Thick Whois policy for .com is now live

The domain name industry is kicking off one of its most fundamental shifts in its plumbing this week.
Over the next two years, Verisign and every registrar that sells .com domains will have to rejigger their systems to convert .com from a “thin” to “thick” Whois.
This means that by February 1, 2019, Verisign will for the first time control the master database of all Whois records for .com domains, rather than it being spread piecemeal across all registrars.
The switch comes as a result of a years-in-the-making ICANN policy that officially came into force yesterday. It also applies to .com stablemates .net and .jobs.
The first big change will come August 1 this year, the deadline by which Verisign has to give all of its registrars the ability to submit thick Whois records both live (for new regs) and in bulk (for existing ones).
May 1, 2018 is the deadline for all registrars to start submitting thick Whois for new regs to Verisign, but they can start doing so as early as August this year if they want to.
Registrars have until February 1, 2019 to supply Verisign with thick Whois for all their existing registrations.
There’s a process for registrars who believe they would be violating local privacy laws by transferring this data to US-based Verisign to request an exemption, which may prevent the transition going perfectly uniformly.
Some say that the implementation of this policy may allow Verisign to ask for the ability to ask a for an increase in .com registry fees — currently frozen at the command of the US government — due to its inevitably increased costs.
Personally, I think the added costs will likely be chickenfeed compared to the cash-printing machine that is .com, so I think it’s far from a slam-dunk that such fee increases would be approved.

Thick Whois coming to .com next year, price rise to follow?

Verisign could be running a “thick” Whois database for .com, .net and .jobs by mid-2017, under a new ICANN proposal.
A timetable published this week would see the final three hold-out gTLDs fully move over to the standard thick Whois model by February 2019, with the system live by next August.
Some people believe that Verisign might use the move as an excuse to increase .com prices.
Thick Whois is where the registry stores the full Whois record, containing all registrant contact data, for every domain in their TLD.
The three Verisign TLDs currently have “thin” Whois databases, which only store information about domain creation dates, the sponsoring registrar and name servers.
The model dates back to when the registry and registrar businesses of Verisign’s predecessor, Network Solutions, were broken up at the end of the last century.
But it’s been ICANN consensus policy for about three years for Verisign to eventually switch to a thick model.
Finally, ICANN has published for public comment its anticipated schedule (pdf) for this to happen.
Under the proposal, Verisign would have to start offering registrars the ability to put domains in its thick Whois by August 1 2017, both live via EPP and in bulk.
It would not become obligatory for registrars to submit thick Whois for all newly registered domains until May 1, 2018.
They’d have until February 1, 2019 to bulk-migrate all existing Whois records over to the new system.
Thick Whois in .com has been controversial for a number of reasons.
Some registrars have expressed dissatisfaction with the idea of migrating part of their customer relationship to Verisign. Others have had concerns that local data protection laws may prevent them moving data in bulk overseas.
The new proposal includes a carve-out that would let registrars request an exemption from the requirements if they can show it would conflict with local laws, which holds the potential to make a mockery out of the entire endeavor.
Some observers also believe that Verisign may use the expense of building and operating the new Whois system as an excuse to trigger talks with ICANN about increasing the price of .com from its current, frozen level.
Under its .com contract, Verisign can ICANN ask for a fee increase “due to the imposition of any new Consensus Policy”, which is exactly what the move to thick Whois is.
Whether it would choose to exercise this right is another question — .com is a staggeringly profitable cash-printing machine and this Whois is not likely to be that expensive, relatively speaking.
The proposed implementation timetable is open for public comment until December 15.

