Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
Blacknight dumps .ie from free domain program, replaces it with .co
Blacknight Solutions has dropped its local ccTLD, .ie, from the free domain name program it offers in partnership with Google to Irish small businesses.
It’s being replaced with .co, the repurposed Colombian ccTLD, which has been getting an indecent amount of traction in regional projects targeting small business recently.
“Unfortunately, while we may be the market leader for .IE, we feel that the restrictions on the domain impose too many restraints to benefit program participants,” Blacknight CEO Michele Neylon said.
Supporting the highly restrictive ccTLD was imposing too many costs and headaches, Neylon said. The company will continue to sell the domains, just not through the program.
Blacknight, Google and the Irish postal service have been offering companies a free year domain registration and hosting under the banner of Getting Business Online for over a year.
In May, Blacknight reported that in the first year only about 21% of companies participating in the program chose .ie.
The .co domain is of course unrestricted.
It’s another regional win for .CO Internet, which markets .co as the TLD of choice for startups.
Just last week .CO Internet announced that Startup Britain, a private-sector entrepreneurial campaign backed by the UK government, had switched from a .org to a .co.
Identity checks coming to Whois
Pretty soon, if you want to register a domain name in a gTLD you’ll have to verify your email address and/or phone number or risk having your domain turned off.
That’s the latest to come out of talks between registrars, ICANN, governments and law enforcement agencies, which met last week in Washington DC to thrash out a new Registrar Accreditation Agreement.
While a new draft RAA has not yet been published, ICANN has reported some significant breakthroughs since the Prague meeting in June.
Notably, the registrars have agreed for the first time to do some minimal registrant identity checks — phone number and/or email address — at the point of registration.
Verification of mailing addresses and other data points — feared by registrars for massively adding to the cost of registrations — appears to be no longer under discussion.
The registrars have also managed to win another concession: newly registered domain names will be able to go live before identities have been verified, rather than only after.
The sticking point is in the “and/or”. Registrars think they should be able to choose which check to carry out, while ICANN and law enforcement negotiators think they should do both.
According to a memo released for discussion by ICANN last night:
It is our current understanding that law enforcement representatives are willing to accept post-‐resolution verification of registrant Whois data, with a requirement to suspend the registration if verification is not successful within a specified time period. However, law enforcement recommends that if registrant Whois data is verified after the domain name resolves (as opposed to before), two points of data (a phone number and an email address) should be verified.
Among the other big changes is an agreement by registrars to an ICANN-run Whois privacy service accreditation system. Work is already underway on an accreditation framework.
After it launches, registrars will only be able to accept private registrations made via accredited privacy and proxy services.
Registrars have also agreed to some of law enforcement’s data retention demands, which has been a bone of contention due to worries about varying national privacy laws.
Under the new RAA, they would keep some registrant transaction data for six months after a domain is registered and other data for two years. It’s not yet clear which data falls into which category.
These and other issues outlined in ICANN’s latest update are expected to be talking points in Toronto next month.
It looks like a lot of progress has been made since Prague — no doubt helped by the fact that law enforcement has actually been at the table — and I’d be surprised if we don’t see a draft RAA by Beijing next April.
How long it takes to be adopted ICANN’s hundreds of accredited registrars is another matter.
Whacky lawsuit targets ICANN, eNom, CentralNic, NetSol, Verisign
ICANN and several domain name companies have been slapped with a bizarre, virtually incomprehensible anti-cybersquattng lawsuit in Virginia.
Canadian Graham Schreiber, registrant of landcruise.com, has beef primarily with CentralNic — the UK-based company that sells third-levels domains under us.com, uk.com and the like — and one of its customers.
As far as I can tell, the complainant, who’s representing himself pro se, has issues with CentralNic’s entire business model. Here’s his complaint (pdf).
He discovered that a British individual named Lorraine Dunabin — who has a UK trademark on the word Landcruise — had registered both landcruise.co.uk and landcruise.uk.com.
Having failed to take the .co.uk using Nominet’s Dispute Resolution Service (repeatedly referred to in the complaint as UDRP), Schreiber has instead filed this lawsuit to accuse Dunabin of “Dilution, Infringement [and] Passing off” by registering the .uk.com.
CentralNic is named because it owns .uk.com and various other geographic pseudo-gTLDs, which Schreiber says “dilute the integrity of .com” and amount to a “shakedown”.
Verisign is named as a contributory infringer because it runs .com. Network Solutions and eNom are named because they manage uk.com and landcruise.uk.com respectively as registrars.
