Latest news of the domain name industry

Recent Posts

Ramchandani promoted to Radix CEO

Kevin Murphy, January 15, 2018, Domain Registries

New gTLD registry Radix has appointed long-time business head Sandeep Ramchandani as CEO.

He’s replacing Bhavin Turakhia, who is CEO of parent company Directi and executive chairman of Radix.

Ramchandani had a lot of autonomy as business head and VP of the company and, in my view, has been basically CEO in all but name for years. I’ve accidentally called him CEO in the pages of DI more than once.

In a press release, he said: “Just as the first few years of Radix were about demonstrating proof of concept, the next few will be about growing awareness and delivering accelerated growth. We are also actively looking to acquire more TLD assets to reach newer segments of the market while leveraging economies of scale.”

The company has a portfolio of nine gTLDs, including .website, .store and .online, and recently announced that its 2017 revenue topped $12 million.

Active new gTLD domains drop below 20 million

Kevin Murphy, January 10, 2018, Domain Registries

The number of domain names recorded in new gTLD zone files has dipped below 20 million for the first time in 18 months.

The total crossed the milestone in the wrong direction January 1, according to DI’s records.

As of today, there are 19.8 million domains in zone files, down from a peak of 26 million in March 2017.

The count has gone down by about half a million names in the last 90 days, largely as a result of declines in .top, .xyz and .kiwi, which have each recorded six-figure losses.

It’s the first time that the zone files have showed the number of domains going below 20 million since the beginning of June 2016, when XYZ.com sold millions of .xyz domains for a penny each. Most of those names did not renew a year later.

Zone files do not record every domain that has been registered, just those with active name servers. Others may be registered but unused or on hold for various reasons.

SpamHaus ranks most-botted TLDs and registrars

Kevin Murphy, January 9, 2018, Domain Registrars

Namecheap and Uniregistry have emerged as two of the most-abused domain name companies, using statistics on botnet command and control centers released by SpamHaus this week.

SpamHaus data shows that over a quarter of all botnet C&Cs found during the year were using NameCheap as their registrar.

It also shows that almost 1% of domains registered in Uniregistry’s .click are used as C&Cs.

The spam-fighting outfit said it discovered “almost 50,000” domains in 2017 that were registered for the purpose of controlling botnets.

Comparable data for 2016 was not published a year ago, but if you go back a few years, SpamHaus reported that there were just 3,793 such domains in 2014.

Neither number includes compromised domains or free subdomains.

The TLD with the most botnet abuse was of course .com, with 14,218 domains used as C&C servers. It was followed by Directi’s .pw (8,587) and Afilias’ .info (3,707).

When taking into account the relative size of the TLDs, SpamHaus fingered Russian ccTLD .ru as the “most heavily abused” TLD, but its numbers don’t ring true to me.

With 1,370 botnet controllers and about five and a half million domains, .ru’s abused domains would be around 0.03%.

But if you look at .click, with 1,256 botnet C&Cs and 131,000 domains (as of September), that number is very close to 1%. When it comes to botnets, that’s a high number.

In fact, using SpamHaus numbers and September registry reports of total domains under management, it seems that .work, .space, .website, .top, .pro, .biz, .info, .xyz, .bid and .online all have higher levels of botnet abuse than .ru, though in absolute numbers some have fewer abused domains.

In terms of registrars, Namecheap was the runaway loser, with a whopping 11,878 domains used to control botnets.

While SpamHaus acknowledges that the size of the registrar has a bearing on abuse levels, it’s worth noting that GoDaddy — by far the biggest registrar, but well-staffed with over-zealous abuse guys — does not even feature on the top 20 list here.

SpamHaus wrote:

While the total numbers of botnet domains at the registrar might appear large, the registrar does not necessarily support cybercriminals. Registrars simply can’t detect all fraudulent registrations or registrations of domains for criminal use before those domains go live. The “life span” of criminal domains on legitimate, well-run, registrars tends to be quite short.

However, other much smaller registrars that you might never have heard of (like Shinjiru or WebNic) appear on this same list. Several of these registrars have an extremely high proportion of cybercrime domains registered through them. Like ISPs with high numbers of botnet controllers, these registrars usually have no or limited abuse staff, poor abuse detection processes, and some either do not or cannot accept takedown requests except by a legal order from the local government or a local court.

The SpamHaus report, which you can read here, concludes with a call for registries and registrars to take more action to shut down repeat offenders, saying it is “embarrassing” that some registrars allow perpetrators to register domains for abuse over and over and over again.

