Latest news of the domain name industry

Recent Posts

The DNS’s former overseer now has its own domain name

Kevin Murphy, March 19, 2019, Domain Policy

The National Telecommunications and Information Administration, which for many years was the instrument of the US government’s oversight of the DNS root zone, has got its first proper domain name.

It’s been operating at ntia.doc.gov forever, but today announced that it’s upgrading to the second-level ntia.gov.

The agency said the switch “will make NTIA’s site consistent with most other Department of Commerce websites”.

Staff there will also get new ntia.gov email addresses, starting from today. Their old addresses will continue to forward.

NTIA was part of the DNS root management triumvirate, along with ICANN/IANA and Verisign, until the IANA transition in 2016.

The agency still has a contractual relationship with Verisign concerning the operation of .com.

UDRP complaints hit new high at WIPO

Kevin Murphy, March 19, 2019, Domain Policy

The World Intellectual Property Organization handled 3,447 UDRP cases in 2018, a new high for the 20-year-old anti-cybersquatting policy.

The filings represent an increase of over 12% compared to the 3,074 UDRP cases filed with WIPO in 2017. There were 3,036 cases in 2016

But the number of unique domains complained about decreased over the same period, from 6,370 in 2017 to 5,655 domains in 2018, WIPO said today.

The numbers cover only cases handled by WIPO, which is one of several UDRP providers. They may represent increases or decreases in cybersquatting, or simply WIPO’s market share fluctuating.

The numbers seem to indicate that the new policy of redacting Whois information due to GDPR, which came into effect mid-year, has had little impact on trademark owners’ ability to file UDRP claims.

UPDATE: This post was updated a few hours after publication to remove references to the respective shares of the UDRP caseload of .com compared to new gTLDs. WIPO appears to have published some wonky math, as OnlineDomain noticed.

Andruff escalates Disspain feud, asks ICANN to ban him from chair

Kevin Murphy, March 13, 2019, Domain Policy

Domain consultant and former registry boss Ron Andruff has asked ICANN’s board of directors to ban Chris Disspain from becoming chair at the end of the year.

Writing on CircleID today, Andruff’s anti-Disspain message is veiled, but only thinly.

While not naming Disspain directly, Andruff wrote: “I call on the Chair and ICANN Board to ensure that no candidate who may be standing under a cloud of any type be considered for the highest position and authority within ICANN.”

Current chair Cherine Chalaby is out in October, when his nine-year term on the board comes to its bylaws-mandated end.

Disspain, who is currently vice chair and has always struck me as an obvious choice for the top job, has another year left on his term.

The “cloud” Andruff believes Disspain is standing under relates to longstanding allegations of “financial irregularities” at Australian ccTLD registry auDA, during the period Disspain was CEO.

It’s known that an unpublished audit of auDA by PPB Advisory in 2016 makes claims about some sloppy financial management, but there have never been any published allegations of wrongdoing by Disspain himself.

Andruff has been fighting for years with the Australian Information Commissioner to get this report, and other documents he believes might cast Disspain in a bad light, released under Aussie freedom of information law.

He was initially rebuffed, in November 2017, but appealed. After much back-and-forth, he was told two weeks ago that the Department of Communications and the Arts’ refusal to hand over the documents was in part “incorrect”. The Department is due to respond to that finding tomorrow.

It’s not at all clear what information, if any, the Department is going to release.

Andruff also notes that there’s an “ongoing police investigation” into the same “irregularities”.

The only such investigation I’m aware of involved “several” former auDA directors being referred to Victoria Police by auDA’s new management last April. There were 48 former directors at the time, and the names of those referred were not released.

Andruff is known to have beef with Disspain, who he holds responsible for his being passed over for the job as chair of the Nominating Committee in 2015.

ICANN typically does not name its new chairs until much later in the year, so it’s quite possible this is a storm that will have blown over by the time the board comes to picking Chalaby’s replacement.

ICANN plays tough over Amazon dot-brands

Kevin Murphy, March 12, 2019, Domain Policy

ICANN has given Amazon and the governments of the Amazon Cooperation Treaty Organization less than a month to sort out their long-running dispute over the .amazon gTLD.

The organization’s board of directors voted on Sunday to give ACTO and the e-commerce leviathan until April 7 to get their shit together or risk not getting what they want.

But both parties are going to have to come to an agreement without ICANN’s help, with the board noting that it “does not think that any further facilitation efforts by ICANN org will be fruitful”.

