Recent Posts
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
- Domain universe grows despite .com drag
- Did somebody spend a million bucks on a Google domain hack?
ICANN Brussels trending topics: security and control
Security and politicking over control of the domain name system’s critical functions emerged as key memes during the opening ceremony of ICANN’s 38th public meeting this morning, here in Brussels.
In a speech that addressed a few controversial topics, ICANN president Rod Beckstrom responded unapologetically to those who had criticised the fairly alarmist tone of his remarks about DNS security at ICANN 37, three months ago.
Directly addressing his Nairobi comments, Beckstrom said:
You may disagree with what I said, and openness to different viewpoints is what makes our community strong. Some have asked why I said what I did. Simple. I said it because I believe it is the truth. And more than twenty years of experience in risk management have taught me that in addressing highly complex systems, it is better to be more concerned about risk than less.
The ccTLD constituency – led by .uk and .au – had been concerned about Beckstrom’s warning in Nairobi, which was made at a meeting of the Governmental Advisory Committee, because they risked giving governments reason to interfere with their country’s ccTLD.
Beckstrom’s keynote addressed the risk of too much government control over the DNS, embodied currently in rumblings about another International Telecommunications Union power grab, with a call to action for all those who support ICANN’s model.
We must face the fact that governments control these institutions. Given the serious proposals for an alternative to our bottom-up, multi-stakeholder model, we must redouble our efforts to support it if we are to protect the global public interest. All our stakeholders must step up to the plate and defend our common interest.
We will of course work closely with the Governmental Advisory Committee. But we need the active involvement of all stakeholders. We need your help, through every means available to you, to counter the misinformation and ensure that governments understand what is at stake when these issues are debated in the UN General Assembly later this year.
Beckstrom’s sentiments on security were echoed by both European Council President Herman Van Rompuy and, in a recorded address, European Commissioner for competition Neelie Kroes.
Kroes, in particular, seemed keen to marry the ideas of security risks and control over the internet’s crucial policy-making functions.
I am hopeful that the expiry of the IANA contract next year will be turned into an opportunity for more international cooperation servicing the global public interests.
But don’t misunderstand me. The internet’s day to day functioning works well, and I’m the first to say that if it isn’t broken don’t fix it. We all have an interest that this wonderful platform for innovation, entrepreneurship and free expression works perfectly well at a technical level. It is a great adventure that must continue to flourish. Yet, does it mean all is well in the cyber world?
Take the issue of security and resilience. We need to fight against spam, identity theft, phishing and other evolving types of crime on the internet. Both the public and private sectors have a joint obligation to act. And that approach has to go hand in hand with ensuring the internet itself is not vulnerable to any large-scale failure, whether as a result of an accident of a deliberate attack.
As I type, Beckstrom is hosting a panel discussion with Whit Diffie, Paul Mockapetris, Steve Crocker and Dan Kaminsky on DNS vulnerabilities in front of a packed audience.
The ICANN Brussels schwag bag – full details
I’ve just landed at ICANN 38, in the really rather lovely setting of the Mont des Arts in Brussels.
Either I’m lost, or it’s a bit quiet at the moment, so I thought I’d get the most important news out of the way first – what’s in the schwag bag?
A heck of a lot more than the last ICANN meeting I attended, in Mar Del Plata, Argentina three five years ago.
Consider this a disclosure statement – I am now forever beholden to all of these companies, in no particular order:
- T-shirt (Hanes) from ICANN.
- T-shirt (Fruit of the Loom) from RegistryPro.
- Empty Belgian chocolate bag from Iron Mountain (visit the booth for the choccie, presumably).
- Fan with party invite printed on it from GMO (dotShop).
- Pen from .CO Internet.
- Keyring (foam) from dns.be.
- Pen from Nic.ru.
- Belgian chocolate box (full) from Centr.
- Keyring (metal) from PIR (slogan: “PracticeSafeDNS.org”)
- Badge/button (small) from .quebec.
