Latest news of the domain name industry

Recent Posts

Kafka turns in grave as ICANN crowbars “useless” Greek TLD into the root

Kevin Murphy, September 9, 2019, Domain Policy

ICANN has finally approved a version of .eu in Greek script, but it’s already been criticized as “useless”.

Yesterday, ICANN’s board of directors rubber-stamped .ευ, the second internationalized domain name version of the European Union’s .eu, which will be represented in the DNS as .xn--qxa6a.

There’s a lot of history behind .ευ, much of it maddeningly illustrative of ICANN’s Kafkaesque obsession with procedure.

The first amusing thing to point out is that .ευ is technically being approved under ICANN’s IDN ccTLD Fast Track Process, a mere NINE YEARS after EURid first submitted its application.

The “Fast Track” has been used so far to approve 61 IDN ccTLDs. Often, the requested string is merely the name of the country in question, written in one of the local scripts, and the TLD is approved fairly quickly.

But in some cases, especially where the desired string is a two-character code, a string review will find the possibility of confusion with another TLD. This runs the risk of broadening the scope of domain homograph attacks sometimes used in phishing.

That’s what happened to .ευ, along with Bulgaria’s Cyrillic .бг and Greece’s own .ελ, which were rejected on string confusion grounds back in 2010 and 2011.

Under pressure from the Governmental Advisory Committee, ICANN then implemented an Extended Process Similarity Review Panel, essentially an appeals process designed to give unsuccessful Fast Track applicants a second bite at the apple.

That process led to Bulgaria being told that .бг was not too similar to Brazil’s .br, and Greece being told that .ελ did not look too much like .EA, a non-existent ccTLD that may or may not be delegated in future, after all.

But the EU’s .ευ failed at the same time, in 2014. The appeals review panel found that the string was confusable with upper-case .EY and .EV.

Again, these are not ccTLDs, just strings of two characters that have the potential to become ccTLDs in future should a new country or territory emerge and be assigned those codes by the International Standards Organization, a low-probability event.

I reported at the time that .ευ was probably as good as dead. It seemed pretty clear based on the rules at the time that if a string was confusable in uppercase OR lowercase, it would be rejected.

But I was quickly informed by ICANN that I was incorrect, and that ICANN top brass needed to discuss the results.

That seems to have led to ICANN tweaking the rules yet again in order to crowbar .ευ into the root.

In 2015, the board of directors reached out to the GAC, the ccNSO and the Security and Stability Advisory Committee for advice.

They dutifully returned two years later with proposed changes (pdf) that seemed tailor-made for the European Union’s predicament.

A requested IDN ccTLD that caused confusion with other strings in only uppercase, but not lowercase (just like .ευ!!!) could still get delegated, provided it had a comprehensive risk mitigation strategy in place, they recommended.

The recommendation was quickly approved by ICANN, which then sent its implementation guidelines (again, tailor-made for EURid (pdf)) back to the ccNSO/SSAC.

It was not until February this year that the ccNSO/SSAC group got back to ICANN (pdf) to approve of its implementation plan and to say that it has already tested it against EURid’s proposed risk-mitigation plan (pdf).

Basically, the process in 2009 didn’t produce the desired result, so ICANN changed the process. It didn’t produced the desired result again in 2014, so the process was changed again.

But at least Greek-speaking EU citizens are finally going to get a meaningful ccTLD that allows them to express their EUishness in their native script, right?

WRONG!

I recently read with interest and surprise a blog post by domainer-blogger Konstantinos Zournas, in which he referred to .ευ as the “worst domain extension ever”.

Zournas, who is Greek, opened my eyes to the fact that “.ευ” is meaningless in his native tongue. It’s just two Greek letters that visually resemble “EU” in Latin script. It’s confusing by design, but with .eu, a ccTLD that EURid already manages.

While not for a moment doubting Zournas’ familiarity with his own language, I had to confirm this on the EU’s Greek-language web site.

He’s right, the Greek for “European Union” is “Ευρωπαϊκής Ένωσης”, so the sensible two-letter IDN ccTLD would be .ΕΈ (those are Greek characters that look a bit like Latin E).

That would have almost certainly failed the ICANN string similarity process, however, as .ee/EE is the current, extant ccTLD for Estonia.

In short (too late), it seems to have taken ICANN the best part of a decade, and Jesus H Christ knows how many person-hours, to hack its own procedures multiple times in order to force through an application for a TLD that doesn’t mean anything, can’t be confused with anything that currently exists on the internet, and probably won’t be widely used anyway.

Gratz to all involved!

After long battle, first Bulgarian IDN domain goes live

Bulgarians finally have the ability to register domain names in their native Cyrillic script, after years of fighting with ICANN.

