Latest news of the domain name industry

Recent Posts

VeriSign launches free cloud domain security service

Kevin Murphy, December 2, 2010, Domain Tech

VeriSign is to offer registrars a hosted DNSSEC signing service that will be free for names in .com and the company’s other top-level domains.

The inventively named VeriSign DNSSEC Signing Service offloads the tasks associated with managing signed domains and is being offered for an “evaluation period” that runs until the end of 2011.

DNSSEC is an extension to DNS that allows domains to be cryptographically signed and validated. It was designed to prevent cache poisoning attacks such as the Kaminsky Bug.

It’s also quite complex, requiring ongoing secure key management and rollover, so I expect the VeriSign service, and competing services, will be quite popular among registrars reluctant to plough money into the technology.

While some gTLDs, including .org, and dozens of ccTLDs, are already DNSSEC-enabled, VeriSign doesn’t plan on bringing the technology online in .com and .net until early next year.

The ultimate industry plan is for all domain names to use DNSSEC before too many years.

One question I’ve never been entirely clear on was whether the added costs of implementing DNSSEC would translate into premium-priced services or price increases at the registrar checkout.

A VeriSign spokesperson told me:

The evaluation period is free for VeriSign-managed TLDs and other TLDs. After that period, the VeriSign-managed TLDs will remain free, but other TLDs will have $2 per zone annual fee.

In other words, registrars will not have to pay to sign their customers’ .com, .net, .tv etc domains, but they will have to pay if they choose to use the VeriSign service to sign domains in .biz, .info or any other TLD.

Nominet study reveals advertisers’ favorite TLDs

Kevin Murphy, November 4, 2010, Domain Registries

Domains ending in .uk are more popular among advertisers in the UK than .com domains, but not massively so, according to research published today by Nominet, the .uk registry.

A study of 10,000 UK ads found that 65% of them contained a URL, and that 55% of those was a .uk, compared to 42% that were .com names.

I find that first number quite surprising – why are 35% of advertisers not doing something so simple and risk-free as including their domains in their ads? It doesn’t seem to make much sense.

The break-down between .uk and .com surprises me less. In my experience on both sides of the Atlantic, fewer Brits than Americans think of .com as a purely US-oriented TLD.

We share a language after all, and the pervasiveness of the phrase “dot-com” in the late 1990s saw many big British online brands, such as LastMinute.com, opt for generic domains.

Interestingly, Nominet also managed to uncover a correlation between how business-focussed a publication was and use of .com domains over .uk.

Computer Weekly, a trade publication, had .uk addresses in only 33% of its ads, while Computer Shopper, a consumer publication, had them 64% of the time.

At the two extremes, news weekly The Economist had .coms in 82% of its ads, while Auto Express ads were 80% .uk addresses. The average across all magazines was 60% in favor of .uk.

It’s the most comprehensive study of .com versus .uk I’ve read, containing far too many statistics to enumerate here, but it’s also a quick read. It can be downloaded here.

VeriSign to deploy DNSSEC in .com next March

Kevin Murphy, October 29, 2010, Domain Tech

VeriSign is to start rolling out the DNSSEC security protocol in .net today, and will sign .com next March, the company said today.

In an email to the dns-ops mailing list, VeriSign vice president Matt Larson said that .net will get a “deliberately unvalidatable zone”, which uses unusable dummy keys for testing purposes, today.

That test is set to end on December 9, when .net will become fully DNSSEC-compatible.

The .com TLD will get its own unvalidatable zone in March, but registrars will be able to start submitting cryptographic keys for the domains they manage from February.

The .com zone will be validatable later in March.

The DNSSEC standard allows resolvers to confirm that DNS traffic has not been tampered with, reducing the risk of attacks such as cache poisoning.

Signing .com is viewed as the last major registry-level hurdle to jump before adoption kicks off more widely. The root zone was signed in July and a few dozen other TLDs, such as .org, are already signed.

VeriSign plans single-letter .com auctions

Kevin Murphy, August 17, 2010, Domain Registries

VeriSign has confirmed that it wants to auction off single-character .com domain names, following a test with the equivalent .net domains.

The company recently asked ICANN for permission to sell one and two-letter .net domains. As Andrew Allemann noted at the time, that was a pretty strong indicator it would want to do the same with .com.

Now the company has admitted as much, and is looking for an online auction provider to handle the sales. It published a Request For Proposals today. The RFP says:

VeriSign intends to submit a proposal to ICANN through the RSEP [Registry Services Evaluation Process] and anticipates allocating .com single and two character domain name registrations through an auction as well

One and two-letter domains are currently restricted, due to the potential confusion with country-code TLDs. ICANN has been gradually lifting that restriction in some of the less-popular TLDs.

If VeriSign is also given permission, which seems likely, the auctions would certainly be lucrative.

If o.co can fetch $350,000, how much would Overstock, which has been screaming out for o.com for years, stump up for the .com equivalent? I also recall, years ago, Yahoo saying it wanted y.com.

But VeriSign might not be the main beneficiary of the proceeds. In its .net application, it says that it would use any money raised with the .com auctions for the common good.

VeriSign is not hereby proposing a release of .com single and/or two character domain names. VeriSign anticipates that any such proposal will be structured differently than the proposal for .net and will include use of proceeds from any auction for the benefit of the general Internet community.

That’s open to interpretation, of course. Investing a few million dollars in upgrading its infrastructure could be said to benefit the general internet community.

Domain name industry growth slowed by China crackdown

The massive slump in Chinese domain name registrations appears to have hit the overall domain name market significantly in the first quarter 2010, slowing its growth.

According to the latest VeriSign Domain Name Industry Brief, only one million net new domains were registered across all TLDs in the period, a paltry 0.6% increase.

There were about 193 million domains active at the end of March, up from 192 million at the start of the year.

A million might seem like a lot, until you consider that the market grew by 11 million domains in the fourth quarter and by three million in the first quarter of 2009.

The slump is certainly due to the rapid decline in .cn domains.

China’s ccTLD had about 13.4 million names at the end of last year, and only 8.8 million at the end of March. April’s numbers show the decline continued, with 8.5 million names registered.

The China drag has been caused by a combination of pricing and the Draconian new identification requirements the communist government placed on the registry, CNNIC.

Chinese registrants now have to present photo ID before they can register a domain.

VeriSign’s own .com/.net business did a decent trade in the quarter, up 7% compared to the same quarter last and 2.7% on December to 99.3 million names in total.

With registrations growing by 2.7 million per month, this means VeriSign already has more than 100 million names in its com/net database.