Latest news of the domain name industry

Recent Posts

Could litigation delay ICANN’s new TLDs?

Intellectual property lawyers are wondering aloud about the possibility of ICANN being sued in order to delay the launch of new top-level domains.

The idea was raised during a panel at the annual meeting of INTA, the International Trademark Association, in Boston yesterday, according to its daily newsletter (pdf).

Kristina Rosette of the law firm Covington & Burling reportedly “suggested litigation is a possibility to slow down the application launch. One source of litigation could be trademark owners, worried about mass cybersquatting”.

That’s reported speech, by the way, not a quote. The article does not make clear the context.

Rosette is Intellectual Property Constituency representative for North America on ICANN’s GNSO Council.

The IP community is worried that the launch of new TLDs will lead to companies splurging more money unnecessarily on defensive registrations.

The current best, arguably most optimistic guess on the new TLD timeline comes from registry hopeful Minds + Machines. M+M has applications opening next April.

A delay in the launch of new TLDs would hurt most the startup companies that intend to apply for them, and the service providers and consultants hoping to facilitate the launches.

Some of these companies make minimal revenue, are dependent on funding, and would prefer applications open sooner rather than later.

3 Comments Tagged: , , , , , ,

Symantec gets into the DNS game with Dyn

Kevin Murphy, May 27, 2010, Domain Tech

Symantec has partnered with Dyn to offer a free DNS service to mobile Norton users.

As part of its new mobile strategy, expected to be announced later today, Symantec will provide free DNS resolution with a built-in filter that blocks potentially dangerous domains.

Dyn.com will provide the back-end, which will compete with the likes of OpenDNS and Google’s DNS service.

Non-technical users will be able to download a client application that configures their local DNS to work with the service, which drops one barrier to entry.

Symantec reportedly expects to earn revenue from advertising links – presumably by intercepting NXDOMAIN responses and providing sponsored error pages.

So the deal could be a bit of a money-spinner for Dyn; it’s certainly a further validation of its service.

But is it sexy? Hmm…

Comment Tagged: , , , , , ,

VeriSign announces bizarre ‘.com 25’ award winners

Kevin Murphy, May 26, 2010, Gossip

As part of its 25th anniversary of .com celebrations, VeriSign has today announced the 25 winners of its “.com 25” award.

The award was given to “the 25 people and/or companies whose inspiring contributions were fundamental in shaping the Internet and, thereby, our worlds”, VeriSign said.

The winners all seem to deserve the recognition, even if one of them, craigslist, is technically a .org.

But looking at the 75 nominees the judging panel had to choose from, I’m scratching my head on at least half a dozen of them.

What is Zappos? What does Pandora do? Why is Muhammad Yunus on the list? What on earth is TheKnot.com?

And where are Jon Postel and Paul Mockapetris, who between them basically created the domain name system in the first place?

It’s a little disappointing that the only European with a gong appears to be web inventor Tim Berners-Lee. It’s even more disappointing that I can’t think of any other deserving Europeans.

The full list of winners can be found here.

1 Comment Tagged: , , , , , ,

E.co up for charity auction at Sedo

Kevin Murphy, May 26, 2010, Domain Sales

Sedo is to host a charity auction for the domain name e.co, under a deal with .CO Internet, manager of the newly relaunched Colombian ccTLD.

The auction will run from June 7 to June 10, with the final hour hosted live at the Internet Week show in New York, simultaneously webcast to the Internet Retailer and TRAFFIC conferences.

The winner of the auction gets to choose which charity the sale price is donated to.

Juan Diego Calle, CEO of the registry, said e.co is “perhaps the shortest, most memorable digital brand in the world”, which is hard to argue with.

You’ve got to hand it to .CO Internet, and to its PR outfit BM, they’re doing a hell of a job keeping the pre-launch .co buzz going. New TLD applicants take note.

Could we see seven figures? It seems quite possible.

Let’s hope the winning bidder throws the money at a worthy cause and doesn’t blow it on a donkey sanctuary or something.

Comment Tagged: , , , , , , ,

Four of the top 100 brands have insecure domain names

Kevin Murphy, May 26, 2010, Domain Tech

Some of the world’s most famous global brands have domain names that are still vulnerable to the Kaminsky exploit and could be hijacked by others.

Earlier today, I ran all of the brands on Deloitte’s list of the top 100 brands through a vulnerability testing tool provided by IANA.

The results show that four of these brands – all household names – have domains classed as “highly vulnerable” to the Kaminsky exploit.

If the IANA test is reliable, this means that false data could be injected into their name servers, potentially redirecting users to a web site belonging to the attacker.

Another eight brands had domains that the IANA tool reported might be “vulnerable” to attacks, but which had measures in place to mitigate the risk.

The Kaminsky bug has been public for almost two years. It’s a cache poisoning attack in which a recursive name server is tricked into providing false data about a domain.

It becomes particularly scary when a domain’s authoritative name servers also have their recursive functions turned on. A successful attack could redirect all traffic to a compromised domain to a server managed by the attacker.

The surest way to avoid vulnerability is to turn off recursion. IANA says: “Authoritative name servers should never be configured to provide recursive name service.”

Alternatively, a method known as source port randomization can make the risk of being compromised by the Kaminsky exploit so small it’s barely a threat at all.

The IANA tool reports that four of the top 100 brands have at least one “highly vulnerable” authoritative name server that has recursion enabled and no source port randomization.

The other eight “vulnerable” domains were identified as running on at least one authoritative server that had recursion turned on and source port randomization enabled.

I’m not an expert, but I don’t believe this second category of companies has a great deal to worry about in terms of Kaminsky.

I picked the Deloitte brand list for this experiment because it is the list of brands Deloitte believes require the most trademark protection under ICANN’s new TLD process.

.CO Internet is already using the list during its sunrise period for the .co domain.

Michele Neylon of Blacknight has found some more vulnerable servers over here.

3 Comments Tagged: , , , , ,