The domain Имена.бг, which translates as “names.bg” went live on the internet this week, according to local reports.

Bulgaria was one of the first countries to ask for a internationalized domain name version of its ccTLD, almost seven years ago, but it was rejected by ICANN in 2010.

The requested .бг was found too similar to Brazil’s existing Latin-script ccTLD .br. Evaluators thought the risk of phishing and other types of attacks was too high.

The requested string didn’t change, but ICANN processes were adapted to allow appeals and a new method for establishing similarity was established.

On appeal, .бг was determined to be less prone to confusion with .br than existing pairs of Latin ccTLDs are with each other, ergo should be approved.

Имена.бг does not yet directly resolve (for me at least) from the Google Chrome address bar. It’s treated as a web search instead. But clicking on links to it does work.

The new ccTLD, which is .xn--90ae in the DNS, was delegated last week.

The registry is Imena.bg (which also means “names.bg”), based in Sofia and partially owned by Register.bg, the .bg registry.

Despite the long battle, the success of .бг is by no means assured. IDNs have a patchy record worldwide.

It’s true that Russians went nuts for their .рф (.rf for Russian Federation) ccTLD during its scandal-rocked launch in 2010, but Arabic IDNs have had hardly any interest and the current boom in China seems to be largely concentrated on Latin-script TLDs.

.бг is expected to open for general registration in the fourth quarter.

I guess we’ll have to wait until at least next year to discover whether the concerns about confusion with .br were well-founded.

Bulgaria looking for an IDN registry operator

The Bulgarian government is looking for a company to run the registry for its recently awarded .бг internationalized domain name.

.бг is the Cyrillic equivalent of .bg, the nation’s existing ccTLD.

After a tortuous battle through ICANN’s IDN ccTLD Fast Track process — where it was repeatedly rejected for looking too much like Brazil’s .br — the string was finally approved after an appeal last October.

The RFP is being carried out by the Ministry of Transport, Information Technology and Communications and will be open for the next 90 days.

MTITC says the winner will be registry whose proposal most closely adheres to a “principles and requirements” document, which is currently a dead link on the ministry web site.

There’s no government money on offer, but the winner will be supported in its request to IANA for delegation of the TLD.

I gather that the bidding is open to any European Union company.

EU IDN not banned after all

Kevin Murphy, October 20, 2014, Domain Policy

The European Union request for the Greek-script ccTLD .ευ has not been thrown out, according to ICANN.

Last week DI reported that .ευ was the only one of three IDN ccTLD requests — the other two being Bulgaria’s .бг and Greece’s .ελ — to fail a test for confusing similarity on appeal.

.ευ was found to be confusingly similar to .EY and .EU, but only when in upper case.

The similarity panel’s decision would mean, I reported, that .бг and .ελ would be delegated but .ευ would not, under ICANN rules.

I wondered aloud what the Governmental Advisory Committee would think about that, given that it had lobbied for the creation of the appeals process in order to get an earlier rejection of .ευ overturned.

Shortly after publishing the article, ICANN reached out to say I was wrong and ask for a correction.

“We (ICANN) have not rejected the .ευ application,” a spokesperson said.

“Due to the unprecedented nature of the split results, the issue needs to be discussed at the senior management and Board level before a final decision is made,” he said.

The “split results” refers to the fact that there was found to be no confusing similarity with .ευ in lower case.

However, the ICANN rule I referred to says (which my emphasis):

The rule is that if the appearance of the selected string, in upper or lower case, in common fonts in small sizes at typical screen resolutions, is sufficiently close to one or more other strings, it is probable that a reasonable Internet user who is unfamiliar with the script perceives the strings to be the same or confuses one for the other.

That’s adapted almost verbatim from the original recommendations of the ccNSO. The only addition ICANN made was to add the clearly important clause “in upper or lower case” to the text.

It seemed pretty straightforward to me — confusing similarity exists regardless of case.

I pointed this out to ICANN last Wednesday and asked where I could find the rule that said the ICANN board or staff get to review a “split results” finding but have yet to receive a reply.

Bulgaria and Greece win IDN ccTLDs on appeal

Kevin Murphy, October 15, 2014, Domain Policy

Campaigns in Bulgaria and Greece to get ICANN to un-reject their Cyrillic and Greek-script ccTLD requests have proven successful.

The first decisions handed down by ICANN’s new Extended Process Similarity Review Panel this week said Bulgaria’s .бг and Greece’s .ελ are not “confusingly similar” to other ccTLDs after all.

However, a third appeal by the European Union over the Greek .ευ was rejected on the grounds that the string is too confusingly similar to .EV and .EY when in upper case.

