Latest news of the domain name industry

Recent Posts

ICANN’s babysitting fund goes live

Kevin Murphy, October 1, 2019, Domain Policy

ICANN has started accepting applications for its childcare grants program.

As previously reported, ICANN plans to offer up to $750 per family to community members who have no choice but to show up to its meetings with their offspring in tow.

The money is designed to cover childcare costs while the parent attends sessions at ICANN’s thrice-yearly public meetings.

ICANN will not be providing any on-site childcare itself, nor will it approve any providers.

The program is in a pilot, covering the next three meetings.

The current application period, for ICANN 67 in Cancun, Mexico next March, runs until November 20. The application form wouldn’t open for me.

Full details can be found here.

Comment Tagged: , , ,

Claims auDA boss quit after he was busted for “falsified” law degree

Kevin Murphy, October 1, 2019, Domain Registries

Former auDA CEO Cameron Boardman abruptly left the .au registry overseer after his chair claimed he had falsely claimed to have a law degree from a prestigious university, it has been reported.

Citing a letter from then-chair Chris Leptos to Boardman from earlier this year, The Australian reported last week that Leptos “alleged the then-CEO falsified his academic record by including a master of laws degree (LLM) from La Trobe University”.

The CEO had denied the claims, the paper indicated.

Boardman and Leptos both quit shortly after the allegations arose.

Boardman resigned in July after a tumultuous three years in the job which saw him navigate governance and policy controversies and narrowly survive a member vote of confidence.

Leptos had quit just a couple of weeks earlier, reportedly after a disagreement with Boardman about unspecified governance issues.

No specific reasons were given by auDA for either resignation.

Questions about Boardman’s qualifications had been raised as early as April 2018 in a freedom of information request that was ultimately unsuccessful because the government was not in possession of the documents requested.

auDA is currently being chaired on an interim basis by director Suzanne Ewart, while other members of the executive team are looking after the CEO’s functions.

4 Comments Tagged: ,

.bond domains could cost a grand each

Kevin Murphy, September 19, 2019, Domain Registries

Newish registry ShortDot has announced the release details for its recently acquired .bond gTLD, and they ain’t gonna be cheap.

The TLD is set to go to sunrise in a little under a month, October 17, for 33 days.

General availability begins November 19 with a seven day early access period during which the domains will be more expensive than usual but get cheaper each day.

The regular pricing is likely to see registrars sell .bond names for between $800 and $1,000 a pop, according to ShortDot COO Kevin Kopas.

There won’t be any more-expensive premium tiers, he said.

The gTLD was originally owned by Bond University in Australia, but it was acquired unused by ShortDot earlier this year.

The company hopes it will appeal to bail bondsmen, offerers of financial bonds and James Bond fans.

The business model with .bond is diametrically opposed to .icu, where names sell for under $2 a year (and renew for under $8, if indeed any of them renew).

That zone has inexplicably gone from 0 to 1.8 million names in the last 16 months, and ShortDot says it’s just crossed the two-million mark of registered names.

That second million appears to have been added in just the last three months.

2 Comments Tagged: , , , , , , ,

PIR’s “new” .org domain is just temporary. Help it pick another new one!

Kevin Murphy, September 18, 2019, Domain Registries

Public Interest Registry unveiled a fancy new set of logos and a swanky new web site yesterday, but CEO Jon Nevett tells us that its new domain name is temporary.

The new site and logos are undeniably superior to those they replace, but what raised eyebrows was the fact that the non-profit company has replaced its old pir.org domain with thenew.org, and deprecated the PIR brand almost entirely on its site.

The old PIR domain now redirects to the new thenew one, but the older domain still ranks higher in search engines.

But Nevett tells us it’s not a permanent move.

“Think of it more as a marketing campaign,” Nevett said. “This is a limited campaign, then we’ll move to another name.”

The campaign is basically about PIR going back to its roots and repositioning itself as the .org guys.

It’s only been six years since PIR last rebranded. In September 2013, the company started calling itself “Your Public Interest Registry” in its logo, deliberately playing down the “.org”.

Then-CEO Brian Cute told us at the time that playing up .org “made a lot of sense when we were a single-product company” but that with the imminent launch of sister TLDs .ngo and .ong, the decision was made to lead with the PIR branding instead.

.ngo and .ong — for “non-governmental organization” in English and other languages — haven’t exactly flown off the shelves. Neither one has ever topped 5,000 domains under management, while .org, while declining for a few years, still sits comfortably at over 10 million domains.

