Latest news of the domain name industry

Recent Posts

Amazon finally gets its dot-brands despite last-minute government plea

Amazon’s three long-sought dot-brand gTLDs were added to the DNS root last night, despite an eleventh-hour attempt by South American governments to drag the company back to the negotiating table.

.amazon, along with the Japanese and Chinese translations — .アマゾン (.xn--cckwcxetd) and .亚马逊 (.xn--jlq480n2rg) — and its NIC sites have already gone live.

Visiting nic.amazon today will present you with a brief corporate blurb and a link to Amazon’s saccharine social-responsibility blog. As a dot-brand, only Amazon will be allowed to use .amazon domains.

The delegations come despite a last-minute plea to ICANN by the eight-government Amazon Cooperation Treaty Organization, which unsuccessfully tried to insert itself into the role of “joint manager” of the gTLDs.

ACTO believes its historical cultural right to the string outweighs the e-commerce giant’s trademark, and that its should have a more or less equal role in the gTLD’s management.

This position was untenable to Amazon, which countered with a collection of safeguards protecting culturally sensitive strings and various other baubles.

Talks fell through last year and ICANN approved the gTLDs over ACTO’s objections.

ACTO’s secretary-general, Alexandra Moreira, wrote to ICANN (pdf) May 21 to take one last stab at getting Amazon back in talks, telling CEO Göran Marby:

the name “Amazon” pertains to a geographical region constituting an integral part of the heritage of its countries. Therefore, we Amazonians have the right to participate in the governance of the “.amazon” TLD.

Our side is ready to resume negotiations on the TLD’s governance with the Amazon Corporation., from the point where their side interrupted it, with a view to arriving at a satisfactory agreement.

Her letter came in response to an earlier Marby missive (pdf) that extensively set out ICANN’s case that talks fell apart due to ACTO repeatedly postponing and cancelling scheduled meetings.

Despite the fact that Amazon’s basically got what it wanted, seven years after filing its gTLD applications, ACTO’s members didn’t get nothing.

The contracts Amazon signed with ICANN back in December have Public Interest Commitments in them that allow the governments to reserve up to 1,500 culturally sensitive strings from registration, as well as giving each nation its own .amazon domain.

Whois privacy talks in Bizarro World as governments and trademark owners urge coronavirus delay

Kevin Murphy, April 15, 2020, Domain Policy

Coronavirus may have claimed another victim at ICANN — closure on talks designed to reopen private Whois data to the likes of law enforcement and trademark owners.

In a remarkable U-turn, the Governmental Advisory Committee, which has lit a series a fires under ICANN’s feet on this issue for over a year, late last week urged that the so-called Expedited Policy Development Process on Whois should not wrap up its work in June as currently planned.

This would mean that access to Whois data, rendered largely redacted worldwide since May 2018 due to the GDPR regulation in Europe, won’t be restored to those who want it as quickly as they’ve consistently said that they want it.

Surprisingly (or perhaps not), pro-access groups including the Intellectual Property Constituency and Business Constituency sided with the GAC’s request.

In an email to the EPDP working group’s mailing list on Thursday, GAC chair Manal Ismail indicated that governments simply don’t have the capacity to deal with the issue due to the coronavirus pandemic:

In light of the COVID-19 pandemic, and its drastic consequences on governments, organizations, private sector and individuals worldwide, I would like to express our serious concerns, as GAC leaders, that maintaining the current pace of work towards completion of Phase 2 by mid-June could jeopardize the delivery, efficacy and legitimacy of the EPDP’s policy recommendations.

While recognizing that the GAC has continually advised for swiftly completing policy development and implementing agreed policy on this critical public policy matter, we believe that given the current global health emergency, which puts many in the EPDP and the community under unprecedented stress (for example governments has been called to heightened duties for the continuity of essential public services), pressing important deliberations and decisions in such a short time frame on already strained participants would mean unacceptably sacrificing the product for the timeline.

We understand there are budget and human resources considerations involved in the completion of Phase 2 of the EPDP. However, we are all living through a global health pandemic, so we call on the EPDP Team to seriously reassess its course and expectations (be it on the duration of its calls, the turn-around time of reviews, its ultimate timeline and budget) emulating what numerous governments, global organizations, and households are doing to adapt during these challenging times across the world.

