Latest news of the domain name industry

Recent Posts

.org price cap complaints more like “spam” says Ombudsman

Kevin Murphy, September 11, 2019, Domain Policy

ICANN’s Ombudsman has sided with with ICANN in the fight over the lifting of price caps on .org domains, saying many of the thousands of comments objecting to the move were “more akin to spam”.

Herb Waye was weighing in on two Requests for Reconsideration, filed by NameCheap and the Electronic Frontier Foundation in July and August after ICANN and Public Interest Registry signed their controversial new registry agreement.

NameCheap wants ICANN to reverse its decision to allow PIR to raise .org prices by however much it chooses, while the EFF complained primarily about the fact that the Uniform Rapid Suspension anti-cybersquatting measure now appears in the contract.

In both cases, the requestors fumed that ICANN seemed to “ignore” the more than 3,200 comments that were filed in objection back in April, with NameCheap calling the public comment process a “sham”.

But Waye pointed to the fact that many of these comments were filed by people using a semi-automated web form hosted by the pro-domainer Internet Commerce Association.

As far as comments go for ICANN, 3200+ appears to be quite a sizeable number. But, seeing as how the public comments can be filled out and submitted electronically, it is not unexpected that many of the comments are, in actuality, more akin to spam.

With this eyebrow-raising comparison fresh in my mind, I had to giggle when, a few pages later, Waye writes (emphasis in original):

I am charged with being the eyes and ears of the Community. I must look at the matter through the lens of what the Requestor is asking and calling out. The Ombuds is charged with being the watchful eyes of the ICANN Community. The Ombuds is also charged with being the alert “ears” of the Community — with listening — with making individuals, whether Requestors or complainants or those just dropping by for an informal chat, feel heard.

Waye goes on to state that the ICANN board of directors was kept well-briefed on the status of the contract negotiations and that it had been provided with ICANN staff’s summary of the public comments.

He says that allowing ICANN’s CEO to execute the contract without a formal board vote did not go against ICANN rules (which Waye says he has “an admittedly layman’s understanding” of) because contractual matters are always delegated to senior staff.

In short, he sees no reason for ICANN to accept either Request for Reconsideration.

The Ombudsman is not the decision-maker here — the two RfRs will be thrown out considered by ICANN’s Board Accountability Mechanisms Committee at its next meeting, before going to the full board.

But I think we’ve got a pretty good indication here of which way the wind is blowing.

You can access the RfR materials and Waye’s responses here.

6 Comments Tagged: , , , , , , , , , , ,

Botterman is new ICANN chair

Kevin Murphy, September 10, 2019, Domain Policy

ICANN has announced that Maarten Botterman has been selected as its new chair.

He, along with newly selected vice chair León Felipe Sánchez Ambia, will take their seats after a formal board vote to come at the end of ICANN’s annual general meeting in Montreal next month.

Botterman replaces Cherine Chalaby, who has been in the role for two years. Chalaby is term-limited, having joined the board nine years ago, and will leave ICANN after Montreal.

Chris Disspain and Ron da Silva also stood for the chair, Chalaby said in a blog post last night. Becky Burr stood unsuccessfully for vice chair.

Disspain, currently vice chair, has stepped aside immediately to be replaced for the next month by Botterman. Disspain’s nine years come to an end next year.

Botterman is Dutch, based in Rotterdam, where he works as an “independent strategic advisor” at his own company, GNKS Consult.

He’s also on the board of the non-profit NLnet Foundation, which funds internet research, and is a former chair of Public Interest Registry, which runs .org.

He’s got a background in the Dutch government and the European Commission.

He was put on the board by the Nominating Committee three years ago and renewed for another three years last month. Theoretically, he could stay as ICANN’s chair for the next six years.

1 Comment Tagged: ,

Another victory for Amazon as ICANN rejects Colombian appeal

Kevin Murphy, September 9, 2019, Domain Registries

Amazon’s application for .amazon has moved another step closer to reality, after ICANN yesterday voted to reject an appeal from the Colombian government.

The ICANN board of directors voted unanimously, with two conflict-related abstentions, to adopt the recommendation of its Board Accountability Mechanisms Committee, which apparently states that ICANN did nothing wrong when it decided back in May to move .amazon towards delegation.

