Verisign expects to sell fewer domains because of coronavirus

Verisign doesn’t expect its domain name base to grow as fast as previously expected this year, due to the coronavirus pandemic.

On Thursday night, it ever so slightly downgraded its guidance for the year, saying it expects domains to grow by between 2% and 3.75%, compared to a previous high-end estimate of 4%.

It’s not a lot, but given how many domains Verisign has under management it still adds up to hundreds of thousands of domains and a few million in lost potential revenue.

CEO Jim Bidzos told analysts that the updated guidance reflected a “more cautious” outlook given the “uncertainty presented by Covid-19”.

It’s encouraging news for anyone wondering how the pandemic will effect the domain industry: the market-leading registry does not expect a big impact.

Verisign’s domain base totaled 160.7 million at the end of the quarter — 147.3 million in .com and 13.4 million in .net — which equates to growth of 3.8% over Q1 2019.

The growth is coming from .com — total .net regs were down by about 400,000 year over year.

The update came during Verisign’s first-quarter earnings call, which once again showed the .com registry printing money. It even managed to report net income higher than revenue, due to some quirks in its historical tax recognition.

For the three months to March 31, the company had net income of $334 million, compared to $163 million a year earlier, on revenue that was up 2% at $313 million.

Even discounting that bottom-line tax-related boost of $168 million, profits were up. Operating income was $206 million, up 3%, and the operating margin was up from 65.4% to 66%.

Even before the perhaps inevitable price increases next year, Verisign’s still managing to grow its margins organically, demonstrating that any prices hikes will be going straight to its bottom line and its shareholders’ pockets.

The company bought back $245 million of stock during the quarter and has another $826 million tucked away for further repurchases.

Comment Tagged: .com, .net, earnings, verisign

Coronavirus lockdown is working out great for at least one registry

The Dutch ccTLD registry has revealed that its volume of new registrations has been growing rapidly since the Netherlands implemented its coronavirus lockdown measures.

“Since the measures came into effect, Dutch entrepreneurs and private individuals registered over 85,000 .nl domain names, 10,000 more than in the same period in 2019,” SIDN said today (translated from the Dutch by Google).

Only about 2% to 3% of these names relate directly to the pandemic, the registry said.

There were 5,930,715 .nl domains registered as of April 20, an increase of about 17,000 from the start of the month.

A survey of registrants carried out for SIDN found that 100% of them intended to use their domains for online-only activities, as opposed to using them to promote a bricks-and-mortar business, for the first time.

SIDN’s good luck may not be shared by all in the industry, however.

ICANN, which is funded by a tax on registration fees, is to host a call next week in which it will explain how it will have to adapt its budget to respond to the impact of the pandemic.

If we take Verisign’s .com as a benchmark, its zone file has grown by roughly 383,000 domains since the end of March. In the same period last year, the increase was 434,000.

Tonight, Verisign is due to report its first-quarter numbers, and no doubt we will get some color on how its bosses think the virus will affect the market.

3 Comments Tagged: .nl, coronavirus, sidn

Coronavirus could cause “high risk of widespread outages”, ICANN says

There’s a “high risk of widespread outages” in the DNS if ICANN can’t get enough people in the same room for its next root DNSSEC ceremony because of the coronavirus pandemic.

That’s according to ICANN’s own board of directors, which yesterday published a contingency plan that — in the worst case scenario — could see parts of the internet come to a screeching halt in July.

The problem is with the elaborate “ceremonies” that ICANN and its IANA/PTI unit uses to make sure the internet can support DNSSEC — the secure version of the DNS protocol — all the way from the root servers down.

Every quarter, ICANN, Verisign and a select few “Trusted Community Representatives” from all over the world meet in person at one of two secure US-based facilities to generate the public Zone Signing Keys for the root.

In addition to the complex cryptographic stuff happening in the computers, there’s a shedload of physical security, such as retinal scans, PIN-based locks, and reinforced walls.

And the “secret key-holders”, memorably fictionalized in a US spy drama a few years ago, actually have physical keys that they must bring to these ceremonies.

The events are broadcast live and archived on YouTube, where they typically get anything from a few hundred to a few thousand views.

Obviously, with the key-holders dotted all over the globe and most under some form of coronavirus-related lockdown, getting a quorum into the same facility at the same time — originally, Culpeper, Virginia on April 23 — isn’t going to be possible.

So IANA has made the decision to instead move the ceremony to the facility in El Segundo, California, within easy driving distance of ICANN’s headquarters, and have it carried out almost entirely by ICANN staff, wrapped in personal protective equipment and keeping their distance from each other.

