Latest news of the domain name industry

Recent Posts

Registrar threatened with shutdown for failing to reveal registrant

Kevin Murphy, November 9, 2011, Domain Registrars

ICANN has told a Turkish domain name registrar that its accreditation will be terminated unless it fixes its apparently shoddy Whois services.

While Alantron has a track record of Whois failures and connections to abusive domains, ICANN’s threat appears to have been made in connection with a single domain name.

ICANN compliance director Stacey Burnette wrote to Alantron (pdf):

On 12 October 2011, ICANN requested that Alantron make registration records available to ICANN concerning a specific domain name, as ICANN received a complaint that there was no Whois output available for the domain name. Although numerous requests were made by ICANN to make the registration records available for inspection and copying, as of the date of this letter, Alantron has not made any arrangements to comply with ICANN’s request.

The letter also details Alantron’s alleged failures to make Whois available through Port 43 and its web interface going back to September 1.

ICANN has also threatened to suspend Alantron’s ability to create new registrations. Alantron received a similar de-accreditation warning for Whois failures in April 2010.

It does not say who made the complaint or which domain is in question, but the company has come under fire from security pros in the past for allowing its services to be abused to push fake pharmaceuticals.

Alantron, which has about 26,000 domains under management according to Webhosting.info, has until November 25 to rectify the problem.

Go Daddy’s 60-day domain lockdown loophole

Kevin Murphy, September 8, 2011, Domain Registrars

Perhaps the most common complaint of the many leveled at Go Daddy over the years is that it refuses to allow customers to transfer domains to another registrar for 60 days after an ownership change.

The latest person to fire this criticism at the company is tech blogger Scott Raymond, who published a lengthy tirade against Go Daddy and its policy on ZDNet today.

Raymond points out that Go Daddy seems to be in violation of ICANN’s Inter-Registrar Transfer Policy, which explicitly prohibits the rejection of a transfer request due to a recent Whois change.

He’s not alone. Even Andrew Allemann of Domain Name Wire, hardly Go Daddy’s fiercest critic, said as recently as May that he thinks the company is in violation of the IRTP.

With good reason – this April 2008 ICANN advisory seemed to be specifically written with a ban on Go Daddy’s 60-day policy in mind.

But is the company non-compliant? ICANN doesn’t seem to think so.

I’ve tracked down this November 2009 email from David Giza, then ICANN’s head of compliance, in which he describes what seems to amount to a loophole Go Daddy and other registrars exploit.

Giza explains that the 2008 advisory “only addresses mandatory updates to Whois contact information, not a transfer or assignment to a new registrant”.

Registrants are obliged to keep their Whois data up-to-date; that’s what he means by “mandatory”.

Giza’s email adds:

the transfer policy does not prohibit registrars from requiring registrants to agree to the blocking of transfer requests as a condition for registrar facilitation of optional services such as the transfer of a registration to a new registrant.

We understand GoDaddy.com’s 60-day lock is a voluntary opt-in process where registrants are made aware of and agree to the restriction that the domain name is not to be transferred for 60-days following the completion of transfer. As such, this practice is not prohibited by the transfer policy.

In other words, there are “Whois Changes” and there are “Registrant Changes”, and registrars are only allowed to trigger a lock-down in the latter case, according to Giza.

And according to DNW’s reporting on the subject, that’s exactly what Go Daddy continues to do — locking the domain if certain fields in the registrant record are changed.

So the 60-day lock appears to be kosher, at least in the opinion of ICANN’s erstwhile compliance chief. Whether that could change under the department’s new management is unknown.

As it happens, the subject was raised by a recent working group that was looking into revising the IRTP, but it was so contentious that consensus could not be found.

The problem has been bounced down the road. The most recent mention came in this ICANN issue report (pdf, page 14-15).

Anyway, if I lost you several paragraphs ago, the net result of all this seems to be that Go Daddy probably isn’t breaking the rules, but that nobody can agree whether that’s a good thing or not.

The fact that one has to do this much digging into ICANN esoterica just to figure out whether Go Daddy is screwing its customers over isn’t very reassuring, is it?

Another registrar on the ICANN naughty step

Kevin Murphy, September 6, 2011, Domain Registrars

ICANN has threatened to terminate the accreditation of Samjung Data Service, a South Korean domain name registrar.

The threat, the 13th ICANN’s compliance department has issued to a registrar this year, is notable because it’s a rare example where money does not appear to be an issue.

Samjung’s failing, according to ICANN’s termination letter, is its inability to escrow registrant data with Iron Mountain on the agreed schedule and in the required format.

The tiny registrar has also failed to make the technical contacts in its customers’ Whois records available online, and has been apparently ignoring ICANN’s calls and emails.

What ICANN does not do is accuse Samjung of not paying its accreditation fees, which in the past has been a notable feature of compliance actions.

Delinquent payments tend to alert ICANN that there may be other problems at a registrar, but this has led to criticisms that the organization is only concerned about its revenue.

Could the Samjung case be another example of the newly staffed-up ICANN compliance department taking the more proactive stance that was promised?