In April last year, before the EPDP group had even formally started its current phase of talks, Ismail wrote to ICANN to say the GAC expected the discussions to be more or less wrapped up by last November and that the new policy be implemented by this April.

Proponents of the access model such as Facebook have taken to suing registrars for not handing over Whois data in recent months, impressing the need for the issue to be urgently resolved.

So to now request a delay beyond June is a pretty big U-turn.

While Ismail later retracted her request for delay last Thursday, it was nevertheless discussed by the working group that same day, where the IPC, the BC and the ALAC all expressed support for the GAC’s position.

The registrars and registries, the non-commercial users and the ISPs were not supportive.

Delay might be tricky. For starters, hard-sought neutral working group chair Janis Karklins, has said he can’t continue working on the project beyond June 30, and the group has not secured ICANN funding for any further extensions to its work.

It will be up to the GNSO Council to decide whether to grant the extension, and the ICANN board to decide on funding.

The working group decided on Thursday to ask the Council for guidance on how to proceed.

What’s worrying about the request, or at least the IPC and BC’s support of it, is that coronavirus may just be being deployed as an excuse to extend talks because the IP owners don’t like the proposal currently on the table.

“The reality is we’re looking at a result that is… just not going to be sufficient from our perspective,” MPAA lawyer Frank Journoud, an IPC rep on the working group, said on its Thursday call. “We don’t want the perfect to be the enemy of the good, but right now we’re not even going to get to good.”

The current state of play with the working group is that it published its initial report (pdf) for public comment in February.

The group is recommending something called SSAD, for Standardized System for Access and Disclosure, in which a central gateway provider, possibly ICANN itself, would be responsible for granting Whois access credentials and fielding requests to the relevant registries and registries.

The almost 70 comments submitted before the March 23 deadline have been published in an unreadable, eye-fucking Google spreadsheet upon which transparency-loving ICANN may as well have hung a “Beware of the Leopard” sign. The staff summary of the comments is currently nine days late.

Amazon governments vow revenge for “illegal and unjust” ICANN decision on .amazon

Kevin Murphy, January 17, 2020, Domain Policy

The eight nations of the Amazon Cooperation Treaty Organization are unhappy that ICANN is giving .amazon to Amazon the retailer and have vowed to spread the word that ICANN has acted “illegally”.

ACTO secretary general Alexandra Moreira has written (pdf) to ICANN CEO Göran Marby to say: “We consider this decision an illegal and unjust expropriation of our culture, tradition, history and image before the world.”

She said that ACTO is now “committed to disseminating news of this situation to all relevant groups”, adding:

the international community should be aware of the very real consequences or ramifications (be it economic, environmental, cultural or related to questions of sovereignty) of granting exclusive access to the domain “.Amazon” to a single company.

The delegation of .amazon to Amazon the company, “jeopardizes the continued well-being of the societies that live there”, she wrote, with no elaboration.

Amazon was last month told it could have the gTLD after a years-long battle with ACTO and the ICANN Governmental Advisory Committee, which had advised ICANN by consensus to reject the .amazon application.

That consensus broke last year when the US government basically said enough was enough and refused to continue back the eight South American governments’ plight.

Under the terms of Amazon’s contract, it has to protect hundreds of culturally sensitive second-level domains of ACTO’s choosing, and to give each of its members a single domain that they can use to promote their portion of the Amazonian region.

ACTO had wanted more, basically demanding joint ownership of .amazon, which Amazon refused.

It remains to be seen whether ACTO’s reaction will be limited to harsh language, or whether its members will actively try to disrupt ICANN activities. The next GAC-ICANN face-to-face, set for Cancun in March, could be interesting viewing.

Amazon beats South America! Dot-brand contracts now signed

Kevin Murphy, December 23, 2019, Domain Policy

Amazon has prevailed in its seven-year battle to obtain the right to run .amazon as a branded top-level domain.

The company signed contracts for .amazon and the Chinese and Japanese translations on Thursday, despite years-long protests from the eight South American governments that comprise the Amazon Cooperation Treaty Organization.

This means the three gTLDs are likely to be entered into the DNS root system within a matter of weeks, after ICANN has conducted pre-delegation testing to make sure the registry’s technical systems are up to standard. The back-end is being provided by Neustar, so this is pretty much a formality.

