Latest news of the domain name industry

Recent Posts

VeriSign to raise .com and .net prices again

VeriSign has announced price increases for .com and .net domain name registrations.

From January 15, 2012, .com registry prices will increase from $7.34 to $7.85 and .net fees will go up from $4.65 to $5.11.

That’s a 10% increase for .net and a 7% increase for .com, the maximum allowable under its registry agreements with ICANN.

As ever, registrants have six months to lock down their domains at current pricing by renewing for periods of up to 10 years.

The last time VeriSign raised prices, also by 7% and 10%, the higher prices became effective a year ago, July 2010.

VeriSign’s contract for .net was renewed last month after it was approved by the ICANN board of directors.

Its .com contract comes up for renewal next year.

Feds seize billion-dollar poker domains

Kevin Murphy, April 15, 2011, Domain Policy

Five domain names associated with online poker sites have been seized by the FBI as part of an investigation that has also seen 11 people indicted.

The principals of PokerStars, Absolute Poker and Full Tilt Poker, along with third-party “payment processors”, stand accused of engaging in a massive money laundering scheme in order to accept billions of dollars of payments from American gamblers in violation of US laws.

The charges carry possible maximum sentences of between five and 30 years in prison, along with substantial monetary fines. Two men have been arrested, a third is due to be arraigned, and the remainder are currently outside of the US, according to a press release (pdf).

The US Attorney for the Southern District of New York said five domain names have been seized by the FBI in connection with the prosecutions.

It’s not yet clear which domains have been seized.

From where I’m sitting in London, absolutepoker.com already shows an FBI warning banner, but pokerstars.com and fulltiltpoker.com both resolve normally. I may be receiving cached DNS data.

Blogger Elliot Silver, sitting behind a resolver on the other side of the pond, reports that ub.com is among the seized domains.

Unlike previous recent seizures, which were carried out by the US Immigration and Customs Enforcement agency, this time the FBI appears to be the responsible agency.

And this time, these aren’t two-bit file-sharing forums or Chinese knock-off merchandise sites, we’re talking about businesses that are perfectly legal in many jurisdictions, clearing billions in revenue.

But according to US Attorney’s charges, the companies carried out an elaborate plan to cover up the sources of their revenue through third parties and phoney bank accounts.

The companies are even alleged to have made multi-million dollar investments in failing banks in order to get them to turn a blind eye to the illicit gambling activities.

It appears that the FBI went straight to the .com registry, VeriSign, as some of the affected domains appear to be registered through UK-based corporate registrar Com Laude.

If you’re wondering whether this is yet another confirmation that all .com domains are subject to US jurisdiction, this is your takeaway sentence, from Manhattan US Attorney Preet Bharara:

Foreign firms that choose to operate in the United States are not free to flout the laws they don’t like simply because they can’t bear to be parted from their profits.

The suits seek $3 billion in allegedly ill-gotten gains to be returned.

Domain security arrives in .com

Kevin Murphy, April 1, 2011, Domain Tech

VeriSign announced late yesterday that it has fully implemented DNSSEC in .com, meaning pretty much anyone with a .com domain name can now implement it too.

DNSSEC is a domain-crypto protocol mashup that allows web surfers, say, to trust that when they visit wellsfargo.com they really are looking at the bank’s web site.

It uses validatable cryptographic signatures to prevent cache poisoning attacks such as the Kaminsky Bug, the potential internet-killer that caused panic briefly back in 2008.

With .com now supporting the technology, DNSSEC is now available in over half of the world’s domains, due to the size of the .com zone. But registrants have to decide to use it.

I chatted to Matt Larson, VeriSign’s VP of DNS research, and Sean Leach, VP of technology, this afternoon, and they said that .com’s signing could be the tipping point for adoption.

“I feel based on talking to people that everybody has been waiting for .com,” Larson said. “It could open the floodgates.”

What we’re looking at now is a period of gradual adoption. I expect a handful of major companies will announce they’ve signed their .coms, probably in the second half of the year.

