Latest news of the domain name industry

Recent Posts

Nominet wants to kill off the .uk drop-catching market

Nominet has revealed a sweeping set of policy proposals that would totally revamp how expired domains are deleted and could essentially kill off drop-catching in the .uk domains market.

The company is thinking about auctioning off expired domains at the registry level, or charging drop-catchers up to £6,000 ($7,500) a year to carry on more or less as normal.

Currently, expired .uk domains are deleted at an undisclosed time each day, leading drop-catch registrars to spam the registry back-end with availability checks on the best names.

Upon finding a desired domain has dropped, they then attempt to register it immediately by spamming EPP create commands.

About 0.7% of the domains deleted each year, about 12,000 of the 1.76 million names dropped in 2018, are re-registered within a second of release, Nominet says.

The system as it stands bothers the registry due to the technical load it creates and the fact that it means the most desirable names are snapped up by small number of domainers for resale.

It also does not like the fact the current system encourages collusion between Nominet members and the creation of dummy memberships by drop-catchers.

So it’s proposing two main options for rejiggering the economics.

The first and apparently preferred solution would be for Nominet to auction off the names, rather than deleting them. It would look a lot like auctions often seen in newly launching TLDs.

The second option is to charge drop-catchers extra fees for a greater number of simultaneous EPP connections.

Currently, each registrar gets six. Under the proposal, called “Economically controlled access to expiring domains”, they’d be able to buy additional batches of six for £600 a pop, up to a maximum of 10 batches or £6,000.

Regardless of which option is chosen, Nominet also wants to make drop times more predictable, by publishing a daily drop-list available to all.

Nominet knows there’s a pretty good chance it’s going to be accused of profiteering, and says in the paper:

If either of the options proposed are implemented, we envisage that any profits derived from the auction or economically controlled access models will be directed towards public benefit activity and/or ringfenced to provide specific services to registrars e.g. a training fund. However, we are also seeking ideas on how any profits would be best spent to benefit the .UK namespace in this consultation.

The consultation can be found here. Interested parties have until August 14 to submit comments.

World’s youngest country launches its Nazi-risk TLD next week

South Sudan is gearing up to launch its controversial top-level domain, .ss, on Monday.

It’s being run by the National Communication Authority for the country, which was founded in 2011 after its split from Sudan and is the world’s youngest nation.

As I noted back then, while SS was the natural and obvious choice of ISO country code, it’s potentially controversial due to the risk of it being used by modern-day Nazis in honor of Hitler’s Schutzstaffel.

Arguably, the risk nine years later is even greater due to the rise of the populist, nationalist right around the world.

So some readers may be pleased to hear that the registry is playing its launch by the book, starting with a sunrise period from June 1 to July 15. Trademark owners will have to show proof of ownership.

I’m sure Hugo Boss already has an intern with a checkbook, trademark certificate and sleeping bag outside the registry’s HQ, to be sure to be first in line on Monday.

Sunrise will be followed by a landrush period from July 17 to August 17, during which names can be acquired for a premium fee.

Immediately after that there’ll be an early access period, from August 19 to August 29, with more premium fees. General availability will begin September 1.

Perhaps surprisingly, given the direction other ccTLDs have been taking over the last decade, South Sudan has opted for a three-level structure, with registrations possible under .com.ss, .net.ss, .biz.ss, .org.ss, .gov.ss, .edu.ss, .sch.ss and .me.ss.

The com/net/biz/me versions are open to all. The others require some proof that the registrant belongs to the specific category.

The registry says it plans to make direct second-level regs available “at a later date”.

Getting your hands on a .ss domain may prove difficult.

Trademark owners won’t be able to use their regular corporate registrar (at least not directly) as NCA is only currently accredited South Sudan-based registrars. So far, only two have been accredited. Neither are also ICANN-accredited.

One is rather unfortunately called JuHub. It’s apparently using a free domain from Freenom’s .ml (Mali) and is listed as having its email at Gmail, which may not inspire confidence. Its web site does not resolve for me.

The other is NamesForUs, which is already taking pre-registration requests. No pricing is available.

The registry’s web site has also been down for most of today, and appears to have been hacked by a CBD splogger at some point, neither of which bodes well.