.amazon is pretty much a done deal, in other words, and there’s pretty much nothing ACTO can do within the ICANN system to get the contract unsigned.

ACTO was of course angry about .amazon because it thinks the people of the Amazonia region have greater rights to the string than the American e-commerce giant.

It had managed to muster broad support against the gTLD applications from its Governmental Advisory Committee colleagues until the United States, represented on the GAC by the National Telecommunications Administration did a U-turn this November and withdrew its backing for the consensus.

This coincided with Amazon hiring David Redl, the most-recent former head of the NTIA, as a consultant.

The applications were originally rejected by ICANN due to a GAC objection in 2013.

But Amazon invoked ICANN’s Independent Review Process to challenge the decision and won in 2017, with the IRP panel ruling that ICANN had paid too much deference to unjustified GAC demands.

More recently, ACTO had been demanding shared control of .amazon, while Amazon had offered instead to protect cultural interests through a series of Public Interest Commitments in its registry agreements that would be enforceable by governments via the PIC Dispute Resolution Procedure.

This wasn’t enough for ACTO, and the GAC demanded that ICANN facilitate bilateral talks with Amazon to come to a mutually acceptable solution.

But these talks never really got underway, largely due to ACTO internal disputes during the political crisis in Venezuela this year, and eventually ICANN drew a line in the sand and approved the applications.

After rejecting an appeal from Colombia in September, ICANN quietly published Amazon’s proposed PICs (pdf) for public comment.

Only four comments were received during the month-long consultation.

As a personal aside, I’d been assured by ICANN several months ago that there would be a public announcement when the PICs were published, which I even promised you I would blog about.

There was no such announcement, so I feel like a bit of a gullible prick right now. It’s my own stupid fault for taking this on trust and not manually checking the .amazon application periodically for updates — I fucked up, so I apologize.

PICs commenters, including a former GAC vice-chair, also noticed this lack of transparency.

ACTO itself commented:

The proposed PIC does not attend to the Amazon Countries public policy interests and concerns. Besides not being the result of a mutually acceptable solution dully endorsed by our countries, it fails to adequately safeguard the Amazon cultural and natural heritage against the the risks of monopolization of a TLD inextricably associated with a geographic region and its populations.

Its comments were backed up, in pretty much identical language, by the Brazilian government and the Federal University of Rio de Janeiro.

Under the Amazon PICs, ACTO and its eight members each get a .amazon domain that they can use for their own web sites.

But these domains must either match the local ccTLD or “the names of indigenous peoples’ groups, and national symbols of the countries in the Amazonia region, and the specific terms OTCA, culture, heritage, forest, river, and rainforest, in English, Dutch, Portuguese, and Spanish”.

The ACTO nations also get to permanently block 1,500 domains that have the aforementioned cultural significance to the region.

The ACTO and Brazilian commenters don’t think this goes far enough.

But it’s what they’ve been given, so they’re stuck with it.

Governments kill off another gTLD bid

Kevin Murphy, November 26, 2019, Domain Registries

Another proposed new gTLD has been killed off by governmental intervention.

A Thailand-based company call Better Living Management Company applied for .thai back in 2012, but quickly ran into opposition from the Thai government, which thought the string too culturally sensitive.

The ICANN Governmental Advisory Committee did not object to Thailand’s objection, and issued consensus advice asking ICANN to reject the application, which it did in November 2013.

BLM filed an Independent Review Process complaint in April 2014, alleging irregularities within the GAC, but the appeal was quickly shelved.

Now, five years later, the company has finally withdrawn it application, meaning it gets most of its application fee back as a refund.

Part of the reason the application failed is likely the fact that the Thai ccTLD registry, Thai Network Information Center Foundation, already runs the internationalized domain name ccTLD .ไทย, which means “.thai” in Thai.

Other applications to be killed off by GAC advice include .islam, .halal, .gcc and one of the .africa bids.

Former NTIA chief Redl now working for Amazon

Kevin Murphy, November 6, 2019, Domain Policy

David Redl, the former head of the US National Telecommunications and Information Administration has joined Amazon as an internet governance advisor, I’ve learned.