Neither the board resolution nor the BAMC recommendation has been published yet, but the audio recording of the board’s brief vote on Colombia’s Request for Reconsideration yesterday can be found here.

As you will recall, Colombia and the seven other governmental members of the Amazon Cooperation Treaty Organization have been trying to stymie Amazon’s application for .amazon on what you might call cultural appropriation grounds.

ACTO governments think they have the better right to the string, and they’ve been trying to get veto power over .amazon’s registry policies, something Amazon has been strongly resisting.

Amazon has instead offered a set of contractual Public Interest Commitments, such as giving ACTO the ability to block culturally sensitive strings, in the hope of calming the governments’ concerns.

These PICs, along with Amazon’s request for Spec 13 dot-brand status, will likely be published for 30 days of public comment this week, Global Domains Division head Cyrus Namazi told the board.

Expect fireworks.

After comments are closed, ICANN will then make any tweaks to the PICs that are necessary, before moving forward to contract-signing with Amazon, Namazi .said.

Comment Tagged: , , , , , , , ,

Kafka turns in grave as ICANN crowbars “useless” Greek TLD into the root

Kevin Murphy, September 9, 2019, Domain Policy

ICANN has finally approved a version of .eu in Greek script, but it’s already been criticized as “useless”.

Yesterday, ICANN’s board of directors rubber-stamped .ευ, the second internationalized domain name version of the European Union’s .eu, which will be represented in the DNS as .xn--qxa6a.

There’s a lot of history behind .ευ, much of it maddeningly illustrative of ICANN’s Kafkaesque obsession with procedure.

The first amusing thing to point out is that .ευ is technically being approved under ICANN’s IDN ccTLD Fast Track Process, a mere NINE YEARS after EURid first submitted its application.

The “Fast Track” has been used so far to approve 61 IDN ccTLDs. Often, the requested string is merely the name of the country in question, written in one of the local scripts, and the TLD is approved fairly quickly.

But in some cases, especially where the desired string is a two-character code, a string review will find the possibility of confusion with another TLD. This runs the risk of broadening the scope of domain homograph attacks sometimes used in phishing.

That’s what happened to .ευ, along with Bulgaria’s Cyrillic .бг and Greece’s own .ελ, which were rejected on string confusion grounds back in 2010 and 2011.

Under pressure from the Governmental Advisory Committee, ICANN then implemented an Extended Process Similarity Review Panel, essentially an appeals process designed to give unsuccessful Fast Track applicants a second bite at the apple.

That process led to Bulgaria being told that .бг was not too similar to Brazil’s .br, and Greece being told that .ελ did not look too much like .EA, a non-existent ccTLD that may or may not be delegated in future, after all.

But the EU’s .ευ failed at the same time, in 2014. The appeals review panel found that the string was confusable with upper-case .EY and .EV.

Again, these are not ccTLDs, just strings of two characters that have the potential to become ccTLDs in future should a new country or territory emerge and be assigned those codes by the International Standards Organization, a low-probability event.

I reported at the time that .ευ was probably as good as dead. It seemed pretty clear based on the rules at the time that if a string was confusable in uppercase OR lowercase, it would be rejected.

But I was quickly informed by ICANN that I was incorrect, and that ICANN top brass needed to discuss the results.

That seems to have led to ICANN tweaking the rules yet again in order to crowbar .ευ into the root.

In 2015, the board of directors reached out to the GAC, the ccNSO and the Security and Stability Advisory Committee for advice.

They dutifully returned two years later with proposed changes (pdf) that seemed tailor-made for the European Union’s predicament.

A requested IDN ccTLD that caused confusion with other strings in only uppercase, but not lowercase (just like .ευ!!!) could still get delegated, provided it had a comprehensive risk mitigation strategy in place, they recommended.

The recommendation was quickly approved by ICANN, which then sent its implementation guidelines (again, tailor-made for EURid (pdf)) back to the ccNSO/SSAC.

It was not until February this year that the ccNSO/SSAC group got back to ICANN (pdf) to approve of its implementation plan and to say that it has already tested it against EURid’s proposed risk-mitigation plan (pdf).

Basically, the process in 2009 didn’t produce the desired result, so ICANN changed the process. It didn’t produced the desired result again in 2014, so the process was changed again.

