Latest news of the domain name industry

Recent Posts

First company abandons .com for new dot-brand gTLD

Kevin Murphy, September 12, 2014, Domain Registries

Wow. Somebody actually did it.

CITIC, China’s biggest conglomerate, has started redirecting its established .com domain to its new dot-brand gTLD, .citic.

Specifically, it’s redirecting citic.com (go on, click it!) to limited.citic.

Almost everyone reading this post will agree that as a memorable, attractive domain it’s a step backwards.

But CITIC does seem to be the first dot-brand to make the leap from .com to dot-brand with both feet, and it seems to have done so with little to no penalty to its Google ranking (at least as far as searches for its company name go).

A Google search for “citic” here returns limited.citic as the third result, behind Wikipedia and one of CITIC’s sister companies.

The original citic.com doesn’t appear in the top results.

The company also has ranking for group.citic, one of the five second-level names active in the .citic zone file right now.

It’s not the first dot-brand to launch a web site at its new gTLD — destination.monash and annualreport.axa spring to mind — but it does seem to be the first to throw away its .com completely.

CITIC does not appear to have activated its matching Chinese-script gTLD, .中信, in the same way, however. Only nic.中信 appears in search results for sites under that TLD.

Thanks to Jothan Frakes of NamesCon for the tip.

24 Comments Tagged: , , ,

ICANN board getting three new directors

Kevin Murphy, September 12, 2014, Domain Policy

ICANN 51 next month in Los Angeles is also the organization’s formal annual general meeting, and that means changes at the top.

The board of directors is replacing three members in October, and renewing the terms of two others.

Long-time ICANN participant and internet governance expert Markus Kummer has been selected for a seat by the Non-Contracted Parties House of the Generic Names Supporting Organization.

Kummer is currently vice president of public policy at the Internet Society. Prior to that, he was at the United Nations with the primary responsibility for organizing the Internet Governance Forum.

He replaces independent consultant Bill Graham, who’s leaving the board after one three-year term. Graham, until going solo in 2011, also held a senior position at ISOC.

Rinalia Abdul Rahim is to join the board as the new representative of the At Large, having beaten incumbent Sebastien Bachollet in elections early this year.

Based in Malaysia, Rahim is managing director at Compass Rose, her self-founded management consultancy. Between 2011 and 2013, she was a NomCom appointee to the At-Large Advisory Committee.

The last addition is Asha Hemrajani, a Nokia alum and currently a partner at the small Singapore-based business consultancy Knight Griffin. She was selected by the Nominating Committee.

Hemrajani replaces Wolfgang Kleinwachter, who will leave the seat after less than a year. Kleinwachter stepped in to replace Judith Vazquez, who mysteriously quit two years into her three-year term.

NomCom has, unsurprisingly, selected ICANN chair Steve Crocker for a board seat again. Under the ICANN bylaws, it will be Crocker’s third and final three-year term.

Chris Disspain of auDA will also begin his second term, having stood unopposed for one of the two ccNSO seats.

The changes take effect at the end of the LA meeting, which runs from October 12 to 16.

Comment Tagged: , , , ,

Victims of first confirmed new gTLD collision respond: “Fuck Google”

Kevin Murphy, September 12, 2014, Domain Registries

A number of companies have experienced errors on their networks due to collisions with a newly introduced gTLD.

The initial outcry from victims can be characterized as a storm of profanity, which it could be argued is a good thing for security but not great for ICANN’s reputation.

The collisions, which I believe are the first to be publicly and widely reported, are due to Google’s new gTLD .prod, which was delegated September 1.

Google intends to use the TLD as a shorthand for “product”, but it seems some companies use it internally to mean “production”, meaning production servers rather than testing or development servers.

Issues started being reported on online fora on September 3, with Google unfairly bearing the brunt of the initial blame. Here are a few of the earliest examples from Twitter:

A day later, Reddit user “cunttard”, under a post entitled “Fuck Google”, wrote:

Google recently activated prod. TLD.

They also decided to wildcard DNS all entries to 127.0.53.53 to resolve name collisions for internal organisations. All because they wanted .prod for product? Why not fucking request .product?

The implications have been fucking horrendous. I am in the process of helping a mate unfuck his organisations DNS, which heavily relied on resolver search $FQDN to map xyz.prod to xyz.prod.$FQDN. Note this wasn’t even used as an internal TLD. Now they’re all resolving short names to 127.0.53.53. Lesson learnt; always use FQDN everywhere.
I’m just fucking sick of ICANN / Google continuing to fuck DNS.