“I wouldn’t say so,” Nevett said, when I asked him whether PIR is now essentially back to being a single-product company. “But .org is the flagship, and we’re going back to leading with .org as the key brand. It’s what we’re known for and to say otherwise would be silly.”

People outside the industry have no idea what PIR is, he said, but they all know what .org is.

Some suspect that the rebranding is a portent of PIR gearing up to raise prices, given its newly granted ability to up its registry fees beyond the 10% annual price increase cap that it has it has been to date contractually bound to.

But Nevett said the rebranding is “not at all related to a price increase”. He told me several times that PIR still has “no plans to raise prices”.

He said the rebranding was first put in motion over a year ago, after Cute’s departure but before Nevett’s hiring, during Jay Daley’s interim interregnum.

Anyway, here are the new logos:

PIR logos

To the untrained eye, like both of mine, the new, primary .org logo may just look like two blue circles and the word “org”, but PIR’s press release tells us it’s communicating so much more:

The open “ORG” lettering on either side of the sphere signals that .ORG is an open domain for anyone; it serves as a powerful and inclusive global connector. The logo uses a deep royal blue, evoking feelings of trust, security, and reliability that reflect .ORG’s long-standing reputation.

Because I don’t want to alienate any of PIR’s utterly lovely public relations agency people (the same PR agency that came up with the new branding), I’m not going to pass any comment whatsoever on this piffle.

I think the new logos and web site are improvements. They’re also long-term investments, while the new domain name is not.

“For three to six months we’ll be leading with the marketing campaign of thenew.org, after that we’ll be using a new name as the lead,” Nevett said.

But it won’t be back to pir.org or thenew.org, he said.

Which begs the question: what domain will PIR switch to?

During the course of our conversation, Nevett made the mistake of asking me what I thought the next domain should be, and I made the mistake of saying that I should open the question up to my readers.

So… what should PIR’s next domain be?

Be nice.

11 Comments Tagged: , , , , , , , ,

MMX switches porn TLDs from Afilias to Uniregistry

Kevin Murphy, September 18, 2019, Domain Registries

Minds + Machines is moving its four porn-themed gTLDs to a new back-end provider.

MMX CEO Toby Hall confirmed to DI today that the company is ditching Afilias, which had been providing registry services for .xxx since 2011.

“We’re in the process of switching the back-ends from Afilias to Uni for the ICM portfolio,” he said.

This portfolio, which MMX acquired last year, also includes .porn, .adult and .sex. There are roughly 170,000 domains under management in total, but about half of these are sunrise-period blocks in .xxx, which could add a wrinkle to the transition.

It appears that Afilias is still providing DNS for the TLDs, but Uniregistry has been named the official tech contact.

It’s not currently clear when the handover will be complete. Hall was not immediately available for further comment.

It’s also not currently clear why Uniregistry was selected. All of MMX’s 27 other gTLDs — the likes of .vip, .work and .law — have been running on Nominet’s platform since MMX dropped its own self-hosted infrastructure a few years back.

During the same restructuring, Uniregistry took on MMX’s registrar business.

Uniregistry has also been working closely with MMX on its recently launched AdultBlock trademark blocking services, which could wind up accounting for a big chunk of MMX’s porn-related revenue.

These latest four gTLDs to switch providers are merely the latest in a game of musical chairs that has been playing out for the last several months, five years after the first new gTLDs started going live and registries shop around for better back-end deals.

Nominet picked up most of Amazon’s portfolio, replacing Neustar, earlier this year.

But Nominet has lost high-profile .blog to CentralNic, and Afilias lost a Brazilian dot-brand to Nic.br

Comment Tagged: , , , , , , , , , ,

Argentina will use a lottery to decide 2LD landrush

Kevin Murphy, September 18, 2019, Domain Registries

Argentina has become the latest country to allow its ccTLD registrants to register domains at the second level.

NIC Argentina announced last week that in addition to third-level domains such as example.com.ar and example.net.ar, you’ll be able to buy example.ar too.

While it’s following in the footsteps of the likes of .uk and .nz (and soon .au), Argentina is taking a slightly different approach to grandfathering and conflicts.

First, the priority registration period is pretty short, at least compared to the five years .uk registrants got.

If you already own a .ar 3LD, you only have until November 9 to get your application in for the matching 2LD.

In the event that more than one application is received from eligible registrants, the winner won’t be decided by auction, but by lottery.

