Latest news of the domain name industry

Recent Posts

First seven TMCH agents approved

Kevin Murphy, April 2, 2013, Domain Services

The Trademark Clearinghouse has listed its first seven approved trademark submission agents.

These are the companies that are able to secure bulk discounts for submitted marks to the TMCH.

The first seven are NetNames, Corporation Service Company, SafeNames, MailClub, Key-Systems, Net-Chinese, which are all domain registrars too, and the Law Offices of S.J. Christine Yang, which isn’t.

Holders of large trademark portfolios are also allowed to become agents in their own right, but most TMCH submissions are expected to be carried out via these third parties.

The full list is here.

The cost of submitting trademarks, if you’re an agent, can be worked out using the TMCH Cost Calculator.

2 Comments Tagged: , ,

ICANN tones down power grab in new gTLD contract

Kevin Murphy, April 2, 2013, Domain Policy

ICANN has published a new version of its Registry Agreement for new gTLD operators that waters down the controversial unilateral right to amend provisions.

The revised RA, available for review here, makes it harder for ICANN to force new rules on registries without their consent, at least when compared to the version published in February.

The Special Amendment process is designed to allow ICANN to change the contract when it’s in the public interest.

DI outlined the changes to the process last week.

While most of the changes we described have in fact made it to the published RA, we were wrong on one count: despite what we reported, ICANN directors with conflicts of interest will not be able to vote.

That means representatives of registries and registrars won’t get a say when the board discusses their contracts.

A couple of other significant changes are apparent:

  • Concessions to dot-brand registries. It would now be harder for ICANN to redelegate a dot-brand to another operator if the registry abandons its gTLD. ICANN has never had any intention of doing so, of course, but the relative lack of safeguards have been making dot-brand applicants nervous for years. Now, existing intellectual property rights would be taken into consideration during redelegation decisions.
  • More secrecy. There’s a new section on “confidential information”, along with references to it sprinkled throughout, designed to protect trade secrets registries may disclose to ICANN.

ICANN CEO Fadi Chehade is expected to play hard-ball on these changes, according to recent reports.

Because registries get a perpetual right of renewal, and because it’s uncertain how the power balance will hang in policy-making, ICANN believes it would be irresponsible to sign an RA that does not give it the right to step in an protect the public interest in future.

Comment Tagged: , , , ,

Governments expand gTLD objection shortlist

Kevin Murphy, April 2, 2013, Domain Policy

With the start of its meetings in Beijing just a couple of days away, ICANN’s Governmental Advisory Committee has handed out clues as to which new gTLDs it might object to.

The GAC says that 20 specific bids have already been put forward by one government as potential recipients of GAC Advice, but that there are nine broad categories of concern.

Some of the categories seem to obviously apply to certain narrow types of gTLD, while others are broad enough to catch almost any bid the GAC doesn’t like the look of.

Any application that receives adverse GAC Advice at the end of the Beijing meeting faces, at the very least, a prolonged approval process along the lines of what .xxx had to endure.

The worst-case scenario is rejection of the bid by the ICANN board of directors.

These are the GAC’s categories, along with some educated guesses about which strings they could apply to:

  • “Consumer protection” — could apply to anything, depending on how well-lobbied the GAC has been by a particular interest group. Any gTLD that could implausibly be argued to increase the risk of counterfeiting may show up here. A liberal interpretation could well capture .music or sports-related strings.
  • “Strings that are linked to regulated market sectors, such as the financial, health and charity sectors” — Dozens of applications, such as those for .lawyer, .doctor, .health .bank, and .charity — will fall into this category.
  • “Competition issues” — This most likely applies to applications for category-killer dictionary words where the applicant is already a dominant player in the relevant market, such as Google’s bid for .search or Amazon’s for .book.
  • “Strings that have broad or multiple uses or meanings, and where one entity is seeking exclusive use” — Again, this could apply to the many controversial “closed” gTLD applications.
  • “Religious terms where the applicant has no, or limited, support from the relevant religious organisations or the religious community” — I suspect that the the Vatican’s application for .catholic is less at risk than a Turkish company’s bid for .islam. Any Islam-related domains are likely to fail the “support” test, given the lack of centralized control over the religion.
  • “Minimising the need for defensive registrations” — A category that seems to have been specially created for .sucks.
  • “Protection of geographic names” — Most probably will be used to kill off DotConnectAfrica’s application for .africa and Patagonia Inc’s application for .patagonia. But will Amazon’s dot-brand bid also fall foul?
  • “Intellectual property rights particularly in relation to strings aimed at the distribution of music, video and other digital material” — If the GAC buys into the lobbying and believes that an unrestricted .music or .movie gTLD would increase piracy, expect objections to some of those bids. The GAC doesn’t have to provide a shred of evidence to support its Advice at first, remember, so this is not as ludicrous a possibility as it sounds.
  • “Support for applications submitted by global authorities” — This is a newly added category. If the GAC is proposing to submit advice in support of one application in a contention set, there’s no mechanism ICANN can use to ensure that he supported applicant wins the set. The Advice may turn out to be useless. Certain sports-related applications are among those with “global authority” backing.
  • “Corporate Identifier gTLDs” — Not, as this post originally speculated, dot-brands. Rather, this applies to the likes of .inc, .corp, .llc and so on.
  • “Strings that represent inherent government functions and/or activities” — Expect military-themed gTLDs such as .army and .navy to feature prominently here. Could also cover education and healthcare, depending on the government.

The GAC also plans to consider at least 20 specific applications that have been put forward as problematic by one or more governments, as follows:

Community name where the applicant does not have support from the community or the government: 1

Consumer protection: 2

Name of an Intergovernmental Organisation (IGO): 1

Protection of geographic names: 9

Religious terms: 2

Strings applied for that represent inherent government functions and/or activities: 3

Support for applications submitted by global authorities: 2

ICANN plans to formally approve the first batch of new gTLDs, with much ceremony, at an event in New York on April 23, but has said it will not approve any until it has received the GAC’s Advice.

The GAC is on the clock, in other words.

While it’s been discussing the new gTLDs on private mailing lists since last year’s Toronto meeting, it’s already missed at least self-imposed deadline. The information released today was due to be published in February.

While the ICANN Beijing meeting does not officially begin until next Monday, and the rest of the community starts its pre-meeting sessions at the weekend, the GAC starts its closed-session meetings this Thursday.

1 Comment Tagged: , , , , ,

Chehade promises to cure herpes

Kevin Murphy, April 1, 2013, Gossip

ICANN CEO Fadi Chehade has promised to find a cure for herpes by the end of the year.

Delivering an impromptu keynote speech at the National STD Prevention Conference in Atlanta today, Chehade also apologized for the continuing existence of the pernicious viral infection, which he blamed on predecessor Rod Beckstrom.

“I came here to listen,” he told an audience of confused gynecologists. “And I’ve heard what you have said. Herpes simplex is a problem, I know this now. I’m on your side.”

“I therefore commit ICANN to curing herpes by the end of the year.”

“But we can’t do this alone,” he continued. “I therefore call on all stakeholders to work together on this important initiative.”

He added that the ICANN board of directors reserves the right to create its own cure and implement a mandatory vaccination program, should the community fail to come to agreement.

Chehade’s speech came at the tail end of a tiring outreach tour that has seen him address community members from all corners of the globe.

But reaction from the assembled physicians, epidemiologists and obstetricians was enthusiastic.

“He said everything I wanted to hear,” one beaming attendee told DI after Chehade’s 20-minute standing ovation died down. “Who knew Eugene Levy knew so much about herpesviridae?”

“I’ve no idea who that guy is,” said another delegate. “He just kinda wandered on stage and started talking. But I like him a lot.”

Herpes is an aggressive sexually transmitted viral infection, symptomized primarily by unsightly, weeping sores on the lips and genitals.

Some ICANN community members have already questioned whether finding a cure is within ICANN’s narrow technical mandate.

“This is mission-creep, pure and simple,” academic or something Milton Mueller blogged. “The cure for herpes, along with All Other Things, should be subject to free market forces.”

Mueller pointed to Chehade’s surprise appearance last week at the National Congress of Theoretical Physicists, during which he committed ICANN to preventing the heat death of the universe, as further evidence that ICANN is acting outside its remit.

Members of the domain name industry also expressed outrage.