ICANN is named because… I don’t know. I think it’s because all of the other companies are ICANN contractors.
ICANN, which has a web page for the litigation here, has already filed a motion to dismiss (pdf).
Schreiber is seeking monetary damages from all of the defendants, most of which he wants donated to the Rotary Club.
Go Daddy customers to get compensation?
Go Daddy plans to offer customers affected by its downtime yesterday a “good faith gesture” in the coming days.
A blog post from interim CEO Scott Wagner tonight closely mirrors the statement the company issued earlier today, but with a few additions:
We have let our customers down and we know it. I cannot express how sorry I am to those of you who were inconvenienced. We will learn from this.
I’d like to express my profound gratitude to all our customers. We are thankful for your straightforward feedback and the confidence you have shown in us.
In appreciation, we will reach out to affected customers in the coming days with a good faith gesture that acknowledges the disruption. We are grateful for your continued loyalty and support.
The post does not specify the nature of the gesture.
Some customers will have lost money as a result of the downtime, which lasted about up to six hours, but there will be many more who won’t have even noticed they were affected.
Breaking: Go Daddy was not attacked
Go Daddy’s outage last night was caused by an internal cock-up and not an attack.
The official line is that the downtime, which many reports had attributed to an Anonymous attack, was actually caused by “a series of internal network events that corrupted router data tables”.
The company, whose customers suffered from four to six hours of downtime yesterday, just issued the following statement:
Go Daddy Site Outage Investigation Completed
Yesterday, GoDaddy.com and many of our customers experienced intermittent service outages starting shortly after 10 a.m. PDT. Service was fully restored by 4 p.m. PDT.
The service outage was not caused by external influences. It was not a “hack” and it was not a denial of service attack (DDoS). We have determined the service outage was due to a series of internal network events that corrupted router data tables. Once the issues were identified, we took corrective actions to restore services for our customers and GoDaddy.com. We have implemented measures to prevent this from occurring again.
At no time was any customer data at risk or were any of our systems compromised.
Throughout our history, we have provided 99.999% uptime in our DNS infrastructure. This is the level our customers expect from us and the level we expect of ourselves. We have let our customers down and we know it.
We take our business and our customers’ businesses very seriously. We apologize to our customers for these events and thank them for their patience.
– Scott Wagner
Go Daddy Interim CEO
I reported earlier today that the incident bore many of the hallmarks of a DDoS attack, but that’s clearly now proven to be incorrect.
What the hell happened to Go Daddy last night?
Thousands — possibly millions — of Go Daddy customers suffered a four-hour outage last night, during a suspected distributed denial of service attack.
The company has not yet revealed the cause of the downtime, which started at 1725 UTC last night, but it bears many of the signs of DDoS against the company’s DNS servers.
During the incident, godaddy.com was inaccessible. DI hosts with Go Daddy; domainincite.com and secureserver.net, the domain Go Daddy uses to provide its email services, were both down.
The company issued the following statement:
At 10:25 am PT, GoDaddy.com and associated customer services experienced intermittent outages. Services began to be restored for the bulk of affected customers at 2:43 pm PT. At no time was any sensitive customer information, such as credit card data, passwords or names and addresses, compromised. We will provide an additional update within the next 24 hours. We want to thank our customers for their patience and support.
Several Go Daddy sites I checked remained accessible from some parts of the world initially, only to disappear later.
Others reported that they were able to load their Go Daddy webmail, but that no new emails were getting through.
This all points to a problem with Go Daddy’s DNS, rather than with its hosting infrastructure. People able to view affected sites were likely using cached copies of DNS records.
Close to 34 million domains use domaincontrol.com, Go Daddy’s primary name server, for their DNS. The company says it has over 10 million customers.
Reportedly, Go Daddy started using Verisign’s DNS for its home page during the event, which would also point to a DNS-based attack.
The outage was so widespread that the words “GoDaddy” and “DNS” quickly became trending topics on Twitter.
The web site downforeveryoneorjustme.com, which does not use Go Daddy, also went down as thousands of people rushed to check whether their web sites were affected.
Some outlets reported that Anonymous, the hacker group, had claimed credit for the attack via an anonymous (small a) Twitter account.
Companies the size of Go Daddy experience DDoS attacks on a daily basis, and they build their infrastructure with sufficient safeguards and redundancies to handle the extra traffic.
This leads me to believe that either yesterday’s attack was either especially enormous, or that somebody screwed up.
The fact that the company has not yet confirmed that external malicious forces were at work is worrying.