Aussie ccTLD surges under coronavirus lockdown

Australia’s .au ccTLD may have been in decline recently, but it saw a surge in new domain registrations during its coronavirus lockdown, according to registry stats.

auDA said that 48,754 new .au domains were registered in April, a more than 23% increase on its April 2019 number.

The registry called this leap “the biggest month for new domain name creations we’ve seen in a while”. It averages about 40,000 per month, with seasonality.

The overall number of extant registrations was down a bit to 3,168,883, but auDA chalks this up to the expiration of domains registered during registrar promotions a year ago.

Australia was under its lockdown, which was less severe than in other countries, for the whole month of April. The measures were put in place March 21 and relaxed last week.

Numbers for March show a year-over-year decline of 1.4% in new adds.

While auDA does not attribute its April growth to lockdown, I think the numbers show that the movement restrictions imposed certainly didn’t hurt .au’s business.

Portugal ccTLD says growth better than expected during pandemic

The Portuguese ccTLD operator has become the latest registry to say that it is still seeing growth despite the coronavirus pandemic.

Associação DNS.PT recently said (via Google Translate) that “the registration in .pt is increasing considerably, we would even say above the expected”.

For the period of January 1 to April 27, .pt added 32,671 new domains, DNS.PT said.

However, that appears to be a considerable drop in regs when compared to the first quarter of 2019 (almost a month shorter period), when it saw 36,930 new registrations. It added 121,359 in the whole of 2019.

The registry said that 359 of these domains — about 1% — appeared to be directly related to the pandemic. About half a dozen have been deleted for violating DNS.PT’s terms of service.

The whole .pt space comprised over 1.2 million domains as of February.

Coronavirus has had a relatively small impact on health in Portugal, compared to other European countries. So far, it’s recorded a little over 1,000 deaths from the disease, from a population of 10.8 million.

Emoji domains get a 😟 after broad study

Kevin Murphy, October 28, 2019, Domain Tech

Domain names containing emojis are a security risk and not recommended, according to a pretty comprehensive review by an ICANN study group.

The Country-Code Names Supporting Organization has delivered the results of its 12-person, 18-month Emoji Study Group, which was tasked with looking into the problems emoji domains can cause, review current policy, and talk to ccTLD registries that currently permit emoji domains.

The ESG didn’t have a lot of power, and its recommendations are basically an exercise in can-kicking, but it’s easily the most comprehensive overview of the issues surrounding emoji domains that I’ve ever come across.

It’s 30 pages long, and you can read it here (pdf).

Emojis are currently banned in gTLDs, where ICANN has to approve new Unicode tables before they can be used by registries at the second level, under its internationalized domain name policy, IDNA 2008.

But ccTLDs, which are not contracted with ICANN, have a lot more flexibility. There are 15 ccTLDs — almost all representing small islands or low-penetration African nations — that currently permit emoji domains, the ESG found.

That’s about 6% of Latin-script ccTLDs out there today. These TLDs are .az, .cf, .fm, .je, .ga, .ge, .gg, .gq, .ml, .st, .to, .tk, .uz, .vu, and .ws.

Five of them, including .tk, are run by notorious freebie registry Freenom, but perhaps the best-known is .ws, where major brands such as Budweiser and Coca-Cola have run marketing campaigns in the past.

The main problem with emojis is the potential for confusing similarity, and the ESG report does a pretty good job of enumerating the ways confusability can arise. Take its comparison of multiple applications’ version of the exact same “grinning face” emoji, for example:

Emoji comparison

If you saw a domain containing one of those in marketing on one platform, would you be able to confidently navigate to the site on another? I doubt I would.

There’s also variations in how registrars handle emojis on their storefronts, the report found. On some you can search with an emoji, on others you’ll need to type out the xn-- prefixed Punycode translation longhand.

In terms of recommendations, the ESG basically just asked ICANN to keep an eye on the situation, to come to a better definition of what an emoji actually is, and to reach out for information to the ccTLDs accepting emojis, which apparently haven’t been keen on opening up so far.

Despite the lack of closure, it’s a pretty good read if you’re interested in this kind of thing.

Brexit hell: .eu suspension plan put on hold

Kevin Murphy, October 23, 2019, Domain Registries

EURid’s policy to boot out Brits next week has been put on hold due to the current impasse in Brexit talks.

UK citizens had been told they would lose their .eu domains November 1, the first day the country was scheduled to no longer be a member of the European Union.

