Latest news of the domain name industry

Recent Posts

XYZ says it won’t block censored Chinese domains

Kevin Murphy, November 6, 2015, Domain Registries

New gTLD registry XYZ.com has said it will not preemptively censor domain names based on the wishes of the Chinese government.

Over the last couple of days, CEO Daniel Negari has sought to “clarify” its plans to block and suspend domain names based on Chinese government requests.

It follows XYZ’s Registry Services Evaluation Request for a gateway service in the country, first reported by DI and subsequently picked up by the Electronic Frontier Foundation, a Wall Street Journal columnist, Fortune magazine and others.

The clarifications offered up by XYZ probably did more to confuse matters.

A blog post on Wednesday said that XYZ will not reserve any .xyz domain names from being registered, except those ICANN makes all new gTLD registries reserve.

Subsequent comments from Negari stated that XYZ will, as the RSEP stated, prevent names that have been banned in China from being registered.

However, there’s one significant difference.

Now, the registry is saying that it will only put those bans in place for domain names that have been specifically banned by the Chinese government when the name had already been registered by a Chinese registrant.

So, if I understand correctly, it would not preemptively ban anyone anywhere from registering [banned term].xyz.

However, if [banned term].xyz was registered to a Chinese resident and the Chinese government told the registry to suspend it, it would be suspended and nobody would be able to re-register it anywhere in the world.

Negari said in a blog comment yesterday:

if we receive a Chinese legal order tomorrow (before the gateway has launched) which requires disabling a domain name registered in China and properly under Chinese jurisdiction, then it will be disabled at the registry level, and not by the gateway. When the gateway launches the name will continue to be unavailable, and the gateway will not implement the action on a localized basis only in China. The normal registry system would continue to be the only system used to resolve the name globally. Again — the specific stability concern ICANN had was that we would use the Chinese gateway to make .xyz names resolve differently, depending on what country you are in. I completely agree that our [RSEP] re-draft to address that concern came out in a way that can be read in a way that we sincerely did not intend.

So there is a list of preemptively banned .xyz, .college, .rent, .security and .protection domains, compiled by XYZ from individual Chinese government requests targeting names registered to Chinese registrants.

Negari said in an email to DI yesterday:

To clarify the statement “XYZ will reserve domains,” we meant that XYZ will takedown domains in order to comply with “applicable law.” Unfortunately, the inaccuracies in your post caused people to believe that we were allowing the Chinese government to control what names could be registered or how they could be used by people outside of China. The idea that XYZ is going to impose Chinese law and prevent people outside of China from registering certain domain names is simply incorrect and not true. To be 100% clear, there is no “banned list.”

That was the first time anyone connected with XYZ had complained about the October 12 post, other than since-deleted tweets that corrected the size of the list from 40,000 domains to 12,000.

The RSEP (pdf) that causes all this kerfuffle has not been amended. It still says:

XYZ will reserve names prohibited for registration by the Chinese government at the registry level internationally, so the Gateway itself will not need to be used to block the registration of of any names. Therefore, a registrant in China will be able to register the same domain names as anyone else in the world.

This fairly unambiguous statement is what XYZ says was “misinterpreted” by DI (and everyone else who read it).

However, it’s not just a couple of sentences taken out of context. The context also suggests preemptive banning of domains.

The very next sentence states:

When the Gateway is initially implemented we will not run into a problem whereby a Chinese registrant has already registered a name prohibited for registration by the Chinese government because Chinese registrars are already enforcing a prohibition on the registration of names that are in violation of Chinese law.

This states that Chinese residents are already being preemptively banned, by Chinese registrars, from registering domains deemed illegal in China.

The next few paragraphs of the RSEP deal with post-registration scenarios of domains being banned, clearly delineated from the paragraph dealing with pre-registration scenarios.

In his blog post, Negari said the RSEP “addressed the proactive abuse mitigation we will take to shut down phishing, pharming, malware, and other abuse in China”.

I can’t believe this is true. The consequence would be that if China sent XYZ a take-down notice about a malware or phishing site registered to a non-Chinese registrant, XYZ would simply ignore it.

Regardless, the takeaway today is that XYZ is now saying that it will not ban a domain before it has been registered, unless that domain has previously been registered by a Chinese resident and subsequently specifically banned by the Chinese government.

The registry says this is no different to how it would treat take-down notices issued by, for example, a US court. It’s part of its contractual obligation to abide by “applicable law”, it says.

Whether this is a policy U-turn or a case of an erroneous RSEP being submitted… frankly I don’t want to get into that debate.

Disclosure: during the course of researching this story, I registered .xyz domains matching (as far as this monoglot can tell) the Chinese words for “democracy”, “human rights”, “porn” and possibly “Tiananmen Square”. I have no idea if they have value and have no plans to develop them into web sites.