Just like a TLD launch, DNSSEC will probably need a few anchor tenants to raise the profile of the technology. Paypal, for example, said it plans to use the technology at an ICANN workshop in San Francisco last month, but that it will take about six months to test.

“Most people have their most valuable domains in the .com space,” said Leach. “We need some of the big guys to be first movers.”

There’s also the issue of ISPs. Not many support DNSSEC today. The industry has been talking up Comcast’s aggressive deployment vision for over a year now, but few others have announced plans.

And of course application developer support is needed. Judging from comments made by Mozilla representatives in San Francisco, browser makers, for example, are not exactly champing at the bit to natively support the technology.

You can, however, currently download plugins for Firefox that validate DNSSEC claims, such as this one.

According to Leach, many enterprises are currently demanding DNSSEC support when they buy new technology products. This could light a fire under reluctant developers.

But DNSSEC deployment will still be slow going, so registries are doing what they can to make it less of a cost/hassle for users.

Accredited registrars can currently use VeriSign’s cloud-based signing service for free on a trial basis, for example. The service is designed to remove the complexity of managing keys from the equation.

I’m told “several” registrars have signed up, but the only one I’m currently aware of is Go Daddy.

VeriSign and other registries are also offering managed DNSSEC as part of their managed DNS resolution enterprise offerings.

Neither of the VeriSign VPs was prepared to speculate about how many .com domains will be signed a year from now.

I have the option to turn on DNSSEC as part of a Go Daddy hosting package. I probably will, but only in the interests of research. As a domain consumer, I have to say the benefits haven’t really been sold to me yet.

VeriSign’s upcoming battle for the Chinese .com

Kevin Murphy, February 16, 2011, Domain Registries

Could VeriSign be about to face off against China for control of the Chinese version of .com? That’s an intriguing possibility that was raised during the .nxt conference last week.

Almost as an aside, auDA chief Chris Disspain mentioned during a session that he believes there are moves afoot in China to apply to ICANN for “company”, “network” and “organization” in Chinese characters. In other words, .com, .net and .org.

I’ve been unable to find an official announcement of any such Chinese application, but I’m reliably informed that Noises Have Been Made.

VeriSign has for several quarters been open about its plans to apply for IDN equivalents of its two flagship TLDs, and PIR’s new CEO Brian Cute recently told me he wants to do the same for .org.

While neither company has specified which scripts they’re looking at, Chinese is a no-brainer. As of this week, the nation is the world’s second-largest economy, and easily its most populous.

Since we’re already speculating, let’s speculate some more: who would win the Chinese .com under ICANN’s application rules, VeriSign or China?

If the two strings were close enough to wind up in a contention set, could VeriSign claim intellectual property rights, on the basis of its .com business? It seems like a stretch.

Could China leapfrog to the end of the process with a community application and a demand for a Community Priority Evaluation?

That also seems like a stretch. It’s not impossible – there’s arguably a “community” of companies registered with the Chinese government – but such a move would likely stink of gaming.

Is there a technical stability argument to be made? Is 公司. (which Google tells me means “company” in Chinese) confusingly similar to .com?

If these TLDs went to auction, one thing is certain: there are few potential applicants with deeper pockets than VeriSign, but China is one of them.

UPDATE: VeriSign’s Pat Kane was good enough to post a lengthy explanation of the company’s IDN strategy in the comments.

VeriSign scores big win in .com pricing lawsuit

Kevin Murphy, February 14, 2011, Domain Registries

VeriSign has successfully had an antitrust lawsuit, which claims the company has been raising .com domain name prices anti-competitively, dismissed by a California court.

While it’s encouraging news if you’re a VeriSign shareholder, the Coalition for ICANN Transparency, which filed the suit, will be allowed to amend and re-file its complaint.

The basis for the dismissal (pdf) goes to the central irony of CFIT – the fact that, despite its noble name, it’s not itself a particularly transparent organization.

CFIT was set up in 2005 in order to sue ICANN and VeriSign over their deal that gave VeriSign the right to raise the price of .com and .net domains, and to keep its registry contracts on favorable terms.