I don’t know whether he’s taken a full-time job or is a contractor, but he’s been spotted palling around with Amazon folk at ICANN 66 in Montreal and knowledgeable sources tell me he’s definitely on the payroll.

Redl was assistant secretary at the NTIA until May, when he was reportedly asked to resign over a wireless spectrum issue unrelated to the domain names after just 18 months on the job.

His private sector career prior to NTIA was in the wireless space. I don’t believe he’s ever been employed in the domain industry before.

NTIA is of course the US agency responsible for participating in all matters ICANN, including the ongoing fight over Amazon’s application for the .amazon brand gTLD.

The proposed dot-brand has been in limbo for many years due to the objections of the eight nations of the Amazon Cooperation Treaty Organization, which claims cultural rights to the string.

ACTO nations on ICANN’s Governmental Advisory Committee want ICANN to force Amazon back to the negotiating table, to give them more power over the TLD after it launches.

But the NTIA rep on the GAC indicated at the weekend that the US would block any GAC calls for .amazon to be delayed any longer.

As I type these words, the GAC is debating precisely what it should say to ICANN regarding .amazon in its Montreal communique, using competing draft texts submitted by the US and European Commission, and it’s not looking great for ACTO.

As I blogged earlier in the week, another NTIA official, former GAC rep Ashley Heineman, has accepted a job at GoDaddy.

UPDATE: As a commenter points out, Redl last year criticized the revolving door between ICANN and the domain name industry, shortly after Akram Atallah joined Donuts.

America has Amazon’s back in gTLD fight at ICANN 66

Kevin Murphy, November 3, 2019, Domain Policy

The United States looks set to stand in the way of government attempts to further delay Amazon’s application for .amazon.

The US Governmental Advisory Committee representative, Vernita Harris, said today that the US “does not support further GAC advice on the .amazon issue” and that ICANN is well within its rights to move forward with Amazon’s controversial gTLD applications.

She spoke after a lengthy intervention from Brazilian rep Ambassador Achilles Zaluar Neto, who said South American nations view the contested string as their “birthright” and said ICANN is allowing Amazon “to run roughshod over the concerns and the cultural heritage of eight nations and tens of millions of people”.

It was the opening exchange in would could prove to be a fractious war of words at ICANN 66 in Montreal, which formally opens tomorrow.

The .amazon applications have been controversial because the eight countries in the Amazon Cooperation Treaty Organization believe their unwritten cultural rights to the word outweigh Amazon’s trademark rights.

Forced to the negotiating table by ICANN last year, the two sides each posed their own sets of ideas about how the gTLD could be managed in such a way as to protect culturally sensitive terms at the second-level, and taking ACTO’s views into account.

But an ICANN-imposed deadline for talks to conclude in April was missed, largely as a result of the ongoing Venezuela crisis, which caused friction between the ACTO governments.

But today, Brazil said that ACTO is ready and willing to get back to the negotiating table asked that ICANN reopen these talks with an impartial mediator at the helm.

As things stand, Amazon is poised to get .amazon approved with a bunch of Public Interest Commitments in its registry contract that were written by Amazon without ACTO’s input.

Neto said that he believed a “win-win” deal could be found, which “would provide a positive impetus for internet governance instead of discrediting it”. He threatened to raise the issue at the Internet Governance Forum next month.

ICANN’s failure to reopen talks “would set a bad precedent and reflect badly on the current state of internet governance, including its ability to establish a balance between private interests and public policy concerns”, he said

But the US rallied to Amazon’s defense. Harris said:

The United States does not support further GAC advice on the .amazon issue. Any further questions from the GAC to the Board on this matter we believe is unwarranted… We are unaware of any international consensus that recognizes inherent governmental rights and geographic names. Discussions regarding protections of geographic names is the responsibility of other forums and therefore should be discussed and those relevant and appropriate forums. Contrary to statements made by others, it is the position of the United States that the Board’s various decisions authorizing ICANN to move forward with processing the.application are consistent with all relevant GAC advice. The United States therefore does not support further intervention that effectively works to prevent or delay the delegation of .amazon and we believe we are not supportive and we do not believe that it’s required.

This is a bit of a reversal from the US position in 2013.

