Whois disclosure system coming this year?

ICANN has approved the creation of a Whois Disclosure System, almost six years after Europe’s GDPR rules tore up the rule book on Whois access.

The system is likely to face a name change before going live, due to the fact that it does not guarantee, nor process, the disclosure of private Whois data.

The board of directors passed a resolution February 27, a month later than expected, “to develop and launch the WHOIS Disclosure System (System) as requested by the GNSO Council within 11 months from the date of this resolution.”

That’s two months longer than earlier anticipated, but we’re still looking potentially at a live system that people can sign up for and use a year from now.

The system is expected to be based on the Centralized Zone Data Service that many of us have been using to request and download gTLD zone files for the last decade. While not perfect, CZDS gets the job done and has improved over the years.

The technology will be adapted to create what essentially amounts to a ticketing system, allowing the likes of IP lawyers to request unredacted Whois records. The requests would then be forwarded to the relevant registrar.

It’s an incredibly trimmed-down version of what Whois users had been asking for. Participation is voluntary on both sides of the transaction, and registrars are under no new obligations to approve requests.

If nobody uses the system, it could be turned off. ICANN Org has only been directed to run it for “for up to two years”. ICANN will collect and publish usage data to figure out whether it’s worth the quite substantial number of hours and dollars that have already gone into its development.

The actual cost of development and operation had been pegged at $3.3 million, but the board’s resolution states that most of the cost will be existing staff and excess costs will come from the Supplemental Fund for Implementation of Community Recommendations (SFICR).

ICANN puts blockchain on the agenda for good

ICANN’s board of directors is apparently worried about the rise of blockchain-based alt-roots.

Its Board Technical Committee voted in May to make blockchain a permanent agenda item going forward, according to just-published minutes.

“After discussion, the Committee decided to have a standing topic on the agenda to address Blockchain Names,” the minutes read.

The minutes don’t record the content of the discussion, but the alt-root topic has been addressed at every one of the committee’s meetings since last July and resulted in the CTO’s office putting together a briefing paper I blogged about last month.

Blockchain alt-roots include the likes of ENS, Handshake and Unstoppable. They are likely to present legal challenges and interoperability problems when ICANN finally opens up the next round of new gTLDs in a couple years.

Unstoppable targets another city gTLD with free domains

Alt-root provider Unstoppable Domains has inked another partnership with a city that already has its own gTLD in the authoritative root.

The blockchain domains company said it has linked up with the City of Miami’s Venture Miami project, which encourages tech investment in Miami, to offer $50 in Unstoppable’s alternative domains to anyone attending Miami Dade College or showing up at an event there over the weekend.

For nine out of 10 of Unstoppable’s extensions, that’s enough to buy at least one domain. The company does not charge renewal fees.

It’s the second city recently that Unstoppable has partnered with, following its offer of free domains to all female residents of Abu Dhabi a couple of weeks ago.

In both of these cases, the cities in question already have their own gTLD in the authoritative, functioning, ICANN root. Unstoppable’s extensions, which are largely themed around crytopcurrency, mostly do not function without browser plug-ins.

While .abudhabi has only about a thousand registered domains, .miami, which was acquired from MMX by GoDaddy last year and has the city as a partner, has been more popular, with close to 16,000 names in its zone file currently.

Whether this can be dismissed as more “web3” hype or alt-root snake oil or not, Unstoppable seems to have secured a couple of pretty interesting marketing coups, and it will be interesting to see which city gets targeted next.

NetBeacon goes live for DNS abuse reporting

The DNS Abuse Institute has gone live with its new clearinghouse for DNS abuse reports, NetBeacon.

The service allows anyone to report any domain for four types of abuse — malware, phishing, botnets and spam — and any registry or registrar can sign up to receive the reports in a normalized feed via email or API.

The idea is to make it easier for domain companies to act on reports of abusive customers, as DNSAI director Graeme Bunton told us a few months ago.

NetBeacon is free for both reporters and registrars and is being funded by .org manager Public Interest Registry.

Some of the technology underpinning the service is being provided by CleanDNS.

Crypto domains: a feminist issue?

Unstoppable Domains has found a novel way to market its alt-root domains service — give away hundreds of thousands of free domains to female entrepreneurs and women in general.

In two separate announcements over the last few days, partners committed to give away well over a million domains, part of Unstoppable’s push to persuade women that alt-roots and “Web3” are good ideas.

First, Access Abu Dhabi, a project of the Abu Dhabi Investment Office, said it will give a domain for free to “all women residing in the UAE capital”, which is believed to be about one million people.