The TCRs for El Segundo live in Mauritius, Spain, Russia, Tanzania, Uruguay and on the east-coast of the US, according to ICANN.

Four of these key-holders have mailed their keys to different IANA staff “wrapped in opaque material” and sealed in “tamper-evident bags”. These IANA employees will stand in for the TCRs, who will be watching remotely to verify that nothing fishy is going on.

Verisign and the independent auditors will also be watching remotely.

That’s the current plan, anyway, and I’ve no reason to believe it won’t go ahead, but ICANN’s new contingency plans do provide four alternatives.

It’s already discarded the first two options, so if the current, third, plan for the ceremony can’t go ahead before June 19 for some reason, all that would be left is the nuclear option.

Option D: Suspend signing of the DNS root zone

This is the final option if there is no conceivable way to activate the KSK and perform signing operations. There would need to be a massive education campaign at short notice to have resolver operators disable DNSSEC validation. There is a high risk of widespread outages as it is not possible to ensure global implementation, and high risk this will fatally compromise trust in DNSSEC in general as a technology.

This is considered highly unlikely, but nonetheless the final option. Without exercising the option, in the absence of a successful key signing ceremony, DNSSEC validation would be unsuccessful starting in July 2020.

The reason for this scenario is that DNSSEC keys have a finite time-to-live and after that period expires they stop functioning, which means anyone validating DNSSEC on their network may well stop resolving the signed zones.

ICANN typically generates the keys one quarter in advance, so the current key expires at the start of July.

However, the planned April 23 ceremony will generate three quarters worth of keys in advance, so the root should be good until the end of March 2021, assuming everything goes according to plan.

Clearly, the idea that half the planet might be on the verge of lockdown wasn’t taken into consideration on February 12, the last ceremony, when ICANN’s biggest problem was that it couldn’t get into one of its safes.

If you’re interested in more about the ceremony and the coronavirus-related changes, info can be found here.

2 Comments Tagged: ceremony, coronavirus, DNSSEC, ICANN, ksk, zsk

Free domains registrar gets FOURTH breach notice

OpenTLD, the company that offers free and at-cost domain names under the Freenom brand, has received its fourth public breach of contract notice from ICANN.

The alleged violation concerns a specific expired domain — tensportslive.net — which was until its expiration last November hosting a Pakistani cricket blog.

ICANN claims OpenTLD failed to hand over copies of expiration notices it sent to the former registrant of the name, which expired November 12, despite repeated requests.

The blogger seems to have been royally screwed over by this situation.

ICANN first started badgering OpenTLD for its records on December 23, presumably alerting the company to the fact that its customer had a problem, when the domain had expired but was still recoverable.

ICANN contacted the registrar four more times about the domain before February 1, when it dropped and was promptly snapped up by DropCatch.com.

The public breach notice (pdf) was published February 27. OpenTLD has apparently since provided ICANN with data, which is being reviewed.

But it’s the fourth time the registrar has found itself in serious trouble with ICANN.

It got a breach notice in March 2015 after failing to file compliance paperwork.

Later that year, ICANN summarily suspended its accreditation — freezing its ability to sell domains — after the Dutch company was found to have been cybersquatting rival registrars including Key-Systems and NetEarth in order to poach business away from them.

That suspension was fought in an unprecedented arbitration case, but ICANN won and suspended the accreditation again that August.

It got another breach notice in 2017 for failing to investigate Whois accuracy complaints, which ICANN refers to in its current complaint.

OpenTLD/Freenom is perhaps best known as the registry for a handful of African ccTLD and Tokelau’s .tk, which is the second-largest TLD after .com by volume of registered domains.

Its business model is to give the names away for free and then monetize them after they expire or are deleted for abuse. In the gTLD space, it says it offers domains at the wholesale cost.

According to SpamHaus, over a third of .tk domains it sees are abusive.

Comment Tagged: .tk, compliance, freenom, ICANN, opentld

Four more dot-brands join the gTLD deadpool

Four big-brand gTLDs have asked ICANN to terminate their contracts so far this year, bringing the total number of voluntarily discontinued strings to 73.

Notable among the terminations are two of the three remaining gTLDs being held by luxury goods maker Richemont, both of them Chinese-language generics.

It’s dumped .珠宝 (.xn--pbt977c) which is “.jewelry”, and .手表 (.xn--kpu716f) which is “.watches”.