But the October 31 exit date appears increasingly unlikely, with the divorce plan agreed to by the EU and UK Prime Minister Boris Johnson still in UK parliamentary limbo.

So EURid posted today:

Following the recent developments in the UK withdrawal scenario, the entire plan outlined below is on hold. We will keep you informed as soon as we receive further instructions from the European Commission.

Under the suspended plan, EURid would have emailed all of its UK and Gibraltar-based registrants tomorrow to inform them that their domains were in jeopardy.

It would have closed down new registrations to Brits on November 1 and given existing registrants a two-month grace period to come into compliance — by transferring their names to addresses in eligible nations — before suspending the names.

A year later, the names would be deleted and returned to the available pool.

EURid said it will provide further guidance when it gets word from the European Commission.

Now you don’t have to live in the EU to register a .eu domain, but there’s a catch

Kevin Murphy, October 21, 2019, Domain Registries

Residents of countries outside the European Union are now able to register .eu domain names.

A new rule that kicked in at the weekend broadened eligibility from only residents of the EU and European Economic Area. Now, residency is irrelevant.

The catch is that you have to still have to be an EU citizen to qualify.

EURid, the .eu registry, said the change opens up the ccTLD to “millions of Europeans living around the world”.

In practice, it could open up the space to basically anyone.

While residency can fairly easily be checked by looking at the mailing address in a Whois record, demonstrating citizenship is a different kettle of fish.

There’s no indication that EURid is asking registrars to collect passport numbers at the point of sale, so it appears to be a post-registration enforcement regime.

.eu is also still open to non-EU citizens who live in the EU or EEA.

.eu had 3.6 million names under management at the last count, having declined by about 200,000 since the Brexit vote three years ago.

Let’s see if the new, liberalized regime has any impact.

Argentina will use a lottery to decide 2LD landrush

Kevin Murphy, September 18, 2019, Domain Registries

Argentina has become the latest country to allow its ccTLD registrants to register domains at the second level.

NIC Argentina announced last week that in addition to third-level domains such as example.com.ar and example.net.ar, you’ll be able to buy example.ar too.

While it’s following in the footsteps of the likes of .uk and .nz (and soon .au), Argentina is taking a slightly different approach to grandfathering and conflicts.

First, the priority registration period is pretty short, at least compared to the five years .uk registrants got.

If you already own a .ar 3LD, you only have until November 9 to get your application in for the matching 2LD.

In the event that more than one application is received from eligible registrants, the winner won’t be decided by auction, but by lottery.

The City of Buenos Aires Lottery will conduct the raffle, randomly assigning priority numbers to applicants to determine who gets first dibs on their domain of choice.

It’s the first time I’ve seen a domain contest settled by lottery since the process ICANN used to assign priorities to new gTLD applicants back in 2012.

From November 25 until January 23, the .ar process will enter a landrush phase, during which anyone can apply for any available 2LD they want by paying a non-refundable application fee.

The fee is ARS 200, the Argentine peso equivalent of $3.50, so the registry can hardly be accused of greed.

Again, competing bids will be settled by the same lottery process, with the winner having to pay the standard ARS 340 registration fee (the equivalent of $6) to claim their domain.

After February 23, it’s open season, with every domain in general availability.

.ar currently has just shy of half a million domains under management, and hasn’t seen any significant growth in a couple of years.

It will be interesting to see how popular the 2LD offer is, and what impact it has on domain growth in the industry overall.

Argentina allows .ar registrations from non-residents, but it does not appear to be a simple process.

Kafka turns in grave as ICANN crowbars “useless” Greek TLD into the root

Kevin Murphy, September 9, 2019, Domain Policy

ICANN has finally approved a version of .eu in Greek script, but it’s already been criticized as “useless”.

Yesterday, ICANN’s board of directors rubber-stamped .ευ, the second internationalized domain name version of the European Union’s .eu, which will be represented in the DNS as .xn--qxa6a.

There’s a lot of history behind .ευ, much of it maddeningly illustrative of ICANN’s Kafkaesque obsession with procedure.

The first amusing thing to point out is that .ευ is technically being approved under ICANN’s IDN ccTLD Fast Track Process, a mere NINE YEARS after EURid first submitted its application.

The “Fast Track” has been used so far to approve 61 IDN ccTLDs. Often, the requested string is merely the name of the country in question, written in one of the local scripts, and the TLD is approved fairly quickly.

