Latest news of the domain name industry

Recent Posts

I just bought a new gTLD registry’s domain for $10

Kevin Murphy, April 18, 2018, Domain Registries

Are .fan and .fans the latest new gTLDs to go out of business? It certainly looks that way.

ICANN has hit the registry with a breach notice for unpaid dues and stripped it of its registrar accreditation.

In addition, its web sites no longer appear functional and I’ve just bought its official IANA-listed domain name for under $10.

Asiamix Digital is the Hong Kong-based company behind both TLDs, doing business as dotFans.

It launched .fans in September 2015, with retail pricing up around the $100 mark, but never actually got around to launching the singular variant, which it acquired (defensively?) from Rightside (now Donuts) earlier that year.

.fans had fewer than 1,400 domains in its zone file yesterday, down from a peak of around 1,500, while .fan had none.

dotFans in-house accredited registrar, Fan Domains, didn’t seem to actually sell any domains and it got terminated by ICANN (pdf) at the end of March for failing to provide basic registrar services.

And now it seems the registry itself has been labeled as a deadbeat by ICANN Compliance, which has filed a breach notice (pdf) alleging non-payment of registry fees.

While breach notices against TLD registries are not uncommon these days, I think this is the first one I’ve seen alleging non-payment and nothing else.

The notice claims that the registry’s legal contact’s email address is non-functional.

In addition, the domains nic.fans, nic.fan and dotfans.com all currently resolve to dead placeholder pages.

Meanwhile, dotfans.net, the company’s official domain name as listed in the IANA database now belongs to me, kinda.

It expired March 12, after which it was promptly placed into a GoDaddy expired domains auction. Where I just bought it for £6.98 ($9.92).

dotfans

To be clear, I do not currently control the domain. It’s still in post-expiration limbo and GoDaddy support tells me the original owner still has eight days left to reclaim it.

After that point, maybe I’ll start getting the registry’s hate mail from ICANN. Or perhaps not; it seems to have been using the .com equivalent for its formal communications.

Should .fan and .fans get acquired by another registry soon — which certainly seems possible — rest assured I’ll let the domain go for a modest sum.

ICANN confirms GoDaddy Whois probe

ICANN is looking into claims that GoDaddy is in breach of its registrar accreditation contract.

The organization last week told IP lawyer Brian Winterfeldt that his complaint about the market-leading registrar throttling and censoring Whois queries over port 43 is being looked at by its compliance department.

The brief note (pdf) says that Compliance is “in receipt of the correspondence and will address it under its process”.

Winterfeldt is annoyed that GoDaddy has starting removing contact information from its port 43 Whois responses, in what the company says is an anti-spam measure.

It’s also started throttling port 43 queries, causing no end of problems at companies such as DomainTools.

Winterfeldt wrote last month “nothing in their contract permits GoDaddy to mask data elements, and evidence of illegality must be obtained before GoDaddy is permitted to throttle or deny port 43 Whois access to any particular IP address”.

It’s worth saying that ICANN is not giving any formal credibility to the complaint merely by looking into it.

But while it’s usual for ICANN to publish its responses to correspondence it has received and published, it’s rather less common for it to disclose the existence of a compliance investigation before it has progressed to a formal breach notice.

It could all turn out to be moot anyway, given the damage GDPR is likely to do to Whois across the industry in a matter of weeks.

Lawyer: GoDaddy Whois changes a “critical” contract breach

Kevin Murphy, March 13, 2018, Domain Registrars

GoDaddy is in violation of its ICANN registrar contract by throttling access to its Whois database, according to a leading industry lawyer.

Brian Winterfeldt of the Winterfeldt IP Group has written to ICANN to demand its compliance team enforces what he calls a “very serious contractual breach”.

At issue is GoDaddy’s recent practice, introduced in January, of masking key fields of Whois when accessed in an automated fashion over port 43.

The company no longer shows the name, email address or phone number of its registrants over port 43. Web-based Whois, which has CAPTCHA protection, is unaffected.

It’s been presented as an anti-spam measure. In recent years, GoDaddy has been increasingly accused (wrongly) of selling customer details to spammers pitching web hosting and SEO services, whereas in fact those details have been obtained from public Whois.

But many in the industry are livid about the changes.

Back in January, DomainTools CEO Tim Chen told us that, even as a white-listed known quantity, its port 43 access was about 2% of its former levels.

And last week competing registrar Namecheap publicly complained that Whois throttling was hindering inbound transfers from GoDaddy.