The company, which applied for 14 gTLDs in the 2012 round, has already gotten rid of nine dot-brands. Only the English-language .watches remains of its former portfolio.

Also being terminated is .esurance, named for an American insurance provider owned by Allstate. This appears to be related to Allstate’s plan to discontinue the Esurance brand altogether this year.

There is still one .esurance domain active and listed in Google’s index: homeowners.esurance.

Allstate continues to own .allstate, which has a few active domains (which forward to its primary .com domain).

Finally, French reinsurance giant SCOR wants rid of .scor, which it has not been using.

Comment Tagged: dot-brands, ICANN, new gTLDs, termination, trademarks

As ICANN meets to decide .org’s fate, California AG says billion-dollar deal must be rejected

California Attorney General Xavier Becerra has urged ICANN to deny approval of Ethos Capital’s $1.13 billion acquisition of .org manager Public Interest Registry.

The call came in a letter (pdf) dated yesterday, just a day before ICANN’s board of directors was scheduled to meet to discuss the deal.

Becerra, who started looking into the deal in late January, wrote, right out of the gate:

I urge ICANN to reject the transfer of control over the .ORG registry to Ethos Capital. The proposed transfer raises serious concerns that cannot be overlooked.

Chief among his concerns is the fact that ICANN originally granted PIR the right to run .org largely because it was a non-profit with a committment to serve non-profits. He wrote:

If, as proposed, Ethos Capital is permitted to purchase PIR, it will no longer have the unique characteristics that ICANN valued at the time that it selected PIR as the nonprofit to be responsible for the .ORG registry. In effect, what is at stake is the transfer of the world’s second largest registry to a for-profit private equity firm that, by design, exists to profit from millions of nonprofit and non-commercial organizations

He’s also bothered about the lack of transparency about who Ethos is and what its plans are. The proposed new owners of PIR are hidden behind a complex hierarchy of dummy LLCs, and Ethos has so far refused to name its money men or to specify what additional services it might offer to boost its revenue.

Becerra also doesn’t buy the business plan, which would see PIR required to pay off a $300 million loan and, as a newly converted for-profit entity, start paying taxes.

He’s particularly scathing about the fact that ICANN approved the removal of PIR’s price caps last year despite receiving over 3,000 public comments opposing the changes and only half a dozen in favor.

“There is mounting concern that ICANN is no longer responsive to the needs of its stakeholders,” he writes.

Despite saying he “will take whatever action necessary to protect Californians and the nonprofit community”, Becerra does not specify what remedies are available to him.

But it looks like ICANN faces the risk of legal action no matter which way its board of directors votes (or voted) today.

Its current deadline to make a decision is April 20.

4 Comments Tagged: .org, caag, ethos, ICANN, isoc, pir, price caps, pricing

Whois privacy talks in Bizarro World as governments and trademark owners urge coronavirus delay

Coronavirus may have claimed another victim at ICANN — closure on talks designed to reopen private Whois data to the likes of law enforcement and trademark owners.

In a remarkable U-turn, the Governmental Advisory Committee, which has lit a series a fires under ICANN’s feet on this issue for over a year, late last week urged that the so-called Expedited Policy Development Process on Whois should not wrap up its work in June as currently planned.

This would mean that access to Whois data, rendered largely redacted worldwide since May 2018 due to the GDPR regulation in Europe, won’t be restored to those who want it as quickly as they’ve consistently said that they want it.

Surprisingly (or perhaps not), pro-access groups including the Intellectual Property Constituency and Business Constituency sided with the GAC’s request.

In an email to the EPDP working group’s mailing list on Thursday, GAC chair Manal Ismail indicated that governments simply don’t have the capacity to deal with the issue due to the coronavirus pandemic:

In light of the COVID-19 pandemic, and its drastic consequences on governments, organizations, private sector and individuals worldwide, I would like to express our serious concerns, as GAC leaders, that maintaining the current pace of work towards completion of Phase 2 by mid-June could jeopardize the delivery, efficacy and legitimacy of the EPDP’s policy recommendations.

While recognizing that the GAC has continually advised for swiftly completing policy development and implementing agreed policy on this critical public policy matter, we believe that given the current global health emergency, which puts many in the EPDP and the community under unprecedented stress (for example governments has been called to heightened duties for the continuity of essential public services), pressing important deliberations and decisions in such a short time frame on already strained participants would mean unacceptably sacrificing the product for the timeline.