XYZ to put global block on domains banned in China

Kevin Murphy, October 12, 2015, Domain Registries

XYZ.com plans to slap a global ban on domain names censored by the Chinese government.

Chinese words meaning things such as “human rights” and “democracy” are believed to be on the block list, which an industry source says could contain as many as 40,000 words, names and phrases.

(UPDATE: Gavin Brown, CTO of XYZ back-end CentralNic, tweeted that the list is nowhere near 40,000 names long.)

The registry seems to be planning to allow the Chinese government to censor its new gTLDs, which include .xyz, .college, .rent, .protection and .security, in every country of the world.

And it might not be the last non-Chinese registry to implement such a ban.

The surprising revelation came in a fresh Registry Services Evaluation Process request (pdf), filed with ICANN on Friday.

The RSEP asks ICANN to approve the use of a gateway service on the Chinese mainland, which the company says it needs in order to comply with Chinese law.

As previously reported, Chinese citizens are allowed to register domains in non-Chinese registries, but they may not activate them unless the registry complies with the law.

That law requires the registry to be located on the Chinese mainland. XYZ plans to comply by hiring local player ZDNS to proxy its EPP systems and mirror its Whois.

But the Chinese government also bans certain strings — which I gather are mostly but not exclusively in Chinese script — from being registered in domain names.

Rather than block them at the ZDNS proxy, where only Chinese users would be affected, XYZ has decided to ban them internationally.

Registrants in North America or Europe, for example, will not be able to register domains that are banned in China. XYZ said in its RSEP:

XYZ will reserve names prohibited for registration by the Chinese government at the registry level internationally, so the Gateway itself will not need to be used to block the registration of of any names. Therefore, a registrant in China will be able to register the same domain names as anyone else in the world.

It seems that XYZ plans to keep its banned domain list updated as China adds more strings to its own list, which I gather it does regularly.

Customers outside of China who have already registered banned domains will not be affected, XYZ says.

If China subsequently bans more strings, international customers who already own matching domains will also not be affected, it says.

CEO Daniel Negari told DI: “To be clear, we will not be taking action against names registered outside of China based on Chinese government requests.”

But Chinese registrants do face the prospect losing their domains, if China subsequently bans the words and XYZ receives a complaint from Chinese authorities.

“We treat requests from the Chinese government just like we treat requests from the US government or any other government,” Negari said.

“When we receive a valid government or court order to take action against a name and the government has jurisdiction over the registration, we will take action the registration,” he said.

Up to a third of the .xyz zone — about three hundred thousand names — is believed to be owned by Chinese registrants who are currently unable to actually use their names.

The company clearly has compelling business reasons to comply with Chinese law.

But is giving the Chinese government the ongoing right to ban tens of thousands of domain names internationally a step too far?

ICANN allows anyone to file public comments on RSEP requests. I expect we’ll see a few this time.

Free speech banned from .bible

Kevin Murphy, August 27, 2015, Domain Registries

The Bible may be a piece of literature that belongs to the world, but in .bible it’s going to be a propaganda tool for Christians.

The just-published Acceptable Use Policy (pdf) bans any content that the American Bible Society, acting as registry, deems unsuitable. Specifically prohibited:

Pointing to any content that may, as determined in ABS’s sole discretion, disparage or blaspheme God, Jesus, the Holy Spirit, Christianity (to include any sects or denominations), the Bible, or any other such tenet, symbol, representative or principles of the Christian faith.

Pointing to any content that, as determined in ABS’s sole discretion, espouses or promotes a religious, secular or other worldview that is antithetical to New Testament principles, including but not limited to the promotion of a non-Christian religion or set of religious beliefs.

This would seem to ban, for example, a web site that used the Bible’s text to question whether human sacrifice and scapegoating are really moral precepts by which people should live their lives.

ABS is a non-denominational organization, so presumably you are allowed to set up sites that say Eucharistic wine is really magic human blood, and also that it isn’t.

The registry is the publisher of the “Good News” modern-English translation of the Bible, which ends with billions of people being cast into a lake of fire to burn for eternity.

Turkey blocks Google DNS in Twitter crackdown

Kevin Murphy, March 23, 2014, Domain Policy

The Turkish government has reportedly blocked access to Google’s public DNS service from with its borders, as part of its recently instituted censorship of Twitter.

According to local reports, the IP addresses 8.8.8.8 and 8.8.4.4 — Google’s public DNS servers — were banned after they became widely used to circumnavigate blocks on Twitter’s domain names.

Turkish prime minister Recep Tayyip Erdogan last week vowed to “wipe out” Twitter, after the company refused to take down tweets criticizing his government over corruption allegations ahead of an election next week.