The City of Buenos Aires Lottery will conduct the raffle, randomly assigning priority numbers to applicants to determine who gets first dibs on their domain of choice.

It’s the first time I’ve seen a domain contest settled by lottery since the process ICANN used to assign priorities to new gTLD applicants back in 2012.

From November 25 until January 23, the .ar process will enter a landrush phase, during which anyone can apply for any available 2LD they want by paying a non-refundable application fee.

The fee is ARS 200, the Argentine peso equivalent of $3.50, so the registry can hardly be accused of greed.

Again, competing bids will be settled by the same lottery process, with the winner having to pay the standard ARS 340 registration fee (the equivalent of $6) to claim their domain.

After February 23, it’s open season, with every domain in general availability.

.ar currently has just shy of half a million domains under management, and hasn’t seen any significant growth in a couple of years.

It will be interesting to see how popular the 2LD offer is, and what impact it has on domain growth in the industry overall.

Argentina allows .ar registrations from non-residents, but it does not appear to be a simple process.

Comment Tagged: , , , , , , , ,

Sixty gTLD registries not monitoring security threats

Kevin Murphy, September 18, 2019, Domain Registries

Roughly 5% of gTLD registry operators have been doing no abuse monitoring, despite contractual requirements to do so, a recent ICANN audit has found.

ICANN checked with 1,207 registries — basically all gTLDs — between November 2018 and June, and found about 60 of them “were not performing any security threat monitoring, despite having domains registered in their gTLDs”.

A further 180 (15%) were not doing security checks, but had no registered domains, usually because they were unused dot-brands. ICANN told these companies that they had to do the checks anyway, to remain in compliance.

In all cases, ICANN said, the registries remediated their oversights during the audit to bring their gTLDs back into compliance.

ICANN does not name the non-compliant registries in the summary of the audit’s results, published yesterday (pdf).

Registries under the 2012 new gTLD base registry agreement all have to agree to this:

Registry Operator will periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. Registry Operator will maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operator will maintain these reports for the term of the Agreement unless a shorter period is required by law or approved by ICANN, and will provide them to ICANN upon request.

It’s possible to keep tabs on abuse by monitoring domain blocklists such as SpamHaus, SURBL and PhishTank. Some such lists are freely available, others carry hefty licensing fees.

ICANN itself monitors these lists through its Domain Abuse Activity Reporting project, so it’s able to work out the differences between the levels of abuse registries report and what the empirical data suggests.

Registries typically either use these lists via in-house tools or license products provided by vendors such as Neustar, RegistryOffice, Knipp, CSC, DOTZON, Afnic, AusCERT, Shadowserver, Telefonica, Secure Domain Foundation and Netcraft, ICANN said.

Perhaps unsurprisingly, there’s a bit of disagreement between ICANN and some registries about how the somewhat vague obligations quote above are be interpreted.

ICANN thinks registries should have to provide information about specific domains that were identified as abusive and what remediation actions were taken, but some registries think they only have to provide aggregate statistical data (which would be my read of the language).

The contracts also don’t specify how frequently registries much carry out security reviews.

Of the 80% (965) of registries already in compliance, 80% (772) were doing daily abuse monitoring. Others were doing it weekly, monthly, or even quarterly, ICANN found, all of which appear to be in line with contractual requirements.

2 Comments Tagged: , , , , ,

ICANN must do more to fight internet security threats [Guest Post]

ICANN and its contracted parties need to do more to tackle security threats, write Dave Piscitello and Lyman Chapin of Interisle Consulting.

The ICANN Registry and Registrar constituencies insist that ICANN’s role with respect to DNS abuse is limited by its Mission “to ensure the stable and secure operation of the internet’s unique identifier systems”, therefore limiting ICANN’s remit to abuse of the identifier systems themselves, and specifically excluding from the remit any harms that arise from the content to which the identifiers point.

In their view, if the harm arises not from the identifier, but from the thing identified, it is outside of ICANN’s remit.

This convenient formulation relieves ICANN and its constituencies of responsibility for the way in which identifiers are used to inflict harm on internet users. However convenient it may be, it is fundamentally wrong.

ICANN’s obligation to operate “for the benefit of the Internet community as a whole” (see Bylaws, “Commitments”) demands that its remit extend broadly to how a domain name (or other Internet identifier) is misused to point to or lure a user or application to content that is harmful, or to host content that is harmful.

Harmful content itself is not ICANN’s concern; the way in which internet identifiers are used to weaponize harmful content most certainly is.