- Badge/button (huge) from ICM Registry (slogan: “Yes to .XXX”)
- Bumper sticker from .quebec.
- Notebook from PIR (.org “Celebrating 25 years”)
- Playing cards (one-way backs) from Ausregistry.
- “Multi-purpose retractable lock” from SIDN.
- USB Flash drive (4GB) from Afnic.
- Notebook from .eu.
- A good-sized tree’s worth of flyers, booklets and sales pitches from the meeting’s sponsors – very strong contingent of new TLD players and consultancies.
- The bag itself is sponsored by Afilias.
I heard a rumor that ICM was giving away .xxx vuvuzelas, but if they were they appear to have already run out.
Register.com sold at a $65 million loss
Register.com has been acquired by web hosting company Web.com for $135 million, substantially less than the $200 million Vector Capital paid for it five years ago.
Web.com said the acquisition will help it access new small business customers for lead generation, to cross-sell its existing products.
The company’s customer base will increase by over 400% to more than one million customers, Web.com said. The combined firm will have annual revenue of $180 million.
Register.com was one of the first five ICANN-accredited registrars. It failed as a public company, and after years of financial wrangling was finally taken private by Vector in 2005.
Vector specializes in buying up troubled companies and turning them around, but it doesn’t appear to have increased the value of this particular asset over the last five years.
Will ICANN punt .xxx in Brussels?
Is ICANN set to delay approval of the proposed .xxx top-level domain – again – in Brussels?
That’s my reading of ICANN’s latest document concerning ICM Registry’s long-running and controversial battle for a porn-only TLD.
This week, ICANN submitted its summary of the public comment period that ran to May 10. It’s a fair bit shorter than the one Kieren McCarthy compiled for ICM last month.
As usual, it’s written in a fairly neutral tone. But, if you’re feeling conspiratorial, the mask does slip on occasion, perhaps giving a sense of where the .xxx application could head next.
The ICANN summary occasionally breaks from reporting what a commenter actually said in order to highlight a potential problem they did not address.
Example (my emphasis):
Only two commenters directly addressed the question of further interaction with the Governmental Advisory Committee (GAC) on the .XXX sTLD Application. Both of those commenters were against seeking any further input from the GAC outside of any public comment period. Neither of these commenters – nor any other – addressed the potential violation of the ICANN Bylaws that could result from the Board’s failure to properly consider the advice of the GAC
This suggests, to me, that the ICANN board will be receiving advice to the effect that further GAC input needs to be forthcoming before it can move forward with .xxx.
If this is the case, the GAC might have to produce some advice before next Friday’s board meeting if ICM has any hope of getting back around the negotiating table prior to Cartagena in December.
That’s not the only reason to believe ICANN may punt .xxx again, however. Elsewhere in the report, we read (my emphasis again):
For those in favor of proceeding with the .XXX sTLD Application, many created an alternative option – that ICM and ICANN should proceed to a contract right away. There was substantial discussion on this point in the ICM submissions. Few commenters addressed the technical realities identified within the Process Report ‐ that prompt execution of the agreement negotiated in 2007 is not feasible.
The Process Report referenced says that it is not possible to go straight into contract talks because ICM first applied for .xxx more than six years ago.
This has been a bone of contention. ICM points to .post, which was applied for at the same time as .xxx and only approved late last year, as proof that the passage of time should be no barrier.
But ICANN president Rod Beckstrom doesn’t buy that comparison. He wrote to ICM (pdf) at the end of March noting that .post was backed by the International Postal Union, whereas .xxx is “sponsored” by IFFOR, an organization created by ICM purely to act as its sponsor.
In that letter, Beckstrom talks about due diligence to make sure ICM and IFFOR still satisfy financial and technical criteria, and a review of whether .xxx “can still satisfy the requisite sponsorship criteria”.