Either way it’s embarrassing for Go Daddy, which is applying for three new gTLDs which it plans to self-host.
Several reports have already speculated that the attack could be revenge for one or more of Go Daddy’s recent PR screw-ups.
The company has promised an update later today.
Key-Systems adds parking API to RRPproxy
Top-ten registrar KeyDrive has delivered on a major piece of integration work following the merger of Key-Systems and NameDrive last year.
Key-Systems today announced that its RRPproxy reseller platform now has API commands that enable its resellers — and in turn their registrants — to easily park domains with NameDrive.
The new commands allow entire domain portfolios to be parked in bulk, according to the company.
Key-Systems and NameDrive formed KeyDrive in July 2011. The company also acquired Moniker and SnapNames earlier this year.
Delinquent top 20 registrar not delinquent after all
China’s largest domain name registrar isn’t shirking its ICANN fees, despite previous allegations to the contrary.
Xin Net, which has over 1.6 million gTLD domains under management, received a breach notice from ICANN last month which stated that the company was $2,000 in arrears with its payments.
The company was given until August 22 to correct the problem or risk losing its accreditation.
But in a subsequent compliance notice ICANN admitted that “due to an error the registrar’s account reflected a delinquent balance”.
The admission was buried deep in the notice and not immediately obvious to anyone browsing ICANN’s compliance pages.
The original notice also alleged a breach of the Inter-Registrar Transfer Policy with respect to the domain names rongzhu.net, qsns.net and zuixincn.com, which was not an error.
ICANN posts breach notices to its web site fairly regularly — 84 of them since mid-2008 — and more often than not they allege failure to pay fees in addition to other problems.
Go Daddy: 6% chance somebody else wants that available reg-fee domain too
If you’ve found an available, unregistered domain name, there’s at least a 6% chance that somebody else has also found it that very same day, according to Go Daddy.
More than 6% customer searches for available domain names are performed by more than one person each day, head of product development Richard Merdinger said in a blog post.
According to Merdinger, due to the sheer volume of searches, “more than six percent of customer searches for available domain names are performed by more than one person each day.”
The post, which was written in response to a single highly questionable allegation of “front-running”, added:
This overlap in domain name requests happens every day. As unique as customers believe their domain name ideas are, there’s more “innovation collision” than many people realize. With so many domain name registrations happening every day, there is a good probability a domain name you searched for is also being searched by someone else.
He also publishes some anonymized log data to prove his point.
There are tens of millions of domain searches on Go Daddy every day, apparently.
Go Daddy opens Indian call center — a portent?
Let’s hope this isn’t the beginning of the end for Go Daddy.
When newly installed CEO Warren Adelman abruptly quit and took a back-seat advisory role at the company last week, my gut reaction was that all is not well at Go Daddy.
CEOs of companies with new owners don’t just up and quit eight months into the job unless there are performance problems or substantial disagreements about management style, in my view.
Adelman was replaced on an interim basis by Scott Wagner of Go Daddy’s main investor, the private equity firm Kohlberg Kravis Roberts & Co.
The news a couple of days later that KKR had appointed a new exec to oversee Go Daddy in India also caught my attention.
I was half tempted to write a post there and then speculating that Go Daddy was about to shift its flagship customer service operations — currently based in the US — to India.
While that news hasn’t arrived yet, the company has today confirmed that it has opened a call center in Hyderabad.
Today, the new facility appears to be limited to supporting Indian customers, according to a press release:
A team of local agents, who speak local languages, are now providing Go Daddy’s brand of award-winning customer service to Indian customers. Since opening a little more than one month ago, agents have taken more than 10,000 calls, mostly from entrepreneurs and business owners. To date, Go Daddy India now supports more than 120,000 customers.
But for how long will this be true?
Private equity firms exist to buy companies, make them more profitable, and flip them for a return on their investment. That usually means cutting costs in unpopular ways.
With the new owners in charge, I have to wonder if Go Daddy’s excellent US-based call centers — a constant source of bragging rights in the Bob Parsons era — are at risk.
It’s a lot more expensive to hire wage-slaves in Arizona than India.
I expect that decision will come down to whether Go Daddy starts to view its American call centers as a cost center, rather than a profit center, and whether it thinks it can ship the function overseas without sacrificing quality and alienating its US and other English-speaking customers.
Shipping jobs to cheaper climes might look like a no-brainer on paper, but there’s ample opportunity for #fail in this case.
If, of course, it ever happens. This article is pure speculation.
Recent Comments