War of words over .jobs “breach” claims

Employ Media and ICANN have come to blows again over ICANN’s threat to shut down the .jobs registry for allegedly selling domain names in breach of its Charter.

Both parties are currently talking through their outside counsel, and the possibility of litigation has raised its head in public for the first time.

In the latest set of correspondence published by ICANN, Employ Media sharply (and ironically) criticized ICANN’s decision to publish an earlier set of correspondence on its web site.

The earlier email exchange, which I blogged about here, revealed that ICANN had asked the company to amend its Charter.

Two days later, Employ Media’s lawyers wrote to ICANN’s lawyers to express disappointment with the decision to post these emails, questioning ICANN’s commitment to good faith negotiations.

In light of this apparent bad faith action on ICANN’s part, Employ Media is questioning whether any hope remains for a full and fair exchange of ideas regarding a resolution of its dispute with ICANN.

[ICANN has] substantially hindered Employ Media’s ability to engage in productive and honest negotiations: all future communications will necessarily be more guarded and less open, given the expectation that they will be published to a larger audience

ICANN and Employ Media are currently in a “cooperative engagement” process – a less formal way to resolve their dispute than heading to an arbitration forum or court.

ICANN claims the registry is breaking its Charter commitments to the human resources industry by allocating tens of thousands of .jobs domain names to the Universe.jobs project, which is run by a partner, the DirectEmployers Association.

Independent jobs boards, represented by the the .JOBS Charter Compliance Coalition, believe that Universe.jobs is unfair and not compliant with Employ Media’s own policies.

Employ Media’s latest letter (pdf), which it demanded ICANN publish, drops hints about some of the behind-the-scenes talks (with my emphasis):

Had we known that any part of our communication was to be published, we would have certainly memorialized, in writing, your statements to us that ICANN very much wants to avoid an arbitration over this dispute, and that ICANN was therefore willing to agree to a process for approving a Charter amendment in order to do so. We would also have memorialized our positions, including our position that a Charter amendment is neither necessary nor desirable, but that we were considering acceding to ICANN’s request solely in the hopes of avoiding arbitration

ICANN’s lawyers’ response (pdf), sent April 26, says ICANN was merely fulfilling its transparency obligations by informing the community about the extension of the talks deadline.

They also said that the Employ Media should stop pretending to be surprised that ICANN issued the breach notice and is now asking for a Charter amendment.

ICANN further accused the registry’s lawyers of legal “posturing” which was “seemingly geared solely towards use in future litigation”.

Employ Media was due to deliver a proposed amendment to its Charter by yesterday. ICANN has said it will not take any further actions based on its breach notice until May 6.

Registrar threatened over “stolen” Facebook domain

Kevin Murphy, April 21, 2011, Domain Registrars

ICANN has threatened to terminate the domain name registrar EuroDNS for failing to transfer a typo domain lost in a UDRP case to Facebook.

But EuroDNS says it is subject to a court case in its home country, Luxembourg, which has prevented it handing over the name.

The original registrant of facebok.com lost a slam-dunk UDRP case back in September 2010. He didn’t even bother defending the case.

But over half a year later, he’s still in control of the domain, and he’s using it to recruit folk into a shady-looking (but probably legal) subscription text messaging service.

EuroDNS is the registrar of record for the domain, and like all registrars is responsible for transferring domains lost under the UDRP to the winning party, in this case Facebook.

ICANN’s compliance department – my guess is under pressure from Facebook – has therefore threatened EuroDNS with termination unless it hands over the domain in the next three weeks.

This is noteworthy because EuroDNS isn’t the kind of tiny, fringe outfit ICANN usually files compliance notices against. It’s a generally respectable business. It even shows up to ICANN meetings.

EuroDNS deputy general counsel Luc Seufer tells me that the company was fully prepared to transfer the domain – it had even sent the authorization codes to Facebook – but it found itself on the receiving end of a lawsuit claiming that the domain had been “stolen”.

Somebody in Luxembourg, it seems, has sued to reclaim an obvious typo domain that’s probably going to be transferred to Facebook anyway.

“We are therefore in an incredible position where if we transfer the name before the judge’s ruling we will be accountable in our own country and if we don’t transfer the name we are in breach of the [Registrar Accreditation Agreement],” said Seufer.

The Luxembourg case has not yet made it to court, hence EuroDNS’s delay, he said. ICANN is aware of the action, and has seen the court papers, he said.

According to ICANN’s breach notice (pdf), the only way for EuroDNS to avoid its obligation under the UDRP is to show proof that the original registrant has sued Facebook to keep the domain.

But the case in question was filed by a third party claiming to be the rightful owner of the domain, not the original registrant. EuroDNS seems to be trapped between a rock and a hard place.

Seufer said the company is prepared to hand over the domain, adding:

Should we simply ignore a judiciary court case against us in our own country – that could prevent us from operating the transfer since it is was asked of the judge – because of our RAA’s obligations?

The domain in question, facebok.com, currently redirects to a series of sites asking visitors to fill in a survey to win a Mac.

Those who are duped by it are actually signing up to a text service that costs, in the UK, £4.50 ($7.40) per week.