Abu Dhabi is an overwhelmingly immigrant and overwhelmingly male city. Men are believed to outnumber women 2:1 in the UAE, a nation where until this year women could be jailed or flogged for the crime of extramarital sex.

It’s also one of a handful of cities in the world to have its own gTLDs in the authoritative root — .abudhabi and the Arabic-script equivalent — but while fees are not too high (about $40) registration restrictions are pretty strict, requiring among other things a passport scan.

The announcement by Access Abu Dhabi was made in conjunction with Unstoppable Women of Web3, an Unstoppable spin-off project set up a few months ago to pitch alt-root crypto domains to women.

Unstoppable Women is also behind a separate announcement from The Female Quotient, an equality services company, which is promising to give away up to 600,000 domains to women at its “Equality Lounge” events at various tech conferences over the coming months.

Unstoppable’s alt-root TLDs include .x, .crypto, .bitcoin, .coin and .wallet. Prices usually range from $20 to $100, but there are no renewal fees.

Female entrepreneurs obtaining these domains will quickly realize that they don’t work for the vast majority of internet users and are probably not a sound foundation for building a business.

Blockchain domains pose “significant risks” to internet, says ICANN

The internet could be fragmented and made less secure by the proliferation of blockchain-based naming systems, according to a recent position statement from ICANN’s chief technology officer.

The report, “Challenges with Alternative Name Systems” (pdf) worries aloud about systems such as Namecoin, Ethereum Naming Service, Unstoppable Domains, and Handshake.

It says: “the creation of new namespaces without any coordination (either among themselves nor with the DNS) will necessarily lead to name collisions, unexpected behaviors, and user frustration.”

“The end result might very well be completely separate ecosystems, one for each naming system, further fragmenting the Internet,” it concludes.

It’s a pretty brisk, high-level, 15-page summary of the various alt-root naming systems grouped around the “Web3” meme that have been gaining various levels of popularity over the last few years.

It doesn’t drill too far down into any of them and doesn’t really say much that we haven’t heard from ICANN before about blockchain naming, but it does broadly cover what’s out there, how these systems are used, and why they pose risks.

Opposition to alt-roots is an almost foundational principle of ICANN, documented in ICP-3, a 21-year-old document that dates from a time when alt-roots used standard DNS but with different root servers.

ICANN has in the last year pushed back against the newer blockchain-based alts, most prominently by delaying the sale of some gTLD contracts and forcing registry’s to renounce their ownership rights to gTLD strings.

One new addition to the debate that caught my eye was OCTO noting that a lack of coordination between the various alt-roots in operation today presents similar kinds of interoperability risks as does the lack of coordination between the alts and the authoritative root.

It notes that “at least four blockchain-based naming systems are competing today” and as a result “when developing an application, one must decide which blockchain-based naming system to use.”

“As there is no namespace coordination mechanism between those alternative naming systems, name collisions must be expected,” it says.

UPDATE: This story was updated at 2232 UTC to change the headline from “Blockchain poses ‘significant risks’ to internet, says ICANN” to “Blockchain domains pose ‘significant risks’ to internet, says ICANN”

ICANN reports shocking increase in pandemic scams

The number of gTLD domains being used for malware and phishing related to the Covid-19 pandemic has increased markedly in the last eight months, according to data released by ICANN this week.

The Org revealed that since it started tracking this kind of thing in May 2020 it has flagged 23,452 domains as “potentially active and malicious”.

The data is collected by checking zone files against a list of 579 keywords and running the results through third-party abuse blocklists. Blocked domains are referred to the corresponding registrars for action.

I’m not sure you could technically call these “takedown requests”, but there’s a pretty strong implication that registrars should do the right thing when they receive such a report.

The 23,452 notices is a sharp rise from both the 12,860 potentially abusive flagged names and 3,791 “high confidence” reports ICANN has previously said it found from the start of the project until August 2021.

It’s not clear whether the rise is primarily due to an increase in abusive practices or ICANN’s improved ability to detect scams as it adds additional keywords to its watch-list.

ICANN said in March that it is now also tracking keywords related to the Russian invasion of Ukraine.

It’s also asking organizations in frequently targeted sectors to supply keyword suggestions for languages or scripts that might be under-represented.

The data was processed by ICANN’s Domain Name Security Threat Information Collection and Reporting (DNSTICR or “DNS Ticker”), which Org management previously discussed at ICANN 73.

