Latest news of the domain name industry

Recent Posts

More consolidation? Endurance said to be up for sale

Kevin Murphy, August 27, 2018, Domain Registrars

Endurance International Group is reportedly up for sale, perhaps the next piece of consolidation or privatization in a rapidly changing domain name market.

Bloomberg, citing unnamed sources, reports today that EIG is “is considering strategic options, including a possible sale”.

EIG owns domain brands Domain.com, BigRock, BuyDomains and ResellerClub, along with a bunch of hosting properties such as HostGator.

Bloomberg’s sources stressed that no final decision has been made, and that the company could remain public.

It’s currently listed on Nasdaq where it has a market cap today of almost $1.38 billion .

The company would be far from the first to change ownership in the last couple of years.

Most recently, Web.com (Network Solutions et al) announced a plan to go private in a $2 billion deal.

A year ago, Neustar went private in a $2.9 billion deal.

In terms of industry consolidation, we’ve more recently seen KeyDrive reverse into CentralNic and MMX buy ICM Registry.

1 Comment Tagged: , ,

ICANN faces critical choice as security experts warn against key rollover

Kevin Murphy, August 23, 2018, Domain Tech

Members of ICANN’s top security body have advised the organization to further delay plans to change the domain name system’s top cryptographic key.

Five dissenting members of the influential, 22-member Security and Stability Advisory Committee said they believe “the risks of rolling in accordance with the current schedule are larger than the risks of postponing”.

Their comments relate to the so-called KSK rollover, which would see ICANN for the first time ever change the key-signing key that acts as the trust anchor for all DNSSEC queries on the internet.

ICANN is fairly certain rolling the key will cause DNS resolution problems for some — possibly as much as 0.05% of the internet or a couple million people — but it currently lacks the data to be absolutely certain of the scale of the impact.

What it does know — explained fairly succinctly in this newly published guide (pdf) — is that within 48 hours of the roll, a certain small percentage of internet users will start to see DNS resolution fail.

But there’s a prevailing school of thought that believes the longer the rollover is postponed, the bigger that number of affected users will become.

The rollover is currently penciled in for October 11, but the ultimate decision on whether to go ahead rests with the ICANN board of directors.

David Conrad, the organization’s CTO, told us last week that his office has already decided to recommend that the roll should proceed as planned. At the time, he noted that SSAC was a few days late in delivering its own verdict.

Now, after some apparently divisive discussions, that verdict is in (pdf).

SSAC’s majority consensus is that it “has not identified any reason within the SSAC’s scope why the rollover should not proceed as currently planned.”

That’s in line with what Conrad, and the Root Server System Advisory Committee have said. But SSAC noted:

The assessment of risk in this particular area has some uncertainty and therefore includes a component of subjective judgement. Individuals (including some members of the SSAC) have different assessments of the overall balance of risk of the resumption of this plan.

It added that it’s up to the ICANN board (comprised largely of non-security people) to make the final call on what the acceptable level of risk is.

The minority, dissenting opinion gets into slightly more detail:

The decision to proceed with the keyroll is a complex tradeoff of technical and non-technical risks. While there is risk in proceeding with the currently planned roll, we understand that there is also risk in further delay, including loss of confidence in DNSSEC operational planning, potential for more at-risk users as more DNSSEC validation is deployed, etc.

While evaluating these risks, the consensus within the SSAC is that proceeding is preferable to delay. We personally evaluate the tradeoffs differently, and we believe that the risks of rolling in accordance with the current schedule are larger than the risks of postponing and focusing heavily on additional research and outreach, and in particular leveraging newly developed techniques that provide better signal and fidelity into potentially impacted parties.

We would like to reiterate that we understand our colleagues’ position, but evaluate the risks and associated mitigation prospects differently. We believe that the ultimate decision lies with the ICANN Board, and do not envy them with this decision.

SSAC members are no slouches when it comes to security expertise, and the dissenting members are no exception. They are:

  • Lyman Chapin, co-owner of Interisle Consulting, a regular ICANN contractor perhaps best-known to DI readers for carrying out a study into new gTLD name collisions five years ago.
  • Kimberly “kc claffy” Claffy, head of the Center for Applied Internet Data Analysis at the University of California in San Diego. CAIDA does nothing but map and measure the internet.
  • Jay Daley, a registry executive with a technical background whose career includes senior stints at .uk and .nz. He’s currently keeping the CEO’s chair warm at .org manager Public Interest Registry.
  • Warren Kumari, a senior network security engineer at Google, which is probably the largest early adopter of DNSSEC on the resolution side.
  • Danny McPherson, Verisign’s chief security officer. As well as .com, Verisign runs the two of the 13 root servers, including the master A-root. It’s running the boxes that sit at the top of the DNSSEC hierarchy.

It may be the first time SSAC has failed to reach a full-consensus opinion on a security matter. If it has ever published a dissenting opinion before, I certainly cannot recall it.

The big decision about whether to proceed or delay is expected to be made by the ICANN board during its retreat in Brussels, a three-day meeting that starts September 14.