People are forgetting .com exists — ICANN survey

Have you ever heard of .com, .net and .org?
That question was posed to 3,349 domain name registrants in 24 countries by market research firm Nielsen this June and guess what — awareness of all three cornerstone gTLDs was down on a comparable 2015 survey.
Unbelievably, only 85% of respondents professed to be aware of .com’s existence, compared to 86% in 2015.
Equally unbelievably, awareness of .net and .org fell from 76% to 69% and from 70% to 65% respectively between 2015 and 2016, the survey found.
Those are just three among many hundreds of findings of the Nielsen survey, which was carried out in order to inform ICANN’s Competition, Consumer Trust & Consumer Choice Review.
The CCT is one of the reviews deemed mandatory before ICANN is able to launch the next round of new gTLD applications.
A great many of the numbers revealed by the survey are seriously open to question — some could even be empirically proven wrong.
But David Dickinson, project lead for Nielsen on the survey, told DI yesterday that the numbers themselves are less important than the trends, or lack thereof, that they might represent.
Nielsen carried out two surveys in 2015 — one of consumers and one of registrants — then repeated both surveys again a year later.
Respondents were selected from a pool of people who have at some point indicated to third-party market research companies that they are available to take surveys online, Dickinson said. They are usually compensated via some kind of redeemable loyalty points scheme.
The registrant surveys were limited to those who said they have registered a domain name. The consumer survey was limited to those who said they spend more than five hours a week online.
While the number of respondents were measured in the low thousands, the idea is that they provide a representative sample of all internet users and domain name registrants.
But there’s a lot of weirdness in the numbers.
Dickinson said that the 85% awareness number for .com could be due partly to random “mechanical errors” — people clicking the wrong buttons on their survey form — but said that lack of awareness was more common among younger respondents who were more likely to be aware of newer, less generic TLDs.
The surveys also highlighted a bizarre split in TLD awareness between consumers and registrants.
Given that registrants are a subset of consumers, and given that they are by definition more familiar with domain names, you’d expect respondents to the registrant surveys to show higher TLD awareness than those responding to the consumer surveys.
But the opposite was true.
The surveys found, for example, that 95% of consumers knew about .com, but only 85% of registrants did. For .net and .org the numbers were 88%/69% and 83%/65% respectively. None of it makes any sense.
Dickinson said that the 2015 consumer/registrant awareness numbers were “almost identical”.
“My only real conclusion here is that [in 2016] there was some systematic difference in the diligence that the registrants selected these names on these awareness questions, and that a large portion of that is just due to random variation,” he said.
“However, when we do look at those people who are registering new gTLDs, they tended to have much lower awareness of those legacy gTLDs than those people who were unaware or had not registered those new gTLDs,” he said.
“The people who said they did not recognize any of those new gTLDs at all the are very very centric on the legacy gTLDs and in particular .com,” he said.
“I think the data is overstated because of the random variation but there is a learning here when we break it down… that those legacy domains are becoming less relevant or less noticed by the younger people and the people who are registering these new gTLDs,” he said.
“I think there is a shift going on, but it’s not as big as what is stated here [in the numbers],” he said.
The surveys also looked at awareness and registration levels for new, 2012-round gTLDs, but again the numbers probably don’t accurately reflect reality.
For example, 39% of registrants claimed to have heard of .email domain names and 15% claimed to have actually registered one.
Again, these numbers don’t seem plausible. There are fewer than 60,000 .email domains in existence today. Even if there were only one million domain registrants in the world, 15% registration rate would mean at least 150,000 names should have been sold.
Dickinson said that this number could have been higher due to selection bias. The survey took about half an hour on average to fill out, so people more personally interested or invested in internet or domain name related stuff might have been more likely to stick around and complete it.
Interestingly, new gTLD awareness rates in North America were substantially lower than awareness elsewhere in the world. For example, only 25% of North Americans professed to have heard of .news, but that grew to 42% in Asia where most languages use a different script.
My sense here is that respondents — which all took the surveys in their native languages — may have just been clicking to confirm English words they recognized, rather than TLDs they had seen in the wild.
Nielsen clearly suspected that there would be an element of “false recall” among respondents because it actually included some fake TLDs among the real ones.
This led to findings such as: 26% of Africans have heard of .cairo, 17% of North Americans have heard of .toronto and 21% of South Americans have heard of .bogota.
None of those city TLDs exist.
Dickinson explained this as “assumed familiarity”.
“What very much seems to happen is that if something has an implied ‘face validity’ — it seems to make sense or seems to be readily interpretable — then those ones will get higher stated awareness than the ones that are just random letters, such as .xyz,” he said.
Indeed, while there are over six million .xyz domains out there today, with high-profile registrants including Google, only 13% of respondents claimed to be aware of it.
“The more implied familiarity or sense of familiarity there is, the more likely people are to feel like they’ve been there or seen it, so it’s definitely a false recall, but the learning from that is that the more interpretable… those things are then they have more easy acceptance by consumers than things that are not interpretable,” Dickinson said.
The surveys did not only cover awareness and registration patterns. There are literally hundreds of data points in there covering different perceptions of TLDs new and old. I’ve just focused here on the ones that made me question whether the survey was worth the time, expense and paper it was written on.
But Dickinson said that the raw numbers are not necessarily what the ICANN review teams should be looking at.
“Maybe the absolute number is not exactly dead-on, but what are the relationships between the numbers?” he said.
“I tend to look at the relationships, so for example one of the objectives of doing this survey was to see if the new gTLD program impacted the perception of the industry in any way, or trustworthiness in the industry,” he said.
“For example, we can say we’re not sure it improved — the numbers didn’t change significantly in that direction to allow us to definitively say it improved — but it certainly did not decline,” he said. “We can rule out that it declined.”
“Overall, we can say that the new gTLD program is emerging with fairly strong awareness, relative,” he said.
“We can also say with certainty that none of those new gTLDs are anywhere approaching the awareness of the legacy gTLDs, and even if there is some erosion in the legacy gTLDs it’s going to take a long time for those to reach parity, if they ever do,” he said.
The Nielsen surveys are one input to the work of the volunteer CCT Review Team, which intends to publish its preliminary report before the end of the year.
CCT-RT chair Jonathan Zuck recently published a blog post on the ICANN web site giving a progress report on recent work.