But in some cases, especially where the desired string is a two-character code, a string review will find the possibility of confusion with another TLD. This runs the risk of broadening the scope of domain homograph attacks sometimes used in phishing.

That’s what happened to .ευ, along with Bulgaria’s Cyrillic .бг and Greece’s own .ελ, which were rejected on string confusion grounds back in 2010 and 2011.

Under pressure from the Governmental Advisory Committee, ICANN then implemented an Extended Process Similarity Review Panel, essentially an appeals process designed to give unsuccessful Fast Track applicants a second bite at the apple.

That process led to Bulgaria being told that .бг was not too similar to Brazil’s .br, and Greece being told that .ελ did not look too much like .EA, a non-existent ccTLD that may or may not be delegated in future, after all.

But the EU’s .ευ failed at the same time, in 2014. The appeals review panel found that the string was confusable with upper-case .EY and .EV.

Again, these are not ccTLDs, just strings of two characters that have the potential to become ccTLDs in future should a new country or territory emerge and be assigned those codes by the International Standards Organization, a low-probability event.

I reported at the time that .ευ was probably as good as dead. It seemed pretty clear based on the rules at the time that if a string was confusable in uppercase OR lowercase, it would be rejected.

But I was quickly informed by ICANN that I was incorrect, and that ICANN top brass needed to discuss the results.

That seems to have led to ICANN tweaking the rules yet again in order to crowbar .ευ into the root.

In 2015, the board of directors reached out to the GAC, the ccNSO and the Security and Stability Advisory Committee for advice.

They dutifully returned two years later with proposed changes (pdf) that seemed tailor-made for the European Union’s predicament.

A requested IDN ccTLD that caused confusion with other strings in only uppercase, but not lowercase (just like .ευ!!!) could still get delegated, provided it had a comprehensive risk mitigation strategy in place, they recommended.

The recommendation was quickly approved by ICANN, which then sent its implementation guidelines (again, tailor-made for EURid (pdf)) back to the ccNSO/SSAC.

It was not until February this year that the ccNSO/SSAC group got back to ICANN (pdf) to approve of its implementation plan and to say that it has already tested it against EURid’s proposed risk-mitigation plan (pdf).

Basically, the process in 2009 didn’t produce the desired result, so ICANN changed the process. It didn’t produced the desired result again in 2014, so the process was changed again.

But at least Greek-speaking EU citizens are finally going to get a meaningful ccTLD that allows them to express their EUishness in their native script, right?

WRONG!

I recently read with interest and surprise a blog post by domainer-blogger Konstantinos Zournas, in which he referred to .ευ as the “worst domain extension ever”.

Zournas, who is Greek, opened my eyes to the fact that “.ευ” is meaningless in his native tongue. It’s just two Greek letters that visually resemble “EU” in Latin script. It’s confusing by design, but with .eu, a ccTLD that EURid already manages.

While not for a moment doubting Zournas’ familiarity with his own language, I had to confirm this on the EU’s Greek-language web site.

He’s right, the Greek for “European Union” is “Ευρωπαϊκής Ένωσης”, so the sensible two-letter IDN ccTLD would be .ΕΈ (those are Greek characters that look a bit like Latin E).

That would have almost certainly failed the ICANN string similarity process, however, as .ee/EE is the current, extant ccTLD for Estonia.

In short (too late), it seems to have taken ICANN the best part of a decade, and Jesus H Christ knows how many person-hours, to hack its own procedures multiple times in order to force through an application for a TLD that doesn’t mean anything, can’t be confused with anything that currently exists on the internet, and probably won’t be widely used anyway.

Gratz to all involved!

Second-level .au names delayed

Kevin Murphy, August 21, 2019, Domain Registries

If you’re champing at the bit to grab yourself some second-level .au domain names, you’re going to have to wait a little longer.

Australian ccTLD manager auDA said today that it is delaying the controversial release by three months, to give it more time to carry out public outreach.

In a statement, interim chair Suzanne Ewart said that “it is critically important that the changes are widely understood, backed by an education program and supported by robust business processes throughout industry.”

The original plan had been to been to make 2LDs available in a staggered manner starting at some point in the fourth quarter. The delay will push the release into 2020.

The proposed launch has been controversial among the domain investment part of the auDA membership, which largely believes that it could lead to confusion with the existing three-level structure of the .au space.