Confusing strings should not be delegated, under ICANN rules, due to the risk of exacerbating the prevalence of security risks such as phishing attacks.

Bulgaria’s initial request for .бг was turned down in 2010 after a panel found it looks too similar to Brazil’s existing ccTLD, .br.

Greece’s bid for .ελ had been blocked for looking too much like .EA, a non-existent ccTLD that could be delegated to a new country in future.

While the initial panel’s process was pretty opaque, the newly published “extended” reviews appear to have employed a fairly scientific methodology to determine similarity.

Twenty American undergraduate student volunteers were shown pairs of strings briefly on screens designed to simulate web browsing. They then had to pick out which one they’d seen.

The volunteers were also shown pairs of similar-looking Latin-script ccTLDs that already exist, in order to establish a baseline for what should be considered an acceptable level of confusability.

The Greek and Bulgarian strings were both found to be less confusing than existing pairs of Latin-script ccTLDs and were therefore given the thumbs-up. The EU string flunked in upper case.

Under ICANN’s rules, it appears that .бг and .ελ can now proceed to delegation, while .ευ has been forever rejected.

The three reports can be downloaded here.

It will be interesting to see how the ICANN Governmental Advisory Committee will react to this.

It was pressure from the GAC — driven by the European Commission and Greece — back in 2012 that forced ICANN into creating the appeals process.

At ICANN’s meeting in Prague that year, the GAC said:

The GAC is of the view that decisions may have erred on the too-conservative side, in effect applying a more stringent test of confusability between Latin and non-Latin scripts than when undertaking a side by side comparison of Latin strings.

Now the EU seems to have been told that it still can’t have its requested ccTLD, and the standard applied was exactly the same standard as applies to Latin ccTLDs.

Will the GAC accept this determination, or stomp its feet?

Iraq to get IDN ccTLD

Kevin Murphy, September 26, 2014, Domain Registries

Iraq was this week granted the right to use a new Arabic-script country-code top-level domain.

ICANN said the war-torn nation’s request for عراق., which is Arabic for “Iraq”, has passed the String Evaluation phase of the IDN ccTLD Fast Track program.

Like .iq, the registry will be the government’s Communications and Media Commission.

Once delegated, the Punycode inserted into the root will be .xn--mgbtx2b.

ICANN said Iraq is the 33rd nation to have an IDN ccTLD request approved. There are currently 26 IDN ccTLDs in the root. Most of them aren’t doing very well.

dotShabaka Diary — Day 15, Iran and Name Collisions

Kevin Murphy, October 3, 2013, Domain Registries

The fifteenth installment of dotShabaka Registry’s journal, charting its progress towards becoming one of the first new gTLDs to go live, written by general manager Yasmin Omer.

Thursday 3 October 2013

At a time when ICANN has hit the ‘pause’ button on the new gTLD program in order to assess the impact of “name collisions” on the security and stability of the DNS, we were surprised to see the ICANN Board approve the delegation of ایران., the IDN ccTLD for the Islamic Republic of Iran. While we understand the many distinctions between a ccTLD and a gTLD, the DNS does not make any such distinction.

As we’ve heard from Paul Mockapetris and John Crain recently in their interviews posted on the ICANN website, name collisions (or, more accurately, NX Domain responses) is not a new phenomenon; they have been evident with the introduction of any TLD and with existing TLDs in the root. Experience has shown that steps have been taken to successfully resolve the issues. We understand that ICANN is concerned that the use of NX Domain responses has the potential to create confusion with the introduction of new TLDs into the DNS.

As a contracted party with ICANN, شبكة. (an IDN gTLD) is unable to be delegated as we wait the outcomes of ICANN’s deliberations on name collisions. We have paid our $185,000 application fee, we have undertaken a very resource intensive exercise to ensure a compliant application, we have passed Initial Evaluation, we have signed a registry agreement with ICANN, we have passed pre-delegation testing and yet we sit and wait.

Our understanding of the IDN ccTLD fast track process is that it is much less rigorous, the application fee is voluntary, there is no requirement to enter into a contract with ICANN, the TLD can develop a launch strategy that is not restricted by ICANN mandated rights protection mechanisms, and any contribution to ICANN’s budget is voluntary. But because this is a ccTLD and not a new gTLD, the Board has seen fit to approve this delegation request at this time despite the serious conversation going on in the community about name collisions.

As we said previously, the DNS does not distinguish between a ccTLD or a gTLD, or for that matter an IDN ccTLD or an IDN gTLD. We would appreciate an explanation as to why we sit and wait for delegation while the IDN ccTLD is approved.

Read previous and future diary entries here.

