Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
Domain universe shrinks again: .com and .cn down, .au up
The number of registered domain names in the world shrank again in the third quarter, with mixed results across various TLDs, according to Verisign’s latest Domain Name Industry Brief.
There were 349.9 million names across all TLDs at the end of September, down 1.6 million sequentially but up 11.5 million compared to Q3 2021, the DNIB states.
The industry has downsized in every quarter this year, judging by Verisign’s numbers.
The company’s own .com, suffering from post-Covid blues, macroeconomic factors and (possibly) pricing issues, dragged the overall number down in Q3 by 200,000 domains, ending with 160.9 million.
But China’s .cn was hit harder, ending the period down from 20.6 million to 18 million. As I pondered in September, this may be due to how Verisign sources data.
Australia’s .au benefited from the launch of second-level availability, which boosted its number by 400,000 domains, ending with 4 million and overtaking .fr and .eu to become the seventh-largest ccTLD.
The ccTLD world overall shrunk sequentially by 1.7 million names but grew by 5.7 million on the year to end the quarter with 132.4 million.
New gTLDs ended with 27.3 million names, up 300,000 sequentially and 3.8 million year over year.
Verisign growth slows with post-Covid blues
Verisign sold fewer .com and .net domains than it did a year ago in the third quarter and has once again slashed its outlook for the year.
It had 174.2 million names across the two TLDs at the end of September, an increase of 1.2% over the year but down by around 100,000 names (rounded) on the quarter.
There were 9.9 million new domains sold. That compares to 10.1 million in the second quarter and 10.7 million in Q3 last year.
It now expects its total domains under management to increase by between 0.25% and 1% for the full year. That compares to the between 0.5% and 1.5% it predicted at the end of Q2, the 1.75% and 3.5% predicted in April, and the between 2.5% and 4.5% it predicted in February.
That equates to 2022 revenue of $1.418 billion to $1.426 billion, CFO George Kilguss told analysts. Verisign’s always jaw-dropping operating margin is expected to be between 65.75% and 66.25%.
CEO Jim Bidzos told analysts the slower growth can the attributed to the general macroeconomic malaise, Verisign coming off the lockdown bump experienced in 2020 and 2021, and the perennial issue of Chinese lumpiness.
Renewal rates for Q3 are expected to be 73.8%, the same as Q2 but down from 75% a year-ago.
But the company continues to make money hand over fist. Revenue was up 6.8% compared to Q3 last year at $357 million and net income was up to $169 million compared to $157 million a year ago.
Taliban seizing domains to silence journalists
The Taliban is attempting to close down independent media outlets in Afghanistan by deleting their .af domain names.
The Ministry of Communications and Information Technology tweeted that the sites of Hasht-e Subh Daily and Zawia News were “taken down” for publishing “unbalanced reports and fake news”.
د هشت صبح او زاویه نیوز خبري شبکو وېبسايټونه د مخابراتو او معلوماتي ټکنالوجۍ وزارت له لوري وټړل شول.
هشت صبح او زاویه نیوز خبري شبکې چې د افغانستان اسلامي امارت مشرانو پورې یې دروغجن تورونه تړل، بې توازنه راپورونه او کاذب خبرونه یې خپرول د یوې فیصلې پر بنسټ یې وبسایټونه ؤتړل شول pic.twitter.com/cexPduvMjT— Anayatullah Alokozay (@Anayatalokozay) October 3, 2022
.af’s registry is government-run.
According to the Committee to Protect Journalists, the two sites have been reporting by Afghans in exile since the Taliban retook the country over a year ago.
Both outlets have now switched domains to TLDs based in the US — Verisign and Identity Digital, where presumably they’re pretty safe from the Taliban’s reach. They’re now using zawiamedia.com and 8am.media instead of the original .af names.
.com and .net are the drag factor on domain industry growth
Verisign’s own gTLDs .com and .net slowed overall domain industry volume growth in the second quarter, according to its latest Domain Name Industry Brief.
June ended with 351.5 million registrations across all TLDs, up 1 million sequentially and 10.4 million year-over-year.
Growth would have been slightly better without the drag factor of .com and .net, which were down 200,000 domains each sequentially, as Verisign previously reported in its Q2 financial results. There were 161.1 million names in .com and 13.2 million in .net.
The ccTLD world grew by 700,000 names sequentially and 2.6 million compared to a year earlier, the DNIB states.
New gTLD names were up by the same amount sequentially and 4.1 million year over year, ending the quarter at 27 million.
Verisign to crack down on Chinese domains
Verisign has asked for permission to implement a more stringent regime for denying or suspending .com and .net domain names registered in China, to comply with the country’s strict licensing rules.
The changes appear to mean that customers of Chinese registrars who have not verified their identities, which Verisign says is a “very small percentage”, will be prevented from registering new domains and may lose their existing domains.