Rather than confront these obligations, however, ICANN is conducting a distracting debate about the kinds of events that should be described as “DNS abuse”. This is tedious and pointless; the persistent overloading of the term “abuse” has rendered it meaningless, ensuring that any attempt to reach consensus on a definition will fail.

ICANN should stop using the term “DNS abuse” and instead use the term “security threat”.

The ICANN Domain Abuse Activity Reporting project and the Governmental Advisory Committee (GAC) use this term, which is also a term of reference for new TLD program obligations (Spec 11) and related reporting activities. It is also widely used in the operational and cybersecurity communities.

Most importantly, the GAC and the DAAR project currently identify and seek to measure an initial set of security threats that are a subset of a larger set of threats that are recognized as criminal acts in jurisdictions in which a majority of domain names are registered.

ICANN should acknowledge the GAC’s reassertion in its Hyderabad Communique that the set of security threats identified in its Beijing correspondence to the ICANN Board were not an exhaustive list but merely examples. The GAC smartly recognized that the threat landscape is constantly evolving.

ICANN should not attempt to artificially narrow the scope of the term “security threat” by crafting its own definition.

It should instead make use of an existing internationally recognized criminal justice treaty. The Council of Europe’s Convention on Cybercrime is a criminal justice treaty that ICANN could use as a reference for identifying security threats that the Treaty recognizes as criminal acts.

The Convention is recognized by countries in which a sufficiently large percentage domain names are registered that it can serve the community and Internet users more effectively and fairly than any definition that ICANN might concoct.

ICANN should also acknowledge that the set of threats that fall within its remit must include all security events (“realized security threats”) in which a domain name is used during the execution of an attack for purposes of deception, for infringement on copyrights, for attacks that threaten democracies, or for operation of criminal infrastructures that are operated for the purpose of launching attacks or facilitating criminal (often felony) acts.

What is that remit?

ICANN policy and contracts must ensure that contracted parties (registrars and registries) collaborate with public and private sector authorities to disrupt or mitigate:

  • illegal interception or computer-related forgery,
  • attacks against computer systems or devices,
  • illegal access, data interference, or system interference,
  • infringement of intellectual property and related rights,
  • violation of laws to ensure fair and free elections or undermine democracies, and
  • child abuse and human trafficking.

We note that the Convention on Cybercrime identifies or provides Guidance Notes for these most prevalently executed attacks or criminal acts:

  • Spam,
  • Fraud. The forms of fraud that use domain names in criminal messaging include, business email compromise, advance fee fraud, phishing or other identity thefts.
  • Botnet operation,
  • DDoS Attacks: in particular, redirection and amplification attacks that exploit the DNS
  • Identity theft and phishing in relation to fraud,
  • Attacks against critical infrastructures,
  • Malware,
  • Terrorism, and,
  • Election interference.

In all these cases, the misuse of internet identifiers to pursue the attack or criminal activity is squarely within ICANN’s remit.

Registries or registrars should be contractually obliged to take actions that are necessary to mitigate these misuses, including suspension of name resolution, termination of domain name registrations, “unfiltered and unmasked” reporting of security threat activity for both registries and registrars, and publication or disclosure of information that is relevant to mitigating misuses or disrupting cyberattacks.

No one is asking ICANN to be the Internet Police.

The “ask” is to create policy and contractual obligations to ensure that registries and registrars collaborate in a timely and uniform manner. Simply put, the “ask” is to oblige all of the parties to play on the same team and to adhere to the same rules.

This is unachievable in the current self-regulating environment, in which a relatively small number of outlier registries and registrars are the persistent loci of extraordinary percentages of domain names associated with cyberattacks or cybercrimes and the current contracts offer no provisions to suspend or terminate their operations.

This is a guest editorial written by Dave Piscitello and Lyman Chapin, of security consultancy Interisle Consulting Group. Interisle has been an occasional ICANN security contractor, and Piscitello until last year was employed as vice president of security and ICT coordination on ICANN staff. The views expressed in this piece do not necessary reflect DI’s own.

3 Comments Tagged: , , , , ,

Bumper batch of dot-brands off themselves for Friday 13th

Kevin Murphy, September 12, 2019, Domain Registries

It’s Friday 13th tomorrow, and to celebrate the occasion no fewer than 13 dot-brands have opted to take the easy way out and self-terminate.

ICANN has published a bumper list of contracted brand registries that have informed the organization that they no longer wish to run their gTLDs.