LinuxQuestions user “fantasygoat” started a thread entitled “New tLD .prod is messing with my configs”, in which he wrote:

I used to be able to refer to just the subdomain in a DNS lookup, like “www1.prod” and it would know I meant “www1.prod.example.com”, my local domain. I’ve been using prod.example.com for decades as the production subdomain for various things.

Now it resolves to 127.0.53.53, which I believe is ICANN’s hack DNS answer for tLDs.

So, I have a bunch of config files without the domain name and it’s messing stuff up. Does anyone have a workaround so I can have my DNS respond to .prod requests as a subdomain of my domain?

I’ve found a couple of other examples on various mailing lists and web forums with systems administrators experiencing similar issues over the last week.

This, it seems to me, shows that ICANN’s hack for mitigating the risks of name collisions, developed by JAS Advisors, is working as expected.

In each reported case of a .prod collision I’ve been able to find, the admin either had already worked out that he needed to use a fully-qualified domain name (eg www.prod.example.com instead of www.prod) or was swiftly advised to do so by those responding to his post.

Most seem to have spotted that instead of returning NXDOMAIN errors, Google is returning the IP address 127.0.53.53, which was chosen because it’s an internal IP and because 53 is the TCP/IP port number for DNS.

Diverting to 127.0.53.53 is designed to catch the eye, alerting admins to the need to correctly configure their networks.

It certainly seems to be doing that, but it’s not winning ICANN or new gTLD registries any new friends.

Nobody has yet reported death or injury due to a collision.

Update: There has been one previously reported collision, concerning .guru.

6 Comments Tagged: , ,

ICANN holds its ground on weaseled GAC advice

Kevin Murphy, September 11, 2014, Domain Policy

While many members of the community are getting upset about the plan to make it harder for ICANN’s board to overrule GAC advice, today we got a reminder that the board is not the GAC’s lapdog.

The New gTLD Program Committee is standing firm on the way it creatively reinterpreted Governmental Advisory Committee advice to make it less punishing on a few dozen new gTLD registries.

The NGPC passed a resolution on Monday approving an updated scorecard to send to the GAC. ICANN chair Steve Crocker delivered it to GAC chair Heather Dryden yesterday.

A “GAC scorecard” is a table of the GAC’s demands, taken from the formal advice it issues at the end of each public meeting, with the NGPC’s formal responses listed alongside.

The latest scorecard (pdf) addresses issues raised in the last five ICANN meetings, dating back to the Beijing meeting in April 2013.

The issues mainly relate to the GAC’s desire that certain new gTLDs, such as those related to regulated industries, be locked down much tighter than many of the actual applicants want.

One big point of contention has been the GAC’s demand that registrants in gTLDs such as .attorney, .bank and .doctor should be forced to provide a relevant licence or other credentials at point of sale.

The GAC’s exact words, from its Beijing communique (pdf), were:

At the time of registration, the registry operator must verify and validate the registrants’ authorisations, charters, licenses and/or other related credentials for participation in that sector.

However, when the NGPC came up with its first response, in November last year, it had substantially diluted the advice. The creative reinterpretation I mentioned earlier read:

Registry operators will include a provision in their Registry-Registrar Agreements that requires Registrars to include in their Registration Agreements a provision requiring a representation that the Registrant possesses any necessary authorisations, charters, licenses and/or other related credentials for participation in the sector associated with the Registry TLD string.

In other words, rather than presenting your medical licence to a registrar when buying a .doctor domain, registrants would merely assert they have such a licence on the understanding that they could lose their domain if they fail to present it on demand in future.

The GAC, which isn’t entirely stupid, spotted ICANN’s reimagining of the Beijing communique.

At the Singapore meeting this March, it issued a list of passive-aggressive questions (pdf) for the NGPC, noting that its Beijing advice had been “amended” by the board and wondering whether this would lead to “greater risks of fraud and deception” in new gTLDs.

ICANN’s response this week is quite lengthy.

The NGPC said it had “to balance many competing positions” when figuring out how to respond to the Beijing communique, and that it tried “to address all of the completing concerns in a way that respected the spirit and intent of the GAC’s advice.”

The committee gives a number of examples (starting on page 15 of this PDF) explaining why the GAC’s original demands would be unreasonably burdensome not only on registries and registrars but also on registrants.

Here’s one example:

consider a potential registrant that is a multinational insurance company seeking to register a domain name in the .insurance TLD. Suppose the multinational insurance company has locations in over 30 countries, including the United States and Kenya. If the potential registrant insurance company attempts to register a domain name in the .insurance TLD, would that trigger an obligation to verify and validate its credentials, licenses, charters, etc. in the location of its headquarters, or all of the places around the globe where it does business. Is it realistic for a Registry Operator or Registrar to have the knowledge and expertise to determine precisely what credentials or authorizations are required in every country around the world (and in every city, county or other political division if those political subdivisions also require credentials [e.g. in the United States, insurance is primarily regulated at the state level and require a license in each of the 50 states])?

