Latest news of the domain name industry

Recent Posts

Google quietly launches .new domains sunrise

Kevin Murphy, October 14, 2019, Domain Registries

Google Registry will allow trademark owners to register domains matching their marks in the .new gTLD from tomorrow.

While the company hasn’t made a big public announcement about the launch, the startup dates it has filed with ICANN show that its latest sunrise period will run from October 15 to January 14.

As previously reported, .new is a bit of a odd one. Google plans to place usage restrictions that require registrants to use the domains in the pursuit of “action generation or online contention creation”.

In other words, it wants registrants to use .new in much the same way as Google is today, with domains such as docs.new, which automatically opens up a fresh Google Docs word processing document when typed into a browser address bar.

From January 14, all the way to July 14, Google wants to run a Limited Registration Period, which will require wannabe registrants to apply to Google directly for the right to register a name.

During that period, registrants will have to that they’re going to use their names in compliance with .new’s modus operandi. It’s Google’s hope that it can seed the space with enough third-party content for .new’s value proposition to become more widely known.

If you’re wanting to pick up a .new domain in general availability, it looks like you’ve got at least nine more months to wait.

Amazon and Google have been BEATEN by a non-profit in the fight for .kids

Kevin Murphy, August 5, 2019, Domain Registries

One of the longest-fought new gTLD contests has finally been resolved, with a not-for-profit bid beating out Google and Amazon.

Amazon last week withdrew its application for .kids, leaving Hong Kong-based DotKids Foundation the only remaining applicant.

DotKids now has a clear run at the gTLD, with only ICANN contracting and technical testing before .kids goes live in the DNS root. We could be looking at a commercial launch within a year.

It’s a surprising outcome, not only because Amazon has all the money in the world, but also because it actually has a product called the Echo Dot Kids Edition, a candy-striped, parentally-controlled version of its creepy corporate surveillance device.

The fight between the two applicants was settled privately.

While ICANN has scheduled them in for a “last resort” auction more than once, the contention set was “On Hold” due to DotKids’ repeated use of ICANN appeals processes to delay.

My understanding is that it was not an auction. I don’t know whether any money changed hands to settle the dispute. It may just be a case of DotKids beating Amazon in a war of attrition.

DotKids, much like ultimately successful .music applicant DotMusic, pulled every trick in the book to delay .kids going to auction.

It’s filed no fewer than four Requests for Reconsideration with ICANN over the last five years, challenging almost every decision the organization made about the contention set.

Last year, DotKids (which had a reduced application fee under ICANN’s applicant support program) even asked ICANN for money to help it fight Amazon and Google at auction, then filed an RfR when ICANN refused.

The company has been in a Cooperative Engagement Process — a precursor to more formal appeals — with ICANN since February.

DotKids until recently also faced competition from Google, which had applied for the singular .kid but withdrew its application last October.

DotKids Foundation is run by Edmon Chung, perhaps best-known as the founder and CEO of 2003-round gTLD .asia.

I can’t help but feel that he has grasped a poison chalice.

The two examples we have of child-friendly domains to date are .kids.us, which was introduced by point-scoring US politicians under the Bush administration and promptly discarded when (almost literally) nobody used it, and .дети, the Russian equivalent, which usually has fewer than a thousand names in its zone file.

I believe that would-be registrants are broadly wary of signing up to vague content restrictions that could prove PR disasters if inadvertently violated.

In its 2012 application, DotKids said that .kids “will have a core mandate to advocate the production and publishing of more kids friendly content online”.

But what is a “kid”? DotKids said it would adopt the United Nations Convention on the Rights of Child definition as “every human under 18 years old”.

Because the parents of every five-year-old would be happy for their kid to view sites designed for 17-year-olds, right?

It’s going to be challenging to get this one right, I think.

Major registries posting “fabricated” Whois data

One or more of the major gTLD registries are publishing Whois query data that may be “fabricated”, according to some of ICANN’s top security minds.

The Security and Stability Advisory Committee recently wrote to ICANN’s top brass to complain about inconsistent and possibly outright bogus reporting of Whois port 43 query volumes.

SSAC said (pdf):

it appears that the WHOIS query statistics provided to ICANN by registry operators as part of their monthly reporting obligations are generally not reliable. Some operators are using different methods to count queries, some are interpreting the registry contract differently, and some may be reporting numbers that are fabricated or otherwise not reflective of reality. Reliable reporting is essential to the ICANN community, especially to inform policy-making.

SSAC says that the inconsistency of the data makes it very difficult to make informed decisions about the future of Whois access and to determine the impact of GPDR.

While the letter does not name names, I’ve replicated some of SSAC’s research and I think I’m in a position to point fingers.