I’ll admit that I’m breaking out the crystal ball a bit here, and I’ve been wrong before, but I don’t think it’s looking great for ICM in Brussels.
ICANN creates DNSSEC root keys
ICANN took the penultimate step towards adding DNSSEC to the root of the domain name system, during in a lengthy ceremony in Virginia yesterday.
The move means we’re still on track to have the DNSSEC “trust anchor” go live in the root on July 15, which will make end-to-end validation of DNS answers feasible for the first time.
DNSSEC is an extension to the DNS protocol that enables resolvers to validate that the DNS answers they receive come from the true owner of the domain.
Yesterday, ICANN generated the Key Signing Key for the root zone. That’s one of two keys required when adding DNSSEC to a zone.
The KSK is used to sign the DNSKey record, the public half of a key pair used to validate DNS responses. It has a longer expiration date than the Zone Signing Key used to sign other records in the zone, so its security is more important.
The videotaped ceremony, held at a facility in Culpeper, Virginia, was expected to take six hours, due to a lengthy check-list of precautions designed to instil confidence in the security of the KSK.
ICANN said:
During the ceremony, participants were present within a secure facility and witnessed the preparations required to ensure that the so-called key-signing-key (KSK) was not only generated correctly, but that almost every aspect of the equipment, software and procedures associated with its generation were also verified to be correct and trustworthy.
Ten hand-picked independent observers were present to bear witness.
ICANN expects to perform the ceremony four times a year. The second will be held at a backup facility in California next month.
Kredit.com sells for a fraction of Kredit.de
Kredit.com, which means “credit.com” in German, has been sold via Sedo for a fraction of the price that Kredit.de sold for about 18 months ago.
Sedo reported today that the domain changed hands recently for €220,000, which works out to $271,000 at today’s exchange rates.
For comparison, the German ccTLD equivalent, kredit.de, went for €892,500 in December 2008, also via Sedo. At the time, that amount translated to $1.25 million.
A generic ccTLD selling for roughly 5x the .com is a fairly uncommon occurrence, perhaps demonstrating how strong the .de namespace is locally. I can’t imagine such a wide discrepancy in valuations between a generic .com and .co.uk.
Kredit.com was originally registered in 1996. It’s currently parked, with an Irish address listed in the Whois.
Microsoft launches Kinect without Kinect.com
Microsoft has revealed that its long-awaited gaming platform previously known as Project Natal will be officially known as “Kinect”.
While the company has a trademark on the word, it does not currently own the domain name kinect.com.
It’s registered and redirecting to CAHG, which appears to be an advertising agency specialising in the pharmaceutical industry.
Kinect is widely recognized as a global leader in interactive marketing and promotion and serves as the Interactive Agency of Record for many market-leading brands in the US, Europe, Asia, South Africa, and the Middle East.
I expect lucky CAHG could shortly find itself on the receiving end of an offer it cannot refuse.
There is some precedent: four years ago, when Nintendo launched the Wii, the domain wii.com belonged to Weyerhaeuser, a forestry products company.
It took a few months for the name to change hands, for an undisclosed sum.
Employ Media asks ICANN for a .jobs landrush
The company behind the .jobs sponsored top-level domain wants to loosen the shackles of sponsorship by vastly liberalizing its namespace.
Employ Media has applied (pdf) to ICANN to get rid of the current restrictions on .jobs domain ownership and open hundreds of thousands of strings to the highest bidder.
The registry wants to amend its contract with ICANN to cut the text that limits .jobs domains to the exact match or abbreviation of a company name, and add:
Domain registrations are permitted for other types of names (e.g., occupational and certain geographic identifiers) in addition to the “company name” designation.
Employ Media is basically asking for the right to open the floodgates to a complete relaunch of the .jobs TLD with very few restrictions on who can register and what strings they can register.
Phase One of the relaunch would be an RFP “to invite interested parties to propose specific plans for registration, use and promotion of domains that are not their company name”.
