Latest news of the domain name industry

Recent Posts

ICANN expecting to approve most new gTLDs?

Kevin Murphy, November 14, 2012, Domain Registries

Good news for new gTLD applicants?

ICANN appears to be assuming that the vast majority of applications will pass their evaluations and make it at least as far as pre-delegation testing, judging from recent comments.

Of the 1,400-odd unique strings being applied for, ICANN reckons that “close to the maximum” will need to be tested before being added to the DNS root.

The hint came in a Q&A with respondents to ICANN’s pre-delegation testing provider RFP published yesterday.

With added emphasis, here’s what ICANN just said:

Question 7: Can ICANN provide a definitive statement of the anticipated minimum number of pre-delegation tests?

The total number of applied-for strings that will be approved is unknown at this point. Therefore, we cannot assert the minimum number of registries to be tested but only the maximum: 1,400. We expect that the actual numbers of registries tested should be close to the maximum.

It’s a positive sign for applicants, but there are obviously some big unknowns in the process, most notably Governmental Advisory Committee interventions, which are a little under a week away.

On the negative side, ICANN seems to be digging its heels in on the number of pre-delegation tests that will be required, despite recent requests from applicants to streamline the process:

Question 17: Is it possible to execute a single test per Back-End Registry Service Provider (as this would limit the requirement to about 80 such tests)?

The AGB [Applicant Guidebook] specifies one Pre-Delegation Test per Registry Operator (contracted party to ICANN).

This appears to mean that multiple applications using Verisign or Afilias, for example, as their back-ends will have to be individually tested, despite possible duplicative work.

2 Comments Tagged: , ,

Melbourne IT scales back HARM proposal

Kevin Murphy, November 14, 2012, Domain Policy

Melbourne IT has published a revised, less-complicated version of its High At-Risk Marks (HARM) proposal for protecting famous brands in the new gTLD program.

The new version throws more than a few bones to trademark lawyers, most of whom rejected many aspects of the original proposal at a meeting in Washington DC this September.

It’s a lot closer to the eight-point wish-list published jointly by the Intellectual Property Constituency and Business Constituency last month.

HARM envisions a two-tier set of trademark rights protection mechanisms in new gTLDs, with the super-famous brands that get cybersquatted and phished on a regular basis enjoying greater privileges.

Companies that could prove their trademarks were subject to regular abuse would, for example, benefit from a perpetual Trademark Claims notification service on “brand+keyword” domains.

The new version would lower the bar for inclusion on the list.

The first HARM said trademarks should be registered on five continents, but the new version reduces that to a single registration, provided that the jurisdiction does substantive review.

A provision to only extend the protection to five-year-old marks has also been removed, and the number of UDRP wins required to prove abuse has also been reduced from five to one.

I’ve previously expressed my fondness for the idea of using UDRP decisions to gauge the risk profile of a trademark, but it was recently pointed out to me that it may incentivize mark holders to pay people to cybersquat their marks, in order to win slam-dunk UDRPs and thus benefit from better RPMs, which makes me less fond of it.

Even if such skullduggery is an outside risk, I think a single UDRP win may be too low a bar, given the number of dubious decisions produced by panelists in the past.

The revised HARM would still exclude dictionary words from the special protections (as the paper points out, Apple and Gap would not be covered). The proposal states:

Melbourne IT believes it will be difficult to get consensus in the ICANN community that this mechanism should apply to all trademark owners, most of whom do not suffer any trademark abuse. Many trademarks also relate to generic dictionary words that would be inappropriate to block across all gTLDs.

The original HARM paper was put forth as compromise, designed to help prevent or mitigate the effects of most cybersquatting, while being slightly more palatable to registries and registrars than the usual all-or-nothing demands coming from trademark lawyers.

While not particularly elegant, most of its recommendations were found wanting by the ICANN community, which is as bitterly divided as always on the need for stronger rights protection mechanisms.

The IPC and BC did adopt some of its ideas in their recent joint statement on enhanced RPMs, including the idea that frequently squatted names should get better protection, but rejected many more of the Melbourne-proposed criteria for inclusion on the list.

Meanwhile, many registrars shook their heads, muttering something about cost, and new gTLD applicants staunchly rejected the ideas, based on the mistaken notion that paying their $185,000 has rendered the Applicant Guidebook immutable.

Read the new Melbourne IT paper here (pdf).

Comment Tagged: , , , , , ,

Tucows abandoned two new gTLD bids

Kevin Murphy, November 14, 2012, Domain Registrars

Tucows originally applied for six new gTLDs but withdrew two of the applications, it emerged yesterday.

During a conference call with analysts, announcing the company’s third-quarter financial results, CEO Elliot Noss said that Tucows’ cash-flow statement had benefited from a $370,000 ICANN refund.

That works out to two full $185,000 refunds, meaning the applications were withdrawn before June’s Big Reveal.

The fact that the money was not recorded until the third quarter is likely due to the delays ICANN subjects applicants to when they request refunds.

Tucows, via a subsidary, has live gTLD bids for group, .marketing, .media and .online, all of which are contested.

Noss reiterated during the earnings call that he does not expect the company to see serious revenue from new gTLDs until 2014, though he speculated that some uncontested geographic gTLDs may start contributing the the second half of 2013.

6 Comments Tagged: , ,

Goatse.cx emerges as email provider after $10k sale

Kevin Murphy, November 12, 2012, Domain Sales

Notorious trolling domain goatse.cx is now being used to sell email addresses, part of the reemerging trend for domain owners to monetize their names with vanity email accounts.

If you’ve never heard of goatse.cx before, I’d strongly suggest remaining blissfully ignorant as your investigations will inevitably lead you into NSFW territory. Some things cannot be unseen.

Others may recall that it was the domain used in the early part of the century by pranksters and trolls to distribute hello.jpg, quite possibly the most disturbing image on the internet at the time.

Now, goatse.cx appears to be entirely safe for work.

According to The Register, the domain was acquired for $10,200 by an Australian who now proposes to charge $5 per year for an email account.

5 Comments Tagged:

IEDR admits blame for hack that brought down Google and Yahoo

Kevin Murphy, November 9, 2012, Domain Registries

IEDR, the Irish ccTLD registry, has admitted that an attack on its own web servers was responsible for google.ie and yahoo.ie being hijacked last month.

In a detailed statement, the registry said that hackers spent 25 days probing for weaknesses in its systems, before eventually breaking in through a vulnerability in the Joomla content management software.

This enabled the attackers to upload malicious PHP scripts and access the back-end database, according to the statement. They then redirected yahoo.ie and google.ie to an Indonesian web site.

It’s a reverse of position for IEDR, which had appeared to blame one of its registrars (believed to be Mark Monitor) for the lapse in security when the hack was discovered last month.

IEDR told ZDNet October 11: “an unauthorised change was made to two .ie domains on an independent registrar’s account which resulted in a change of DNS nameservers”.

But today it said instead: “The IEDR investigation also confirmed that neither the Registrar of the affected domains nor its systems had any responsibility for this incident.”

The registry has filed a complaint with the Irish police over the incident, and apologized to its customers for the disruption.

It also said it plans to roll out a Domain Lock service to help prevent hijacking in future, though I doubt such a service would have prevented this specific incident.

3 Comments Tagged: , , , , , ,