Back then, the GAC wanted to issue consensus advice that ICANN should reject .amazon, but the US, protecting one of its largest companies, stood in the way of full consensus until, in the wake of the Snowden revelations, the US decided instead to abstain, apparently to appease an increasingly angry Brazil.

It was that decision that opened the door to the six more years of legal wrangling and delay that .amazon has been subject to.

With the US statement today, it seems that the GAC will be unlikely to be able to issue strong, full-consensus advice that will delay .amazon further, when it drafts its Montreal communique later in the week.

The only other GAC member speaking today to support the US position was Israel, whose rep said “since it is an ongoing issue for seven years, we don’t believe that there is a need for further delay”.

Several government reps — from China, Switzerland, Portugal, Belgium and the European Commission — spoke in favor of Brazil’s view that ICANN should allow ACTO and Amazon back to the negotiating table.

The GAC is almost certain to say something about .amazon in its communique, due to drop Wednesday, but the ICANN board of directors does not currently have an Amazon-related item on its Montreal agenda.

UPDATE: The originally published version of this story incorrectly identified the US GAC representative as Ashley Heineman, who is listed on the GAC’s web site as the US representative. In fact, the speaker was Vernita Harris, acting associate administrator at the US National Telecommunications and Information Administration. Had I been watching the meeting, rather that just listening to it, this would have been readily apparent to me. My apologies to Ms Heineman and Ms Harris for the error.

Spam is not our problem, major domain firms say ahead of ICANN 66

Kevin Murphy, October 21, 2019, Domain Policy

Eleven of the largest domain name registries and registrars have denied that spam is something they should have to deal with, unless it’s used to proliferate other types of abuse such as phishing or malware.

In a newly published “Framework to Address Abuse” (pdf), the companies attempt to define the term “DNS abuse” narrowly to capture only five (arguably only four and a half) specific types of online threat.

That abuse comprises malware, phishing, botnets, pharming and spam.

The companies agree that these are activities which registrars and registries “must” act upon.

But the document notes that not all spam is its responsibility, stating:

While Spam alone is not DNS Abuse, we include it in the five key forms of DNS Abuse when it is used as a delivery mechanism for the other four forms of DNS Abuse. In other words, generic unsolicited e-mail alone does not constitute DNS Abuse, but it would constitute DNS Abuse if that e-mail is part of a phishing scheme.

In other words, registrars and registries should not feel responsible for the billions of spams sent every day using their domains, unless the spam runs further malware, phishing, pharming or botnet abuse.

The signatories of the framework are Public Interest Registry, GoDaddy, Donuts, Tucows, Amazon Registry Services, Blacknight, Afilias, Name.com, Amazon Registrar, Neustar, and Nominet UK.

It may seem like they’ve presented a surprisingly narrow definition, but it’s in line with what current ICANN contracts dictate.

Neither the standard Registry Agreement nor Registrar Accreditation Agreement mention spam at all. Six years ago, ICANN specifically said that spam is “outside of ICANN’s scope and authority”.

Under the RA, registries have to oblige their registrars to ban registrants from “distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law”.

They also have to maintain statistical reports on the amount of “pharming, phishing, malware, and botnets” in their zones, and provide those reports to ICANN upon demand. A recent audit found that 5% of registries, mainly dot-brands, were not doing this.

However, ICANN’s Domain Abuse Activity Reporting system, an effort to provide some transparency into how gTLDs are being abused, does in fact track spam. It does not track pharming, which is a fairly obscure and little-used form of DNS attack.

The DAAR report for September shows that spam constituted 73% of all tracked abuse.

The ICANN board of directors today identified DAAR as one of a few dozen priorities for the coming year.

Similarly, the cross-community working group known as the CCT Review Team, which was tasked with looking into how the new gTLD program has impacted competition and consumer trust, had harsh words for spam-friendly registries, and provided a definition of “DNS Security Abuse” that specifically included “high volume spam”.

The review recommended that ICANN introduce more measures to force contracted parties to deal with this type of abuse. This could include incentives for registries to clean up their zones and abuse volume thresholds that would automatically trigger compliance actions.

The new framework document comes in the context of an ongoing debate within the ICANN community about what “DNS abuse” is.

Two partners at Interisle, a security consultancy that often works for ICANN, recently guest-posted on DI to say that this term has become meaningless and should be abandoned in favor of “security threat”.