We understand there are budget and human resources considerations involved in the completion of Phase 2 of the EPDP. However, we are all living through a global health pandemic, so we call on the EPDP Team to seriously reassess its course and expectations (be it on the duration of its calls, the turn-around time of reviews, its ultimate timeline and budget) emulating what numerous governments, global organizations, and households are doing to adapt during these challenging times across the world.

In April last year, before the EPDP group had even formally started its current phase of talks, Ismail wrote to ICANN to say the GAC expected the discussions to be more or less wrapped up by last November and that the new policy be implemented by this April.

Proponents of the access model such as Facebook have taken to suing registrars for not handing over Whois data in recent months, impressing the need for the issue to be urgently resolved.

So to now request a delay beyond June is a pretty big U-turn.

While Ismail later retracted her request for delay last Thursday, it was nevertheless discussed by the working group that same day, where the IPC, the BC and the ALAC all expressed support for the GAC’s position.

The registrars and registries, the non-commercial users and the ISPs were not supportive.

Delay might be tricky. For starters, hard-sought neutral working group chair Janis Karklins, has said he can’t continue working on the project beyond June 30, and the group has not secured ICANN funding for any further extensions to its work.

It will be up to the GNSO Council to decide whether to grant the extension, and the ICANN board to decide on funding.

The working group decided on Thursday to ask the Council for guidance on how to proceed.

What’s worrying about the request, or at least the IPC and BC’s support of it, is that coronavirus may just be being deployed as an excuse to extend talks because the IP owners don’t like the proposal currently on the table.

“The reality is we’re looking at a result that is… just not going to be sufficient from our perspective,” MPAA lawyer Frank Journoud, an IPC rep on the working group, said on its Thursday call. “We don’t want the perfect to be the enemy of the good, but right now we’re not even going to get to good.”

The current state of play with the working group is that it published its initial report (pdf) for public comment in February.

The group is recommending something called SSAD, for Standardized System for Access and Disclosure, in which a central gateway provider, possibly ICANN itself, would be responsible for granting Whois access credentials and fielding requests to the relevant registries and registries.

The almost 70 comments submitted before the March 23 deadline have been published in an unreadable, eye-fucking Google spreadsheet upon which transparency-loving ICANN may as well have hung a “Beware of the Leopard” sign. The staff summary of the comments is currently nine days late.

3 Comments Tagged: epdp, gac, gdpr, ICANN, privacy, trademarks, whois

GoDaddy signs up 30 partners to lockdown-era marketing scheme

GoDaddy has signed up 30 companies to a new marketing program that it says is designed to help small business keep afloat during the coronavirus lockdown.

It’s called #OpenWeStand, and the company is doing its level best to cast it as a community “movement” rather than a way to shift product as the world stands on the precipice of pandemic-induced recession.

The companies signed up so far are: Acronis, American Express, Association for Enterprise Opportunity, Avetta, BrandCrowd, Brex, ChowNow, Digital Air Strike, Evite, Gift Up!, GoFundMe, Hello Alice, Inc. Media, Kabbage, Keap, Keysight Technologies, Moneypenny, Next Insurance, Next Street, Nextdoor, PayPal, Rocket Lawyer, Ruby, Salesforce, Seed Spot, ServiceTitan, Shaw Academy, Slack, SurveyMonkey, and Zenefits.

What are all these companies offering worried business owners? It’s not entirely clear yet, but the answer so far appears to be primarily: discounts.

Evite, for example, is offering customers a free year of its premium service, which usually goes for $249, according to the OpenWeStand web site.

Customers of GoDaddy that are also customers of collaboration tool Slack will get a 25% discount on any Slack upgrade they buy.

Food delivery aggregator ChowNow says it’s designed a loyalty scheme product designed to put uo-front fees in restaurants’ pockets at a time when delivery is basically their only option.

Inc magazine’s contribution appears to be limited to a pledge to continue publishing.

GoDaddy itself is offering free social media makeovers and marketing services.

There’s not a whole lot more in the way of offers right now, but the site has placeholders for the likes of PayPal, American Express and Salesforce to promote their offerings soon.

In terms of offering advice to small business owners, we’re looking at a collection of GoDaddy blog posts and a LinkedIn group with about 200 members.

It’s obviously far too early to say whether any of this will ultimately be useful or attractive enough to help small businesses survive the lockdown, but I also think it would be churlish to dismiss it as a cynical marketing ploy at this stage.

A slick GoDaddy video promoting #OpenWeStand, which appears to have been voiced by the soothing, avuncular gravel of Donald Sutherland, has received over 12 million views since it was published March 25, so their may be an appetite for this kind of “movement”.