Correction: what NTIA said about .com pricing

The US government has not confirmed that it expects to keep Verisign’s .com registry fee capped at the current level until at least 2024, despite what DI reported on Monday.
At this URL we published an article reporting that the US government had confirmed that it was going to keep .com prices frozen at $7.85 for the next eight years.
That was based on a misreading of a letter from the Department of Commerce to Senator Ted Cruz and others, which merely explained how the price cap could be maintained without expressing a commitment to do so.
The letter actually said very little, and nothing of news value, so I thought it best to simply delete the original piece and replace it with this correction.
I regret the error.
Thanks to those readers who got in touch to point out the mistake.

Industry lays into Verisign over .com deal renewal

Some of Verisign’s chickens have evidently come home to roost.
A number of companies that the registry giant has pissed off over the last couple of years have slammed the proposed renewal of its .com contract with ICANN.
Rivals including XYZ.com (sued over its .xyz advertising) and Donuts (out-maneuvered on .web) are among those to have filed comments opposing the proposed new Registry Agreement.
They’re joined by business and intellectual property interests, concerned that Verisign is being allowed to carry on without implementing any of the IP-related obligations of other gTLDs, and a dozens of domainers, spurred into action by a newsletter.
Even a child protection advocacy group has weighed in, accusing Verisign of not doing enough to prevent child abuse material being distributed.
ICANN announced last month that it plans to renew the .com contract, which is not due to expire for another two years, until 2024, to bring its term in line with Verisign’s contracts related to root zone management.
There are barely any changes in the proposed new RA — no new rights protection mechanisms, no changes to how pricing is governed, and no new anti-abuse provisions.
The ensuing public comment period, which closed on Friday, has attracted slightly more comments than your typical ICANN comment period.
That’s largely due to outrage from readers of the Domaining.com newsletter, who were urged to send comments in an article headlined “BREAKING: Verisign doubles .COM price overnight!”
That headline, for avoidance of doubt, is not accurate. I think the author was trying to confer the idea that the headline could, in his opinion, be accurate in future.
Still, it prompted a few dozen domainers to submit brief comments demanding “No .com price increases!!!”
The existing RA, which would be renewed, says this about price:

The Maximum Price for Registry Services subject to this Section 7.3 shall be as follows:
(i) from the Effective Date through 30 November 2018, US $7.85;
(ii) Registry Operator shall be entitled to increase the Maximum Price during the term of the Agreement due to the imposition of any new Consensus Policy or documented extraordinary expense resulting from an attack or threat of attack on the Security or Stability of the DNS, not to exceed the smaller of the preceding year’s Maximum Price or the highest price charged during the preceding year, multiplied by 1.07.

