Latest news of the domain name industry

Recent Posts

E.co up for charity auction at Sedo

Kevin Murphy, May 26, 2010, Domain Sales

Sedo is to host a charity auction for the domain name e.co, under a deal with .CO Internet, manager of the newly relaunched Colombian ccTLD.

The auction will run from June 7 to June 10, with the final hour hosted live at the Internet Week show in New York, simultaneously webcast to the Internet Retailer and TRAFFIC conferences.

The winner of the auction gets to choose which charity the sale price is donated to.

Juan Diego Calle, CEO of the registry, said e.co is “perhaps the shortest, most memorable digital brand in the world”, which is hard to argue with.

You’ve got to hand it to .CO Internet, and to its PR outfit BM, they’re doing a hell of a job keeping the pre-launch .co buzz going. New TLD applicants take note.

Could we see seven figures? It seems quite possible.

Let’s hope the winning bidder throws the money at a worthy cause and doesn’t blow it on a donkey sanctuary or something.

Comment Tagged: , , , , , , ,

Four of the top 100 brands have insecure domain names

Kevin Murphy, May 26, 2010, Domain Tech

Some of the world’s most famous global brands have domain names that are still vulnerable to the Kaminsky exploit and could be hijacked by others.

Earlier today, I ran all of the brands on Deloitte’s list of the top 100 brands through a vulnerability testing tool provided by IANA.

The results show that four of these brands – all household names – have domains classed as “highly vulnerable” to the Kaminsky exploit.

If the IANA test is reliable, this means that false data could be injected into their name servers, potentially redirecting users to a web site belonging to the attacker.

Another eight brands had domains that the IANA tool reported might be “vulnerable” to attacks, but which had measures in place to mitigate the risk.

The Kaminsky bug has been public for almost two years. It’s a cache poisoning attack in which a recursive name server is tricked into providing false data about a domain.

It becomes particularly scary when a domain’s authoritative name servers also have their recursive functions turned on. A successful attack could redirect all traffic to a compromised domain to a server managed by the attacker.

The surest way to avoid vulnerability is to turn off recursion. IANA says: “Authoritative name servers should never be configured to provide recursive name service.”

Alternatively, a method known as source port randomization can make the risk of being compromised by the Kaminsky exploit so small it’s barely a threat at all.

The IANA tool reports that four of the top 100 brands have at least one “highly vulnerable” authoritative name server that has recursion enabled and no source port randomization.

The other eight “vulnerable” domains were identified as running on at least one authoritative server that had recursion turned on and source port randomization enabled.

I’m not an expert, but I don’t believe this second category of companies has a great deal to worry about in terms of Kaminsky.

I picked the Deloitte brand list for this experiment because it is the list of brands Deloitte believes require the most trademark protection under ICANN’s new TLD process.

.CO Internet is already using the list during its sunrise period for the .co domain.

Michele Neylon of Blacknight has found some more vulnerable servers over here.

3 Comments Tagged: , , , , ,

dotSport complains to ICANN about other .sports

One of the companies that intends to apply for the .sport top-level domain has written to ICANN, begging that it does not approve any TLDs for individual sports.

dotSport’s Policy Advisory Committee, which appears to think it already has rights in the .sport string, said ICANN should respect “sport solidarity”.

In other words, please don’t allow .tennis or .golf to be approved.

The company wrote:

The PAC members reiterate our concern that ICANN may be prematurely entertaining a process that will allow proliferation of names in sub-categories or individual sports, which will lead to a number of detrimental effects

The detrimental effects, referenced in this letter last August, basically boil down to the potential for user confusion and the need for defensive registrations by sports teams and personalities.

You could apply the same arguments to pretty much any potential new TLD – what would .music mean for the .hiphop community?

The dotSport PAC is filled with high-level appointees from more than half a dozen sports federations, representing sports from basketball to rugby to archery, so its views are far from irrelevant.

Its position appears to be that the DNS hierarchy should be used for taxonomic purposes, at least when it comes to sports.

It’s an argument that was floated all the way back in the 2000 round of TLD applications, and probably before.

Purely from a marketing point of view, it seems like a self-defeating objective to mandate the use of www.example.hockey.sport when www.example.hockey is an option.

The main example of such a mandatory multi-level taxonomy, the old-style .us ccTLD, was a spectacular commercial failure.

Could it be that dotSport wants to be the registry for all .sports for the price of one? It certainly appears that way.

2 Comments Tagged: , , , ,

DotAsia wants lower ICANN fees

As its active base of .asia domain name registrations continues to plummet, the DotAsia Organization wants to reduce its ICANN fees by a third.

CEO Edmon Chung has written to ICANN’s Kurt Pritz, asking if the annual transaction fee it pays per domain can be reduced from $0.75 to $0.50.

“A lower fee would enable DotAsia to invest further into meaningful community projects as well as to extend the awareness and adoption of the .ASIA domain,” Chung wrote. “The suggested amendment would also bring the fees into line with other gTLDs.”

I don’t expect the proposed changes to be especially controversial, but they do highlight how tough it is to launch a new TLD.

The .asia TLD has proved to be a bit of a damp squib, especially since the early-mover speculators started jumping ship, so the company could probably use being thrown a bone.

After .asia’s landrush, the company grew its registration base to a peak of 243,000 in April 2009, according to HosterStats.com, but it currently stands at around 183,000.

Comment Tagged: , , , ,

.CO Internet scores TechCrunch marketing coup with Disrupt.co

The newly relaunched .co domain has won itself a whole bunch of free publicity by signing up TechCrunch to its Founders Program.

The tech news blog will use the domain Disrupt.co as part of its startup conference of the same name that kicks off today.

The web site will host “Startup Battlefield”, a competition during TechCrunch Disrupt for new companies and services.

.CO Internet is marketing Colombia’s .co ccTLD as a generic. The launch is currently in its trademark sunrise period, with registrations opening to other registrants next month.

Its Founders Program is a marketing scheme designed to get the word out about the availability of .co domains. Few partners could be as useful to this end as TechCrunch.

Founders get a free premium domain if they promise to promote it properly. CO Internet is still looking for more partners, with applications closing June 15.

I expect disrupt.com, currently parked, will also be getting a lot of traffic today.

3 Comments Tagged: , , , , ,