A new anti-hijacking domain name transfer policy comes into effect this week at all ICANN-accredited registrars, potentially complicating the process of not only selling domains but also updating your own Whois records.
But many registrars have already rewritten their terms of service to make the new rules as hassle-free as possible (and essentially pointless).
From December 1, the old ICANN Inter-Registrar Transfer Policy starts governing inter-registrant transfers too, becoming simply the Transfer Policy.
Now, when you make updates to your Whois records that appear to suggest new ownership, you’ll have to respond to one or two confirmation emails, text messages or phone calls.
The policy change is the latest output of the interminable IRTP work within ICANN’s GNSO, and is designed to help prevent domain hijacking.
But because the changes are likely to be poorly understood by registrants at the outset, it’s possible some friction could be added to domain transfers.
Under the new Transfer Policy, you will have to respond to confirmation emails if you make any of the following:
- A change to the Registered Name Holder’s name or organization that does not appear to be merely a typographical correction;
- Any change to the Registered Name Holder’s name or organization that is accompanied by a change of address or phone number;
- Any change to the Registered Name Holder’s email address.
While registrars have some leeway to define “typographical correction” in their implementation, the notes to the policy seem to envisage single-character transposition and omission errors.
Registrants changing their last names due to marriage or divorce would apparently trigger the confirmation emails, as would transfers between parent and subsidiary companies.
The policy requires both the gaining and losing registrant to verify the “transfer”, so if the registrant hasn’t actually changed they’ll have to respond to two emails to confirm the desired changes.
Making any of the three changes listed above will also cause the unpopular 60-day transfer lock mechanism — which stops people changing registrars — to trigger, unless the registrant has previously opted out.
Registrars are obliged to advise customers that if the change of registrant is a prelude to an inter-registrar transfer, they’d be better off transferring to the new registrar first.
The new policy is not universally popular even among registrars, where complexity can lead to mistakes and therefore support costs.
Fortunately for them, the Transfer Policy introduces the concept of “Designated Agents” — basically middlemen that can approve registrant changes on your behalf.
Some registrars are taking advantage of this exception to basically make the confirmation aspects of the new policy moot.
Calling the confirmation emails an “unnecessary burden”, EuroDNS said last week that it has unilaterally made itself every customer’s Designated Agent by modifying its terms of service.
Many other registrars, including Tucows/OpenSRS, NameCheap and Name.com appear to be doing exactly the same thing.
In other words, many registrants will not see any changes as a result of the new Transfer Policy.
The truism that there’s no domain name policy that cannot be circumvented with a middleman appears to be holding.
GoDaddy is reportedly talking to Host Europe Group, one of Europe’s largest registrars, about an acquisition.
Reuters today reported that the deal, should it go ahead, could be worth as much as $1.8 billion.
GoDaddy has been favored over rival bids from United Internet (owner of United-Domains) and buyout firm Centerbridge, Reuters said.
HEG is the parent company for several registrar brands. Notably, it owns 123-reg and DomainMonster, two of the UK’s largest registrars.
123-reg had over 900,000 gTLD domains on its books at the last count. HEG overall says it manages over seven million domains.
The company was acquired by private equity group Cinven for £438 million ($545 million) in 2013.
It has 1.7 million customers and 1,300 employees spread across eight countries. It primarily operates in the UK and Germany.
HEG had 2015 revenue of €269.8 million ($286.3 million) and made a loss of €55.6 million ($59 million).
For GoDaddy, the acquisition is a chance to shift its revenue mix away from domains and more towards the more profitable hosting market, according to Reuters.
Amazon has reversed, at least temporarily, its decision to yank its free list of the world’s most popular domains, after an outcry from researchers.
The daily Alexa list, which contains the company’s estimate of the world’s top 1 million domains by traffic, suddenly disappeared late last week.
The list was popular with researchers in fields such as internet security. Because it was free, it was widely used.
DI PRO uses the list every day to estimate the relative popularity of top-level domains.