But at least Greek-speaking EU citizens are finally going to get a meaningful ccTLD that allows them to express their EUishness in their native script, right?

WRONG!

I recently read with interest and surprise a blog post by domainer-blogger Konstantinos Zournas, in which he referred to .ευ as the “worst domain extension ever”.

Zournas, who is Greek, opened my eyes to the fact that “.ευ” is meaningless in his native tongue. It’s just two Greek letters that visually resemble “EU” in Latin script. It’s confusing by design, but with .eu, a ccTLD that EURid already manages.

While not for a moment doubting Zournas’ familiarity with his own language, I had to confirm this on the EU’s Greek-language web site.

He’s right, the Greek for “European Union” is “Ευρωπαϊκής Ένωσης”, so the sensible two-letter IDN ccTLD would be .ΕΈ (those are Greek characters that look a bit like Latin E).

That would have almost certainly failed the ICANN string similarity process, however, as .ee/EE is the current, extant ccTLD for Estonia.

In short (too late), it seems to have taken ICANN the best part of a decade, and Jesus H Christ knows how many person-hours, to hack its own procedures multiple times in order to force through an application for a TLD that doesn’t mean anything, can’t be confused with anything that currently exists on the internet, and probably won’t be widely used anyway.

Gratz to all involved!

5 Comments Tagged: , , , , , , , , , ,

Sorry, you still can’t sue ICANN, two-faced .africa bidder told

Kevin Murphy, September 9, 2019, Domain Policy

Failed .africa gTLD applicant DotConnectAfrica appears to have lost its lawsuit against ICANN.

A California judge has said he will throw out the portions of DCA’s suit that had not already been thrown out two years ago, on the grounds that DCA was talking out of both sides of its mouth.

DCA applied for .africa in 2012 but lost out to rival applicant ZA Central Registry because ZACR had the backing of African governments and DCA did not.

It filed an Independent Review Process complaint against ICANN in 2013 and won in 2015, with the IRP panel finding that ICANN broke its own bylaws by paying undue deference to Governmental Advisory Committee advice.

It also emerged that ICANN had ghost-written letter of government support on behalf of the African Union, which looked very dodgy.

DCA then sued ICANN in 2016 on 11 counts ranging from fraud to breach of contract to negligence.

The Los Angeles Superior Court decided in 2017 that five of those charges were covered by the “covenant not to sue”, a broad waiver that all new gTLD applicants had to sign up to.

But the remaining six, relating to ICANN’s alleged fraud, were allowed to go ahead.

ICANN relied in its defense on a principle called “judicial estoppel”, where a judge is allowed to throw out a plaintiff’s arguments if it can be shown that it had previously relied on diametrically opposed arguments to win an earlier case.

The judge has now found that estoppel applies here, because DCA fought and won the IRP in part by repeatedly claiming that it was not allowed to sue in a proper court.

It had made this argument on at least seven occasions during the IRP, Judge Robert Broadbelt found. He wrote in his August 22 ruling (pdf):

DCA’s successfully taking the first position in the IRP proceeding and gaining significant advantages in that proceeding as a result thereof, and then taking the second position that its totally inconsistent in this lawsuit, presents egregious circumstances that would result in a miscarriage of justice if the court does not apply the doctrine of judicial estoppel to bar DCA from taking the second position in this lawsuit. The court therefore exercises its discretion to find in favor of ICANN, and against DCA, on ICANN’s affirmative defense of judicial estoppel and to bar DCA from bringing or maintaining its claims against ICANN alleged in the [First Amended Complaint] in this lawsuit.

In other words, ICANN’s won.

The case is not yet over, however. DCA still has an opportunity to object to the ruling, and there’s a hearing scheduled for December.

Comment Tagged: , , , , , , ,

Why you should never let a pizza joint apply for your billion-dollar dot-brand

Kevin Murphy, September 9, 2019, Domain Registries

A multi-billion dollar telecoms company has lost its two dot-brand gTLDs after apparently hiring a failed pizza restaurant to manage them.

For reals.

Several times a year, my friends at other domain news blogs will post cautionary tales about companies losing their domains after falling out with the consultant or developer who originally registered the names on their behalf.

I believe this story is the first example of the same thing happening at the top level, with two valuable dot-brand gTLDs.