Attempts by ICANN to meet with ACTO over the last several months have been agreed to and then cancelled by ACTO on at least two separate occasions.

The eight ACTO governments think the string “Amazon” more rightfully belongs to them, due to it being the English name for the rain forest region they share.

Amazon the company has promised to safeguard culturally sensitive terms in .amazon, to assist with future efforts to secure .amazonas or similar for the Amazonian peoples, and to donate services and devices to the nations concerned.

Now, the two parties are going to have to bilaterally decide whether this deal is enough, whether it should be sweetened or rejected outright.

If they can’t come to a deal by ICANN’s deadline (which could be extended if Amazon and ACTO both ask for more time), ICANN will base its decision on whether to approve .amazon based on how Amazon unilaterally proposes to address ACTO’s concerns.

While a rejection of the .amazon application is still on the table, my read is that this is a bigger win for Amazon than it is for ACTO.

Data beats Merdinger to head universal acceptance group

Kevin Murphy, March 12, 2019, Domain Policy

Email entrepreneur and internationalized domain name expert Ajay Data has been named as the new chair of the group that is struggling to promote the universal acceptance of top-level domains across the internet.

Data, who replaces Afilias COO Ram Mohan after a four-year term, beat GoDaddy’s VP of domains Rich Merdinger in a secret ballot of the Universal Acceptance Steering Group this week.

The number of votes each candidate received were not disclosed.

India-based Data is founder and CEO of Xgenplus, a developer of enterprise email servers with a focus on support for non-Latin scripts and internationalized domain names.

He’s been intimately involved in all things IDN for many years.

The UASG is an independent group, which receives funding from ICANN, dedicated to reaching out to software and web site developers to ensure their systems can support domain names in all scripts, including IDNs, as well as raise awareness of new gTLDs.

Trademark posse fails to block Whois privacy policy

Kevin Murphy, March 5, 2019, Domain Policy

The ICANN community’s move to enshrine Whois privacy into formal consensus policy is moving forward, despite votes to block it by intellectual property interests.

During a special meeting yesterday, the GNSO Council voted to approve a set of recommendations that would (probably) bring ICANN’s Whois policy into compliance with the General Data Protection Regulation.

But four councilors — Paul McGrady and Flip Petillion of the Intellectual Property Constituency and Marie Pattullo and Scott McCormick of the Business Constituency — voted against the compromise deal.

Their downvotes were not enough to block it from passing, however. It has now been opened for a month of public comments before being handed to the ICANN board of directors for final approval, whereupon it will become ICANN’s newest consensus policy and binding on all contracted parties.

McGrady, an lawyer with Winston Strawn, claimed that the Expedited Policy Development Process working group that came up with the recommendations failed to reach the level of consensus that it had claimed.

“The consensus call was broken,” he said, adding that the EPDP’s final report “reflects consensus where there really wasn’t any.”

The GNSO was due to vote 10 days ago, but deferred the vote at the request of the IPC and BC. McGrady said that both groups had tried to muster up support in their communities for a “yes” vote in the meantime, but “just couldn’t get there”.

Speaking for the BC from a prepared statement, Pattullo (who works for European brand protection group AIM) told the Council:

The report is a step backwards for BC members’ interests compared to the Temp Spec, especially as the legitimate purposes for collecting and processing data are insufficiently precise, and do not include consumer protection, cybercrime, DNS abuse and IP protection.

The Temp Spec is the Temporary Specification currently governing how registries and registrars collect and publish Whois data. It was created as an emergency measure by the ICANN board and is due to expire in May, where it will very probably be replaced by something based on the EPDP recommendations.

In response to the IPC/BC votes, Michele Neylon of the Registrars Constituency and Ayden Férdeline of the Non-Commercial Stakeholders Group read statements claiming that trademark interests had been given substantial concessions during the EPDP talks.

Neylon in particular had some harsh words for the holdout constituencies, accusing them of “bad faith” and pointing out that the EPDP spent thousands of hours discussing its recommendations.

“Our members would want any number of obligations this report contains to be removed, but despite the objections we voiced our support for the final product as a sign of compromise and support for the entire multistakeholder model,” he said.

“Given the objections of certain parts of the community it’s unclear how we can ask this group to carry on with the next phase of its work at the same pace,” he said. “Given the unwillingness of others to participate and negotiate in good faith, how can we ask our reps to spend hours compromising on this work when it’s clear others will simply wait until the last minute and withdraw their consent for hard-fought compromise.”