Comment Tagged: coronavirus, covid-19, godaddy, openwestand

Kuala Lumpur meeting cancelled and ICANN 68 could be even trickier online

ICANN has as expected cancelled its in-person ICANN 68 meeting, which had been due to take place in Kuala Lumpur in June, due to the coronavirus pandemic.

The decision, which was never really in any doubt, was taken by its board of directors yesterday. The board considered:

Globally, a high number of people are under some form of a “stay at home” or lock-down order, directed to avoid contact with others except to receive essential services such as medical care or to purchase supplies. Schools and offices are closed, gatherings are prohibited, and international travel is largely on pause. We do not know when travel or in-person meetings will be authorized or possible. As it relates to Kuala Lumpur, Malaysia has a Movement Control Order in force at least until 14 April 2020 that prohibits meetings such as ICANN68. The duration of the Movement Control Order has already been extended once.

It appears that the four-day meeting, which will instead go ahead virtually (presumably on the Zoom conferencing service) might be even more disjointed than ICANN 67.

ICANN 67, which took place online in March, did have a centralized component — a bunch of ICANN staffers on location at its headquarters in Los Angeles — but that may not be possible this time around.

The board said that “due to current social distancing requirements, ICANN org is unable to execute a virtual meeting from a single location, and that a decentralized execution model might necessitate changes to the format.”

It added that there is support for “a flexible, modified virtual meeting format that focuses on cross-community dialogues on key policy topics, supplemented by a program of topical webinars and regular online working meetings scheduled around the key sessions.”

While there has been a lot of criticism of the Zoom platform in recent weeks due to security and privacy concerns, ICANN indicated this week that it’s not particularly concerned and will carry on using the service.

Comment Tagged: coronavirus, ICANN, icann 68, zoom

Five SAFE ways to buy and sell domains during the coronavirus pandemic

The coronavirus pandemic has hit every profession hard, and the domain industry is no exception.

Domain investors, many of whom are self-employed, lack health insurance, and are simply unable to self-isolate, may be among the hardest-hit. But no fear, I’ve put together some advice that should help you plucky domainers make it through the current crisis unscathed.

Here’s the DI Top Five Totally Legit Tips For Safe Domaining:

• 1. Avoid domain stores. The Covid-19 virus is airborne, and can linger on hard surfaces for many hours, so it makes a lot of sense to avoid bricks-and-mortar domain stores. Believe it or not, alternatives are available. Instead of visiting your local branch of GoDaddy, why not consider staying at home and using the GoDaddy web site instead? It’s quick, simple, and a lot less hazardous to your health. Hey presto! Your domain should be delivered to your door by a FedEx guy in full hazmat gear in as little as 10 business days.
• 2. Refrain from selling door-to-door. Carrying a suitcase full of premium domains around the streets and cold-calling at people’s front doors may be a tried and tested method of selling names, but in this era of social distancing, it’s no longer recommended. If you have a computer, why not set up an electronic mail account on the internet and use it to approach potential buyers remotely instead? They’ll appreciate it, and so will your feet!
• 3. Limit in-person transfers. Once you and your buyer have sealed the deal, the next logical step is obviously to meet up and hand over the domain for the agreed-upon price. But many modern registrars allow their customers to transfer domains automatically online, which is a lot safer during a pandemic. If an in-person transfer is unavoidable, remember to meet your buyer in a large, public, open space and stand at least two meters (six feet) apart at all times. Do NOT shake hands — an elbow-bump or kiss on the lips will suffice — and be sure to wipe down the domain with a disinfectant cloth before placing it on the ground and backing away.
• 4. Avoid expired domains. Domains that have already passed their expiry date are risky to your health at the best of times, but current World Health Organization advice recommends avoiding expired domains altogether in order to protect your immune system. Remember: if in doubt, throw it out!
• 5. Buy as many “coronavirus” domains as you can. Everyone on the planet is currently obsessed with the pandemic, so it stands to reason that domain names related to the disease are surely worth many thousands of dollars each, if not millions. Experts at Verisign currently recommend that investors register as many .com domains as they can comprised of the words “coronavirus” or “covid-19” followed by literally any other word or string of digits. Domainers should also remember to buy the hyphenated AND non-hyphenated versions, just to be safe, Verisign says. And they should know — they’re all millionaires!

I hope this advice helps!

Stay indoors, social distance, and remember to take a hot bath every time you sneeze.

2 Comments Tagged: satire