DNSSEC claims another victim as entire TLD disappears

A country’s top-level domain disappeared from the internet for many people yesterday, apparently due to a DNSSEC key rollover gone wrong.

All domains in Fiji’s ccTLD, .fj, stopped resolving for anyone behind a strict DNSSEC resolver in the early hours of the morning UTC, afternoon local time, and stayed down for over 12 hours.

Some domains may still be affected due to caching, according to the registry and others.

The University of the South Pacific, which runs the domain, said that it had to contact ICANN’s IANA people to get the problem fixed, which took a while because it had to wait for IANA’s US-based support desk to wake up.

IANA head Kim Davies said that in fact its support runs 24/7 and in this case IANA took Fiji’s call at 2.47am local time.

Analyses on mailing lists and by Cloudflare immediately pointed to a misconfiguration in the country’s DNSSEC.

It seems Fiji rolled one of its keys for the first time and messed it up, meaning its zone was signed with a non-existent key.

Resolvers that implement DNSSEC strictly view such misconfigurations as a potential attack and nix the entire affected zone.

It happens surprisingly often, though not usually at the TLD level. That said, a similar problem hit thousands of Sweden’s .se domains, despite the registry having a decade’s more DNSSEC experience than Fiji, last month.

Domain Incite had a similar problem recently when its registrar carried on publishing DNSSEC information for the domain long after I’d stopped paying for it.

UPDATE: This post was updated with comment from IANA.

Thousands of domains hit by downtime after DNSSEC error

Sweden saw thousands of domains go down for hours on Friday, after DNSSEC errors were introduced to the .se zone file.

Local ccTLD registry IIS said in a statement that around 8,000 domains had a “technical difficulty” that started around 1530 local time and lasted around seven hours:

On the afternoon of 4/2, a problem was discovered that concerned approximately 8,000 .se domains. The problem meant that services, such as email and web, that are linked to the affected domains in some cases could not be used or reached. In total, there are approximately 1.49 million .se domains, of which approximately 8,000 were affected.

During the afternoon and evening, a thorough work was done with the troubleshooting and the error could be fixed for the affected .se domains at approximately 22.25.

The problem is believed to have been caused by incorrect DNSSEC signatures being published in the .se zone file. Any machine using a DNSSEC-validating resolver would have seen the errors and flat-out refused to resolve the domain.

This is probably the key drawback of DNSSEC — typically resolvers will treat badly signed domains as if they do not exist, rather than fail over to an unsigned, but resolving, response.

Sweden is not a DNSSEC newbie — .se was the first TLD to deploy the technology, all the way back in 2005, with services for domain holders coming a couple of years later.

Do young people know how to use domain names?

If you’re reading this blog, chances are you’re a fan of domain names. Prepare to be irritated by this TikTok “influencer”.

@timotechanut

Hire a freelancer for any task #fiverr #freelance

♬ original sound – Timoté Chanut

If the video isn’t embedded properly, it’s probably because your browser is blocking third-party cookies from tiktok.com.

It’s part of a long series in which a guy called Timoté Chanut tips off his bewilderingly large audience about useful web sites, largely fun-looking content creation tools.

What’s baffling about these videos is how he teaches his viewer to navigate to the web site in question.

“If you search fiverr.com and click the first link, you can find a freelancer to do just about anything,” he says in the above video.

He demonstrates this by typing the domain name of the web site, in this case fiverr.com, into the Google search bar on the Chrome home page, then clicking the top link in the search results page, which in this case is a Google ad paid for by Fiverr.

Chanut’s TikTok feed is filled with examples of this bizarre navigation technique.

An encouragingly large number of web sites he promotes via his videos are built on new gTLDs such as .earth, .space and .online, or repurposed ccTLDs such as .co, .ai and io. There’s no .com bias here.

But this method of using domain names sure is a head-scratcher.

Is this how kids are using the internet nowadays? Do they not understand how a browser address bar works? Do they not realize that you can just type the goddamn domain into the browser and go right where you want to go, without feeding the Google beast?

Lest you think I’m randomly picking on some 20-year-old French kid, I’ll point out that Chanut has 2.3 million followers on TikTok and runs his own social media consultancy. He’s an “influencer”.

I’ll give him the benefit of the doubt and assume Chanut does know what domain names are and how to use them. Does this imply that he assumes his audience of TikTok-using youngsters do not?

I’ve been asked for over a decade whether domain names are becoming less relevant as apps and search become more popular, and my stock response is to explain that domains are not just about navigation, they’re about identity.

There can be little doubt the navigation component is less relevant than it used to be, but I had no idea it had got so bad.