The company has filed a Registry Services Evaluation Process request with ICANN, proposing to tweak the registrant verification system it has had in place for the last five years in a few significant ways.
China has a system called Real Name Verification, whereby Chinese citizens have to provide government-issued ID when they register domains. Local, third-party Verification Service Providers such as ZDNS typically carry out the verification function for Verisign and other foreign registries.
The big change is that Verisign will no longer allow names to be registered without a valid code.
The RSEP says that attempts by China-based registrars to register domains without the required government verification code will result in the EPP create command failing, meaning the domain will not be registered.
Under the current system, outlined in a 2016 RSEP (pdf), the name is registered and Verisign presumably takes the money, but the domain is placed on serverHold status, meaning it is not published in the zone and will not resolve.
The new system will also allow Verisign to retroactively demand codes for already-registered names, when they come up for renewal or transfer, with the option to suspend or delete the names if the codes are not provided. The RSEP (pdf) states:
With regard existing domain names without the required verification codes, which currently comprise a very small percentage of domain name registrations from registrars licensed to operate in the People’s Republic of China, Verisign intends to address compliance issues with these domain names directly with registrars. Verisign reserves the right to deny, cancel, redirect or transfer any domain name registration or transaction, or place any domain name(s) on registry lock, hold or similar status
It’s not clear what a “very small percentage” means in hard numbers. A small slice of a big pie is still a mouthful.
Verisign has substantial exposure to the Chinese market. On the odd occasion when .com shrinks, it’s largely due to speculative registrations from China not being renewed, such as in the second quarter this year.
The RSEP names the service the Domain Name Registration Validation Per Applicable Law service. While it’s in theory applicable to any jurisdiction’s laws, in practice it’s all about addressing the demands of the Chinese government.
Verisign announces ANOTHER price increase as regs slide
Verisign posted a rare decrease in its .com/.net registered name base in the second quarter, but said it is going to raise its .net prices next year anyway.
The company also massively slashed its growth outlook for domain sales this year.
The annual cost of a .net name will go up 10%, the maximum permissible under its contract with ICANN, to $9.92 from February 1 next year, the registry said
Registrants will as usual be able to lock-in the current renewal fee of $9.02 for up to 10 years if they renew before the hike kicks in.
It’s the first .net price increase since 2018. The TLD has been stagnating in volume terms for several years, due no doubt in part to behavioral changes following the introduction of new gTLDs starting in late 2013.
The news came as Verisign reported that its domain base shrunk during Q2.
The company ended June with 174.3 million names under management, up 2.2% over a year earlier but down 350,000 domains compared to the end of Q1.
The split was 161.1 million for .com and 13.2 million for .net — that’s a sequential decrease of 200,000 for .com and a decrease of 200,000 for .net. Both rounded, of course.
CEO Jim Bidzos told analysts tonight that renewals were affected by a great many first-time registrations from China not renewing. General post-pandemic and macro-economic factors also played a role, he said.
The preliminary renewal rate was 75.9% compared to 76.0% a year earlier, but the number of new regs was down to 10.1 million from 11.7 million over the same period.
Verisign reported Q2 revenue up 6.8% on a year ago at $352 million, with net income of $167 million compared to $148 million. Its operating margin swelled to 67.1% percent from 64.7%.
Bidzos told analysts that the company is cutting its registered name growth prediction for the year to between 0.5% and 1.5%, a huge decrease from the already-downgraded estimate of 1.75% and 3.5% it made after the first quarter.
He said that he expects Q3 and Q4 to go much the same way as Q2.
Bidzos said he thinks the current factors affecting regs are a bump in the road and he expects things to stabilize over time.
UPDATE 2148 UTC — The article was updated to correct the comparison of the decrease in .com/.net regs.
Verisign to mandate 2FA for .com registrars
Over 2,000 registrars are likely to be affected by a new Verisign policy making two-factor authentication mandatory when logging into the company’s registrar portal.
ICANN has given the preliminary nod to a Verisign proposal to make 2FA, which has been available on an optional basis for over a decade, mandatory.
Voluntary adoption of the security feature has been light since it was first introduced in 2009. According to Verisign’s Registry Services Evaluation Process request (pdf) only around 200 registrars currently use it.
There were 2,446 active .com registrars at the last count. The RSEP also applies to .net and .name.
The 2FA system requires registrars to enter a one-time password, in addition to their usual credentials, whenever they log in to their accounts.
The change only applies to registrars logging into Verisign’s web site to manage their accounts, not to registrants who have .com domains. It does not apply to under-the-hood EPP transactions.
The company is hoping to implement the change pretty damn quick — its June 30 RSEP states that it will start to give registrars a 30-day noticed period the following day, before ICANN had even formally approved the change.
ICANN approval (pdf) came yesterday, so presumably 2FA will become mandatory in a matter of days.
Surprising nobody, Verisign to raise .com prices again
Verisign has announced its second consecutive annual price increase for .com domain names.