Donuts, which has applied for .herpes, claimed Chehade’s speech threatened to interfere with its business model.

“If ICANN cures herpes, who’s going to defen… who’s going to register a .herpes domain name?” CEO Paul Stahura said.

The trademark community cautiously welcomed Chehade’s plans, but said they did not go far enough to protect rights holders.

“For too long, herpes has caused irritation for many in the IP community,” said Intellectual Property Constituency chair Kristina Rosette. “Not to mention widespread squatting problems.”

But ICANN should take care to protect the rights of HerpesTM, a popular brand of canned soup in Latin America, she added.

Meanwhile, DotConnectAfrica pointed to a throwaway line in Chehade’s speech as unambiguous proof of an illegal conspiracy against its .africa bid involving ICANN, DI, the Freemasons, the Illuminati, the Rosicrucians, the Bilderberg Group and the Ku Klux Klan.

12 Comments Tagged: ,

Chehade says “no delay” as Verisign drops a security bomb on ICANN

Kevin Murphy, March 29, 2013, Domain Policy

Verisign today said that the new gTLD program presents risks to the security of the internet, but ICANN CEO Fadi Chehade told DI that he’s not expecting any new delays.

The .com behemoth tonight delivered a scathing review of the security and stability risks of launching new gTLDs on ICANN’s current timetable.

The new Verisign report catalogs the myriad ways in which ICANN is not ready to start approving new gTLDs, and the various security problems they could cause if launched without due care.

It strongly suggests that ICANN should delay the program until its concerns are addressed.

But Chehade, in an exclusive interview with DI tonight, rebutted the already-emerging conspiracy theories and said: “There’s nothing new here that would cause me to predict a new delay.”

What does the Verisign report say?

It’s a 21-page document, and it covers a lot of ground.

The gist of it is that ICANN is rushing to launch new gTLDs without paying enough attention to the potential security and stability risks that a vast influx of new gTLDs could cause.

It covers about a dozen main points, but here are the highlights:

  • Certificate authorities and browser makers are not ready. CAs have long issued certificates for use on organizations’ internal networks. In many cases, these certs will use TLDs that only exist on that internal network. A company might have a private .mail TLD, for example, and use certs to secure those domains for its users. The CA/Browser Forum, which coordinates CAs and browser makers, has decided (pdf) to deprecate these certs, but not until October 2016. This, Verisign says, creates a “vulnerability window” of three years during which attackers could exploit clashes between certs on internal TLDs and new gTLDs.
  • Root server operators are not ready. The organizations that run the 13 DNS root servers do not currently coordinate their performance metrics, Verisign said. This makes it difficult to see what impact new gTLDs will have on root server stability. “The current inability to view the root server system’s performance as a whole presents a risk when combined with the impending delegation of the multitude of new gTLDs,” Verisign said.
  • Root zone automation isn’t done yet. ICANN, Verisign and the US Department of Commerce are responsible for adding new gTLDs to the root zone, and work on automating the “TLD add” process is not yet complete. Verisign reckons this could cause “data integrity” problems at the root.
  • The Trademark Clearinghouse is not ready. Delays in finalizing the TMCH technical specs mean registries haven’t had sufficient time to build their interfaces and test them, and the TMCH itself is a potential single point of failure with an unknown attack profile.
  • Universal acceptance of new TLDs. Verisign points out that new gTLDs won’t be immediately available to users when they go live due to lack of software support. It points specifically to the ill-maintained Public Suffix List, used by browsers to set cookie boundaries, as a potential risk factor.
  • A bunch of other stuff. The report highlights issues such as zone file access, data escrow, Whois and pre-delegation testing where Verisign reckons ICANN has not given registries enough time to prepare.

Basically, Verisign has thrown pretty much every risk factor it can think of into the document.

Some of the issues of concern have been well-discussed in the ICANN community at large, others not so much.

Yeah, yeah, but what did Fadi say?

Chehade told DI this evening that he was surprised by the report. He said he’s been briefed on its contents today and that there’s “nothing new” in it. The program is “on track”, he said.

“What is most surprising here is that there is nothing new,” he said. “I’m trying to get my finger on what is new here and I can’t find it.”

“It was very surprising to see this cornucopia of things put together,” he said. “I’m struggling to see how the Trademark Clearinghouse has a security impact, for example.”

