly focused on policy work.

It also seems to be typical for meetings in Africa to get lower attendance than meetings elsewhere in the world, given the relatively low participation at last year’s Marrakech meeting.

But attendance from the local region spiked again. There were 498 Africans there, 36% of the total. By comparison, just 5% of Copenhagen attendees were African.

This tilted the gender balance towards males, with declared female participation down to 31% from 33% in Copenhagen and 32% in Helsinki.

The number of people attending their first ICANN meeting was 33% of the total. That’s much higher than the 20% reported for Copenhagen. About two thirds of the noobs were from Africa.

These numbers are among the thousands of statistics released in the ICANN 59 roundup today, which for the first time included some eye-opening facts about food and drink consumption at the venue, reproduced here.

If these numbers are correct, there was one waiter or member of service staff for every 2.7 meeting attendees, which strikes me as a weirdly balanced ratio.

Empowered Community makes first symbolic exercise of power

Kevin Murphy, July 24, 2017, Domain Policy

The new “Empowered Community” of ICANN has exercised its power for the first time.

The EC on Friday told ICANN that it has approved the ICANN board of directors’ recent resolution to create a new committee tasked with handling various oversight processes.

It’s of largely symbolic importance, the first test of whether the EC process works when the issue at hand is non-controversial.

The EC is a body made up of representatives of ICANN’s Address Supporting Organization, At-Large Advisory Committee, Country Code Names Supporting Organization, Generic Names Supporting Organization and Government Advisory Committee.

Among its powers and responsibilities is the duty to accept or reject changes to ICANN’s fundamental bylaws.

Some of those bylaws concern the composition and roles of board committees, so creating a new such committee required EC assent.

All five EC members, known as Decisional Participants, approved the resolution (pdf).

The EC also has the power to reject ICANN’s budget. The deadline for exercising this power for the 2017/18 budget is approaching soon, but I’m not expecting that to happen.

Governments slammed for overreach as Amazon wins gTLD appeal

Kevin Murphy, July 19, 2017, Domain Policy

Amazon has won its appeal against the rejection of its .amazon gTLD application, in a ruling that criticizes ICANN for giving too much deference to government advice.

The Independent Review Process panel’s 2-to-1 ruling, delivered July 11 and published this week, means that .amazon and its Chinese and Japanese translations has been un-rejected and ICANN will have to consider approving it again.

The ruling (pdf) turns on the idea that ICANN’s board of directors rejected the gTLD based on nothing more than the groundless objections of a few South American governments.

Amazon’s applications were rejected three years ago when ICANN accepted the consensus advice of its Governmental Advisory Committee.

That advice, which had no attached rationale, had come largely at the behest of Brazil and Peru, two countries through which the Amazon river flows.

At issue was the word “Amazon”, which the governments protested matched the name of an important geographic region extending into several countries.

But the string was not protected by ICANN’s new gTLD program rules because it does not match the name of an administrative region of any country.

Regardless, Brazil and Peru said that to give .amazon to Amazon would prevent it being used in future by citizens of the informal South American region.

GAC consensus was reached only after the US government, for political reasons connected to the then-recent announcement of the IANA transition, decided to withdraw its objection to the advice.

Consensus, under GAC rules means simply that no one government objects to the proposed advice. It does not indicate unanimity.

But at no point in the pubic record of discussions within the GAC or ICANN board did anyone give any substantial public policy reasons for the objection, the IRP panel has now found.

Global Domains Division chief Akram Atallah testified before the panel that consensus GAC advice sets “too high for the Board to say no.”

It seems ICANN sometimes just assumes that GAC advice by default is rooted in sound public policy, even when that is not the case.

Brazil and Peru’s objections “do not appear to be based on well-founded public policy concerns that justify the denial of the applications” the panelists wrote.

The panel wrote:

We conclude that GAC consensus advice, although no reasons or rationale need be given, nonetheless must be based on a well-founded public interest concern and this public interest basis must be ascertained or ascertainable from the entirety of the record…

the Board cannot simply accept GAC consensus advice as conclusive. The GAC has not been granted a veto under ICANN’s governance documents.

So, while the GAC was under no obligation to state its reasons for objecting to .amazon, the ICANN board was obliged to state its reasons for accepting this advice beyond just “the GAC made us do it”.

As somebody who spent much of 2011 arguing that the GAC new gTLD veto was a bad idea, it’s nice to see the panel agree with me.

The GAC itself also erred by refusing to consider Amazon’s arguments in favor of its application, the IRP panel’s majority found.

