Latest news of the domain name industry

Recent Posts

Google could shake up the registry market with new open-source Nomulus platform

Kevin Murphy, October 19, 2016, Domain Registries

Google has muscled in to the registry service provider market with the launch of Nomulus, an open-source TLD back-end platform.

The new offering appears to be tightly integrated with Google’s various cloud services, challenging long-held registry pricing conventions.

There are already indications that at least one of the gTLD market’s biggest players could be considering a move to the service.

Donuts revealed yesterday it has been helping Google with Nomulus since early 2015, suggesting a shift away from long-time back-end partner Rightside could be on the cards.

Nomulus, which is currently in use at Google Registry’s handful of early-stage gTLDs, takes care of most of the core registry functions required by ICANN, Google said.

It’s a shared registration system based on the EPP standard, able to handle all the elements of the domain registration lifecycle.

Donuts contributed code enabling features it uses in its own 200-ish gTLDs, such as pricing tiers, the Early Access Period and Domain Protected Marks List.

Nomulus handles Whois and likely successor protocol RDAP (Registration Data Access Protocol).

For DNS resolution, it comes with a plug-in to make TLDs work on the Google Cloud DNS service. Users will also be able to write code to use alternative DNS providers.

There’s also software to handle daily data escrow to a third-party provider, another ICANN-mandated essential.

But Nomulus lacks critical features such as billing and fully ICANN-compliant reporting, according to documentation.

So will anyone actually use this? And if so, who?

It’s too early to say for sure, but Donuts certainly seems keen. In a blog post, CEO Paul Stahura wrote:

As the world’s largest operator of new TLDs, Donuts must continually explore compelling technologies and ensure our back-end operations are cost-efficient and flexible… Google has a phenomenal record of stability, an almost peerless engineering team, endless computing resources and global scale. These are additional potential benefits for us and others who may contribute to or utilize the system. We have been happy to evaluate and contribute to this open source project over the past 20 months because this platform provides Donuts with an alternative back-end with significant benefits.

In a roundabout way, Donuts is essentially saying that Nomulus could work out cheaper than its current back-end, Rightside.

The biggest change heralded by Nomulus is certainly pricing.

For as long as there has been a competitive market for back-end domain registry services, pricing has been on a per-domain basis.

While pricing and model vary by provider and customer, registry operators typically pay their RSPs a flat fee and a buck or two for each domain they have under management.

Pricing for dot-brands, where DUM typically comes in at under 100 today, is believed to be weighted much more towards the flat-fee service charge element.

But that’s not how Nomulus is to be paid for.

While the software is open source and free, it’s designed to run on Google’s cloud hosting services, where users are billed on the fly according to their usage of resources such as storage and bandwidth consumed.

For example, the Google Cloud Datastore, the company’s database service that Nomulus uses to store registration and Whois records, charges are $0.18 per gigabyte of storage per month.

For a small TLD, such as a dot-brand, one imagines that storage costs could be reduced substantially.

However, Nomulus is not exactly a fire-and-forget solution.

There is no Google registry service with customer support reps and such, at least not yet. Nomulus users are responsible for building and maintaining their registry like they would any other hosted application.

So the potentially lower service costs would have to be balanced against potentially higher staffing costs.

My hunch based on the limited available information is that for a dot-brand or a small niche TLD operating on a skeleton crew that may lack technical expertise, moving to Nomulus could be a false economy.

With this in mind, Google may have just created a whole new market for middleman RSPs — TLD management companies that can offer small TLDs a single point of contact for technical expertise and support but don’t need to build out and own their own expensive infrastructure.

The barrier to entry to the RSP market may have just dropped like a rock, in other words.

And Nomulus may work out more attractive to larger TLD operators such as Donuts, with existing teams of geeks, that can take advantage of Google’s economies of scale.

Don’t expect any huge changes overnight though. Migrating between back-ends is not an easy or cheap feat.

As well as ICANN costs, and data migration and software costs, there’s also the non-trivial matter of shepherding a horde of registrars over to the new platform.

How much impact Nomulus will have on the market remains to be seen, but it has certainly given the industry something to think about.

Donuts will cut off sham .doctors

Kevin Murphy, October 17, 2016, Domain Registries

Donuts has outlined plans to suspend or delete .doctor domain names used by fake medical doctors.

Despite protestations from governments and others, .doctor will not be a restricted gTLD when it goes to general availability next week — anyone will be able to register one.

However, Donuts said last week that it will shut down phony doctor sites:

While we are firmly committed to free speech on the Internet, we however will be on guard against inappropriate or dangerous uses of .DOCTOR. Accordingly, if registrants using this name make the representation on their websites that they are licensed medical practitioners, they should be able to demonstrate upon request that in fact they hold such a license. Failure to so demonstrate could be considered a violation of the terms of registration and may subject the registrant to registrar and registry rights to delete, revoke, suspend, cancel, or transfer a registration.

A Donuts spokesperson said that the registry will have the right to conduct spot-checks on sites, but at first will only police the gTLD in response to complaints from others.

