Latest news of the domain name industry

Recent Posts

What split? TLD webinar series folded into the DNA

Kevin Murphy, July 21, 2015, Domain Services

A TLD operators’ webinar series initially cast as a community group has been folded in to the Domain Name Association.

The DNA has announced the creation of the DNA University, which promises to pick up where the TLD Operators Webinar left off.

Tony Kirsch of ARI Registry Services has been appointed inaugural “Dean” of the University.

The first webinar will be entitled “Premium Domain Name Planning” and will be held July 28 at 1500 UTC.

Future webinars, which are open to all registries, registrars and new gTLD applicants, will address subjects including IDNs, rights protection, contractual compliance, and many more.

The TLD Operators Webinar was originally called the TLD Operators Community and characterized as a new industry group, which led to gossip about a split within the DNA.

The program was hurriedly re-branded and re-domained to clarify that it was more, as ARI CEO Adrian Kinderis put it, “a one off effort by our consultancy team to get everyone together for a chat.”

Now it’s just a service under the DNA umbrella.

New DNA social media site highlights “in the wild” domains

Kevin Murphy, June 18, 2015, Domain Services

The Domain Name Association has launched a new web site to show off domains, primarily new gTLD names, that have been spotted “in the wild”.

InTheWild.domains points to a Tumblr blog where members and others can share, for example, photos of billboards or promotional videos that prominently feature new domains.

“Tumblr offers the DNA a very efficient and flexible platform that will help the DNA social media team and you find and post more domains, rather on non-productive management tasks,” the DNA told members.

The site currently has a few dozen posts, such as a WePark.nyc billboard and a VSquared.rocks red carpet video.

Most listed domains are in 2012-round new gTLDs, but there’s a .info, a .us and a .co in there too. I don’t see any .com names.

The submission process appears to be open to everyone, but submissions are moderated by the DNA’s social media people.

ICANN fingers perps in new gTLD breach

Kevin Murphy, May 28, 2015, Domain Services

A small number of new gTLD registries and/or applicants deliberately exploited ICANN’s new gTLD portal to obtain information on competitors.

That’s my take on ICANN’s latest update about the exploitation of an error in its portal that laid confidential financial and technical data bare for two years.

ICANN said last night:

Based on the information that ICANN has collected to date our investigation leads us to believe that over 60 searches, resulting in the unauthorized access of more than 200 records, were conducted using a limited set of user credentials.

The remaining user credentials, representing the majority of users who viewed data, were either used to:

Access information pertaining to another user through mere inadvertence and the users do not appear to have acted intentionally to obtain such information. Access information pertaining to another user through mere inadvertence and the users do not appear to have acted intentionally to obtain such information. These users have all confirmed that they either did not use or were not aware of having access to the information. Also, they have all confirmed that they will not use any such information for any purpose or convey it to any third party; or

Access information of an organization with which they were affiliated. At the time of the access, they may not have been designated by that organization as an authorized user to access the information.

We can infer from this that the 60 searches, exposing 200 records, were carried out deliberately.

I asked ICANN to put a number on “limited set of user credentials” but it declined.

The breach resulted from a misconfiguration in the portal that allowed new gTLD applicants to view attachments to applications that were not their own.

ICANN knows who exploited the bug — inadvertently or otherwise — and it has told the companies whose data was exposed, but it’s not yet public.

The information may come out in future, as ICANN says the investigation is not yet over.

Was your data exposed? Do you know who accessed it? You know what to do.

Get NamesCon 2016 tickets at 80% off

Kevin Murphy, February 23, 2015, Domain Services

After its well-received 2015 show in Las Vegas last month, NamesCon has confirmed a third annual domain name conference for 2016 and is offering deeply discounted tickets for “super early birds” until the end of the month.

Until February 28, conference passes can be bought for $199. That’s an 80% discount on the regular $999 fee. No other early-bird discounts have yet been announced, but NamesCon says this is the “lowest” price the tickets are going to get.

As the event is targeted largely at domainers, NamesCon notes that tickets are non-transferable. Touts are not welcome, in other words.

The show will run from January 10 to 13 next year, in Las Vegas. The venue will be the reasonably priced Tropicana hotel for the third year in a row.

Conference producer Richard Lau said that the 2016 show will have a new sponsorship opportunity in the form of a “Meetery” on the first day.

With space for about 30 companies on small tables, the six-hour window will be “ideal for companies who do not want to man a booth for the entire conference but still want to be able to meet with all of the attendees,” Lau said.

NamesCon is also expanding the number of small tables available for sponsors that want to exhibit for the whole four days from six to 15 to 20, he said.

Tickets can be obtained through the NamesCon web site.

A quarter of registrar’s names are “illicit pharmacies”

Kevin Murphy, January 16, 2015, Domain Services

One in four of the domain names registered with the registrar NetLynx are linked to current, past or potential future rogue drug sites, according to online pharmacy monitor LegitScript.

The Mumbai-based registrar was hit with a breach notice by ICANN Compliance last week, over an alleged failure to investigate an abuse complaint about a single customer domain, tnawsol24h.com.

NetLynx did not adequately respond to ICANN’s calls from November 26 to January 5, according to the notice (pdf).

While ICANN did not identify the source or nature of the complaint, according to LegitScript it was filed by the UK Medicines and Healthcare products Regulatory Agency and it claimed that the domain was being used as a “rogue internet pharmacy”.

LegitScript did some research into NetLynx’s domains under management and now claims that it is not an isolated case.

Company president John Horton blogged:

at least a quarter of the registrar’s business is dependent on rogue Internet pharmacy registrations, with roughly 3,000 of the 12,000 domain names under the registrar’s portfolio taggable as current, past or “holding sites” for illicit online pharmacies.

Horton clarified for DI that the 3,000 number is extrapolated from the fact that LegitScript managed to categorize 1,820 out of the 7,000 NetLynx domains it could find as problematic.

Of those, 820 were “online and active” rogue pharmacies, he said. He gave canadian-drug-pharmacy.com, pills-delivery.net and pillsforlife.net as examples.

Another 780 were hosting rogue pharmacies in the past but have since been shut down, he said.

Finally, LegitScript categorized 220 as “meeting known patterns” for “holding sites” where illicit pharmacies may be launched in future. Horton said:

many of the spam pharma organizations use “holding domain names” (not all are online at any one time), so if the website was NOT currently online, we looked to a variety of data — known domain name patterns, screenshots, known rogue name servers, known rogue IP addresses, etc. — to determine the likelihood that a domain name is likely to be a rogue Internet pharmacy, and gave NetLynx the benefit of the doubt if there was any lack of certainty

LegitScript classifies online pharmacies as “rogue” if they offer to ship medicines without a prescription to people in jurisdictions where prescriptions are required.

Horton is now calling for ICANN to look into terminating NetLynx’s accreditation.