Radix says it’s profitable after making $12 million this year

Kevin Murphy, December 13, 2017, Domain Registries

New gTLD stable Radix said today that it expects to top $12 million in revenue this year.

The company also told DI that it is currently profitable.

Radix, which counts the likes of .site and .store among its portfolio of nine active gTLDs, said revenue so far for the calendar year has been tallied at $11.7 million.

The company said that more than half of revenue came from “non-premium domain renewals”, an important metric when considering the long-term health of a domain business.

Recurring revenue of non-premiums was almost twice as much as new registrations, Radix said. Only $1.76 million of revenue came from premium sales (14%) and renewals (86%).

The US accounted for just under half of revenue, with Germany at 14.4% and China, where .site was fully active for the whole year and four other TLDs were approved in October, coming in at 7.7%.

Radix is a private company, part of the Directi Group, and has not previously disclosed its financials.

Assuming apples-to-apples comparisons are valid (which may not be the case), its figures compare favorably to public competitors such as MMX, which expects to report 2017 in the same ball-park despite having more than twice as many gTLDs under management.

Open Whois must die, Europe privacy chiefs tell ICANN

Kevin Murphy, December 7, 2017, Domain Policy

Unfettered public access to full Whois records is illegal and has to got to go, an influential European Union advisory body has told ICANN.

The Article 29 Working Party on Data Protection, WP29, wrote to ICANN yesterday to say that “that the original purposes of the WHOIS directories can be achieved via layered access” and that the current system “does not appear to meet the criteria” of EU law.

WP29 is made up of representatives of the data protection agencies in each EU member state. It’s named after Article 29 of the EU’s 1995 Data Protection Directive.

This directive is parent legislation of the incoming General Data Protection Regulation, which from May 2018 will see companies fined potentially millions of euros if they fail to protect the privacy of EU citizens’ data.

But WP29 said that there are questions about the legality of full public Whois under even the 1995 directive, claiming to have been warning ICANN about this since 2003:

WP29 wishes to stress that the unlimited publication of personal data of individual domain name holders raises serious concerns regarding the lawfulness of such practice under the current European Data Protection directive (95/46/EC), especially regarding the necessity to have a legitimate purpose and a legal ground for such processing.

Under the directive and GDPR, companies are not allowed to make consent to the publication of private data a precondition of a service, which is currently the case with domain registration, according to WP29.

Registrars cannot even claim the publication is contractually mandated, because registrants are not party to the Registrar Accreditation Agreement, the letter (pdf) says.

WP29 adds that law enforcement should still be able to get access to Whois data, but that a “layered” access control approach should be used to prevent full disclosure to anyone with a web browser.

ICANN recently put a freeze on its contract compliance activities surrounding Whois, asking registries and registrars to supply the organization with the framework and legal advice they’re using to become compliant with GDPR.

Registries and registrars are naturally impatient — after a GDPR-compatible workaround is agreed upon, they’ll still need to invest time and resources into actually implementing it.

But ICANN recently told contracted parties that it hopes to lay out a path forward before school breaks up for Christmas December 22.

Almost half of ccTLDs may block some Whois data

Kevin Murphy, November 20, 2017, Domain Services

Almost half of ccTLDs are planning to hide parts of Whois results from public view in response to incoming European Union law.

That’s according to a recent informal survey of the members of CENTR, the Council of European National Top Level Domain Registries, detailed in a letter to ICANN (pdf) last week.

According to the survey of 28 ccTLDs, 13 of them (46.4%) said they plan to “hide certain data fields” in response to the requirements of the General Data Protection Regulation.

GDPR forces companies to give EU citizens more rights to control how their data is used, which includes the publication of Whois data.

While the sample size is small, the results are probably indicative of the direction of the industry.

The industry and community is still struggling to reconcile longstanding Whois practices and contractual requirements with the new law, but a consensus seems to be forming that Whois as we know it is not going to survive.

Hiding data fields such as contact information to general Whois users, while making it available to verified law enforcement, may be one part of becoming GDPR-compliant. It’s what two Dutch gTLD registries are already doing.

The CENTR survey also found that smaller numbers of registries are planning to throttle Whois queries and revise their agreements in response to GDPR, which comes into full effect next May.

The survey was carried out in June. Given the speed at which discussions in the community are progressing, I would not be surprised if the same survey carried out today would produce different results.

Concern as ICANN shuts down “independent” security review

Kevin Murphy, October 31, 2017, Domain Policy

Just a year after gaining its independence from the US government, ICANN has come under scrutiny over concerns that its board of directors may have overstepped its powers.

The board has come in for criticism from almost everyone expressing an opinion at the ICANN 60 meeting in Abu Dhabi this week, after it temporarily suspended a supposedly independent security review.