The short version is that the NGPC isn’t budging on this particular issue.

Rather than backpedaling, it’s giving the GAC the reasons it disagreed with its advice and explaining how it attempted to at least comply with the spirit, if not the letter, of Beijing.

As far as I can tell, that seems to be the case in each of the 39 items in the new scorecard — explanation not capitulation. Read the full thing here.

2 Comments Tagged: , , , , , , ,

Community panel hands .radio to EBU because nobody objected

Kevin Murphy, September 11, 2014, Domain Registries

The European Broadcasting Union is likely to win the right to the .radio new gTLD, beating three portfolio applicants, after a favorable Community Priority Evaluation.

The main reason the EBU managed to score a passing 14 out of 16 points in the CPE is that there was no significant objection to the EBU’s bid on the public record.

The EBU managed to win, under ICANN’s complex scoring system, despite the fact that the CPE panel ruled that no one entity, not even the EBU, can claim to represent the “radio” community.

The win means that Donuts, Afilias and BRS Media, which all applied for open .radio gTLDs, will likely have to withdraw their bids and leave .radio in the hands of the EBU’s more restrictive policies.

The EBU’s bid envisages a post-registration enforcement regime, in which registrants’ web sites and Whois records are vetted to ensure they have a community “nexus” and are using their domains in the spirit of the community.

Registrants would have to provide a statement of their usage intent at the point of registration.

Domain investors are explicitly not welcome in the TLD, judging by the EBU’s application.

The EBU, as mentioned, scored 14 out of 16 points in the CPE. The threshold to pass is 14.

As I’ve been saying for years, passing a CPE should be very difficult because applicants can immediately lose two points if there’s any decent opposition to their applications.

The other three applicants for .radio could have easily beaten back the EBU had they managed to effectively organize just a single significant member of the radio community against the EBU’s bid.

However, they failed to do so.

The EBU scored the maximum of two points under the “Opposition” part of the CPE, because, in the words of the panel:

To receive the maximum score for Opposition, the application must not have received any opposition of relevance. To receive a partial score for Opposition, the application must have received opposition from, at most, one group of non-negligible size.

The application received letters of opposition, which were determined not to be relevant, as they were (1) from individuals or groups of negligible size, or (2) were not from communities either explicitly mentioned in the application nor from those with an implicit association to such communities.

Donuts, Afilias and BRS Media all submitted comments in opposition to the EBU application. As competing applicants, these submissions were (probably correctly) disregarded by the panel.

There were a small number of other objecting comments on the record that the CPE panel (again probably correctly) chose to disregard as coming from organizations of negligible size.

The was one comment, in Polish, from a Polish law firm. Another comment came from a something dodgy-looking calling itself the International Radio Emergency Support Coalition.

A third comment came from the Webcaster Alliance, a group that made a bit of a name for itself a decade ago but which today has a one-page web site that doesn’t even list its members (assuming it has any).

Attempts by BRS Media, which already runs .am and .fm, to orchestrate a campaign of opposition seem to have failed miserably.

In short, the panel’s decision that there was no relevant, on-the-record opposition seems to be on pretty safe ground.

What’s slightly disturbing about the CPE is that the panel seems to have decided that the EBU does not actually represent the radio community as described in its application.

It dropped one point on the “Community Establishment” criteria, and another on the “Nexus between Proposed String and Community” criteria.

Specifically, it lost a point because, as the panel stated:

Based on information provided in the application materials and the Panel’s research, there is no such entity that organizes the community defined in the application. Therefore, as there is no entity that is mainly dedicated to the community as defined in the .RADIO application, as the Panel has determined, there cannot be documented evidence of community activities.

In other words, there may be a “radio community”, but nobody, not even the EBU, is responsible for organizing it.

It also lost a point because while the string “radio” does “identify” the community, it does not “match” it.

The panel explained:

To receive the maximum score for Nexus, the applied-for string must “match” the name of the community or be a well-known short-form or abbreviation of the community name. To receive a partial score for Nexus, the applied-for string must “identify” the community. “Identify” means that the applied-for string should closely describe the community or the community members, without over-reaching substantially beyond the community.

Failing to get full marks on community and nexus would usually, in my view, indicate that an application would not succeed in its CPE bid.

However, the lack of any outcry from significant members of the community (either because there was no such opposition or the three rival applicants failed to muster it) seems set to allow .radio to be managed by the applicant with the most restrictive policies.

1 Comment Tagged: , , , , , , , , ,