Latest news of the domain name industry

Recent Posts

ICANN picks Madrid for next gTLD industry meeting

Kevin Murphy, December 9, 2016, Domain Policy

ICANN’s Global Domains Division has invited the domain industry to Madrid for next year’s GDD Industry Summit.

The meeting will be held at the drably named NH Collection Madrid Eurobuilding hotel from May 8 to 11 2017.

The timing may be fortuitous for intercontinental travelers — it ends just a couple of days before the Domaining Europe event starts in Berlin, which is just a short flight away.

ICANN summits are intersessional meetings dedicated to particular constituencies within the ICANN community. The GDD Industry Summit caters to registries, registrars and others in the business of selling gTLD domains.

They’re less formal that ICANN’s regular public meetings, designed to enable engagement between participants and between participants and ICANN staff.

The 2016 meeting was held in Amsterdam this June, attracting about 400 attendees.

ICANN’s formal public meetings next year are slated for Copenhagen (March), Johannesburg (June) and Abu Dhabi (October).

Afilias takes over .hotel, sidelines Krischenowski over hacking claims

Afilias has sought to distance itself from DotBerlin CEO Dirk Krischenowski, due to ongoing claims that he improperly accessed secret data on rival .hotel applicants.

The company revealed in a recent letter to ICANN that it has bought out Krischenowski’s 48.8% stake in successful .hotel applicant Hotel Top Level Domain Sarl and that Afilias will become the sole shareholder of HTLD.

The move is linked to claims that Krischenowski exploited a glitch in ICANN’s new gTLD applicants’ portal to access confidential financial and technical information belonging to rival .hotel applicants.

These competing applicants have ganged up to demand that HTLD should lose its rights to .hotel, which it obtained by winning a controversial Community Priority Evaluation.

Afilias chairman Philipp Grabensee, now “sole managing director” of HTLD, wrote ICANN last month (pdf) to explain the nature of the HTLD’s relationship with Krischenowski and deny that HTLD had benefited from the alleged data compromise.

He said that, at the time of the incidents, Krischenowski was the 50% owner and managing director of a German company that in turn was a 48.8% owner of HTLD. He was also an HTLD consultant, though Grabensee played down that role.

He was responding to a March ICANN letter (pdf) which claimed that Krischenowski’s portal credentials were used at least eight times to access confidential data on .hotel bids. It said:

It appears that Mr Krischenowski accessed and downloaded, at minimum, the financial projections for Despegar’s applications for .HOTEL, .HOTEIS and .HOTELES, and the technical overview for Despegar’s applications for .HOTEIS and .HOTEL. Mr Krischenowski appears to have specifically searched for terms and question types related to financial or technical portions of the application.

Krischenowski has denied any wrongdoing and told DI last month that he simply used the portal assuming it was functioning as intended.

Grabensee said in his letter that any data Krischenowski may have obtained was not given to HTLD, and that his alleged actions were not done with HTLD’s knowledge or consent.

He added that obtaining the data would not have helped HTLD’s application anyway, given that the incident took place after HTLD had already submitted its application. HTLD did not substantially alter its application after the incident, he said.

HTLD’s rival .hotel applicants do not seem to have alleged that HTLD won the contention set due to the confidential data.

Rather, they’ve said via their lawyer that HTLD should be disqualified on the grounds that new gTLD program rules disqualify people who have been convicted of computer crime.

Even that’s a bit tenuous, however, given that Krischenowski has not been convicted of, or even charged with, a computer crime.

The other .hotel applicants are Travel Reservations, Famous Four Media, Radix, Minds + Machines, Donuts and Fegistry.

ICANN is now pressing HTLD for more specific information about Krischenowski’s relationship with HTLD at specific times over the last few years, in a letter (pdf) published last night, so it appears that its overdue investigation is not yet complete.

.hotel fight gets nasty with “criminal” hacking claims

Kevin Murphy, April 19, 2016, Domain Registries

A group of would-be .hotel gTLD registries have called on ICANN to reject the winning applicant’s bid or be complicit in “criminal acts”.

The group, which includes Travel Reservations, Famous Four Media, Radix, Minds + Machines, Donuts and Fegistry is threatening to file a second Independent Review Process complaint unless ICANN complies with its demands.

Six applicants, represented by Flip Petillion of Crowell & Moring, claim that Hotel Top Level Domain Sarl should forfeit its application because one of its representatives gained unauthorized access to their trade secrets.

That’s a reference to a story we covered extensively last year, where an ICANN audit found that DotBerlin CEO Dirk Krischenowski, or at least somebody using his credentials, had accessed hundreds of supposedly confidential gTLD application documents on ICANN’s web site.

Krischenowski, who has denied any wrongdoing, is also involved with HTLD, though in what capacity appears to be a matter of dispute between ICANN and the rival .hotel applicants.

In a month-old letter (pdf) to ICANN, only published at the weekend, Petillion doesn’t pull many punches.

