Recent Posts
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
- Domain universe grows despite .com drag
- Did somebody spend a million bucks on a Google domain hack?
ICANN finds new home for Lebanon’s TLD after founder’s death
ICANN seems to have found a new manager for Lebanon’s ccTLD, just five months after its unprecedented decision to assume a “caretaker” role for the TLD.
The ICANN board of directors is set to vote tomorrow on whether to transfer .lb to the Internet Society Lebanon. If it’s on the agenda, it’s almost a shoo-in for a yay vote.
ICANN took over .lb from the American University in Beirut — which had no hands-on role in the ccTLD for a few years — in July, after the death of the registry’s founder and 30-year manager in January.
Nabil Bukhalid had died unexpectedly before he could find a successor to take over the registry, stymied at every turn by local politics and Lebanon’s horrific financial crisis.
ISOC Lebanon had been involved with his efforts to find .lb a new home, according to the complex potted history on the former registry’s web site, so it’s not coming in cold.
Several ccTLDs are already managed by their local ISOCs, including Israel, Sudan and Armenia.
ICANN created the new “caretaker” role in July to respond to “an extraordinary and temporary operational situation”. It seems to be a considerably faster process than the EBERO system used in gTLDs.
.lb is believed to have fewer than 5,000 domains under management.
ICANN begs people to use its new Whois service
ICANN’s CEO has published an open letter encouraging the community to spread the word about its new Registration Data Request Service.
Sally Costerton explained (pdf) that RDRS is a “free, global, one-stop shop ticketing system” that hooks up people seeking private Whois data with the relevant registrar.
“I appreciate your attention to this new service and ask that you share this information with the relevant stakeholders in your organization,” she concludes.
The plea comes after the late-November launch of the system and the revelation that the system currently has far from blanket coverage from registrars.
“Use of the RDRS is voluntary, but I’m pleased to let you know that we have strong participation from registrars already,” Costerton wrote.
Since I published a blog post three weeks ago naming 25 large registrars not participating in RDRS, only Markmonitor has chosen to sign up, adding another one million domains to RDRS’s footprint.
But it turns out Chinese registrar Alibaba, which I was unable to check due to a bug or downtime somewhere, definitely is not participating, so there are still 25 out of the 40 registrars with over a million domains that are not participating.
Usage on the demand side is not known, but ICANN says it will publish regular monthly progress reports.
The RDRS is considered a pilot. It will run for at least two years before ICANN figures out whether it’s worth keeping.
Shiba Inu outs itself as crypto new gTLD applicant
Shib, the developer behind the Shiba Inu cryptocurrency, said today that it plans to apply to ICANN for the .shib top-level domain.
The idea is to have the domain in the consensus DNS root and also in a blockchain and to make the two interoperable.
The company has partnered with D3 Global, the startup launched in September by industry veterans Fred Hsu, Paul Stahura and Shayan Rostam, to work on the application and interoperability platform.
Shib seems to be the second customer for D3. It’s also working with a blockchain company called Viction on .vic.
Perhaps erring on the side of responsibility, D3 is using an asterisk instead of a dot when offering names prior to ICANN approval, so it’s *shib and *vic instead of .shib and .vic.
The next ICANN application round is not expected to open until early-to-mid-2026.
Over 50,000 .ai domains sold in three months
The .ai ccTLD registry sold over 50,000 domain names in just over a quarter, according to the registry.
Its recently updated web site says its total domains under management as of September 23 was 306,861, compared to 248,609 on June 14.
That represents a growth acceleration from its last update, which saw it register over 100,000 domains in a year.
The domain is of course popular due to the rise of artificial intelligence technologies and the popularity of chatbots such as ChatGPT.
The registry says its renewal rate in over 90% — very high for a TLD — but it expects that to decline due to its rapid growth.
The registry is managed by the Government of Anguilla, a British Overseas Territory in the Caribbean.
Amazon planning new push into registrar market?
Amazon has kept a pretty low profile to date both as a registry and registrar, but there are reasons to believe it’s on the verge of becoming a more visible player in the market.
The e-commerce and web services giant has secured a second ICANN registrar accreditation and appears to be readying a new domain-focused web site.
The subsidiary Amazon Domain Registrar US LLC picked up its accreditation this week, and its official web site domain is domains.amazon, which was registered November 29.
The domain does not currently resolve from where I’m sitting.
Amazon already uses the dot-brand domain registry.amazon for its 50-odd new gTLDs, almost all of which remain unlaunched.
In the registrar market, Amazon’s subsidiary Amazon Registrar Inc has been accredited for well over a decade and has been taking registrations since 2015 as part of its Route 53 managed DNS service.
It’s not a conventional registrar storefront by any stretch — registrations seem to be available only via the management console used by existing Route 53 customers — but it has amassed over 1.3 million gTLD registrations so far.
So could domains.amazon become the newest player in the retail registrar market? Smaller registrars that cheered the exit of the Google brand from the registrar space may soon have a new big boy to contend with.
