Latest news of the domain name industry

Recent Posts

Employ Media asks ICANN for a .jobs landrush

The company behind the .jobs sponsored top-level domain wants to loosen the shackles of sponsorship by vastly liberalizing its namespace.

Employ Media has applied (pdf) to ICANN to get rid of the current restrictions on .jobs domain ownership and open hundreds of thousands of strings to the highest bidder.

The registry wants to amend its contract with ICANN to cut the text that limits .jobs domains to the exact match or abbreviation of a company name, and add:

Domain registrations are permitted for other types of names (e.g., occupational and certain geographic identifiers) in addition to the “company name” designation.

Employ Media is basically asking for the right to open the floodgates to a complete relaunch of the .jobs TLD with very few restrictions on who can register and what strings they can register.

Phase One of the relaunch would be an RFP “to invite interested parties to propose specific plans for registration, use and promotion of domains that are not their company name”.

It sounds a little like the current .co Founders Program, or the marketing initiatives Afilias and Neustar asked for to supplement the auction of their single-character domains.

In practice, I expect that this first phase is when the DirectEmployers Association would expect to grab hundreds of thousands of .jobs domains under its universe.jobs business plan, in which it intends to offer job listings tailored to “city, state, geographic region, country, occupation [and] skill”.

Phase Two would see your basic landrush auction of any premium domains left over.

Phase three would be “A first-come, first-served real-time release of any domains not registered through the RFP or auction processes.”

While I have no strong views on the merits of this particular proposal, I do think that the application and ICANN’s response to it could wind up setting the template for how to operate a bait-and-switch in ICANN’s forthcoming round of new TLD applications.

If you say you want to do one thing with your TLD, and later decide you could make more money doing another, how much will ground will ICANN give when it comes to renegotiating your contract? It will be interesting to find out.

Reactions so far from the HR community have not been positive.

Steven Rothberg of CollegeRecruiter.com wrote that the process by which Employ Media’s sponsor, the Society for Human Resource Management, approved the new proposal “stunk”.

“The only winner here is Employ Media,” he wrote.

Comments posted at ERE.net, which has been on top of this story from the beginning, express what could be easily described as outrage over Employ Media’s plans.

The comment posted by Ted Daywalt of VetJobs.com is especially worth a read.

The Employ Media proposal has been submitted under ICANN’s Registry Services Evaluation Process, which allows comments to be submitted.

1 Comment Tagged: , , , , ,

WSJ reporting bogus Indian domain name market info?

The Wall Street Journal is reporting that India “passed an Internet milestone of sorts” in the first quarter, when the number of .com domains registered in the country broke through 1 million.

Did it?

This is what the WSJ says:

[India] now has more than one million registered web sites using the suffixes .com or .net, according to data released today by VeriSign Inc., the U.S. company that tracks this sort of thing.

In its Domain Name Industry Brief, it reported that India now has a registered total of 1.037 million .com and .net domain names, up from about 800,000 in the same period the year before.

The number 1.037 million is terribly specific, considering that VeriSign’s Domain Name Industry Brief doesn’t say anything of the sort.

There’s nothing in the DNIB to suggest that anybody in India has ever registered a single .com domain.

The DNIB has never broken down .com registrations by location, and the Q1 report, released on Monday, doesn’t use the word “India” once.

If the WSJ numbers are accurate – the paper does appear to have interviewed a VeriSign India executive – I’m wondering how they were calculated.

It can’t be a case of tallying the number of .com domains managed by Indian registrars. Mumbai-based Directi alone has had more than a million .com names under its belt for a long time.

Could VeriSign be mining Whois records for location data?

It runs a thin registry, so it would have to reference Whois data acquired from its registrars in order to compute the numbers.

Or did the WSJ hit on unreliable sources? It seems possible.

Comment Tagged: , , , , , ,

More WordPress attacks at Go Daddy

The Kneber gang has continued its attacks on Go Daddy this week, again targeting hosting customers running self-managed WordPress installations.

Go Daddy said that several hundred accounts were compromised in order to inject malicious code into the PHP scripts.

“The attack injects websites with a fake-antivirus pop-up ad, claiming the visitor’s computer is infected,” Go Daddy security manager Scott Gerlach blogged.