In my opinion, Google, Verisign, Afilias and Donuts appear to be the causes of the greatest concern for SSAC, but several others exhibit behavior SSAC is not happy about.

I reached out to these four registries on Wednesday and have published their responses, if I received any, below.

SSAC’s concerns relate to the monthly data dumps that gTLD registries new and old are contractually obliged to provide ICANN, which publishes the data three months later.

Some of these stats concern billable transactions such as registrations and renewals. Others are used to measure uptime obligations. Others are largely of academic interest.

One such stat is “Whois port 43 queries”, defined in gTLD contracts as “number of WHOIS (port-43) queries responded during the reporting period”.

According to SSAC, and confirmed by my look at the data, there appears to be a wide divergence in how registries and back-end registry services providers calculate this number.

The most obvious example of bogosity is that some registries are reporting identical numbers for each of their TLDs. SSAC chair Rod Rasmussen told DI:

The largest issue we saw at various registries was the reporting of the exact or near exact same number of queries for many or all of their supported TLDs, regardless of how many registered domain names are in those zones. That result is a statistical improbability so vanishingly small that it seems clear that they were reporting some sort of aggregate number for all their TLDs, either as a whole or divided amongst them.

While Rasmussen would not name the registries concerned, my research shows that the main culprit here appears to be Google.

In its December data dumps, it reported exactly 68,031,882 port 43 queries for each of its 45 gTLDs.

If these numbers are to be believed, .app with its 385,000 domains received precisely the same amount of port 43 interest as .gbiz, which has no registrations.

As SSAC points out, this is simply not plausible.

A Google spokesperson has not yet responded to DI’s request for comment.

Similarly, Afilias appears to have reported identical data for a subset of its dot-brand clients’ gTLDs, 16 of which purportedly had exactly 1,071,939 port 43 lookups in December.

Afilias has many more TLDs that did not report identical data.

An Afilias spokesperson told DI: “Afilias has submitted data to ICANN that addresses the anomaly and the update should be posted shortly.”

SSAC’s second beef is that one particular operator may have reported numbers that “were altered or synthesized”. SSAC said in its letter:

In a given month, the number of reported WHOIS queries for each of the operator’s TLDs is different. While some of the TLDs are much larger than others, the WHOIS query totals for them are close to each other. Further statistical analysis on the number of WHOIS queries per TLD revealed that an abnormal distribution. For one month of data for one of the registries, the WHOIS query counts per TLD differed from the mean by about +/- 1%, nearly linearly. This appeared to be highly unusual, especially with TLDs that have different usage patterns and domain counts. There is a chance that the numbers were altered or synthesized.

I think SSAC could be either referring here to Donuts or Verisign

Looking again at December’s data, all but one of Donuts’ gTLDs reported port 43 queries between 99.3% and 100.7% of the mean average of 458,658,327 queries.

Is it plausible that .gripe, with 1,200 registrations, is getting almost as much Whois traffic as .live, with 343,000? Seems unlikely.

Donuts has yet to provide DI with its comments on the SSAC letter. I’ll update this post and tweet the link if I receive any new information.

All of the gTLDs Verisign manages on behalf of dot-brand clients, and some of its own non-.com gTLDs, exhibit the same pattern as Donuts in terms of all queries falling within +/- 1% of the mean, which is around 431 million per month.

So, as I put to Verisign, .realtor (~40k regs) purportedly has roughly the same number of port 43 queries as .comsec (which hasn’t launched).

Verisign explained this by saying that almost all of the port 43 queries it reports come from its own systems. A spokesperson told DI:

The .realtor and .comsec query responses are almost all responses to our own monitoring tools. After explaining to SSAC how Verisign continuously monitors its systems and services (which may be active in tens or even hundreds of locations at any given time) we are confident that the accuracy of the data Verisign reports is not in question. The reporting requirement calls for all query responses to be counted and does not draw a distinction between responses to monitoring and non-monitoring queries. If ICANN would prefer that all registries distinguish between the two, then it is up to ICANN to discuss that with registry operators.

It appears from the reported numbers that Verisign polls its own Whois servers more than 160 times per second. Donuts’ numbers are even larger.

I would guess, based on the huge volumes of queries being reported by other registries, that this is common (but not universal) practice.

SSAC said that it approves of the practice of monitoring port 43 responses, but it does not think that registries should aggregate their own internal queries with those that come from real Whois consumers when reporting traffic to ICANN.

Either way, it thinks that all registries should calculate their totals in the same way, to make apples-to-apples comparisons possible.

Afilias’ spokesperson said: “Afilias agrees that everyone should report the data the same way.”