It sounds a little like the current .co Founders Program, or the marketing initiatives Afilias and Neustar asked for to supplement the auction of their single-character domains.
In practice, I expect that this first phase is when the DirectEmployers Association would expect to grab hundreds of thousands of .jobs domains under its universe.jobs business plan, in which it intends to offer job listings tailored to “city, state, geographic region, country, occupation [and] skill”.
Phase Two would see your basic landrush auction of any premium domains left over.
Phase three would be “A first-come, first-served real-time release of any domains not registered through the RFP or auction processes.”
While I have no strong views on the merits of this particular proposal, I do think that the application and ICANN’s response to it could wind up setting the template for how to operate a bait-and-switch in ICANN’s forthcoming round of new TLD applications.
If you say you want to do one thing with your TLD, and later decide you could make more money doing another, how much will ground will ICANN give when it comes to renegotiating your contract? It will be interesting to find out.
Reactions so far from the HR community have not been positive.
Steven Rothberg of CollegeRecruiter.com wrote that the process by which Employ Media’s sponsor, the Society for Human Resource Management, approved the new proposal “stunk”.
“The only winner here is Employ Media,” he wrote.
Comments posted at ERE.net, which has been on top of this story from the beginning, express what could be easily described as outrage over Employ Media’s plans.
The comment posted by Ted Daywalt of VetJobs.com is especially worth a read.
The Employ Media proposal has been submitted under ICANN’s Registry Services Evaluation Process, which allows comments to be submitted.
WSJ reporting bogus Indian domain name market info?
The Wall Street Journal is reporting that India “passed an Internet milestone of sorts” in the first quarter, when the number of .com domains registered in the country broke through 1 million.
Did it?
This is what the WSJ says:
[India] now has more than one million registered web sites using the suffixes .com or .net, according to data released today by VeriSign Inc., the U.S. company that tracks this sort of thing.
In its Domain Name Industry Brief, it reported that India now has a registered total of 1.037 million .com and .net domain names, up from about 800,000 in the same period the year before.
The number 1.037 million is terribly specific, considering that VeriSign’s Domain Name Industry Brief doesn’t say anything of the sort.
There’s nothing in the DNIB to suggest that anybody in India has ever registered a single .com domain.
The DNIB has never broken down .com registrations by location, and the Q1 report, released on Monday, doesn’t use the word “India” once.
If the WSJ numbers are accurate – the paper does appear to have interviewed a VeriSign India executive – I’m wondering how they were calculated.
It can’t be a case of tallying the number of .com domains managed by Indian registrars. Mumbai-based Directi alone has had more than a million .com names under its belt for a long time.
Could VeriSign be mining Whois records for location data?
It runs a thin registry, so it would have to reference Whois data acquired from its registrars in order to compute the numbers.
Or did the WSJ hit on unreliable sources? It seems possible.
More WordPress attacks at Go Daddy
The Kneber gang has continued its attacks on Go Daddy this week, again targeting hosting customers running self-managed WordPress installations.
Go Daddy said that several hundred accounts were compromised in order to inject malicious code into the PHP scripts.
“The attack injects websites with a fake-antivirus pop-up ad, claiming the visitor’s computer is infected,” Go Daddy security manager Scott Gerlach blogged.
According to the alarmists-in-chief over at WPSecurityLock, the attacks place a link to a script hosted on cloudisthebestnow.com, a domain registered by “Hilary Kneber”.
The script attempts to install bot software on visitors’ machines.
As I’ve written before, the Kneber botnet has been running since at least December 2009. It generally hosts its malware on domains registered with ICANN-accredited BizCN.com, a Chinese registrar.
Go Daddy said it has contacted the registrar to get the domain yanked. It may have been successfully killed already, but I’m too much of a little girl to check manually.
I must confess, as somebody with a number of WordPress installations on Go Daddy servers, it makes me a little nervous that these attacks are now well into their second month and I still don’t know whether I should be worried or not.
Recent Comments