Twitter is encouraging Turkish users to use SMS to send tweets instead. Many Turks are also turning to VPNs to evade this bizarre piece of Draconian censorship.

Nominet bans rape domains

Kevin Murphy, January 15, 2014, Domain Policy

Nominet has banned “rape” domains from the .uk space, following an independent review spurred by a newspaper article.

The company announced today that it is to adopt the recommendations of Lord Macdonald (pdf), who said domains that “signal or encourage serious sexual offences” should be deleted.

The policy applies retroactively and at least a dozen domains have already been suspended.

Nominet CEO Lesley Cowley said in a statement:

Even though we are only talking about a handful of domain names, we agreed that we do not want those domain names on the register – regardless of whether there was an associated website or content.

Under the new policy, Nominet will review all new domain name registrations within the first 48 hours. It said it will:

Institute a system of post-registration domain name screening, within 48 hours of registration, for domain names that appear to signal or encourage serious sexual offences. Where examples that meet these criteria are discovered, they will be suspended or de-registered.

It’s pretty vague at the moment, both in terms of what constitutes a “signal” and how the oversight process will be carried out. Nominet said it will reveal implementation details at a later date.

Importantly, there will be no pre-screening of domains for potentially offensive substrings. It will still be possible to register names if you’re a “therapist” or enjoy “grapes”.

Macdonald said in his report:

any process of pre-registration scrutiny is likely to be slow, technologically blunt, and have minimal useful impact. It would likely damage the credibility of the .uk space in the market place and it would bring few discernible advantages.

He seems to be envisaging a system of manual review, aided by keyword searches, that looks only for domains that seem to be unambiguously “egregious”. He wrote:

it is precisely because of the inadequacies of the screening technology that Nominet has available to it, and the utmost importance of avoiding unnecessary or mistaken interference with free expression rights, that any post registration screening process should be strictly designed to target only the most egregious examples

Keywords under scrutiny are likely to include “rape”, “incest”, “bestiality”, “paedophilia” and derivatives.

Macdonald noted that Nominet gets 20 – 25 registrations containing these strings per week, but that the “vast majority” were false positives that should not trigger a suspension.

The Macdonald report gives examples of existing domains that would be likely to trigger Nominet action, including rapeme.co.uk, rapemyteacher.co.uk and rapeporn.co.uk.

According to Whois records, all of the domains listed in the report have already been suspended by Nominet.

Macdonald wrote:

it is difficult to see any reasonable basis whatsoever upon which the registration of a domain name such as rapemyteacher.co.uk could be consistent with any reasonable terms of business that Nominet might draw up.

It’s not clear from archives whether many of these domains even led to sites with content. An Archive.org capture of rapeporn.co.uk from 2009 contains a short essay (looks like a hasty attempt to justify the domain to me) on why rape fantasy and actual rape are different.

I suspect that “rapemyteacher.co.uk” was supposed to be a joke, a play on the popular site RateMyTeachers.com.

However, in Macdonald’s view, it’s easily possible for Nominet to suspend these names without infringing anyone’s free speech rights under the European Convention on Human Rights and UK law.

He said that in some cases the domain name itself may be illegal, if it encourages others to commitment crimes. Incitement is a crime, after all.

But his report seems to envisage that the use of the word “rape” may be justifiable when used in a figurative sense not related to actual sexual violence. It would also not be banned in positive contexts such as rape victim support services.

He recommended against instituting bans on swearwords and racist terms for similar reasons.

The one thing missing from the report, and Nominet’s response to it so far, is any requirement for Nominet to disclose which domain names it has suspended under the new policy.

That would be an important oversight mechanism, in my view.

If Nominet is going to be deleting names based on an as-yet-undisclosed review process, wouldn’t free speech be served by at least telling the public what has been censored?

What if rapemyteacher.co.uk was supposed to be a parody of RateMyTeachers.com? Did Nominet just suspend a humor site for no good reason and without telling anyone but the registrant?

The Macdonald report was commissioned following an outraged Sunday Times article based on a blog post by anti-porn crusader John Carr, who wanted a ban on “depraved or disgusting words”.

Neither Carr, the Sunday Times, Nominet or Macdonald have ever presented any examples of “egregious” .uk domain names leading to content encouraging or glorifying sexual violence, nor have they ever said that they’ve seen one with their own eyes.

It’s possible that such domains do not exist.

The review and the new Nominet policy, I think it’s fair to say, has probably not protected a single man, woman, child, corpse or sheep from unwelcome interference. It was, I suspect, a waste of time and resources.

But at first look the policy, properly implemented, does not appear to present a huge risk of infringing free speech rights or throwing up vast numbers of false positives.