The proposed amendment (pdf) that would extend the contract through 2024 does not directly address price.
It does, however, contain this paragraph:

Future Amendments. The parties shall cooperate and negotiate in good faith to amend the terms of the Agreement (a) by the second anniversary of the Effective Date, to preserve and enhance the security and stability of the Internet or the TLD, and (b) as may be necessary for consistency with changes to, or the termination or expiration of, the Cooperative Agreement between Registry Operator and the Department of Commerce.

The Cooperative Agreement is the second contract in the three-way relationship between Verisign, ICANN and the US Department of Commerce that allows Verisign to run not only .com but also the DNS root zone.
It’s important because Commerce exercised its powers under the agreement in 2012 to freeze .com prices at $7.85 a year until November 2018, unless Verisign can show it no longer has “market power”, a legal term that plays into monopoly laws.
So what the proposed .com amendments mean is that, if the Cooperative Agreement changes in 2018, ICANN and Verisign are obligated to discuss amending the .com contract at that time to take account of the new terms.
If, for example, Commerce extends the price freeze, Verisign and ICANN are pretty much duty bound to write that extension into the RA too.
There’s no credible danger of prices going up before 2018, in other words, and whether they go up after that will be primarily a matter for the US administration.
The US could decide that Verisign no longer has market power then and drop the price freeze, but would be an indication of a policy change rather than a reflection of reality.
The Internet Commerce Association, which represents high-volume domainers, does not appear particularly concerned about prices going up any time soon.
It said in its comments to ICANN that it believes the new RA “will have no effect whatsoever upon the current .Com wholesale price freeze of $7.85 imposed on Verisign”.
XYZ.com, in its comments, attacked not potential future price increases, but the current price of $7.85, which it characterized as extortionate.
If .com were put out to competitive tender, XYZ would be prepared to reduce the price to $1 per name per year, CEO Daniel Negari wrote, saving .com owners over $850 million a year — more than the GDP of Rwanda.

ICANN should not passively go along with Verisign’s selfish goal of extending its unfair monopoly over the internet’s most popular top-level domain name.

Others in the industry chose to express that the proposed contract does not even attempt to normalize the rules governing .com with the rules almost all other gTLDs must abide by.
Donuts, in its comment, said that the more laissez-faire .com regime actually harms competition, writing:

It is well known that new gTLDs and now many other legacy gTLDs are heavily vested with abuse protections that .COM is not. Thus, smaller, less resource-rich competitors must manage gTLDs laden (appropriately) with additional responsibilities, while Verisign is able to operate its domains unburdened from these safeguards. This incongruence is a precise demonstration of disparate treatment, and one that actually hinders effective competition and ultimately harms consumers.

It points to numerous statistics showing that .com is by far the most-abused TLD in terms of spam, phishing, malware and cybersquatting.
The Business Constituency and Intellectual Property Constituency had similar views about standardizing rules on abuse and such. The IPC comment says:

The continued prevalence of abusive registrations in the world’s largest TLD registry is an ongoing challenge. The terms of the .com registry agreement should reflect that reality, by incorporating the most up-to-date features that will aid in the detection, prevention and remediation of abuses.

The European NGO Alliance for Child Safety Online submitted a comment with a more narrow focus — child abuse material and pornography in general.
Enasco said that 41% of sites containing child abuse material use .com domains and that Verisign should at least have the same regulatory regime as 2012-round gTLDs. It added:

Verisign’s egregious disinterest in or indolence towards tackling these problems hitherto hardly warrants them being rewarded by being allowed to continue the same lamentable
regime.

I couldn’t find any comments that were in unqualified support of the .com contract renewal, but the lack of any comments from large sections of the ICANN community may indicate widespread indifference.
The full collection of comments can be found here.

“Ditch .com!” government to tell Indians

The Indian government is to urge citizens to register .in domain names instead of .com, according to local reports.
The Economic Times reports today that the Ministry of Economy and IT is to launch a “massive advertising campaign aimed at companies, individuals and startups” promoting .in.
Rajiv Bansal, MEIT joint secretary, is reported as saying the campaign will play up to nationalist sentiments
The government wants to grow .in from about 2.1 million domains to 3 million domains by March next year, it said.
Prices could come down to the $2 to $3 range, the paper said.
The campaign is due to start in a month or so, it was reported.