Winterfeldt wrote (pdf) that “nothing in their contract permits GoDaddy to mask data elements, and evidence of illegality must be obtained before GoDaddy is permitted to throttle or deny
port 43 Whois access to any particular IP address”, adding:

The GoDaddy whitelist program has created a dire situation where businesses dependent upon unmasked and robust port 43 Whois access are forced to negotiate wholly subjective terms for access, and are fearful of filing complaints with ICANN because they are reticent to publicize any disruption in service, or because they fear retaliation from GoDaddy…

This is a very serious contractual breach, which threatens to undermine the stability and security of the Internet, as well as embolden other registrars to make similar unilateral changes to their own port 43 Whois services. It has persisted for far too long, having been officially implemented on January 25, 2018. The tools our communities use to do our jobs are broken. Cybersecurity teams are flying blind without port 43 Whois data. And illegal activity will proliferate online, all ostensibly in order to protect GoDaddy customers from spam emails. That is completely disproportionate and unacceptable

He did not disclose which client, if any, he was writing on behalf of, presumably due to fear of reprisals.

He added that his initial outreaches to ICANN Compliance have not proved fruitful.

ICANN said last November that it would not prosecute registrar breaches of the Whois provisions of the Registrar Accreditation Agreements, subject to certain limits, as the industry focuses on becoming compliant with the General Data Protection Regulation.

But GoDaddy has told us that the port 43 throttling is unrelated to GDPR and to the compliance waiver.

Masking Whois data, whether over port 43 or not, is likely to soon become a fact of life anyway. ICANN’s current proposal for GDPR compliance would see public Whois records gutted, with only accredited users (such as law enforcement) getting access to full records.

Namecheap’s Move Your Domain Day actually works

Namecheap appears to have done a year’s worth of transfers in a single day, on its annual Move Your Domain Day promotion.

The company said this week that the promotion, which ran on March 6 this year, saw 20,590 domains transferred in from other registrars.

That’s pretty good compared to its usual transfer activity.

Registry report data shows that Namecheap usually gets 1,000 to 1,500 inbound transfers per month, across all gTLDs.

Move Your Domain Day was originally set up to capitalize on protests over GoDaddy’s support for the Stop Online Piracy Act in late 2011.

That year, when it benefited from greater publicity, the company said it saw over 40,000 transfers.

During the promotion, Namecheap discounts transfers and donates $1.50 per domain to the Electronic Frontier Foundation.

This year, the EFF will be getting a check for $30,885.

Namecheap said earlier in the week that it was having problems processing inbounds from GoDaddy, which it claimed was throttling automated Whois queries, but said it would process the transfers regardless.

Namecheap accuses GoDaddy of delaying transfers

GoDaddy broke ICANN rules and US competition law by delaying outbound domain transfers yesterday, and not for the first time, according to angry rival Namecheap.

March 6 was Namecheap’s annual Move Your Domain Day, a promotion under which it donates $1.50 to the Electronic Frontier Foundation for every inbound transfer from another registrar.

It’s a tradition the company opportunistically started back in 2011 specifically targeting GoDaddy’s support, later retracted, for the controversial Stop Online Piracy Act, SOPA.

But yesterday GoDaddy was delivering “incomplete Whois information”, which interrupted the automated transfer process and forced Namecheap to resort to manual verification, delaying transfers, Namecheap claims.

“First and foremost this practice is against ICANN rules and regulations. Secondly, we believe it violates ‘unfair competition’ laws,” the company said in a blog post.

Whois verification is a vital part of the transfer process, which is governed by ICANN’s binding Inter-Registrar Transfer Policy.

GoDaddy changed its Whois practices in January. As an anti-spam measure, it no longer publishes contact information, including email addresses vital to the transfer process, when records are accessed automatically over port 43.

However, GoDaddy VP James Bladel told us in January that this was not supposed to affect competing registrars, which have their IP addresses white-listed for port 43 access via a system coordinated by ICANN.

Did GoDaddy balls up its new restrictive Whois practices? Or can the blame be shared?

Namecheap also ran into problems with GoDaddy throttling port 43 on its first Move Your Domain Day in 2011, but DI published screenshots back then suggesting that the company had failed to white-list its IP addresses with ICANN.

This time, the company insists the white-list was not an issue, writing:

As many customers have recently complained of transfer issues, we suspect that GoDaddy is thwarting/throttling efforts to transfer domains away from them. Whether automated or not, this is unacceptable. In preparation for today, we had previously whitelisted IPs with GoDaddy so there would be no excuse for this poor business practice.

Namecheap concluded by saying that all transfers that have been initiated will eventually go through. It also asked affected would-be customers to complain to GoDaddy.

The number of transfers executed on Move Your Domain Day over the last several years appears to be well into six figures, probably amounting to seven figures of annual revenue.