Registries and registrars vote ‘Yes’ to new DNS abuse rules
ICANN’s contracted registries and registrars have voted to accept new rules requiring them to take action on DNS abuse.
The new rules come after a vote lasting a few months with some quite high thresholds for success.
The current Registrar Accreditation Agreement merely requires registrars to “take reasonable and prompt steps to investigate and respond appropriately to any reports of abuse”, which is pretty vague and barely enforceable.
The amendments, which still need to be rubber-stamped by the ICANN board, make it much clearer what registrars are expected to do in which circumstances. A new paragraph is added that reads:
3.18.2 When Registrar has actionable evidence that a Registered Name sponsored by Registrar is being used for DNS Abuse, Registrar must promptly take the appropriate mitigation action(s) that are reasonably necessary to stop, or otherwise disrupt, the Registered Name from being used for DNS Abuse. Action(s) may vary depending on the circumstances, taking into account the cause and severity of the harm from the DNS Abuse and the possibility of associated collateral damage.
For registries, the new text for the base gTLD Registry Agreement is similar, but with a little more wiggle-room:
Where a Registry Operator reasonably determines, based on actionable evidence, that a registered domain name in the TLD is being used for DNS Abuse, Registry Operator must promptly take the appropriate mitigation action(s) that are reasonably necessary to contribute to stopping, or otherwise disrupting, the domain name from being used for DNS Abuse. Such action(s) shall, at a minimum, include: (i)the referral of the domains being used for the DNS Abuse, along with relevant evidence, to the sponsoring registrar; or (ii) the taking of direct action, by the Registry Operator, where the Registry Operator deems appropriate. Action(s) may vary depending on the circumstances of each case, taking into account the severity of the harm from the DNS Abuse and the possibility of associated collateral damage.
In both cases, DNS abuse is defined by the now industry standard line: “malware, botnets, phishing, pharming, and spam (when spam serves as a delivery mechanism for the other forms of DNS Abuse listed in this Section)”.
There are a few other quality of life updates, such as the requirement for registrars to acknowledge receipt of abuse reports and to have their abuse reporting mechanism “conspicuously and readily accessible from” their home pages.
ICANN needed registrars representing over 90% of registered gTLD domains (adjusted slightly to make GoDaddy’s voice less powerful). That threshold was passed last week, with 94% of domains voting in favor of the amendments.
For registries, ICANN required a simple majority of registries (counted by contract rather than company) and for all registries voting in favor to have been responsible for two thirds of all registry fees paid last year.
Judging by the financial thresholds, .com and .net, which are not on the base RA, were not involved.
ICANN predicts flattish 2025 for domain industry
The gTLD domain industry will be pretty much flat in terms of sales next year, according to the predictions in ICANN’s latest budget.
The bean counters reckon the Org will make $89 million from transactions in legacy gTLDs (mainly .com) in its fiscal 2025, up from the $88.9 million it expects to make in fiscal 2024, which ends next June 30.
Meanwhile, it expects transactions in new gTLDs to bring in $10.1 million, up from the $9.9 million it expects in FY24.
Both of the updated FY24 estimates are actually a bit ahead of ICANN’s current budget, written in April and approved in May, which predicted $87.1 million from legacy and $9.2 million from new.
ICANN expects to lose 22 registries (presumably unused dot-brands, of which there are still plenty, with a couple hundred contracts up for renewal in 2025) and gain 40 new registrars.
This will lead to revenue from registry fixed fees to dip to $27.6 million from a predicted $28.1 million, and registrar fixed fees going up from $10.4 million from a predicted $10.1 million.
The FY24 registrar numbers are a little healthier than ICANN predicted back in April, when it expected 2,447 accredited registrars at the end of the financial year versus the 2,575 it’s expecting now. Gname’s decision to buy 150 new accreditations will have played a big role in moving this number up. ICANN expects 2,615 registrars at the end of FY25.
But ICANN is losing registries faster than it predicted back in April. Then, it had expected to end FY24 with 1,127 registries; now it thinks it will have 1,118. It expects that to drop to 1,089 by the end of June 2025.
Overall, ICANN is budgeting for funding of $148 million and the same level of expenses in FY25, the same as FY24.
Fast-growing Gname buys another 150 registrars
Gname, the fast-growing Singaporean registrar, has added 150 ICANN registrar accreditations to its drop-catching army.
The companies are named Gname 151 through Gname 300. The companies Gname 2 through Gname 150 were accredited in June 2021.
Gname’s primary accreditation has grown massively since it became a drop-catcher in the last two years, going from under 10,000 names under management at the start of 2021 to 3.9 million at the end of August this year. About 3.2 million of its names were in .com.
Its first 150 secondary accreditations had almost a million names between them.
In August, it was the fastest-growing registrar of gTLD names, growing by over 156,000 domains and becoming the 12th-largest registrar accreditation overall.
Drop-catchers use large numbers of accreditations because registries rate-limit their connections. More accreditations means more connections and a better chance to register a valuable domain when it drops.
The primary accreditation was originally Chinese, in the name of Beijing Huaqi Weiye Technology Co and doing business at iwanshang.cn, before it moved to a Singaporean company called Gname.com.