It concerns the Saudi Arabian telco Etihad Etisalat, which does business as Mobily. It’s publicly traded, with millions of subscribers and 2018 revenue of the equivalent of $3.14 billion.

The two gTLDs we’re concerned with are .mobily and موبايلي. (.xn--mgbb9fbpob), the Arabic version of the brand.

Back in 2012, a Bahrain company called GreenTech Consultancy Company applied for both of these TLDs. The applications made it explicit that they were to be single-registrant dot-brands to be used by Mobily.

Quite what the relationship between Mobily and GreenTech was — if there even was one — isn’t particularly clear.

GreenTech’s shareholders were Anwar Ahmed and Asma Malik, two Pakistani nationals living in Bahrain, according to Bahrain business records.

Its web site is an laughable mess of broken English, shameful grammar, irrelevant and impenetrable technobabble (much of which appears verbatim on several other South Asian tech companies’ web sites), and a suggestion that the company is primarily in the business of selling satellite modems.

The site just stinks of bogosity. It looks like a dirt-cheap developer threw the site together during his lunch break for beer money.

Bahrain company records show that GreenTech shared a registration with a company called Greentech Pizzeria Restaurant. Same two directors, same address, same company number.

The consultancy company was formed in February 2012 — during the ICANN application window — and the pizza joint opened a bit over a year later.

Why a multi-billion dollar telecommunications company would entrust its brands to these guys, if that is in fact what happened, is a bit of a mystery.

From information that has recently emerged, which I’ll get to shortly, it appears that the true applicant was a Los Angeles-based gTLD consultancy called WiseDots, which in 2011 was co-founded by recently departed ICANN CFO Kevin Wilson and Herman Collins.

WiseDots employees Collins, Wael Nasr and Alan Bair were all at some point listed as primary or secondary contacts for the two applications, as was domain lawyer Mike Rodenbaugh of Rodenbaugh Law.

Wilson left WiseDots in May 2012 and rejoined three years later as CEO after a stint at Donuts. He’s currently listed as the Admin contact for both Mobily gTLDs in the IANA records.

It appears that Mobily signed a letter of intent with WiseDots on April 9, 2012, just three days before the ICANN application window closed, and that was later formalized into a contract in 2014, six months before GreenTech signed its contracts with ICANN.

Both applications made it through ICANN’s evaluation process with apparently no trouble — there were no objections on trademark or any other grounds — and the Registry Agreements were signed in December 2014.

It’s worth noting that neither contract contains Specification 13, which is required for a registry to operate as a dot-brand. If you want to run a dot-brand, you have to show ICANN that you own a trademark matching the string you’ve applied for.

GreenTech did actually submit requests for Spec 13 approval (pdf) — a week after the contracts were already signed — but at a later date both were either withdrawn or rejected by ICANN for reasons unknown.

Both requests include what appear to be scans of Saudi trademark certificates, but they’re both in Arabic and I’ve no idea who they’re assigned to. Presumably, Mobily, which may explain why GreenTech couldn’t get its Spec 13.

After the contracts were signed, it took exactly one full year — the maximum delay permitted by ICANN — before they were delegated and entered the DNS root.

A year after that, in December 2016, ICANN whacked GreenTech with a breach-of-contract notice (pdf), after the company apparently failed to pay its ICANN fees.

The fees had been “past due” for at least six months. It seems quite possible GreenTech had never paid its fees after delegation.

The breach was later escalated to termination, and the two parties entered mediation.

According to Nasr, in a letter to ICANN, Mobily had promised to pay the ICANN fees, but had reneged on its promise, causing the breach.

The issue was resolved, with GreenTech apparently agreeing to some “confidential” terms with ICANN, in November 2017.

It has now transpired, from Nasr’s letter and attached confidential joint-venture agreement, that GreenTech, WiseDots, Collins, Ahmad, Nasr and yet another consultant — an Egyptian named Ahmed El Oteify, apparently with Varkon Group — made a pact in August 2016 whereby the two gTLDs would be transferred into the control of a new jointly owned Bahrain company to be called MobileDots WLL, which in turn would be owned by a new jointly owned Delaware company called MobileDots LLC.

The TLD contracts would then be transferred to Mobily, according to Nasr.