While it was cagey about who was backing the organization, those of us who attended the ICANN meeting in Vancouver that year knew from the off it was primarily a front for Momentous.ca, owner of Pool.com and other domainer services.

In dismissing the case last Friday, Judge Ronald Whyte decided that CFIT’s membership is vague enough to raise a question over its standing to sue on antitrust grounds. He wrote:

By failing to identify its purported members, CFIT has made it impossible to determine whether the members are participants in the alleged relevant markets, or whether they have suffered antitrust injury. Because the [Third Amended Complaint] identifies no members of CFIT, it must be dismissed.

While CFIT had disclosed some time ago Pool.com’s involvement, it recently tried to add uber-domainer Frank Schilling’s Name Administration Inc and iRegistry Corp to the list of its financial supporters.

But Whyte was not convinced that the two companies were CFIT “members” with standing to sue.

Whyte decided that CFIT’s complaint, “fatally fails to allege facts showing that iRegistry or Name Administration were financial supporters or members at the time the complaint was filed”.

He also denied CFIT’s demand for a jury trial.

CFIT wants VeriSign to return all the excess profits it has made on .com registrations since it started raising its prices above $6.

If CFIT were to win, it would severely curtail VeriSign’s ability to grow its registry business, and could lead to billions being wiped off its accounts.

The organization has been given leave to file a fourth amended complaint, so it’s not over yet.

VeriSign launches free cloud domain security service

Kevin Murphy, December 2, 2010, Domain Tech

VeriSign is to offer registrars a hosted DNSSEC signing service that will be free for names in .com and the company’s other top-level domains.

The inventively named VeriSign DNSSEC Signing Service offloads the tasks associated with managing signed domains and is being offered for an “evaluation period” that runs until the end of 2011.

DNSSEC is an extension to DNS that allows domains to be cryptographically signed and validated. It was designed to prevent cache poisoning attacks such as the Kaminsky Bug.

It’s also quite complex, requiring ongoing secure key management and rollover, so I expect the VeriSign service, and competing services, will be quite popular among registrars reluctant to plough money into the technology.

While some gTLDs, including .org, and dozens of ccTLDs, are already DNSSEC-enabled, VeriSign doesn’t plan on bringing the technology online in .com and .net until early next year.

The ultimate industry plan is for all domain names to use DNSSEC before too many years.

One question I’ve never been entirely clear on was whether the added costs of implementing DNSSEC would translate into premium-priced services or price increases at the registrar checkout.

A VeriSign spokesperson told me:

The evaluation period is free for VeriSign-managed TLDs and other TLDs. After that period, the VeriSign-managed TLDs will remain free, but other TLDs will have $2 per zone annual fee.

In other words, registrars will not have to pay to sign their customers’ .com, .net, .tv etc domains, but they will have to pay if they choose to use the VeriSign service to sign domains in .biz, .info or any other TLD.

Nominet study reveals advertisers’ favorite TLDs

Kevin Murphy, November 4, 2010, Domain Registries

Domains ending in .uk are more popular among advertisers in the UK than .com domains, but not massively so, according to research published today by Nominet, the .uk registry.

A study of 10,000 UK ads found that 65% of them contained a URL, and that 55% of those was a .uk, compared to 42% that were .com names.

I find that first number quite surprising – why are 35% of advertisers not doing something so simple and risk-free as including their domains in their ads? It doesn’t seem to make much sense.

The break-down between .uk and .com surprises me less. In my experience on both sides of the Atlantic, fewer Brits than Americans think of .com as a purely US-oriented TLD.

We share a language after all, and the pervasiveness of the phrase “dot-com” in the late 1990s saw many big British online brands, such as LastMinute.com, opt for generic domains.

Interestingly, Nominet also managed to uncover a correlation between how business-focussed a publication was and use of .com domains over .uk.

Computer Weekly, a trade publication, had .uk addresses in only 33% of its ads, while Computer Shopper, a consumer publication, had them 64% of the time.

