Latest news of the domain name industry

Recent Posts

Forget emojis, you can buy Egyptian hieroglyph .com domains

Call them the Emojis of the Ancient World.

Egyptian hieroglyphs were once the cutting edge of written communication, and it turns out Verisign lets you register .com domains using them.

Internationalized domain names expert Andre Schapp discovered a couple months ago that the Unicode code points for the ancient script have been approved in 16 Verisign gTLDs, and apparently no others.

This means that domains such as hieroglyph should resolve.

Unfortunately, DI’s database does not support these characters, so I’m having to use images.

But at least one domain investor seems have snapped up a few dozen single-pictograph Egyptian hieroglyph names about a month ago, and his page has clickable links.

Whether you see the hieroglyph or the Punycode, prefixed “xn--“, seems to depend on your browser configuration.

Ancient Egyptian is apparently not the only dead script that Verisign supports.

According to IANA, you can also get .com domains in Sumero-Akkadian cuneiform, which went out of fashion in the second century CE, as well Phoenician, the world’s oldest known script.

Then there’s Imperial Aramaic, Meitei, Kharosthi, ‘Phags-pa, Sylheti Nagari and goodness knows how many other extinct writing systems.

It seems .com has been approved for 237 IDN scripts, in total. Let it not be said that Verisign does not offer domainers ample opportunity to spunk their cash on gibberish.

No Klingon, though.

Emoji domains get a 👎 from security panel

Kevin Murphy, May 30, 2017, Domain Tech

The use of emojis in domain names has been discouraged by ICANN’s Security and Stability Advisory Committee.

In a paper late last week, SSAC told ICANN that emojis — aka emoticons or smileys — lack standardization, are barred by the relevant domain name technical standards, and could cause user confusion.

Emoji domains, while technically possible, are not particularly prevalent on the internet right now.

They’re implicitly banned in gTLDs due to the contractual requirement to adhere to the IDNA2008 standard, which restricts internationalized domain names to actual spoken human languages, and the only ccTLD I’m aware of actively marketing the names is Samoa’s .ws.

There was a notable example of Coca Cola registering 😀.ws (xn--h28h.ws) for a billboard marketing campaign in Puerto Rico a couple of years ago, but that name has since expired and been registered by an Australian photographer.

The SSAC said that emoji use should be banned in TLDs and discouraged at the second level for several reasons.

Mainly, the problem is that while emojis are described in the Unicode standards, there’s no standardization across devices and applications as to how they are displayed.

A certain degree of creative flair is permitted, meaning a smiling face in one app may look unlike the technically same emoji in another app. On smaller screens and with smaller fonts, technically different emojis may look alike.

This could lead to confusion, which could lead to security problems, SSAC warns:

It is generally difficult for people to figure out how to specify exactly what happy face they are trying to produce, and different systems represent the same emoji with different code points. The shape and color of emoji can change while a user is viewing them, and the user has no way of knowing whether what they are seeing is what the sender intended. As a result, the user is less likely to reach the intended resource and may instead be tricked by a phishing site or other intentional misrepresentation.

SSAC added that it:

strongly discourages the registration of any domain name that includes emoji in any of its labels. The SSAC also advises registrants of domain names with emoji that such domains may not function consistently or may not be universally accessible as expected

The brief paper can be read here (pdf).

Why you can’t register emojis in gTLDs

Kevin Murphy, February 25, 2015, Domain Tech

The popular “emoji” smiley faces are banned as gTLD domain names for technical reasons, according to ICANN.

Emojis are a form of emoticon that originated on Japanese mobile networks but are now used by 12-year-old girls worldwide due to their support on Android and iPhone operating systems.

CokeIt emerged last week that Coca-Cola has registered a bunch of smiley-face domain names under .ws, the Samoan ccTLD, for use in an billboard advertising campaign in Puerto Rico.

.ws was selected because it’s one of only a few TLDs that allow emojis to be registered. Coke is spinning its choice of TLD as an abbreviation for “We Smile”.

This got me thinking: would emojis be something new gTLD registries could start to offer in order to differentiate themselves?

Coke’s emoji domains, it turns out, are just a form of internationalized domain name, like Chinese or Arabic or Greek.

Emoji symbols are in the Unicode standard and could therefore be converted to the ASCII-based, DNS-compatible Punycode under the hood in web browsers and other software.

One of Coke’s (smiley-face).ws domain names is represented as xn--h28h.ws in the DNS.

Unfortunately for gTLD registries, ICANN told DI last night that emojis are not permitted in gTLDs.

“Emoticons cannot be used as IDNs as these code points are DISALLOWED under IDNA2008 protocol,” ICANN said in a statement.

IDNA2008 is the latest version of the IETF standard used to define what Unicode characters can and cannot appear in IDNs.

RFC 5892 specifies what can be included in an IDNA2008 domain name, eliminating thousands of letters and symbols that were permissible under the old IDNA2003 standard.

These characters were ostensibly banned due to the possibility of IDN homograph attacks — when bad guys set up spoof web sites on IDNs that look almost indistinguishable from a domain used by, for example, a bank or e-commerce site.

But Unicode, citing Google data, reckons symbols could only ever be responsible for 0.000016% of such attacks. Most homograph attacks are much simpler, relying on for example the visual similarity of I and l.

Regardless, because IDNA2008 only allows Unicode characters that are actually used in spoken human languages, and because gTLD registries are contractually obliged to adhere to the IDNA2008 technical standards, emojis are not permitted in gTLDs.

All new gTLDs have to provide ICANN with a list of the Unicode code points they plan to support as IDNs when they undergo pre-delegation testing. Asking to support characters incompatible with IDNA2008 would result in a failed test, ICANN tells us.

ICANN does not regulate ccTLDs, of course, so the .ws registry is free to offer whatever domains it wants.

However, ICANN said that emoji domains are only currently supported by software that has not implemented the newer IDN protocol:

Emoticon domains only work in software that has not implemented the latest IDNA standard. Only the older, deprecated version of the IDNA standard allowed emoticons, more or less by accident. Over time, these domains will increasingly not work correctly as software vendors update their implementations.

So Coke, while winning brownie points for novelty, may have registered a bunch of damp squibs.

ICANN also told us that, regardless of what the technical standards say, you’d never be able to apply for an emoticon as a gTLD due to the “letters only” principle, which already bans numbers in top-level strings.