He added that some of Verisign’s other concerns, such as the fact that the Emergency Back-End Registry Operator is not yet up and running, are confusing given that existing TLDs don’t have EBEROs.

The report could be divided into two buckets, he said: those things related to ICANN’s operational readiness and those things related to the DNS root.

“Are these operational issues really security and stability risks, and given that we can only launch TLDs when these things are done… what’s the issue there?” he said.

On the DNS root issues, he pointed to a November 2012 report, signed by Verisign, that said the root is ready to take 1,000 new gTLDs a year or 100 a week.

So the Conspiracy Theory is wrong?

ICANN timelineWhen ICANN held a webinar for new gTLD applicants earlier this week, Chehade spent an inordinate amount of time banging home the point that security and stability concerns underpin every stage of the new gTLD program’s timetable.

As this slide from his presentation (click to enlarge) illustrates, security, stability and resiliency or “SSR” is the foundation of every timing assumption.

He said during the webinar:

Nothing will trump the gTLD process, nothing, but the SSR layer. The SSR layer is paramount. It is our number one responsibility to the internet community. Nothing will be done that jeopardizes the security and stability of the internet, period.

At any time if we as a community do not believe that all relevant security and stability matters have been addressed, if we do not believe that’s the case, the program freezes, period.

There is too much riding on the DNS. Hundreds of billions of dollars of commerce. Some may say livelihoods. We will not jeopardize it, not on my watch, not during my administration.

During the webinar, I was lurking on an unofficial chat room of registries, registrars and others, where the mood at that point could be encapsulated by: “Shit, what does Chehade know that he’s not telling us?”

Most people listening to the webinar were immediately suspicious that Chehade was expecting to receive some last-minute security and stability advice and that he was preparing the ground for delay.

The Verisign report was immediately taken as confirmation that their suspicions were correct.

It seemed quite likely that ICANN knew in advance that the report was coming down the pike and was not-so-subtly readying applicants for a serious SSR discussion in Beijing a little over a week from now.

When I asked Chehade a few times whether he knew the Verisign report was coming in advance, he declined to give a straight answer.

My feeling is he probably did, though he may not have known precisely what it was going to say. The question is perhaps less relevant given what he said about its contents.

But what Chehade thinks right now is probably not the biggest concern for new gTLD applicants.

The GAC’s reaction is now critical

The Verisign document could be seen as pure GAC fodder. How the Governmental Advisory Committee reacts to the report, which was CC’d to the US Department of Commerce, is now key.

The GAC has been banging on about root system stability for years and will, in my view, lap up anything that seems to prove that it was right all along.

The GAC will raise the Verisign report with ICANN in Beijing and, if it doesn’t like what it hears, it might advise delay. GAC advice is a lot harder for ICANN’s board to ignore than a self-serving Verisign report.

What’s Verisign playing at?

So why did Verisign issue the report now? I’ve been unable to get the company on the phone at this late hour, but I’ve asked some other industry folk for their responses.

Verisign’s super-lucrative .com contract is the obvious place to start theorizing.

Even though the company has over 200 new gTLD back-end contracts — largely with dot-brand applicants — .com is its cash cow and new gTLDs are a potential threat to that business.

The company has sounded a little more aggressive — talking about enforcing its patents and refusing to comply with ICANN’s audits — since the US Department of Commerce ordered a six-year .com price freeze last November.

But Chehade would not speculate too much about Verisign’s motives.

“I can’t read why this report and why now,” Chehade said. “Especially when there’s nothing new in it. That’s not for me to figure out. It’s for me to look at this report with a critical eye and understand if there’s something we’re not addressing. If there is, and we find it, we’ll address it.”

He pointed to a flurry of phone calls and emails to his desk after the Initial Evaluation results started getting published last week for a possible reason for the report’s timing.

“I think the real change that’s happened in the last few months is that the new gTLD program is now on track and for the first time people are seeing it coming,” he said.

Competitors were more blunt.

“It’s a bloody long report,” said ARI Registry Services CEO Adrian Kinderis. “Had they put the same amount of effort into working with ICANN, we’d be a lot better off on the particular issues.”

13 Comments Tagged: , , , ,