“We have the right to spot check, but no immediate plans to do so,” he said.

In a few fringe cases, the failure to present a license would not result in the loss of a domain.

For example, a “registrant is in a jurisdiction that doesn’t license doctors (if that exists)” or a “registrant that represents him/herself as a licensed medical doctor, but uses the site to sell cupcakes”, the spokesperson said.

ICANN’s Governmental Advisory Committee had wanted .doctor restricted to medical doctors, but Donuts complained noting that “doctor” is an appellation used in many other fields beyond medicine.

It can also be used in fanciful ways to market products, the registry said.

ICANN eventually sided with Donuts, allowing it to keep an open TLD as long as it included certain Public Interest Commitments in its registry contract.

.doctor goes to GA October 26.

For $10,000, Donuts will block hundreds of typos and premiums for your brand

Kevin Murphy, September 28, 2016, Domain Registries

Donuts has announced an expansion of its domain-blocking service that will enable brand owners to cheaply (kinda) block misspellings of their trademarks.

Brand owners whose trademarks match “premium” generic strings will also be able to take matching domains out of circulation using the registry’s new DPML Plus service.

DPML, for Domain Protected Marks List, is Donuts’ way of giving trademark owners a way to bulk-block their marks across Donuts’ entire stable of gTLDs, which currently stands at 197 strings.

With typical sunrise period prices at $200+, registering a single string across almost 200 gTLDs during sunrise could near a $40,000 outlay. In general availability, it would often be about a tenth of that price.

But the original DPML, with a roughly $3,000 retail price for a five-year block, reduced the cost to protect a single string to about $3 per domain per year.

Now, with DPML Plus, Donuts is offering a premium service that adds the ability to block typos and premium names.

Typos and substring-based blocking were near the top of the intellectual property community’s wish-list when the new gTLD program was being developed, but those features were never incorporated into ICANN rights protection mechanisms.

But for $9,999 (suggested retail price), DPML Plus buyers get a 10-year block on the string that matches their trademark and three extra strings that are either typos of the trademark or contain the trademark as a substring, Donuts said.

So Google would for example be able to block android.examples, anrdoid.examples, androidphone.examples and googleandroidphone.examples using a single DPML Plus subscription.

Basically, they get to block up to 788 domains at $9,999 over 10 years, which works out to about $1.26 per domain per year.

It looks nice and cheap on that basis, but companies wishing to block dozens of base trademarks would be looking at six or seven-figure up-front payments.

DPML Plus also lifts the ban on blocking “premium” domains.

Under the old DPML, customers could not block a domain if Donuts had flagged it with a premium price, but under DPML Plus they can.

This opens the door to brand owners who have valuable trademarks on generic dictionary words to get them blocked across the whole Donuts portfolio.

A Donuts spokesperson said the company reserves the right to reject such strings if it suspects gaming.

Another benefit of the DPML Plus is the ability to prevent other companies with identical trademarks later unblocking and snatching blocked domains for themselves.

Currently, third parties with matching brands can “override” DPML blocks, but that feature is turned off for DPML Plus subscribers. They get exclusivity for the life of the block.

Donuts said the Plus offer will only be available to buy between October 1 and December 31.

As an added carrot, from January 1 the price of its vanilla DPML service is going to go up by an amount the company currently does not want to disclose.

Could ICANN reject Verisign’s $135m .web bid?

Kevin Murphy, September 21, 2016, Domain Registries

ICANN is looking into demands for it to throw out Verisign’s covert $135 million winning bid for the highly prized .web gTLD.

ICANN last week told the judge hearing Donuts’ .web-related lawsuit that it is “currently in the process of investigating certain of the issues raised” by Donuts through its “internal accountability mechanisms”.

Donuts is suing for $22.5 million, claiming ICANN should have forced Nu Dot Co to disclose that its .web bid was being secretly bankrolled by Verisign and alleging that the .com heavyweight used NDC as cover to avoid regulatory scrutiny.

ICANN’s latest filing (pdf), made jointly with Donuts, asked for an extension to October 26 of ICANN’s deadline to file a response to Donuts’ complaint.

It was granted, the second time the deadline has been extended, but the judge warned it was also the final time.

The referenced “internal accountability mechanism” would seem to mean the Cooperative Engagement Process — a low-formality bilateral negotiation — that Donuts and fellow .web bidder Radix initiated against ICANN August 2.

The filing states that the “resolution of certain issues in controversy may be aided by allowing [ICANN] to complete its investigation of [Donuts’] allegations prior to the filing of its responsive pleading.”

In other words, Donuts is either hopeful that ICANN may be able to resolve some of its complaints in the next month, or it’s not particularly impatient about the case progressing.

Meanwhile, fellow .web applicant Afilias has demanded for the second time that ICANN hand over .web to it, as the second-highest bidder, throwing out the NDC/Verisign application.

In a September 9 letter, published last night, Afilias told ICANN to “disqualify and reject” NDC’s application, alleging at least three breaches of ICANN rules.

Afilias says that by refusing to disclose Verisign’s support for its bid, NDC broke the rules and should have its application thrown out.