The EPDP had a hard deadline due to the imminent expiration of the Temp Spec, but that’s not true of its “phase two” work, which will explore possible ways trademark enforcers could get access to redacted private Whois data.

Unfortunately for the IP lobby, there’s a very good chance that this work is going to proceed at a much slower pace than phase one, which wrapped up in basically six months.

During yesterday’s Council call, both Neylon and NCSG rep Tatiana Tropina said that the dedication required of volunteers in phase one — four to five hours of teleconferences a week and intensive mailing list discussions — will not be sustainable over phase two.

They simply won’t be able to round up enough people with enough time to spare, they said.

Coincidentally, neither the registrars nor the non-coms have any strong desire to see a unified access solution developed any time soon, so a more leisurely pace suits them politically too.

It will be up to the EPDP working group, and whoever turns out to be its new chair, to figure out the timetable for the phase two work.

Phishing still on the decline, despite Whois privacy

Kevin Murphy, March 5, 2019, Domain Policy

The number of detected phishing attacks almost halved last year, despite the fact that new Whois privacy rules have made it cheaper for attackers to hide their identities.

There were 138,328 attacks in the fourth quarter of 2018, according to the Anti-Phishing Working Group, down from 151,014 in Q3, 233,040 in Q2, and 263,538 in Q1.

That’s a huge decline from the start of the year, which does not seem to have been slowed up by the introduction in May of the General Data Protection Regulation and ICANN’s Temp Spec, which together force the redaction of most personal data from public Whois records.

The findings could be used by privacy advocates to demonstrate that Whois redaction has not lead to an increase in cybercrime, as their opponents had predicted.

But the data may be slightly misleading.

APWG notes that it can only count the attacks it can find, and that phishers are becoming increasingly sophisticated in how they attempt to avoid detection. The group said in a press release:

There is growing concern that the decline may be due to under-detection. The detection and documentation of some phishing URLs has been complicated by phishers obfuscating phishing URLs with techniques such as Web-spider deflection schemes – and by employing multiple redirects in spam-based phishing campaigns, which take users (and automated detectors) from an email lure through multiple URLs on multiple domains before depositing the potential victim at the actual phishing site.

It also speculates that criminals once involved in phishing may have moved on to “more specialized and lucrative forms of e-crime”.

The Q4 report (pdf) also breaks down phishing attacks by TLD, though comparisons here are difficult because APWG doesn’t always release this data.

The group found .com to still have the most phishing domains — 2,098 of the 4,485 unique domains used in attacks, or about 47%. According to Verisign’s own data, .com only has 40% market share of total registered domains.

But new, 2012-round gTLDs had phishing levels below their market share — 4.95% of phishing on a 6.83% share. This is actually up compared to the 3% recorded by APWG in Q3 2017, the most recent available data I could find.

Only two of the top 20 most-abused TLDs were new gTLDs — .xyz and .online, which had just 70 attack domains between them. That’s good news for .xyz, which in its early days saw 10 times as much phishing abuse.

After .com, the most-abused TLD was .pw, the ccTLD for Palau run by Radix as an unrestricted pseudo-gTLD. It had 374 attack domains in Q4, APWG said.

Other ccTLDs with relatively high numbers included several African zones run as freebies by Freenom, as well as the United Kingdom’s .uk and Brazil’s .br.

Phishing is only one form of cybercrime, of course, and ICANN’s own data shows that when you take into account spam, new gTLDs are actually hugely over-represented.

According to ICANN’s inaugural Domain Abuse Activity Reporting report (pdf), which covers January, over half of cybercrime domains are in the new gTLDs.

That’s almost entirely due to spam. One in 10 of the threats ICANN analyzed were spam, as identified by the likes of SpamHaus and SURBL. DAAR does not include ccTLD data.

The takeaway here appears to be that spammers love new gTLDs, but phishers are far less keen.

ICANN did not break down which gTLDs were the biggest offenders, but it did say that 52% of threats found in new gTLDs were found in just 10 new gTLDs.

This reluctance to name and shame the worst offenders prompted one APWG director, former ICANN senior security technologist Dave Piscitello, to harshly criticize his former employer in a personal blog post last month.

Registrars given six months to deploy Whois killer

Kevin Murphy, March 1, 2019, Domain Policy

ICANN has started the clock ticking on the mandatory industry-wide deployment of RDAP.

gTLD registries and registrars have until August 26 this year to roll out RDAP services, which will one day replace the age-old Whois spec, ICANN said this week.

Registration Data Access Protocol fulfills the same function as Whois, but it’s got better support for internationalization and, importantly given imminent work on Whois privacy, tiered access to data.