Verisign to get .com for six more years, but prices to stay frozen

ICANN and Verisign have agreed to extend their .com registry contract for another six years, but there are no big changes in store for .com owners.
Verisign will now get to run the gTLD until November 30, 2024.
The contract was not due to expire until 2018, but the two parties have agreed to renew it now in order to synchronize it with Verisign’s new contract to run the root zone.
Separately, ICANN and Verisign have signed a Root Zone Maintainer Agreement, which gives Verisign the responsibility to make updates to the DNS root zone when told to do so by ICANN’s IANA department.
That’s part of the IANA transition process, which will (assuming it isn’t scuppered by US Republicans) see the US government’s role in root zone maintenance disappear later this year.
Cunningly, Verisign’s operation of the root zone is technically intermingled with its .com infrastructure, using many of the same security and redundancy features, which makes the two difficult to untangle.
There are no other substantial changes to the .com agreement.
Verisign has not agreed to take on any of the rules that applies to new gTLDs, for example.
It also means wholesale .com prices will be frozen at $7.85 for the foreseeable future.
The deal only gives Verisign the right to raise prices if it can come up with a plausible security/stability reason, which for one of the most profitable tech companies in the world seems highly unlikely.
Pricing is also regulated by Verisign’s side deal (pdf) with the US Department of Commerce, which requires government approval for any price increases until such time as .com no longer has dominant “market power”.
The .com extension is now open for public comment.
Predictably, it’s already attracted a couple of comments saying that the contract should instead be put out to tender, so a rival registry can run the show for cheaper.
That’s never, ever, ever, ever going to happen.

Verisign has great quarter but sees China growth slowing

Verisign beat its sales expectations in the first quarter of the year, but leadership said rapid growth from Chinese registrants will now “normalize”.

The .com/.net registry last night reported net income up 21% at $107 million, on revenue that was up 9.1% to $282 million.
That’s based primarily on it selling 2.65 million net new .com/.net names during the quarter, at 7.1% increase on the Q1 2014 level baseline. It said it sold 10 million new names in the quarter, up from 8.7 million a year ago.
For comparison, Q1 2015 saw 1.51 million net adds across the two TLDs. Three months ago, the company had predicted net adds to be 1.5 to 2 million names.
It had 142.5 million names at the end of the quarter, 126.6 million of which were .com.
CEO James Bidzos told analysts: “We again saw activity coming from registrars in China that exceeded our expectations.”
However, he added: “At this point, we expect activity from registrars in China to normalize as we continue through the second quarter.”
When pressed, CFO George KIlguss elaborated (according to the SeekingAlpha earnings call transcript):

as we look at the trends, we’ve seen the demand that happened in the second half of the first quarter kind of ebb and flow. So we saw it come. It was pretty strong for a few weeks and then it came back to more than normalized path. So we don’t have a perfect crystal ball, but based on the trends that we’ve seen that we’ve been tracking, it seems to be back on the normalized path for that particular region, at least as what we’ve seen historically.

Verisign is currently negotiating for the renewal of its .com contract with ICANN, which may or may not enable it to raise its government-frozen registry prices in future.

Verisign warns about Chinese .com boom

Verisign has warned investors that the current boom in .com sales is largely coming from Chinese domainers and may not be sustainable.
The company has added an unprecedented 4.1 million domain in .com and .net so far during the fourth quarter.
“While there continues to be demand for domain names globally, the recent increased volume for Verisign’s top level domains, as well as top level domains of other registries, during the fourth quarter is coming largely through registrars in China,” the company said in a Securities and Exchange Commission filing.
It listed several factors that are likely responsible for the sudden uptick, but warned that renewal rates are typically not great.

In the past, Verisign has discussed many factors that affect the demand for domain names, including, but not limited to economic, social, and regulatory conditions, Internet adoption, Internet penetration, and increasing e-commerce. In addition to these factors affecting demand, Verisign is also evaluating additional potential factors unique to China that may also be responsible for the recent increased volume of new registrations in China.
In no particular order, these potential factors, or combination of factors, could include, but may not be limited to, government initiatives in China to develop their online economy such as ‘Internet Plus;’ registry and registrar regulatory requirements; cultural influences such as the popularity of numeric domain names; increasing competition amongst Chinese registrars; potential increases in domain name investment activity; and recent capital markets volatility and access to capital in China.
Verisign cannot predict if or how long this increased pace of gross additions will continue and we cannot at this time predict what the renewal rate for these domain names will be. Verisign has noted in the past that renewal rates for domain names registered in emerging markets, such as China, have historically been lower than those registered in more developed markets.