The wholesale registry fee for .com names will rise from $8.39 to $8.97 on September 1 this year, an extra $0.58 for every new or renewing domain, of which there are currently over 160 million.
Verisign announced the move, which was expected, as it announced a 2021 profit of $785 million and a 65.3% operating margin.
CEO Jim Bidzos, speaking to analysts, played down the impact of the increases on .com registrants, pointing out that .com prices were frozen under the Obama administration and have only gone up once before, last year, since 2012.
“This is the second wholesale price increase for COM since January of 2012,” he said. “So, if you look back over the last 10 years, that translates into a cost increase of only 1.3% CAGR over the last ten and a half years actually.”
The current .com contract, signed off by the Trump administration and ICANN, allows for two more 7% annual price increases, excluding the just-announced one, but Bidzos would not say whether Verisign plans to exercise those options.
If it does (and it almost certainly will) it would raise the price to $10.26, where it would stay until at least October 2026, he said.
“We believe .com continues to be positioned competitively,” he said.
It’s still basically free money for Verisign, which saw strong fourth-quarter and full-year 2021 results.
The company yesterday reported revenue of $1.33 billion for 2021, up 4.9%, with net income of $785 million, down from $815 million. The operating margin was 65.3%, compared to 65.2%.
For the fourth quarter, revenue was up 6.3% to $340 million, with net income of $330 million compared to $157 million. Operating margin was 65.3%, compared to 63.9%.
For 2022, the company is guiding for revenue of between $1.42 billion and $1.44 billion, based on the price increases and predicted unit growth of between 2.5% and 4.5%. The operating margin is expected to be between 64.5% and 65.5%.
Bidzos also addressed the controversial .web gTLD, which it won at auction but has been unable to launch due to legal action pursued by rival bidder Afilias/Altanovo.
An Independent Review Process panel recently threw a decision about .web back at ICANN, which is now considering Afilias’ allegations of wrongdoing at the board level.
“ICANN looks to be moving forward with making the decision on the delegation of .web, and we will be monitoring their process,” Bidzos said. He said that Verisign has not budgeted for any revenue or costs from .web in 2022.
That’s probably wise. Afilias recently told us that it has not stopped fighting against Verisign’s .web win.
Verisign saw MASSIVE query spike during Facebook outage
Verisign’s .com and .net name servers saw a huge spike in queries when Facebook went offline for hours last October, Verisign said this week.
Queries for facebook.com, instagram.com, and whatsapp.net peaked at over 900,000 per second during the outage, up from a normal rate of 7,000 per second, a more than 100x increase, the company said in a blog post.
The widely publicized Facebook outage was caused by its IP addresses, including the IP addresses of its DNS servers, being accidentally withdrawn from routing tables. At first it looked to outside observers like a DNS failure.
When computers worldwide failed to find Facebook on their recursive name servers, they went up the hierarchy to Verisign’s .com and .net servers to find out where they’d gone, which led to the spike in traffic to those zones.
Traffic from DNS resolver networks run by Google and Cloudflare grew by 7,000x and 2,000x respectively during the outage, Verisign said.
The company also revealed that the failure of .club and .hsbc TLDs a few days later had a similar effect on the DNS root servers that Verisign operates.
Queries for the two TLDs at the root went up 45x, from 80 to 3,700 queries per second, Verisign said.
While the company said its systems were not overloaded, it subtly criticized DNS resolver networks such as Google and Cloudflare for “unnecessarily aggressive” query-spamming, writing:
We believe it is important for the security, stability and resiliency of the internet’s DNS infrastructure that the implementers of recursive resolvers and public DNS services carefully consider how their systems behave in circumstances where none of a domain name’s authoritative name servers are providing responses, yet the parent zones are providing proper referrals. We feel it is difficult to rationalize the patterns that we are currently observing, such as hundreds of queries per second from individual recursive resolver sources. The global DNS would be better served by more appropriate rate limiting, and algorithms such as exponential backoff, to address these types of cases
Verisign said it is proposing updates to internet standards to address this problem.
.com and NameSilo fingered as “most-abused” after numbers rocket
SpamHaus has revealed the most-abused TLDs and registrars in its second-quarter report on botnets.
The data shows huge growth in abuse at Verisign’s .com and the fast-growing NameSilo, which overtook Namecheap to top the registrar list for the first time.
Botnet command-and-control domains using .com grew by 166%, from 1,549 to 4,113, during the quarter, SpamHaus said.
At number two, .xyz saw 739 C&C domains, up 114%.
In the registrar league table, NameSilo topped the list for the first time, unseating Namecheap for the first time in years.
NameSilo had 1,797 C&C domains on its books, an “enormous” 594% increase. Namecheap’s number was 955 domains, up 52%.
Botnets are one type of “DNS abuse” that even registrars agree should be acted on at the registrar level.
The most-abused lists and lots of other botnet-related data can be found here.
Recent Comments