The Security, Stability and Resiliency of the DNS Review, known as SSR-2, is one of the mandatory reviews that got transferred into ICANN’s bylaws after the Affirmation of Commitments with the US wound up last year.

The review is supposed to look at ICANN’s “execution of its commitment to enhance the operational stability, reliability, resiliency, security, and global interoperability of the systems and processes, both internal and external, that directly affect and/or are affected by the Internet’s system of unique identifiers that ICANN coordinates”.

The 14 to 16 volunteer members have been working for about eight months, but at the weekend the ICANN board pulled the plug, saying in a letter to the review team that it had decided “to suspend the review team’s work” and said its work “should be paused”.

Chair Steve Crocker clarified in sessions over the weekend and yesterday that it was a direction, not a request, but that the pause was merely “a moment to take stock and then get started again”.

Incoming chair Cherine Chalaby said in various sessions today and yesterday that the community — which I take to mean the leaders of the various interest groups — is now tasked with un-pausing the work.

Incoming vice-chair Chris Disspain told community leaders in an email (pdf) yesterday:

The Board has not usurped the community’s authority with respect to this review. Rather, we are asking the SOs and ACs to consider the concerns we have heard and determine whether or not adjustments are needed. We believe that a temporary pause in the SSR2 work while this consideration is under way is a sensible approach designed to ensure stakeholders can reach a common understanding on the appropriate scope and work plan

Confusion has nevertheless arise among community members, and some serious concerns and criticisms have been raised by commercial and non-commercial interests — including governments — over the last few days in Abu Dhabi.

But the board’s concerns with the work of SSR-2 seem to date back a few months, to the Johannesburg meeting in June, at which Crocker said “dangerous signals” were observed.

It’s not clear what he was referring to there, but the first serious push-back by ICANN came earlier this month, when board liaison Kaveh Ranjbar, apparently only appointed to that role in June, emailed the group to say it was over-stepping its mandate.

Basically, the SSR-2 group’s plan to carry out a detailed audit of ICANN’s internal security profile seems to have put the willies up the ICANN organization and board.

Ranjbar wrote:

The areas the Board is concerned with are areas that indeed raise important organizational information security and organizational oversight questions. However, these are also areas that are not segregated for community review, and are the responsibility of the ICANN Organization (through the CEO) to perform under the oversight of the ICANN Board.

While we support the community in receiving information necessary to perform a full and meaningful review over ICANN’s SSR commitments, there are portions of the more detailed “audit” plan that do not seem appropriate for in-depth investigation by the subgroup. Maintaining a plan to proceed with detailed assessments of these areas is likely to result in recommendations that are not tethered to the scope of the SSR review, and as such, may not be appropriate for Board acceptance when recommendations are issued. This also can expand the time and resources needed to perform this part of the review.

This does not seem hugely unreasonable to me. This kind of audit could be expensive, time-consuming and — knowing ICANN’s history of “glitches” — could have easily exposed all kinds of embarrassing vulnerabilities to the public domain.

Ranjbar’s letter was followed up a day later with a missive (pdf) from the chair of ICANN’s Security and Stability Advisory Committee, which said the SSR-2’s work was doomed to fail.

Patrick Falstrom recommended a “temporarily halt” to the group’s work. He wrote:

One basic problem with the SSR2 work is that the review team seems neither to have sufficient external instruction about what to study nor to have been able to formulate a clear direction for itself. Whatever the case, the Review Team has spent hundreds of hours engaged in procedural matters and almost no progress has been made on substantive matters, which in turn has damaged the goodwill and forbearance of its members, some of whom are SSAC members. We are concerned that, left to its own devices, SSR2 is on a path to almost certain failure bringing a consequential loss of credibility in the accountability processes of ICANN and its community.

Now that ICANN has actually acted upon that recommendation, there’s concern that it sets a disturbing precedent for the board taking “unilateral” action to scupper supposedly independent accountability mechanisms.

The US government itself expressed concern, during a session between the board and the Governmental Advisory Committee in Abu Dhabi today.

“This is unprecedented,” US GAC rep Ashley Heineman said. “I just don’t believe it was ever an expectation that the ICANN board would unilaterally make a decision to pause or suspend this action. And that is a matter of concern for us.”

“It would be one thing if it was the community that specifically asked for a pause or if it was a review team that says ‘Hey, we’re having issues, we need a pause.’ What’s of concern here is that ICANN asked for this pause,” she said.

UK GACer Mark Carvell added that governments have been “receiving expressions of grave concern” about the move and urged “maximum transparency” as the SSR-2 gets back on track.