They argued that the definition should include not only spam, but also stuff like IP infringement, election interference, and terrorism.

But the main threat to contracted parties probably comes from the Governmental Advisory Committee, backed by law enforcement, which is pushing for stronger rules covering abusive content.

During a webinar last week, the US Federal Trade Commission, the FBI, and Europol argued that registries and registrars should be obliged to do more to combat abuse, specifically including spam.

“Whether or not you call it phishing or spam or whether it has a malware payload or not, ultimately it’s all email, and email remains the most common tool of cybercriminals to ensnare their victims, and that’s why we in law enforcement care about the domains used to send emails,” said Gabriel Andrews of the FBI’s Cyber Initiative Resource Fusion Unit, on the call.

Registries and registrars countered, using the same language found in the new framework, that generic spam is a content issue, and outside of their remit.

The two sides are set to clash again at ICANN’s annual general meeting in Montreal next month, in a November 6 face-to-face session.

While 11 entities signed the new framework, it’s arguably only nine companies. Name.com is owned by Donuts and both Amazon firms obviously have the same parent.

But it does include the two largest registrars, and registries responsible for running several hundred commercial gTLDs, dot-brands and ccTLDs.

While none of the signatories of the framework have a particular reputation for being spam-friendly, other companies in the industry — particularly some of the newest and cheapest new gTLDs — tend to attract spammers like flies to a turd.

Some of the signatories are perhaps surprising, given their past or ongoing behavior to tackle content-based abuse in their own zones.

Nominet, notably, takes down tens of thousands of domains ever year based on little more than police assurances that the domains are being used to sell counterfeit merchandise or infringe copyright.

The .uk registry also preemptively suspends domains based on algorithms that guess whether they’re likely to be seen as encouraging sexual violence or could be used in phishing attacks.

Donuts also has a trusted notifier relationship with the movie and music industries that has seen it take down dozens of names being used for mass copyright infringement.

PIR has previous endorsed, then unendorsed, the principal of a “UDRP for copyright”, a method of giving Big Content a way of going through due process to have domains taken or suspended.

Outside the spam issue, while the new registry-registrar framework says that registries and registrars should not get involved in matters related to web site content, it also says they nevertheless “should” (as opposed, one assumes based on the jargon usually found in internet standards, to “must”) suspend domains when they’re being used to distribute:

(1) child sexual abuse materials (“CSAM”); (2) illegal distribution of opioids online; (3) human trafficking; and (4) specific and credible incitements to violence.

These are exceptions because they constitute “the physical and often irreversible threat to human life”, the framework says.

Ultimately, this all boils down to a religious debate about where the line is drawn between “DNS” and “content”, it seems to me.

The contracted parties draw the line at threats to human life, whereas others want action on other forms of abuse largely because registries and registrars are in the best position to help.

Hindu god smites Chrysler gTLD

Kevin Murphy, October 11, 2019, Domain Policy

Car-maker Chrysler has withdrawn its application for the .ram dot-brand gTLD more than six years after receiving a government objection on religious grounds.

Ram is a brand of pickup trucks manufactured by Chrysler, but it’s also a variant spelling of Rama, an important deity in the Hindu pantheon.

Back in 2013, ICANN’s Governmental Advisory Committee forwarded an objection from majority-Hindu India, later saying: “The application for .ram is a matter of extreme sensitivity for the Government of India on political and religious considerations.”

In a 19-page response (pdf), Chrysler said that Ram vehicles had been around for 75 years without offending Hindus, and that .ram was to be a restricted dot-brand that could not be used by third parties to post offensive content.

The objection appeared at a time when the GAC was not obliged to show its thinking and often deliberately obfuscated its advice. But ICANN placed .ram on hold anyway, where it has remained ever since.

Over the intervening time, Chrysler has rethought its dot-brand strategy, and last month called on ICANN to cancel five of the six gTLDs it already owns (but does not use) — .chrysler, .dodge, .mopar, .srt and .uconnect.

It’s still contracted to run .jeep, weirdly.

Kafka turns in grave as ICANN crowbars “useless” Greek TLD into the root

Kevin Murphy, September 9, 2019, Domain Policy

ICANN has finally approved a version of .eu in Greek script, but it’s already been criticized as “useless”.