Peru had publicly claimed that the string “Amazon” was protected under ICANN rules, which was not true, and Amazon did not have the opportunity to correct the record.

Amazon had also pointed out that the Brazilian oil company Ipiranga was granted its application for .ipiranga, despite its name matching the name of a Brazilian river apparently so important that it is referred to in the Brazilian national anthem.

However, the IRP panel decided that because ICANN’s board had not taken any action on .ipiranga, there was no basis for it to consider whether Amazon had been unfairly subject to different treatment.

In conclusion, this is what the panel has sent to the board:

The Panel recommends that the Board of ICANN promptly re-evaluate Amazon’s applications in light of the Panel’s declarations above. In its re-evaluation of the applications, the Board should make an objective and independent judgment regarding whether there are, in fact, well-founded, merits-based public policy reasons for denying Amazon’s applications. Further, if the Board determines that the applications should not proceed, the Board should explain its reasons supporting that decision. The GAC consensus advice, standing alone, cannot supplant the Board’s independent and objective decision with a reasoned analysis.

It seems Amazon’s chances of having .amazon approved have improved. If ICANN wants to reject the applications again it is going to have to come up with some good reasons, some good reasons that possibly do not exist.

The panel also ordered ICANN to reimburse Amazon for the $163,045.51 it spent on the IRP.

ICANN chair paid $114,000 last year

Kevin Murphy, July 13, 2017, Domain Policy

ICANN chair Steve Crocker was paid $114,203.24 in the organization’s last tax year.

The number was released today (pdf) in response to a request by domain blogger John Poole of DomainMondo.com.

Poole had requested the figures because Crocker is paid via his company, Shinkuro, rather than directly, so his compensation does not show up on ICANN’s published tax returns.

It was already known that ICANN’s chair is eligible for $75,000 a year in salary, but today’s letter, from CFO Xavier Calvez, states that he also received $39,203.24 for office rent (about $3,250 per month) in the year ended June 30 2016.

This does not include his travel reimbursements and such, which came to well over $100,000 in the same fiscal year according to ICANN disclosures.

If Crocker were on ICANN staff, he would be the 18th most costly employee, even if you do include the extra reimbursements.

Other ICANN directors receive $45,000 per year.

Calvez said ICANN will update its disclosure process to make it clearer how much Crocker is paid via Shinkuro.

Could the next new gTLD round last 25 years? Or 70 years?

Kevin Murphy, July 13, 2017, Domain Policy

Will the next new gTLD round see 25,000 applications? If so, how long will it take for them all to go live?

The 25,000 figure is one that I’ve heard touted a few times, most recently during public sessions at ICANN’s meeting in Johannesburg last month.

The problem is that, judging by ICANN’s previous performance, such a huge number of applications would take anywhere from 25 to 70 years to process.

It’s unclear to me where the 25,000 application estimate comes from originally, but it does not strike me as laughably implausible.

There were just shy of 1,930 applications for 1,408 unique strings in the most recent round.

There could have been so many more.

ICANN’s outreach campaign is generally considered to have been a bit lackluster, particularly in developing markets, so many potential applicants were not aware of the opportunity.

In addition, some major portfolio applicants chose to rein in their ambitions.

Larry Page, then-CEO of Google, is known to have wanted to apply for many, many more than the 101 Google wound up applying for, but was talked down by staff.

There’s talk of pent-up demand for dot-brands among those companies that missed the 2012 window, but it’s impossible to know the scale of that demand with any precision.

Despite the fact that a handful of dot-brands with ICANN registry agreements and delegations have since cancelled their contracts, there’s no reason they could not reapply for defensive purposes again in subsequent rounds.

There are also thousands of towns and cities with populations comparable to cities that applied in 2012 that could apply next time around.

And there’s a possibility that the cost of applying — set at $185,000 on a highly redundant “cost recovery” basis — may come down in the next round.

Lots of other factors will play a role in how many applications we see, but in general it doesn’t seem impossible that there could be as many as 25,000.

Assuming for a moment that there are 25,000, how long will that take to process?

In the 2012 round, ICANN said it would delegate TLDs at a rate of no more than 1,000 per year. So that’s at least 25 years for a 25,000-app round.

That rate was set somewhat arbitrarily during discussions about root zone scaling before anyone knew how many gTLDs would be applied for and estimates were around the 500 mark.

Essentially, the 1,000-per-year number was floated as a sort of straw man (or “straw person” as some ICANNers have it nowadays) so the technical folk had a basis to figure out whether the root system could withstand such an influx.

Of course, this limit will have to be revised significantly if ICANN has any hope of processing 25,000 applications in under a generation.