ICANN’s current budget predicts an increase of five accrediations in fiscal 2024, which ends next June. Its high estimate was an increase of 60. So it’s now getting about half a million bucks more than it was expecting.
GoDaddy service to let you block domains in over 650 TLDs
GlobalBlock, a domain blocking service introduced to little fanfare by GoDaddy Registry and Identity Digital in June, is planning to launch next month with support from over 650 gTLDs and ccTLDs.
Built on the successes of GoDaddy’s AdultBlock and Identity Digital’s DPML, the new service was supposed to launch last week under the banner of the Brand Safety Alliance, but was delayed until January.
GlobalBlock enables trademark owners to pay one fee to block their marks across all participating TLDs, saving money on defensive registrations. Company names and celebrity names are also covered. A premium version, GlobalBlock+ also covers typos and IDN homographs.
It’s not just gTLD registries that have signed up. Nominet is participating, as is CoCCA. BSA is promising some pretty obscure ccTLDs will be part of the service.
In what appears to be a game-changing innovation, a feature of the service called Priority Autocatch seems set to stop cybersquatters and phishers from drop-catching domains that match strings protected by the block list.
Say you’re Facebook and you see some scumbag has registered facébook.ninja, if you’re subscribed to GlobalBlock+, the AutoCatch feature will see the domain removed from the available pool when it expires, rather than dropping so a second ne’er-do-well can register it.
GlobalBlock appears to be the reason no fewer than 35 registries covering over 300 gTLDs have recently asked ICANN for permission to launch a “Label Blocking Service” via the Registry Service Evaluation Process.
There’s money in blocking services. GoDaddy is making millions from AdultBlock. Some research I’ve been doing recently suggests some registries might be making more from blocks and defensive registrations than they are from regular domain sales.
For registries with small TLD portfolios, blocking services generally offer a poor value proposition. Services like DPML, which covers hundreds of TLDs, or AdultBlock, which covers all the porny ones, have been successful.
The BSA is offering brand owners a lot of carrots to get them to sign up early.
First, if you already have an AdultBlock or DPML subscription, your marks are already pre-validated. GoDaddy is also offering a 50% discount on AdultBlock until January 30; AdultBlock and DPML subscribers get 10% off GlobalBlock until April 30.
BSA says that pricing for GlobalBlock and the initial list of TLDs will be released in early January. Wholesale pricing will go up probably every six months as new TLDs are added, but customers will only pay the increased price upon renewal while benefiting from the added blocks.
General availability pricing begins February 15.
Did I find a murder weapon in a zone file?
Registrars are usually very reluctant to police the content of web sites by taking down domains they manage, but they quite often make an exception when the web site in question calls for violence. But what if the site itself attempts to physically harm visitors through their screens?
It sounds a bit mad, but I think I’ve found such a site.
I recently randomly came across a domain name that caught my eye while scrolling through a zone file. I’m not going to reveal the domain here, but it consisted of three words across the dot and could be taken as an instruction to “murder” a specific, but unnamed, individual.
Expecting humor, I visited the domain out of curiosity and was confronted by a blank page that rapidly flashed between two background colors, creating a strobe effect. There was no other content.
My first impression was that the site had been created in order to trigger seizures in photosensitive epileptics. The CSS seemed to confirm that the strobe effect fell within the frequency range that the charity Epilepsy Action says can cause such seizures.
This raised an interesting question: could this be considered “DNS abuse”?
The DNS Abuse Institute’s definition (pdf) says DNS Abuse consists of “malware, botnets, phishing, pharming, and spam (when it serves as a delivery mechanism for the other forms of DNS Abuse)”.
DNSAI says registries and registrars “must” act on these five categories of abuse, but it adds that there are some categories of web content where registrars “should” take action. Its Framework to Address Abuse, which has been endorsed by dozens of registries and registrars, states:
Specifically, even without a court order, we believe a registry or registrar should act to disrupt the following forms of Website Content Abuse: (1) child sexual abuse materials (“CSAM”); (2) illegal distribution of opioids online; (3) human trafficking; and (4) specific and credible incitements to violence. Underlying these Website Content Abuses is the physical and often irreversible threat to human life.
Epileptic seizures can be fatal. A school friend of mine did not make it out of his teens due to one. Even when non-fatal, they are dangerous and clearly unpleasant.
So if a site encouraging physical violence “should” be taken down, what about a site that seems designed to actively physically attack individuals, no incitement required? That’s a reasonable question, right?
I filed an abuse report with the registrar managing the domain and was told it did not violate its acceptable use policies.
Attacking epileptics with flashing images sent online has been a criminal offence in the UK since October 26, when the controversial Online Safety Act 2023 was enacted.
A component of the Act is named Zach’s Law, after an eight-year-old boy who in 2020 was attacked with flashing images by internet wankers after he carried out a sponsored walk for the Epilepsy Society.
The Act makes it illegal to send a flashing image to somebody you know is epileptic with the intent to harm them. You can get up to five years imprisonment and a fine.
Recent Comments