It’s difficult to imagine that Chinese investors have managed to find four million unregistered domains worth keeping.
There are currently 123,497,852 domains in the .com zone file, according to Verisign’s web site.
Verisign is not the only registry that appears to be benefiting from a deluge of registrations from China.
XYZ.com has seen over 440,000 domains added to its .xyz zone file in the last three weeks, bringing its total to over 1.5 million, which appear to be largely coming through Chinese registrars.

Pro-.com analyst “sponsored” by Verisign. Is this a big deal?

Verisign has admitted it “sponsors” an analyst who has written more than a dozen articles singing the praises of .com and questioning the value of new gTLDs over the last few years.
Zeus Kerravala is the founder and principal analyst at ZK Research. He writes a regular column for Network World called Network Intelligence.
Last week, domain industry eyebrows were raised by the latest in a series of pro-.com articles — all of which seem to have been removed by Network World in the last 24 hours — to appear in the column.
The latest article was entitled “Why more companies are ditching new domain names and reverting to .com“.
Kerravala basically mined domain industry blogs, including this one, for examples of companies preferring .com over ccTLDs and new gTLDS, to support a view that .com is awesome and other TLDs are not.
He could have quite easily have used the same method to reach the opposite conclusion, in my view.
The Halloween-themed article concluded:

The good news is that .com will be here now and into the future, just like it has been for the past 30 years to provide treats to businesses after they have been “tricked” by other TLDs.

The article, and 12 more before it dating back to August 2012, looked to some like Verisign spin.
Other headlines include “Why .com is still the domain of choice for businesses” and “New generic top-level domain names do more harm than good” and “Companies are movin’ on up to .com domain names”.
They’re all basically opinion pieces with a strongly pro-.com slant.
The opinion that .com is better than the alternatives is not uncommon, especially among domainers who have lots of money tied up in .com investments.
The fact that Kerravala, who doesn’t usually touch the domain industry in his column, has written a dozen stories saying essentially the same thing about .com over the last couple of years looked a bit odd to some in the domain industry.
And it turns out that he is actually on the Verisign payroll.
A Verisign spokesperson told DI: “ZK Research is a sponsored industry analyst and blogger.”
The company declined to answer a follow-up question asking whether this meant he was paid to blog.
Kerravala told DI that Verisign is one of his clients, but denied blogging on its behalf. He said in an email:

they are a client like many of the other large technology firms. Although I blog, like many analysts, I am first an foremost an analyst. I have paid relationships with tech vendors, service providers, end user firms, resellers and the financial community.
Verisign pays me for inquiry time and to have access to my research. Verisign has many relationships like this with many analyst firms and I have this type of relationship with many other technology firms.
In no way do vendors pay me to write blogs nor do they influence my research or my opinions. Sometimes, I may choose to interview a vendor on a certain topic and include them in the article.

Kerravala had not disclosed in his Network World articles or boilerplate biography that Verisign is one of his clients.
In a January 2014 article published on SeekingAlpha, “New Generic Top Level Domain Names Pose No Threat To VeriSign“, contains a disclosure that reads in part “I have no business relationship with any company whose stock is mentioned in this article.”
Kerravala said in an email that although his relationship with Verisign started in 2013, the company was not a client at the time the SeekingAlpha article appeared.
The relationship came to light after new gTLD registry Donuts emailed Kerravala via a third party — and Kerravala says under false pretenses — claiming to have liked his most recent article and asking for a contact name at Verisign.
He would have responded honestly to just being asked directly by Donuts, he said.
In a telephone conversation yesterday, he said that his articles about .com represent his genuinely held beliefs which, as we agree, are not particularly unusual.
He observed that DI has a generally pro-TLD-competition point of view, and that many of my advertisers are drawn from the new gTLD industry, and said that his relationship with Verisign is not dissimilar to DI’s relationship to its advertisers.