Some countries not paying ICANN for their IDNs

Kevin Murphy, December 16, 2010, Domain Registries

ICANN may have to fund some of its IDN ccTLD Fast Track program out of its own pocket, due to at least one country not paying its full fees, judging from information released this week.

ICANN had invoiced applicants for a total of $572,000, but only $106,000 had been received, according to briefing documents (pdf, page 114) presented at the ICANN board’s October 28 meeting.

The organization invoices registries $26,000 for each TLD string it evaluates, but the fees are not mandatory, for political reasons. As of October, it had presumably billed for 22 strings.

At least one country appears to have had its applications processed at a knock-down rate.

Sri Lanka, which was billed $52,000 for two strings, only paid $2,000, and the remaining $50,000 appears to have been written off as “uncollectable”.

Russia, Egypt, South Korea and Tunisia had paid their fees in full.

While the remaining 17 evaluated ccTLDs may not have paid up by October, that’s not to say they have not paid since or will not pay in future.

ICANN also plans to bill IDN ccTLDs 1-3% of annual revenue as a “contribution”, which also won’t be mandatory, but no registry has been live long enough to receive that bill yet.

Review reveals ccTLD fast-track criticisms

Kevin Murphy, October 25, 2010, Domain Registries

ICANN has launched a review of its internationalized domain name fast-track process, revealing a number of criticisms its country-code domain applicants have apparently had.

The IDN ccTLD Fast Track Process is a way for ccTLD operators to quickly start selling fully non-Latin domains in their own local script.

It’s so far been successfully used to delegate IDN ccTLDs in Arabic, Chinese and Cyrillic scripts, among others.

ICANN now wants to know if it should make any improvements to the process and has opened a 60-day public comment period to solicit suggestions.

Because quite a lot of the Fast Track takes place behind closed doors, ICANN has also offered up a fairly revealing list of possible discussion topics.

It appears that the process has created new pressure points between ICANN and international governments, which are often formally affiliated with their ccTLDs.

For example, some governments dislike the fact that Fast Track requires the applicant to show support for its chosen string from its local community. ICANN reported:

Some [applicants] do not find it necessary to demonstrate community support for the string nor the manager. The reason being that such decisions can be made by government entities, and the need for support undermines the authority of the government in the country or territory.

There also appears to have been a bit of push-back from governments on the issue of “meaningfulness”, where applicants have to show their requested string adequately represents their territory’s name.

ICANN said:

Some requesters have stated that this requirement is not necessary in cases where the strings requested are agreed to by the government and otherwise seem obviously meaningful.

In a concession to governments with sovereignty or financial concerns, ICANN does not charge an up-front fee for handling IDN ccTLD requests under the Fast Track.

Instead, it “recommends” a processing fee of $26,000 per string, which it invoices toward the end of the process, plus an ongoing 1-3% of IDN registration revenue.

So far, it has received $106,000 (covering presumably four strings, accounting for exchange rates), indicating that there are 11 IDN ccTLDs currently in the root that have not yet been paid for.

It will be interesting to see how many ccTLDs ultimately choose to pay up, and how many are happy for ICANN’s costs to be covered by fees paid by gTLD registrants like me and you.

The Fast Track review may also cover the topic of disputes and appeals. Currently, there is no dedicated mechanism by which a ccTLD that has had its requested string rejected can ask for reconsideration.

ICANN asks whether this should be changed.

Earlier this year, Bulgaria had its request for .бг (.bg) declined on the grounds that it looks too much like Brazil’s Latin ccTLD, .br and said it planned to appeal.

The ICANN public comment period, with the full list of suggested discussion topics, can be found here.

Iran’s Arabic domain choice approved

Kevin Murphy, October 16, 2010, Domain Registries

Iran’s choice of Arabic-script top-level domain has passed the string approval stage of ICANN’s internationalized domain name process, making a delegation likely before long.

The manager of Iran’s existing Latin-script ccTLD, .ir, applied for ایران and ايران, which mean “Iran” in Persian. The two look identical to me, so I’m assuming they just use different Unicode code points.

In Punycode, the two strings are .xn--mgba3a4f16a and .xn--mgba3a4fra. Both have been given the stamp of approval, meaning Iran will now have to apply to IANA for delegation.

According to ICANN, there are currently 18 IDN ccTLD strings approved and awaiting delegation, belonging to Iran, India, Saudi Arabia, Qatar, Singapore, Syria and Taiwan.

Some of these countries, such as Saudi Arabia and Taiwan, already have IDNs live in the DNS root, but also have multiple backup variants that have been approved but not yet delegated.

So far, of the 33 strings that have been applied for, only two have been rejected. One of those was Bulgaria’s .бг, which was considered too confusingly similar to Brazil’s .br.

  • Page 1 of 2
  • 1
  • 2
  • >