“GreenTech and the two Mobiledots companies were intended to be intermediate conduits for the future transfer of the two Mobily licenses to Mobily as their eventual Registered Operator,” he wrote.

“At no point in time was GreenTech ever contemplated as the true operator of the ‘Mobily’ gTLD licenses. Indeed, GreenTech ran a defunct pizza restaurant, and was long ago de-registered by the Bahraini government for its numerous payments and filing defaults,” he wrote.

The Delaware company was created, but there does not appear to be an official record of the Bahrain company being formed.

According to Nasr, after Mobily stopped paying its ICANN dues the joint venture partners fell out with each other over how to finance the registries. This led to GreenTech asking ICANN to terminate its contracts, which I blogged about in May.

As is customary when a brand registry self-terminates, ICANN made a preliminary decision not to transfer the GreenTech contracts to a third party and opened it up to public comments.

Nasr’s letter is the first example of anyone ever actually using that public comment opportunity.

He argued that because of the JV agreement, ICANN should instead transfer .mobily and the Arabic version to MobileDots.

ICANN declined, saying “it is not within the remit of ICANN org to transfer the TLDs to a specific successor Registry Operator (such as Mobiledots L.L.C., as Mr. Nasr requests) through this termination process”.

As a further twist in the tale, on August 23 this year, just four days before the contract terminations were due to become effective, GreenTech withdrew its requests for reasons unknown.

But it seems ICANN has had enough.

Last Thursday, it told GreenTech (Wilson and Ahmed) that it is terminating its registry contracts anyway, “invoking certain provisions set forth in the previously agreed-upon confidential terms between ICANN org and GreenTech”.

Its termination notices do not reveal what these “confidential terms” are.

But, given that GreenTech stopped existing as a legal entity in February (according to Bahrain company records) it appears it would have been on fairly solid grounds to terminate anyway.

ICANN’s decision is not open for comment this time around, and IANA has been asked to delete both TLDs from the root as soon as possible.

The upshot of all this is that a massive Saudi telco has lost both of the dot-brands it may or may not have wanted, and a whole mess of gTLD consultants appear to be out of pocket.

And the moral of this story?

Damned if I know. Something to do with pizzas, probably.

9 Comments Tagged: , , , , , , , ,

More than 1,000 new gTLDs a year? Sure!

Kevin Murphy, September 5, 2019, Domain Tech

There’s no particular reason ICANN shouldn’t be able to add more than 1,000 new gTLDs to the DNS every year, according to security experts.

The Security and Stability Advisory Committee has informed ICANN (pdf) that the cap, which was in place for the 2012 application round, “has no relevance for the security of the root zone”.

Back then, ICANN had picked the 1,000-a-year upper limit for delegations more or less out of thin air, as a straw man for SSAC, the root server operators, and those who were opposed to new gTLDs in general to shake their sticks at. It was concluded that 1,000 should present no issues.

As it turned out, it took two and a half years for ICANN to add the first 1,000 new gTLDs, largely due to the manual elements of the application process.

SSAC is now reiterating its previous advice that monitoring the rate of change at the root is more important than how many TLDs are added, and that there needs to be a way to slam the brakes on delegations if things go titsup.

The committee is also far more concerned that some of the 2012 new gTLDs are being quite badly abused by spammers and the like, and that ICANN is not doing enough to address this problem.

Comment Tagged: , , , ,

Paranoid ICANN opens another root server in China

Kevin Murphy, September 5, 2019, Domain Tech

ICANN has announced the creation of another root server instance in China, which definitely, DEFINITELY won’t let the Chinese government mess with the interwebs.

ICANN said this week that it’s opened an instance of the L-root that it manages in Shanghai.

It’s the third L-root in China but only the first outside of Beijing.

In a press release announcing the installation, which was carried out with technical support from CNNIC and Shanghai Telecom, ICANN decided to preemptively head off any concerns that putting an important piece of internet infrastructure in China comes with added security risk:

Contrary to common misconception, root servers do not control the Internet. The operation of an instance also does not provide any mechanism to alter content of the DNS. Any modification of root zone content will be mitigated by a part of the DNS protocol known as the DNS Security Extensions (DNSSEC) and if an instance fail to respond to a query, resolvers will ask the same question to another instance or root server.