Discussions at the time indicated that the rate of change, not the size of the root zone, was what represented the stability threat.

In reality, the rate of delegation has been significantly slower than 1,000 per year.

It took until May 2016 for the 1,000th new gTLD to go live, 945 days after the first batch were delegated in late October 2013.

That means that during the relative “rush-hour” of new gTLD delegations, there was still only a little over one per day on average.

And that’s counting from the date of the first delegation, which was actually 18 months after the application window was closed.

If that pattern held in subsequent rounds, we would be looking at about 70 years for a batch of 25,000 to make their way through the system.

You could apply for a vanity gTLD matching your family name and leave the delegation as a gift to your great-grandchildren, long after your death.

Clearly, with 25,000 applications some significant process efficiencies — including, I fancy, much more automation — would be in order.

Currently, IANA’s process for making changes to root zone records (including delegations) is somewhat complex and has multiple manual steps. And that’s before Verisign makes the actual change to the master root zone file.

But the act of delegation is only the final stage of processing a gTLD application.

First, applications that typically run into tens of thousands of words have to undergo Initial Evaluation by several teams of knowledgeable consultants.

From Reveal Day in 2012 to the final IE being published in 2014 took a little over two years, or an average of 2.5 applications per day.

Again, we’re looking at over a quarter of a century just to conduct IE on 25,000 applications.

Then there’s contracting — ICANN’s lawyers would have to sign off on about a dozen Registry Agreements per day if it wanted to process 25,000 delegations in just five years.

Not to mention there’s also pre-delegation testing, contention resolution, auctions, change requests, objections…

There’s a limited window to file objections and there were many complaints, largely from governments, that this period was far too short to read through just 1,930 applications.

A 25,000-string round could take forever, and ICANN’s policies and processes would have to be significantly revised to handle them in a reasonable timeframe.

Then again, potential applicants might view the 2012 round as a bust and the next round could be hugely under-subscribed.

There’s no way of knowing for sure, unfortunately.

ICANN shuffles regional bosses, drops “hub” concept

Kevin Murphy, June 29, 2017, Domain Policy

ICANN has made a couple of changes to its senior management team and abandoned the Chehade-era concept of “hub” offices.

Rather than having three offices it calls “hubs” in different parts of the world — Los Angeles, Istanbul and Singapore — it will now have five of what it calls “regional offices”.

As well as the three former hubs, one will be in Brussels, Belgium and the other in Montevideo, Uruguay.

A few vice presidents are being shuffled around to head up each of these offices.

Senior policy VP David Olive is being replaced as managing director of the Istanbul office by Nick Tomasso, who’s also VP in charge of ICANN’s public meetings. Olive will carry on in his VP role, but back in Washington DC, from August.

Fellow policy VP and veteran GAC relations guy Olof Nordling is retiring from ICANN at the end of the July. His role as MD of the Brussels office will be filled by Jean-Jacques Sahel, VP of stakeholder engagement for Europe.

Rodrigo de la Parra, VP of stakeholder engagement for the Latin America region, will be MD of the Montevideo office. Jia-Rong Low runs the Singapore office. ICANN CEO Goran Marby of course is top dog in LA.

The difference in nomenclature — “hub” versus “regional office” — looks to me like it’s quite minor.

Former CEO Fadi Chehade had early on in his stint at ICANN professed a desire to pursue a strategy of aggressive internationalization, with hub offices having equal importance, but I don’t think the idea ever really took off to the extent he expected and he didn’t stick around long enough to see it through.

In addition, the IANA transition last year, which separated ICANN from its US government oversight, pretty much carved ICANN’s California roots into stone for the time being.

ICANN heading to Japan and Canada in 2019

Kevin Murphy, June 28, 2017, Domain Policy

ICANN has named two of the host cities for its 2019 public meetings.

The community will descend upon Kobe, Japan in March 2019 for the first meeting of the year and will head to Montreal, Canada, for the annual general meeting in November.

Both locations were approved by the ICANN board of directors at a meeting this weekend.

The location of the middle “policy forum” meeting for 2019 has not yet been identified.

ICANN is currently meeting in Johannesburg, South Africa. Later this year it will convene in Abu Dhabi, UAE.

Spanish speakers can rejoice next year, when the locations, in order, are Barcelona, Panama City and San Juan (the Puerto Rican one).

Cybersquatting cases down in .uk

Kevin Murphy, June 23, 2017, Domain Policy

The number of cybersquatting complaints filed against .uk domains fell in 2016, according to data out this week from Nominet.