The letter alleges:

Allowing HTLD’s application to proceed would go agaist everthing that ICANN stands for. It would amount to an acquiescence in criminal acts that were committed with the obvious intent to obtain an unfair advantage over direct competitors.

ICANN caught a representative of HTLD stealing trade secrets of competing applicants via the use of computers and the internet. The situation is even more critical as the crime was committed with the obvious intent of obtaining sensitive business information concerning a competing applicant.

It points out that ICANN’s Applicant Guidebook disqualifies people from applying for a new gTLD if they’ve been convicted of a computer crime.

To the best of my knowledge Krischenowski has not been convicted of, or even charged with, any computer crime.

What ICANN says he did was use its new gTLD applicants’ customer service portal to search for documents which, due to a dumb misconfiguration by ICANN, were visible to users other than their owners.

Krischenowski told DI in an emailed statement today:

According to ICANN, the failure in ICANN’s CSC and GDD portals was the result of a misconfiguration by ICANN of the software used (as mentioned at https://www.icann.org/news/announcement-2-2015-11-19-en). As a user, I relied on the proper functioning of ICANN’s technical infrastructure while working with ICANN’s CSC portal.

HTLD’s application for .hotel is currently “On Hold”, though it is technically the winner of the seven-application contention set.

It prevailed after winning a controversial Community Priority Evaluation in 2014, which was then challenged in an Independent Review Process case by the applicants Petillion represents.

They lost the IRP, but the IRP panelists said that ICANN’s failure to be transparent about its investigation into Krischenowski could amount to a breach of its bylaws.

In its February ruling, the IRP panel wrote:

It is not clear if ICANN has properly investigated the allegation of association between HTLD and D. Krischenowski and, if it has, what conclusions it has reached. Openness and transparency, in the light of such serious allegations, require that it should, and that it should make public the fact of the investigation and the result thereof.

The ruling seems to envisage the possibility of a follow-up IRP.

ICANN had told the panel that its investigation was not complete, so its failure to act to date could not be considered inaction.

The ICANN board resolved in March, two days after Petillion’s letter was sent, to “complete the investigation” and “provide a report to the Board for consideration”.

While the complaining applicants want information about this investigation, their clear preference appears to be that the HTLD application be thrown out.

Donuts: glitch revealed price we would pay for gTLDs

The recently discovered security vulnerability in one of ICANN’s web sites revealed how much Donuts was willing to pay for contested gTLDs at auction.

This worrying claim emerged during a meeting between registries and the ICANN board of directors at ICANN 53 in Buenos Aires yesterday.

“We were probably the largest victim of the data breach,” Donuts veep Jon Nevett told the board. “We had our financial data reviewed numerous times, dozens of times. We had our relative net worth of our TLDs reviewed, so it was very damaging information.”

He was referring to the misconfiguration in the new gTLD applicants’ portal, which allowed any user to view confidential application attachments belonging to any applicant.

ICANN discovered the problem in February, two years after the portal launched. The results of a security audit were revealed in late April.

But it was not until late May that it emerged that only one person, dotBerlin CEO Dirk Krischenowski, was suspected by ICANN of having deliberately viewed data belonging to others.

Nevett said communication should have been faster.

“We were in the dark for a number of weeks about who saw the data,” he told the board. “That was troubling, as we were going to auctions in that interim period as well.”

Donuts, which applied for over 300 new gTLDs, is known to have taken a strictly numbers-driven approach to string selection and auction strategy.

If a rival in a contention set had known how much Donuts was prepared to pay for a string, it would have had a significant advantage in an auction.

In response to Nevett’s concerns, ICANN CEO Fadi Chehade said that ICANN had to do a thorough investigation before it could be sure who saw what when.

Most ICANN new gTLD breaches were over a year ago

Almost three quarters of the security breaches logged against ICANN’s new gTLD portal occurred over a three-month period in early 2014, DI can reveal.

Almost every incident of a new gTLD applicant coming across data they weren’t supposed to see — 322 of the 330 total — happened before the end of October last year, ICANN told DI.

Most — 244 of the 330 — happened before April 30 last year.

The first breach, discovered by an independent audit of the portal, was January 22 2014.

ICANN says it was first notified of there being a problem on February 27, 2015.

The improper data disclosures were announced by ICANN last week.

As we reported, a simple configuration error by ICANN in third-party software allowed users of the Global Domains Division portal — all new gTLD applicants — to view confidential data belonging to other applicants.

Documents revealed could have included sensitive financial projections and registry technical details.

My first assumption was that the majority of the incidents — which have been deliberate or accidental — were relatively recent, but that turns out not to be the case.

In fact, if anyone did download data they weren’t supposed to see, most of them did it over a year ago.

ICANN has been notifying applicants and registries about whether their own data was compromised and expects to have told each affected applicant which other applicants could have seen their data before May 27.

Ninety-six applicants and 21 registries were affected.

  • Page 1 of 2
  • 1
  • 2
  • >