Yesterday, ICANN’s board of directors rubber-stamped .ευ, the second internationalized domain name version of the European Union’s .eu, which will be represented in the DNS as .xn--qxa6a.

There’s a lot of history behind .ευ, much of it maddeningly illustrative of ICANN’s Kafkaesque obsession with procedure.

The first amusing thing to point out is that .ευ is technically being approved under ICANN’s IDN ccTLD Fast Track Process, a mere NINE YEARS after EURid first submitted its application.

The “Fast Track” has been used so far to approve 61 IDN ccTLDs. Often, the requested string is merely the name of the country in question, written in one of the local scripts, and the TLD is approved fairly quickly.

But in some cases, especially where the desired string is a two-character code, a string review will find the possibility of confusion with another TLD. This runs the risk of broadening the scope of domain homograph attacks sometimes used in phishing.

That’s what happened to .ευ, along with Bulgaria’s Cyrillic .бг and Greece’s own .ελ, which were rejected on string confusion grounds back in 2010 and 2011.

Under pressure from the Governmental Advisory Committee, ICANN then implemented an Extended Process Similarity Review Panel, essentially an appeals process designed to give unsuccessful Fast Track applicants a second bite at the apple.

That process led to Bulgaria being told that .бг was not too similar to Brazil’s .br, and Greece being told that .ελ did not look too much like .EA, a non-existent ccTLD that may or may not be delegated in future, after all.

But the EU’s .ευ failed at the same time, in 2014. The appeals review panel found that the string was confusable with upper-case .EY and .EV.

Again, these are not ccTLDs, just strings of two characters that have the potential to become ccTLDs in future should a new country or territory emerge and be assigned those codes by the International Standards Organization, a low-probability event.

I reported at the time that .ευ was probably as good as dead. It seemed pretty clear based on the rules at the time that if a string was confusable in uppercase OR lowercase, it would be rejected.

But I was quickly informed by ICANN that I was incorrect, and that ICANN top brass needed to discuss the results.

That seems to have led to ICANN tweaking the rules yet again in order to crowbar .ευ into the root.

In 2015, the board of directors reached out to the GAC, the ccNSO and the Security and Stability Advisory Committee for advice.

They dutifully returned two years later with proposed changes (pdf) that seemed tailor-made for the European Union’s predicament.

A requested IDN ccTLD that caused confusion with other strings in only uppercase, but not lowercase (just like .ευ!!!) could still get delegated, provided it had a comprehensive risk mitigation strategy in place, they recommended.

The recommendation was quickly approved by ICANN, which then sent its implementation guidelines (again, tailor-made for EURid (pdf)) back to the ccNSO/SSAC.

It was not until February this year that the ccNSO/SSAC group got back to ICANN (pdf) to approve of its implementation plan and to say that it has already tested it against EURid’s proposed risk-mitigation plan (pdf).

Basically, the process in 2009 didn’t produce the desired result, so ICANN changed the process. It didn’t produced the desired result again in 2014, so the process was changed again.

But at least Greek-speaking EU citizens are finally going to get a meaningful ccTLD that allows them to express their EUishness in their native script, right?

WRONG!

I recently read with interest and surprise a blog post by domainer-blogger Konstantinos Zournas, in which he referred to .ευ as the “worst domain extension ever”.

Zournas, who is Greek, opened my eyes to the fact that “.ευ” is meaningless in his native tongue. It’s just two Greek letters that visually resemble “EU” in Latin script. It’s confusing by design, but with .eu, a ccTLD that EURid already manages.

While not for a moment doubting Zournas’ familiarity with his own language, I had to confirm this on the EU’s Greek-language web site.

He’s right, the Greek for “European Union” is “Ευρωπαϊκής Ένωσης”, so the sensible two-letter IDN ccTLD would be .ΕΈ (those are Greek characters that look a bit like Latin E).

That would have almost certainly failed the ICANN string similarity process, however, as .ee/EE is the current, extant ccTLD for Estonia.

In short (too late), it seems to have taken ICANN the best part of a decade, and Jesus H Christ knows how many person-hours, to hack its own procedures multiple times in order to force through an application for a TLD that doesn’t mean anything, can’t be confused with anything that currently exists on the internet, and probably won’t be widely used anyway.

Gratz to all involved!