It’s merely the latest of 168 L-root installations and 1,015 copies of the 13 logical root servers, which all use IP Anycast to more quickly serve DNS answers to their local users.

Given how big and populous China is, there are surprisingly few root server instances in the country, according to root-servers.org.

In addition to ICANN’s three boxes, Verisign’s J-root and Internet Systems Consortium’s F-root have three in Beijing and two in Hangzhou between them. The K, I and F roots each have one instance in Beijing.

That’s eight nodes in China proper, which has 800 million internet users. Cross the border into semi-autonomous Hong Kong, which has a population of under eight million people, and there are nine root instances.

The city of Bucharest, Romania (pop. 1.8 million) has the same number of root instances as China.

1 Comment Tagged: , , ,

A third of the top TLDs are shrinking

Kevin Murphy, September 5, 2019, Domain Registries

Roughly one hundred of the top 300 top-level domains shrank in the second quarter, according to the latest CENTRstats Global TLD Report.

Median growth in domain registrations “hit a new recorded low” of 3.1%, the second new low in a row, CENTR said. It was 5.6% a year ago.

At the high end of the range, African ccTLDs — which have a relatively low base reg count, making impressive percentage growth easier — had median growth of 8.5%.

At the low end, European ccTLDs had median growth of 2%, CENTR said. These ccTLDs have more regs than all the other regions combined, making high-percentage growth trickier.

Europe was of course helped out by the UK, which spiked in July due to the end of the five-year second-level domain claims period, an effect I reported on last week.

Judging by CENTR’s numbers, Europe would have been virtually flat had .uk not grown by 1.1 million names in the quarter.

CENTR does not seem to count Taiwan’s .tw, the other ccTLD known to have driven growth internationally in Q2.

Verisign’s Domain Name Industry Brief, and DI’s own database, has Taiwan as the eighth-largest TLD, but it does not even make it to the CENTRstats’s top 10. (UPDATE September 9: .tw has since been added to the list.)

The gTLDs fared little better in percentage terms — up 2.4% year-over-year at the end of July. Verisign’s .com grew at 5% over the same period. For 2012-round new gTLDs, the number is 2.8%.

The CENTRstats report, which contains a whole lot more data, can be viewed or downloaded here.

9 Comments Tagged: , ,

These two ccTLDs drove two thirds of all domain growth in Q2

Kevin Murphy, August 30, 2019, Domain Registries

The number of registered domain names in the world increased by 2.9 million in the second quarter, driven by .com and two ccTLDs.

That’s according to the latest Verisign Domain Name Industry Brief, which was published (pdf) overnight, and other data.

The quarter ended with 354.7 million domains. Verisign’s own .com was up 1.5 million over Q1 at 142.5 million names.

ccTLDs across the board grew by 1.9 million names sequentially to 158.7 million. Year-over-year, the increase was 10.5 million domains.

The sequential ccTLD increase can be attributed almost entirely to two TLDs: .tw and .uk. These two ccTLDs appear to account for two thirds of the overall net new domains appearing in Q2.

Taiwan grew by about 600,000 in the quarter, presumably due to an ongoing, unusual pricing-related growth spurt among Chinese domainers that I reported in June.

The UK saw an increase of roughly 1.3 million domains, ending the quarter at 13.3 million.

That’s down to the deadline for registering second-level .uk matches for third-level .co.uk domains, which passed June 25.

Nominet data shows that 2LDs increased by about 1.2 million in the period, even as 3LDs dipped. The difference between this and the Verisign data appears to be rounding.

Factoring out the .uk and .tw anomalies, we have basically flat ccTLD growth, judging by the DNIB data.

Meanwhile, the new gTLD number was 23 million. That’s flat after rounding, but Verisign said that the space was actually up by about 100,000 names.

Growth as a whole was tempered by what I call the “other” category. That comprises the pre-2012 gTLDs such as .net, .org, .info and .biz. That was down by about a half a million names.

.net continued its gradual new gTLD-related decline, down 200,000 names sequentially at 13.6 million, while .org was down by 100,000 names.

The overall growth numbers are subject to the usual DNIB-related disclaimers: Verisign (and most everyone else) doesn’t have good data for some TLDs, including large zones such as .tk and .cn.

10 Comments Tagged: , , , , , ,