The company also confirmed on the public record for what I believe is the first time that it was the second-highest bidder in the July 27 auction.

Afilias would pay somewhere between $57.5 million and $71.9 million for the gTLD, depending on what the high bid of the third-placed applicant was.

In its new letter, Afilias says NDC broke the rule from the Applicant Guidebook that does not allow applicants to “resell, assign or transfer any of applicant’s rights or obligations in connection with the application”.

It also says that NDC was obliged by the AGB to notify ICANN of “changes in financial position and changes in ownership or control”, which it did not.

It finally says that Verisign used NDC as a front during the auction, in violation of auction rules.

“In these circumstances, we submit that ICANN should disqualify NDC’s bid and offer to accept the application of Afilias, which placed the second highest exit bid,” Afilias general counsel Scott Hemphill wrote (pdf).

Hemphill told ICANN to defer from signing a Registry Agreement with NDC or Verisign, strongly implying that Afilias intends to invoke ICANN accountability mechanisms (presumably meaning the Request for Reconsideration process and/or Independent Review Process).

While Afilias and Donuts are both taking issue with the secretive nature of Verisign’s acquisition of .web, they’re not necessarily fighting the same corner.

Donuts is looking for $22.5 million because that’s roughly what it would have received if the .web contention set had been resolved via private auction and $135 million had been the winning bid.

But Afilias wants the ICANN auction outcome to stand, albeit with NDC’s top bid rejected. That would mean Donuts, Radix, and the other applicants would still receive nothing.

There’s also the question of other new gTLD applications that have prevailed at auction and been immediately transferred to third-party non-applicants.

The most notable example of this was .blog, which was won by shell company Primer Nivel with secretive backing from WordPress maker Automattic.

Donuts itself regularly wins gTLD auctions and immediately transfers its contracts to Rightside under a pre-existing agreement.

In both of those cases, the reassignment deals predated, but were not disclosed in, the respective applications.

There’s the recipe here for a messy, protracted bun fight over .web, which should come as no surprise to anyone.

.hotel losers gang up to threaten ICANN with legal bills

Kevin Murphy, August 30, 2016, Domain Registries

The six losing applicants for the .hotel new gTLD are collectively threatening ICANN with a second Independent Review Process action.

Together, they this week filed a Request for Reconsideration with ICANN, challenging its decision earlier this month to allow the Afilias-owned Hotel Top Level Domain Sarl application to go ahead to contracting.

HTLD won a controversial Community Priority Evaluation in 2014, effectively eliminating all rival applicants, but that decision was challenged in an IRP that ICANN ultimately won.

The other applicants think HTLD basically cobbled together a bogus “community” in order to “game” the CPE process and avoid an expensive auction.

Since the IRP decision, the six other applicants — Travel Reservations, Famous Four Media, Radix, Minds + Machines, Donuts and Fegistry — have been arguing that the HTLD application should be thrown out due to the actions of Dirk Krischenowski, a former key executive.

Krischenowski was found by ICANN to have exploited a misconfiguration in its own applicants’ portal to download documents belonging to its competitors that should have been confidential.

But at its August 9 meeting, the ICANN board noted that the timing of the downloads showed that HTLD could not have benefited from the data exposure, and that in any event Krischenowski is no longer involved in the company, and allowed the bid to proceed.

That meant the six other applicants lost the chance to win .hotel at auction and/or make a bunch of cash by losing the auction. They’re not happy about that.

It doesn’t matter that the data breach could not have aided HTLD’s application or its CPE case, they argue, the information revealed could prove a competitive advantage once .hotel goes on sale:

What matters is that the information was accessed with the obvious intent to obtain an unfair advantage over direct competitors. The future registry operator of the .hotel gTLD will compete with other registry operators. In the unlikely event that HTLD were allowed to operate the .hotel gTLD, HTLD would have an unfair advantage over competing registry operators, because of its access to sensitive business information

They also think that HTLD being given .hotel despite having been found “cheating” goes against the spirit of application rules and ICANN’s bylaws.

The RfR (pdf) also draws heavily on the findings of the IRP panel in the unrelated Dot Registry (.llc, .inc, etc) case, which were accepted by the ICANN board also on August 9.

In that case, the panel suggested that the board should conduct more thorough, meaningful reviews of CPE decisions.

It also found that ICANN staff had been “intimately involved” in the preparation of the Dot Registry CPE decision (though not, it should be noted, in the actual scoring) as drafted by the Economist Intelligence Unit.

The .hotel applicants argue that this decision is incompatible with their own IRP, which they lost in February, where the judges found a greater degree of separation between ICANN and the EIU.

Their own IRP panel was given “incomplete and misleading information” about how closely ICANN and the EIU work together, they argue, bringing the decision into doubt.

The RfR strongly hints that another IRP could be in the offing if ICANN fails to cancel HTLD application.

The applicants also want a hearing so they can argue their case in person, and a “substantive review” of the .hotel CPE.

The HTLD application for .hotel is currently “On Hold” while ICANN sorts through the mess.