Jonathan Zuck of the Innovators Network Foundation, one of the volunteers who worked on ICANN’s transition from US government oversight, also expressed concern during the public forum session yesterday.

“I think having a fundamental accountability mechanism unilaterally put on hold is something that we should be concerned about in terms of process,” he said. “I’m not convinced that it was the only way to proceed and that from a precedential standpoint it’s not best way to proceed.”

Similar concerns were voiced by many other parts of the community as they met with the ICANN board throughout today and yesterday.

The problem now is that the bylaws do not account for a board-mandated “pause” in a review team’s work, so there’s no process to “unpause” it.

ICANN seems to have got itself tangled up in a procedural quagmire — again — but sessions later in the week have been scheduled in order for the community to begin to untangle the situation.

It doubt we’ll see a resolution this week. This is likely to run for a while.

Okay, pedants, only 36% of new gTLDs are shrinking

Kevin Murphy, September 19, 2017, Domain Registries

Thirty-six percent of non-brand new gTLDs are shrinking, DI analysis shows.

According to numbers culled from zone files, 156 of the 435 commercial gTLDs we looked at had fewer domains yesterday than they did a year earlier.

On the bright side, that means the majority of them are still growing, but…

You: Wait, Kev, didn’t you write this exact same story yesterday, but said that 40% of new gTLDs were shrinking? Why are you now saying it’s 36%?

Me: People in the comments and on social media complained that I’d used domains under management (DUM) from May’s registry transaction reports — the most recent available — to collate the data yesterday, rather than more recent but less accurate zone files.

You: Why did they complain?

Me: I think because the May numbers show .xyz gaining on an annual basis, and yet everyone and his grandmother knows that .xyz’s numbers dropped off a cliff in July.

Your Grandmother: It’s true, they did. They lost millions…

You: Shut up, Gran. So, Kev, presumably if you do the same survey again, using the same TLDs, but use zone file data from this week instead, you’ll discover that the number of shrinking TLDs is far greater than 40%?

Me: Why would you presume that?

You: Because I also hate new gTLDs in general, not just .xyz specifically.

Me: Actually, the number of shrinking new gTLDs turns out to be smaller.

You: How come?

Me: Because only 36% of the gTLDs I surveyed had fewer numbers in their September 18, 2017 zone file than they did in their September 18, 2016 zone file.

You: So you actually over-reported the shrinkage in your first post? How come? I thought you were a shameless stooge of the new gTLD industry.

Me: I get that a lot.

You: Is .xyz at least on the list of biggest losers now?

Me: It is. Right at the top.

You: Good. I really fucking hate .xyz. What else changed? Stands to reason that some losers first time around are now gainers.

Me: Correct. Famous Four Media’s .party, for example, was a top 10 loser in the report comparing May 2016 DUM to May 2017 DUM, losing over 100,000 names, but it’s a top 10 gainer in the September-September zone file report, adding 85,000.

You: Explain.

Me: Well, .party’s reg numbers fell off a cliff in July 2016, and were still pretty depressed a year ago, but have since regained ground, presumably due to them costing less than a pack of gum.

You: Got it. Any others?

Me: It’s a similar story for .webcam, .work, .bar, .audio, .rest and a few others. They all shrunk May-May but gained September-September.

You: So, in summary, the new gTLD industry isn’t as unhealthy as you made out on Monday?

Me: Maybe. To be honest I don’t think the disparity between 36% and 40% makes a whole lot of difference. It’s still quite a lot of TLDs growing in the wrong direction. At one time, that kind of thing was virtually unheard of.

You: True dat.

Me: Anyway, can I get back to my blog post now?

You: Sure. Just don’t expect me to read to the end.

Uniregistry sale leads to BBC telling millions that domainers exist

Kevin Murphy, June 28, 2017, Domain Sales

The BBC dedicated five minutes of prime-time air to telling the British public that domainers exist, after a Uniregistry domain name sale led to interest from producers.

The One Show appears on BBC One at 7pm five days a week. It’s the BBC’s flagship magazine program and appears to currently have about 3.5 million viewers per day.

It’s notorious for its hosts’ often jarring segues between sycophantic interviews with visiting celebrities and prerecorded human interest stories covering everything from people who collect doylies to people who are dying from AIDS.

In Friday’s episode — guest-hosted by Jerry Springer, no less — the first VT of the show is about domainers.

Regular host Alex Jones points out that while Springer and guest Rita Ora own their matching .com domains, fellow guest Tracey Ullman’s .com name is on the market for $795 (it’s registered to HugeDomains, but that isn’t mentioned).