ICANN’s RDAP profile was created in conjunction with contracted parties and public comments. The registries and registrars knew it was coming and told ICANN this week that they’re happy for the 180-day implementation deadline to come into effect.

The profile basically specs out what registrars and registries have to show in their responses to Whois (or RDAP, if you’re being pedantic) queries.

It’s based on the current Temporary Specification for Whois, and will presumably have to be updated around May this year, when it is expected that the Temp Spec will be replaced by the spec created by the Whois EPDP.

ICANN pushes IANA under Conrad

Kevin Murphy, February 27, 2019, Domain Policy

ICANN chief technology officer David Conrad is now “overseeing” the IANA part of the organization, ICANN has announced.

It doesn’t appear to be a promotion or change of job titles as much as a reporting structure adjustment made in the wake of a change of management at the Global Domains Division.

Kim Davies is still vice president of IANA, and president of Public Technical Identifiers, as IANA is often referred to nowadays.

Previously, Davies reported to the president of GDD, now he’s reporting to Conrad.

After Akram Atallah left GDD to run Donuts, Conrad and Atallah’s eventual permanent replacement, Cyrus Namazi, split his duties on an interim basis.

It appears that the announcement of Conrad’s new duties merely formalizes that arrangement.

It makes a lot more sense to have the largely technical IANA functions under the jurisdiction of the CTO, rather than the gTLD-centric Global Domains Division, if you ask me.

UN ruling may put .io domains at risk

Kevin Murphy, February 25, 2019, Domain Policy

The future of .io domains may have been cast into doubt, following a ruling from the UN’s highest court.

The International Court of Justice this afternoon ruled (pdf) by a 13-1 majority that “the United Kingdom is under an obligation to bring to an end its administration of the Chagos Archipelago as rapidly as possible”.

The Chagos Archipelago is a cluster of islands that the UK calls the British Indian Ocean Territory.

It was originally part of Mauritius, but was retained by the UK shortly before Mauritius gained independence in 1968, so a strategic US military base could be built on Diego Garcia, one of the islands.

The native Chagossians were all forcibly relocated to Mauritius and the Seychelles over the next several years. Today, most everyone who lives there are British or American military.

But the ICJ ruled today, after decades of Mauritian outrage, that “the process of decolonization of Mauritius was not lawfully completed when that country acceded to independence in 1968, following the separation of the Chagos Archipelago”.

So BIOT, if the UK government follows the ruling, may cease to exist in the not-too-distant future.

BIOT’s ccTLD is .io, which has become popular with tech startups over the last few years and has over 270,000 domains.

It’s run by London-based Internet Computer Bureau Ltd, which Afilias bought for $70 million almost two years ago.

Could it soon become a ccTLD without a territory, leaving it open to retirement and removal from the DNS root?

It’s not impossible, but I’ll freely admit that I’m getting into heavy, early speculation here.

There are a lot of moving parts to consider, and at time of writing the UK government has not even stated how it will respond to the non-binding ICJ ruling.

Should the UK abide by the ruling and wind down BIOT, its IO reservation on the ISO 3166-1 alpha-2 list could then be removed by the International Standards Organisation.

That would mean .io no longer fits the ICANN criteria for being a ccTLD, leaving it subject to forced retirement.

Retired TLDs are removed from the DNS root, meaning all the second-level domains under them stop working, obviously.

It’s not entirely clear how this would happen. ICANN’s Country Code Names Supporting Organization has not finished work on its policy for the retirement of ccTLDs.

TLDs are certainly not retired overnight, without the chance of an orderly winding-down.

Judging by the current state of ccNSO discussions, it appears that ccTLDs could in future be retired with or without the consent of their registry, with a five-to-10-year clock starting from the string’s removal from the ISO 3166-1 list.

Under existing ICANN procedures, I’m aware of at least two ccTLDs that have been retired in recent years.

Timor-Leste was given .tl a few years after it rebranded from Portuguese Timor, and .tp was removed from the DNS a decade later. It took five years for .an to be retired after the Netherlands Antilles’ split into several distinct territories in 2010.

But there are also weird hangers-on, such as the Soviet Union’s .su, which has an “exceptional reservation” on the ISO list and is still active (and inexplicably popular) as a ccTLD.

As I say, I’m in heavy speculative territory when it comes to .io, but it strikes me that not many registrants will consider when buying their names that the territory their TLD represents may one day simple poof out of existence at the stroke of a pen.

Afilias declined to comment for this article.