After deleting the list, Amazon directed users to its Amazon Web Services portal, which had started offering the same data priced at $0.0025 per URL.
That’s not cheap. The cost of obtaining same data suddenly leaped from nothing to $912,500 per year, or $2,500 per day.
That’s beyond the wallets, I suspect, of almost every Alexa user, especially the many domain name tools providers (including yours truly) that relied on the data to estimate domain popularity.
Even scaling back usage to the top 100,000 URLs would be prohibitively expensive for most researchers.
While Amazon is of course free to price its data at whatever it thinks it is worth, no notice was given that the file was to be deleted, scuppering without warning goodness knows how many ongoing projects.
Some users spoke out on Twitter.
The quiet death of the @Alexa_Support top million sites is a grievous blow to internet researchers everywhere. $2500 per pull now.
— April King (@aprilmpls) November 21, 2016
Removing the top 1M list is a HUGE mistake. It was extremely useful to assess the impact of new security vulnerabilities. 🙁 @Alexa_Support
— Benjamin Beurdouche (@beurdouche) November 22, 2016
@Alexa_Support I'm disappointed, but I hope you reconsider. The Top 1M list is a standard reference in research. It's simply irreplaceable.
— Santiago Zanella (@xEFFFFFFF) November 22, 2016
I spent most of yesterday figuring out how to quickly rejigger DI PRO to cope with the new regime, but it seems I may have been wasting my time.
After an outcry from fellow researchers, Amazon has restored the free list. It said on Twitter:
Thanks to customer feedback, the top 1M sites is temporarily available again. We’ll provide notice before updating the file in the future
— Alexa Support (@Alexa_Support) November 22, 2016
It seems clear that the key word here is “temporarily”, and that the the restoration of the file may primarily be designed to give researchers more time to seek alternatives or wrap up their research.
Oracle has signed a deal to buy DNS services provider Dyn for an undisclosed amount probably in the nine-figure range.
The software giant said it plans to integrate Dyn’s services into its existing cloud computing platform. For the moment, existing Dyn customers are unaffected.
Dyn provides distributed DNS resolution services mainly to the enterprise market, where it has about 3,500 customers.
But it also provides redundant DNS to some TLD registries, notably Uniregistry.
Knowing how ruthlessly opportunistic Oracle can be when it comes to M&A, I have to wonder how much impact the recent denial of service attack against Dyn had on the timing of the deal being signed.
Dyn customers including Twitter and Netflix found themselves inaccessible for millions of North American internet users a couple of weeks ago.
Customers that may have been reconsidering their DNS options following the downtime may feel more reassured now that Dyn is about to become part of a much larger company.
While the acquisition price was not disclosed, it’s certainly going to be in the hundreds of millions.
Just six months ago, Dyn received $50 million in venture capital, following on from a $38 million round in 2012.
The new gTLD .blog goes into general availability today, after some mild controversy about the way the registry allocated reserved domain names.
Knock Knock Whois There, the registry affiliated with WordPress maker Automattic, last week apologized to some would-be customers for declining to honor some landrush pre-registrations.
Some registrants had complained that domains that were accepted for pre-registration were subsequently added to KKWT’s list of registry-reserved names, making them unavailable for registration.
KKWT said in a blog post Thursday that the confusion was due to it not having finalized its reserved list until just before its landrush period kicked off, November 2.
Registrars, including those accepting pre-registrations, were not given the final lists until the last minute.
Landrush applications cost around $250 but were refundable.
KKWT also revealed the make-up of its founders program domains, the 100-strong list of names it was allowed to allocate pre-sunrise.
The founders program currently seems to be a bit of a friends-and-family affair.
Of the 25 live founder sites currently listed, about 20 appear to be owned by the registry, its employees and close affiliates.
The registry said in its blog post that 25 super-generic domains had been given to WordPress.com. It seems the blog host will offer third-level names in these domains for free to its customers.
.blog had 1,743 domains in its zone file yesterday.
General availability starts about 30 minutes from the time this post was posted, at 1500 UTC. Prices are around the $30 mark.