The .uk registry said that there were 703 complaints filed with its Dispute Resolution Service in the year, down from 728 in 2015.

However, the number of individual domains complained about appears to have increased, from 745 to 785. That’s partly due to registrants owning both .co.uk and .uk versions of the same name.

The number of cases that resulted in domains being transferred was 53%, the same as 2015, Nominet said.

The large majority of cases were filed by UK-based entities against UK-based registrants, the stats show.

Zone file access is crap, security panel confirms

Kevin Murphy, June 20, 2017, Domain Policy

ICANN’s Centralized Zone Data Service has some serious shortcomings and needs an overhaul, according to the Security and Stability Advisory Committee.

The panel of DNS security experts has confirmed what CZDS subscribers, including your humble correspondent, have known since 2014 — the system had a major design flaw baked in from day one for no readily apparent reason.

CZDS is the centralized repository of gTLD zone files. It’s hosted by ICANN and aggregates zones from all 2012-round, and some older, gTLDs on a daily basis.

Signing up for it is fairly simple. You simply fill out your contact information, agree to the terms of service, select which zones you want and hit “submit”.

The purpose of the service is to allow researchers to receive zone files without having to enter into separate agreements with each of the 1,200+ gTLDs currently online.

The major problem, as subscribers know and SSAC has confirmed, is that the default subscription period is 90 days.

Unless the gTLD registry extends the period at its end and in its own discretion, each subscription ends after three months — cutting off access — and the subscriber must reapply.

Many of the larger registries exercise this option, but many — particularly dot-brands — do not.

The constant need to reapply and re-approve creates a recurring arse-ache for subscribers and, registry staff have told me, the registries themselves.

The approval process itself is highly unpredictable. Some of the major registries process requests within 24 hours — I’ve found Afilias is the fastest — but I’ve been waiting for approval for Valuetainment’s .voting since September 2016.

Some dot-brands even attempt to insert extra terms of service into the deal before approving requests, which defeats the entire purpose of having a centralized service in the first place.

Usually, a polite email to the person handling the requests can produce results. Other times, it’s necessary to report them to ICANN Compliance.

The SSAC has evidently interviewed many people who share my concerns, as well as looking at data from Compliance (where CZDS reliably generates the most complaints, wasting the time of Compliance staff).

This situation makes zone file access unreliable and subject to unnecessary interruptions. The missing data introduces “blind spots” in security coverage and research projects, and the reliability of software – such as security and analytics applications – that relies upon zone files is reduced. Lastly, the introduced inefficiency creates additional work for both registry operators and subscribers.

The SSAC has no idea why the need to reapply every 90 days was introduced, figuring it must have happened during implementation.

But it recommends that access agreements should automatically renew once they expire, eliminating the busywork of reapplying and closing the holes in researchers’ data sets.

As I’m not objective on this issue, I agree with that recommendation wholeheartedly.

I’m less keen on the SSAC’s recommendation that registries should be able to opt out of the auto-renewals on a per-subscriber basis. This will certainly be abused by the precious snowflake dot-brands that have already shown their reluctance to abide by their contractual obligations.

The SSAC report can be read here (pdf).

Ombudsman steps in after harassment claims in Whois group

Kevin Murphy, June 16, 2017, Domain Policy

ICANN Ombudsman Herb Waye has started monitoring an ICANN mailing list after multiple complaints of disrespectful behavior.

Waye this week told participants in the Registration Data Services working group that he is to trawl through their list archives and proactively monitor the group following “multiple complaints regarding behavior that contravenes the ICANN Expected Standards of Behavior and possibly the Community Anti-Harassment Policy”.

The RDS working group is exploring the possibility of replacing the current Whois system, in which all data is completely open, with something “gated”, restricting access to authenticated individuals based on their role.

Law enforcement agencies, for example, may be able to get a greater level of access to personal contact information than schmucks like me and you.

Privacy advocates are in favor of giving registrants more control over their data, while anti-abuse researchers hate anything that will limit their ability to stop spam, phishing and the like.

It’s controversial stuff, and arguments on the RDS WG list have been been very heated recently, sometimes spilling over into ad hominem attacks.

The Expected Standards of Behavior requires all ICANN community members to treat each other with civility.

I haven’t seen anything especially egregious, but apparently the disrespect on display has been sufficiently upsetting that the Ombudsman has had to step in.

It’s the first time, that I’m aware of, that the ICANN Ombudsman has proactively monitored a list rather than simply responding to complaints.

Waye said that he plans to deliver his verdict before ICANN 59, which kicks off in a little over a week.