At the two extremes, news weekly The Economist had .coms in 82% of its ads, while Auto Express ads were 80% .uk addresses. The average across all magazines was 60% in favor of .uk.

It’s the most comprehensive study of .com versus .uk I’ve read, containing far too many statistics to enumerate here, but it’s also a quick read. It can be downloaded here.

VeriSign to deploy DNSSEC in .com next March

Kevin Murphy, October 29, 2010, Domain Tech

VeriSign is to start rolling out the DNSSEC security protocol in .net today, and will sign .com next March, the company said today.

In an email to the dns-ops mailing list, VeriSign vice president Matt Larson said that .net will get a “deliberately unvalidatable zone”, which uses unusable dummy keys for testing purposes, today.

That test is set to end on December 9, when .net will become fully DNSSEC-compatible.

The .com TLD will get its own unvalidatable zone in March, but registrars will be able to start submitting cryptographic keys for the domains they manage from February.

The .com zone will be validatable later in March.

The DNSSEC standard allows resolvers to confirm that DNS traffic has not been tampered with, reducing the risk of attacks such as cache poisoning.

Signing .com is viewed as the last major registry-level hurdle to jump before adoption kicks off more widely. The root zone was signed in July and a few dozen other TLDs, such as .org, are already signed.

VeriSign plans single-letter .com auctions

Kevin Murphy, August 17, 2010, Domain Registries

VeriSign has confirmed that it wants to auction off single-character .com domain names, following a test with the equivalent .net domains.

The company recently asked ICANN for permission to sell one and two-letter .net domains. As Andrew Allemann noted at the time, that was a pretty strong indicator it would want to do the same with .com.

Now the company has admitted as much, and is looking for an online auction provider to handle the sales. It published a Request For Proposals today. The RFP says:

VeriSign intends to submit a proposal to ICANN through the RSEP [Registry Services Evaluation Process] and anticipates allocating .com single and two character domain name registrations through an auction as well

One and two-letter domains are currently restricted, due to the potential confusion with country-code TLDs. ICANN has been gradually lifting that restriction in some of the less-popular TLDs.

If VeriSign is also given permission, which seems likely, the auctions would certainly be lucrative.

If o.co can fetch $350,000, how much would Overstock, which has been screaming out for o.com for years, stump up for the .com equivalent? I also recall, years ago, Yahoo saying it wanted y.com.

But VeriSign might not be the main beneficiary of the proceeds. In its .net application, it says that it would use any money raised with the .com auctions for the common good.

VeriSign is not hereby proposing a release of .com single and/or two character domain names. VeriSign anticipates that any such proposal will be structured differently than the proposal for .net and will include use of proceeds from any auction for the benefit of the general Internet community.

That’s open to interpretation, of course. Investing a few million dollars in upgrading its infrastructure could be said to benefit the general internet community.

Domain name industry growth slowed by China crackdown

The massive slump in Chinese domain name registrations appears to have hit the overall domain name market significantly in the first quarter 2010, slowing its growth.

According to the latest VeriSign Domain Name Industry Brief, only one million net new domains were registered across all TLDs in the period, a paltry 0.6% increase.

There were about 193 million domains active at the end of March, up from 192 million at the start of the year.

A million might seem like a lot, until you consider that the market grew by 11 million domains in the fourth quarter and by three million in the first quarter of 2009.

The slump is certainly due to the rapid decline in .cn domains.

China’s ccTLD had about 13.4 million names at the end of last year, and only 8.8 million at the end of March. April’s numbers show the decline continued, with 8.5 million names registered.

The China drag has been caused by a combination of pricing and the Draconian new identification requirements the communist government placed on the registry, CNNIC.

Chinese registrants now have to present photo ID before they can register a domain.

VeriSign’s own .com/.net business did a decent trade in the quarter, up 7% compared to the same quarter last and 2.7% on December to 99.3 million names in total.

With registrations growing by 2.7 million per month, this means VeriSign already has more than 100 million names in its com/net database.