Given that ICANN’s primary mission is “to ensure the stable and secure operation of the Internet’s unique identifier systems”, it could turn out to be one of ICANN’s biggest decisions to date.

Comment Tagged: , , , , ,

.CLUB revenue not all that

Kevin Murphy, August 21, 2018, Domain Registries

.CLUB Domains may be one of the 5000 fastest-growing companies in the US, according to Inc magazine, but it’s returning the majority of its revenue back to its registrars.

CEO Colin Campbell revealed this week that the company returns almost 70% of its gross revenue in the form of rebates.

The revelation came in an interview with Domain Name Wire on its latest podcast.

Campbell told Andrew Allemann that in 2017 .CLUB had $9.3 million in what he called “cash flow” or “gross revenue”.

But “net cash” or “net revenue”, after rebates was just $2.8 million, meaning $6.5 million was returned to registrars via promotions.

The interview came a few days after Inc named the company 1164th in its 2018 list of fastest-growing US companies.

Inc had .CLUB’s revenue at $7.2 million, but that appears to have been calculated using the usual accounting standards of deferring revenue into future periods over the lifetime of the domain subscription.

.club has something like 1.4 million names under management.

Campbell said that the company is “adding about a million dollars of net revenue per year” and he predicted 2018 gross cash to come in at $10.5 million and net to come in at $3.7 million.

That’s a net revenue figure, remember, not a profit or net income line. Campbell said he’s more interested in growing the business rather than paying taxes on profits.

The aggressive rebating seems to have a focus in China, where it has regular deals with the likes of Alibaba (which was .club’s biggest registrar with 20% of the market at the last count) and West.cn.

While .CLUB is private, Campbell has been frank about its performance in the past.

The DNW interview follows DI’s interview with Campbell on more or less the same topic last September, and DNW’s in 2016.

It’s a good podcast, you should have a listen.

3 Comments Tagged: , ,

Microsoft seizes “Russian election hacking” domains

Kevin Murphy, August 21, 2018, Domain Policy

Microsoft has taken control of six domains associated with a hacker group believed to be a part of Russian military intelligence, according to the company.

Company president Brad Smith blogged yesterday that Microsoft obtained a court order allowing it to seize the names, which it believes were to be used to attack institutions including the US Senate.

The domains in question look like they could be used in spear-phishing attacks. The are: my-iri.org, hudsonorg-my-sharepoint.com, senate.group, adfs-senate.services, adfs-senate.email and office365-onedrive.com.

Historical Whois records archived by DomainTools show they were registered last year behind WhoisGuard, the Panama-based privacy service. Now, of course, the Whois records are all redacted due to GDPR.

Smith said that Microsoft believes intended targets besides the Senate also include the International Republican Institute and the Hudson Institute, two conservative think-tanks.

The company believes, though it did not show evidence, that the domains were created by the group it calls “Strontium”.

Strontium is also known as “Fancy Bear”, among other names. It’s believed to be backed by the GRU, Russia’s intelligence agency.

It’s the same group alleged members of which Special Counsel Robert Mueller recently indicted as part of his investigation into Russian meddling in the 2016 US presidential election.

“We have now used this approach 12 times in two years to shut down 84 fake websites associated with this group,” Smith said in his blog post.

He added that Microsoft does not know whether the domains have been used in an attack yet.

Comment Tagged: , , , , , , ,

New gTLDs rebound in Q2

Kevin Murphy, August 21, 2018, Domain Registries

New gTLD registration volumes reversed a long trend of decline in the second quarter, according to Verisign’s latest Domain Name Industry Brief.

The DNIB (pdf), published late last week, shows new gTLD domains up by 1.6 million sequentially to 21.8 million at the end of June, a 7.8% increase.

That’s the first time Verisign’s numbers have shown quarterly growth for new gTLDs since December 2016, five quarters of shrinkage ago.

Domains (millions)
Q3 201623.4
Q4 201625.6
Q1 201725.4
Q2 201724.3
Q3 201721.1
Q4 201720.6
Q1 201820.1
Q2 201821.8

The best-performing new gTLD across Q2 was .top according to my zone file records, adding about 600,000 names.

.top plays almost exclusively into the sub-$1 Chinese market and is regularly singled out as a spam-friendly zone. SpamHaus currently ranks it as almost 45% “bad”.

Overall, the domain universe saw growth of six million names, or 1.8%, finishing the quarter at 339.8 million names, according to Verisign.

Verisign’s own .com ended Q2 with 135.6 million domains, up from 133.9 million at the end of March.

That’s a sequential increase of 1.7 millions, only 100,000 more than the total net increase from the new gTLD industry.

.net is still suffering, however, flat in the period with 14.1 million names.

ccTLDs saw an increase of 3.5 million names, up 2.4%, to end June at 149.7 million, the DNIB states.

But that’s mainly as a result of free TLD .tk, which never deletes names. Stripping its growth out (Verisign and partner ZookNic evidently have access to .tk data now) total ccTLD growth would only have been 1.9 million names.

5 Comments Tagged: , , , , , , , ,