Adding themselves to the dot-brand deadpool are: .ladbrokes, .warman, .cartier, .piaget, .chrysler, .dodge, .mopar, .srt, .uconnect, .movistar, .telefonica, .liason and .lancome.

That brings the total of self-terminated new gTLDs to date to 66.

The imminent demise of .cartier and .piaget is perhaps notable, as it means luxury goods maker Richemont has now abandoned ALL of the nine dot-brands it originally applied for.

Richemont, an enthusiastic early adopter of the new gTLD concept, applied for 14 strings in total back in 2012.

The only ones it has left are generics — .watches along with the the Chinese translation .手表 and the Chinese for “jewelry”, .珠宝, none of which have been launched and in all likelihood are being held defensively.

It’s the same story with L’oreal, the cosmetics company. It also applied for 14 gTLDs, mostly brands, but abandoned all but .lancome prior to contracting.

With .lancome on its way out, L’oreal only owns the generics .skin, .hair, .makeup and .beauty, at least one of which is actually being used.

Also of note is the fact the car company Chrysler is dumping five of its six gTLDs — .chrysler, .dodge, .mopar, .srt and .uconnect — leaving only .jeep (unused) still under contract.

Clearly, Chrysler is not as keen on dot-brands as some of its European competitors, which have been among the most prolific users.

Telefonica’s abandonment of .movistar and .telefonica also means it’s out of the gTLD game completely now, although its Brazilian subsidiary still owns (and uses) .vivo.

Betting company Ladbrokes only ever owned .ladbrokes, though it did unsuccessfully apply for .bet also.

Rounding off the list is .warman, a brand of — and I’m really not making this up — industrial slurry pumps. The pumps are made by a company called Weir, which uses global.weir as its primary web site. So that’s nice.

As far as I can tell, none of the gTLDs that are being killed off had ever been used, though each registry will have paid ICANN six-figure fees since they originally contracted.

6 Comments Tagged: , , , , , , , , , , , , , , , , , ,

.org price cap complaints more like “spam” says Ombudsman

Kevin Murphy, September 11, 2019, Domain Policy

ICANN’s Ombudsman has sided with with ICANN in the fight over the lifting of price caps on .org domains, saying many of the thousands of comments objecting to the move were “more akin to spam”.

Herb Waye was weighing in on two Requests for Reconsideration, filed by NameCheap and the Electronic Frontier Foundation in July and August after ICANN and Public Interest Registry signed their controversial new registry agreement.

NameCheap wants ICANN to reverse its decision to allow PIR to raise .org prices by however much it chooses, while the EFF complained primarily about the fact that the Uniform Rapid Suspension anti-cybersquatting measure now appears in the contract.

In both cases, the requestors fumed that ICANN seemed to “ignore” the more than 3,200 comments that were filed in objection back in April, with NameCheap calling the public comment process a “sham”.

But Waye pointed to the fact that many of these comments were filed by people using a semi-automated web form hosted by the pro-domainer Internet Commerce Association.

As far as comments go for ICANN, 3200+ appears to be quite a sizeable number. But, seeing as how the public comments can be filled out and submitted electronically, it is not unexpected that many of the comments are, in actuality, more akin to spam.

With this eyebrow-raising comparison fresh in my mind, I had to giggle when, a few pages later, Waye writes (emphasis in original):

I am charged with being the eyes and ears of the Community. I must look at the matter through the lens of what the Requestor is asking and calling out. The Ombuds is charged with being the watchful eyes of the ICANN Community. The Ombuds is also charged with being the alert “ears” of the Community — with listening — with making individuals, whether Requestors or complainants or those just dropping by for an informal chat, feel heard.

Waye goes on to state that the ICANN board of directors was kept well-briefed on the status of the contract negotiations and that it had been provided with ICANN staff’s summary of the public comments.

He says that allowing ICANN’s CEO to execute the contract without a formal board vote did not go against ICANN rules (which Waye says he has “an admittedly layman’s understanding” of) because contractual matters are always delegated to senior staff.

In short, he sees no reason for ICANN to accept either Request for Reconsideration.

The Ombudsman is not the decision-maker here — the two RfRs will be thrown out considered by ICANN’s Board Accountability Mechanisms Committee at its next meeting, before going to the full board.

But I think we’ve got a pretty good indication here of which way the wind is blowing.

You can access the RfR materials and Waye’s responses here.

6 Comments Tagged: , , , , , , , , , , ,