Ullman laughs, and the UDRP-fodder is never mentioned again.

Cut to VT.

The roving reporter, whose name is not given, tells us that there are 335 million domains on the internet today, anyone can come up with one, and that “there are other people out there known as ‘domain dealers’ who buy these domains and sell them on for hundreds, thousands, or even millions of pounds”.

Brit domainer Graham Haynes is then introduced as “one of the first people to buy and sell domains”. He says he sold a portfolio of domains for £1.5 million ($1.91 million at today’s exchange rate) and spent $600,000 on furniture.co.uk.

Haynes says domains are always going up in value so he always tries to hold on as long as he can before he sells.

Then we get a few seconds over Skype with Aron Meystedt, who bought first-ever .com Symbolics.com eight years ago and says the name as been a “good cornerstone” of his portfolio. He uses the word “domainer” for the first time.

Then our reporter says she wants to find out whether she has what it takes to be a domainer.

We’re introduced to 25-year-old domainer Simon Whipps, who says he buys domains for £10 to £20 and sells them to end users for about £1,000.

The reporter hands him a list of domains she’s come up with and gives him half an hour to tell her whether they’re worth anything or not.

Then we’re off to the Cayman Islands, where a Londoner identified only as “Mo” lives. It’s presented as if he’s living the high life on a beach having made a killing from domains.

I believe he’s Mohammed Khan, a broker from Uniregistry. He says he helped broker personalloans.com ($1 million) and kiwi.com ($800,000).

Then it’s into the Uniregistry office, where a VP identified (mistakenly, it turns out) as “Alan Schwartz” mentions that he helped broker the $13 million sale of sex.com.

Back to Whipps, who tells the reporter than the only two domains on her list worth a damn are christmas.net and adventure.net. Given she owns neither, it’s not clear how she came up with these picks.

All in all, it’s a strange, thin, directionless fluff piece with nothing to say about domaining other than the fact that it exists. It could have been produced at basically any time in the last 15 years with barely any changes.

According to Uniregistry CEO Frank Schilling, the item came about as a result of interest from producers after Uniregistry made an aftermarket sale to somebody involved in the show.

It’s not clear who the buyer was or what the domain was, but apparently the kernel of the idea of the piece came about “organically” as a result of the deal.

Activist investor says eNom was sold too cheap

Kevin Murphy, February 20, 2017, Domain Registries

J Carlo Cannell, the activist investor who has been circling Rightside for the last year or so, was unimpressed with the company’s recent sale of eNom to Tucows.

In a letter published as a Securities and Exchange Commission filing last week, Cannell announced that he has started up a support group for fellow “concerned” investors.

In the distinctly loveless Valentine’s Day missive, Cannell called for Rightside to be acquired, go private or issue a big dividend to investors, and said he intends to campaign to have the board of directors replaced.

On the eNom sale, Cannell wrote that the $76.7 million deal “marks a step in the right direction” for the company, but that he was “not satisfied” with the price or the $4 million legal fees accrued. He wrote:

Conversations with management suggest that the Company took only two months to evaluate and close the transaction. Perhaps if they had been more patient and diligent, shareholders would have enjoyed more than the 0.5x 2016 revenues which they received in this “shotgun sale”.

This price was a fraction of Tucows’ own valuation of 2.6x 2016 estimated revenue. For the two trading sessions following the eNom transaction, NAME traded up 10% while TCX was up 32%, suggesting that investors believe it was a better deal for TCX shareholders than NAME shareholders.

The deal was described at the time by Tucows’ CEO Elliot Noss as an “individual opportunistic transaction”.

Noss later told analysts that the eNom business was floundering, “a flat, potentially even slightly negative-growth business”.

Cannell said last week he has formed Save NAME Group, named after Rightside’s ticker symbol, as a means to exert pressure on the board.

He said it is currently “difficult to justify” the company remaining publicly listed, and that the “sale of the entire company” or a “special and substantial dividend” could help appease shareholders.

He said Rightside agreed last August to let him name a new director, but has dragged its feet approving his suggestion, adding:

SNG intends to become more active and vocal in its efforts to force change at NAME. SNG has compiled a slate of qualified candidates. The names and identity of these candidates shall be disclosed periodically together with other neutral and reliable facts to support the contention of SNG that some or all of the board of NAME needs to be replaced.

Cannell, who owns about 9% of Rightside, first emerged as a critic of the company a year ago.

At that time, he called for the company to ditch its “garbage” new gTLD registries in favor of a focus on its higher-margin eNom business.

He was supported by Uniregistry CEO Frank Schilling, then also a Rightside investor in addition to a competitor.