As far as ICANN goes, its standard registry contract is open to interpretation. It doesn’t really say why registries are expected to collect and supply this data, merely that they are obliged to do so.

The contracts do not specify whether registries are supposed to report these numbers to show off the load their servers are bearing, or to quantify demand for Whois services.

SSAC thinks it should be the latter.

You may be thinking that the fact that it’s taken a decade or more for anyone to notice that the data is basically useless means that it’s probably not all that important.

But SSAC thinks the poor data quality interferes with research on important policy and practical issues.

It’s rendered SSAC’s attempt to figure out whether GDPR and ICANN’s Temp Spec have had an effect on Whois queries pretty much futile, for example.

The meaningful research in question also includes work leading to the replacement of Whois with RDAP, the Registration Data Access Protocol.

Finally, there’s the looming possibility that ICANN may before long start acting as a clearinghouse for access to unredacted Whois records. If it has no idea how often Whois is actually used, that’s going to make planning its infrastructure very difficult, which in turn could lead to downtime.

Rasmussen told DI: “Our impression is that all involved want to get the numbers right, but there are inconsistent approaches to reporting between registry operators that lead to data that cannot be utilized for meaningful research.”

Did Roussos pull off the impossible? Google, Donuts, Radix all drop out of .music race

Google won’t be the registry for the .music gTLD.

The company, along with pure-play registries Donuts and Radix, late last week withdrew their respective applications from the .music contention set, leaving just three possible winners in the running.

Those are Amazon, MMX, and DotMusic, the company run by long-time .music fanboy Constantinos Roussos.

As I blogged last week, applications from Domain Venture Partners and Far Further have also been withdrawn.

I suspect, but do not know for a fact, that the contention was settled with a private deal, likely an auction, recently.

The logical guess for a winner would be Amazon, if only because of the nexus of its business to the music industry and the amount of money it could throw at an auction.

But I’m beginning to suspect that DotMusic might have prevailed.

The company appears to have recently revamped its web site, almost as if it’s gearing up for a launch.

Comparing the current version of music.us to versions in Google’s cache, it appears that the site has been recently given a new look, new copy and even a new logo.

It’s even added a prominent header link inviting prospective resellers to sign up, using a form that also appears to have been added in the last few weeks.

These changes all seem to have been made after the crucial ICANN vote that threw out the last of DotMusic’s appeals, March 14.

Are those the actions of an applicant resigned to defeat, or has Roussos pulled off the apparently impossible, defeating two of the internet’s biggest companies to one of the industry’s most coveted and controversial strings?

Participants in gTLD auctions typically sign NDAs, so we’re going to have to wait a bit longer (probably no more than a few days) to find out which of the remaining three applicants actually won.

Yanks beat Aussies to accountancy gTLD

Kevin Murphy, February 20, 2019, Domain Registries

The contention set for .cpa has been resolved, clearing the way for a new accountancy-themed gTLD.

The winner is the American Institute of Certified Public Accountants, which submitted two bids for the string — one “community”, one vanilla, both overtly defensive in nature — back in 2012.

Its main rival, CPA Australia, which also applied on a community basis, withdrew its application two weeks ago.

Commercial registries Google, MMX and Donuts all have withdrawn their applications since late December, leaving only the two AICPA applications remaining.

This week, AICPA withdrew its community application, leaving its regular “single registrant” bid the winner.

AICPA is the US professional standards body for accountants, CPA Australia is the equivalent organization in Australia. ACIPA has 418,000 members, CPA Australia has 150,000.

Both groups failed their Community Priority Evaluations back in 2015 on the basis that their communities were tightly restricted to their own membership, and therefore too restrictive.

AICPA later amended its community application to permit CPAs belonging to non-US trade groups to register.

Both organizations were caught up in the CPE review that also entangled and delayed the likes of .music and .gay. They’ve also both appealed to ICANN with multiple Requests for Reconsideration and Cooperative Engagement Process engagements.

CPA Australia evidently threw in the towel after a December 14 resolution of ICANN’s Board Accountability Mechanisms Committee decision to throw out its latest RfR. It quit its CEP January 9.

It’s likely a private resolution of the set, perhaps an auction, occurred in December.

The winning application from AICPA states fairly unambiguously that the body has little appetite for actually running .cpa as a gTLD:

The main reasons for which AICPA submits this application for the .cpa gTLD is that it wants to prevent third parties from securing the TLD that is identical to AICPA’s highly distinctive and reputable trademark

So don’t get too excited if you’re an accountant champing at the bit for a .cpa domain. It’s going to be an unbelievably restrictive TLD, according to the application, with AICPA likely owning all the domains for years after delegation.