According to the alarmists-in-chief over at WPSecurityLock, the attacks place a link to a script hosted on cloudisthebestnow.com, a domain registered by “Hilary Kneber”.

The script attempts to install bot software on visitors’ machines.

As I’ve written before, the Kneber botnet has been running since at least December 2009. It generally hosts its malware on domains registered with ICANN-accredited BizCN.com, a Chinese registrar.

Go Daddy said it has contacted the registrar to get the domain yanked. It may have been successfully killed already, but I’m too much of a little girl to check manually.

I must confess, as somebody with a number of WordPress installations on Go Daddy servers, it makes me a little nervous that these attacks are now well into their second month and I still don’t know whether I should be worried or not.

Comment Tagged: , , , , , , ,

Twitter registers t.co for URL shortener

Twitter has registered the domain name t.co, to use as a secure URL shortener.

Just minutes ago, t.co started resolving to a page containing this text:

Twitter uses the t.co domain as part of a service to protect users from harmful activity, to provide value for the developer ecosystem, and as a quality signal for surfacing relevant, interesting tweets.

The page links to a FAQ describing its current URL shortener, twt.tl.

Whois.co shows it’s registered as part of .CO Internet’s Founders’ Program, the scheme the Colombian registry put in place to plug its upcoming launch.

Under this program, companies can partner with .CO to get a free premium .co domain if they commit to promote it.

TechCrunch was previously the highest-profile site to join the program, when it registered disrupt.co.

I would say getting Twitter on board definitely beats that deal.

.CO Internet is also currently auctioning e.co for charity. Bids have already reached $24,000.

UPDATE: Twitter published a blog post on the launch. I guess they beat me by about three minutes.

“When this is rolled out more broadly to users this summer, all links shared on Twitter.com or third-party apps will be wrapped with a t.co URL,” the firm says.

Probably too soon to say for sure, but it looks like Bit.ly is kinda screwed.

3 Comments Tagged: , , , ,

ICANN staff need to get their pee tested

Kevin Murphy, June 8, 2010, Domain Tech

I imagine it’s a pretty hard job, largely thankless, working at ICANN. No matter what you do, there’s always somebody on the internet bitching at you for one reason or another.

The job may be about to get even more irksome for some staffers, if ICANN decides to implement new security recommendations made by risk management firm JAS Communications.

In a report published yesterday, JAS suggests that senior IANA staff – basically anyone with critical responsibilities over the DNS root zone – should be made to agree to personal credit checks, drug screening and even psych evaluations.

To anyone now trying to shake mental images of Rod Beckstrom peeing into a cup for the sake of the internet, I can only apologise.

This is what the report says:

JAS recommends a formal program to vet potential new hires, and to periodically re‐vet employees over time. Such a vetting program would include screening for illegal drugs, evaluation of consumer credit, and psychiatric evaluation, which are all established risk factors for unreliable and/or malicious insider activity and are routinely a part of employee screening in government and critical infrastructure providers.

I’ve gone for the cheap headline here, obviously, but there’s plenty in this report to take seriously, if you can penetrate the management consultant yadda yadda.

There are eight other recommendations not related to stoners running the root, covering contingencies such as IANA accidentally unplugging the internet and Los Angeles sinking into the Pacific.

Probably most interesting of all is the bit explaining how ICANN’s custom Root Zone Management System software, intended to reduce the possibility of errors creeping into the root after hundreds of new TLDs are added, apparently isn’t being built with security in mind.

“No formal requirements exist regarding the security and resiliency of these systems, making it impossible to know whether the system has been built to specification,” the report says.

It also notes that ICANN lacks a proper risk management strategy, and suggests that it improve communications both internally and with VeriSign.

It discloses that “nearly all critical resources are physically located in the greater Los Angeles area”, which puts the IANA function at risk of earthquake damage, if nothing else.

JAS recommends spreading the risk geographically, which should give those opposed to ICANN bloat something new to moan about.

There’s a public comment forum over here.

UPDATE (2010-06-13): As Michael Palage points out over at CircleID, ICANN has pulled the PDF from its web site for reasons unknown.

On the off-chance that there’s a good security reason for this, I shall resist the temptation to cause mischief by uploading it here. This post, however, remains unedited.

1 Comment Tagged: , , , , , ,