Latest news of the domain name industry

Recent Posts

These eight companies account for more than half of ICANN’s revenue

Kevin Murphy, October 19, 2020, Domain Policy

While 3,207 companies contributed to ICANN’s $141 million of revenue in its last fiscal year, just eight of them were responsible for more than half of it, according to figures just released by ICANN.

The first two entries on the list will come as no surprise to anyone — they’re .com money-mill Verisign and runaway registrar market-leader GoDaddy, together accounting for more than $56 million of revenue.

Registries and registrars pay ICANN a mixture of fixed fees and transaction fees, so the greater the number of adds, renews and transfers, the more money gets funneled into ICANN’s coffers.

It’s perhaps interesting that this top-contributors list sees a few companies that are paying far more in fixed, per-gTLD fees than they are in transaction fees.

Binky Moon, the vehicle that holds 197 of Donuts’ 242 gTLD contracts, is the third-largest contributor at $5.2 million. But $4.9 million of that comes from the annual $25,000 fixed registry fee.

Only 14 of Binky’s gTLDs pass the 50,000-name threshold where transaction fees kick in.

It’s pretty much the same story at Google Registry, formally known as Charleston Road Registry.

Google has 46 gTLDs, so is paying about $1.1 million a year in fixed fees, but only three of them have enough regs (combined, about one million names) to pass the transaction fees threshold. Google’s total funding was almost $1.4 million.

Not quite on the list is Amazon, which has 55 mostly unlaunched gTLDs and almost zero registrations. It paid ICANN $1.3 million last year, just to sit on its portfolio of dormant strings.

The second and third-largest registrars, Namecheap and Tucows respectively, each paid about $1.7 million last year.

The only essentially single-TLD company on the list is Public Interest Registry, which runs .org. Despite having 10 million domains under management, it paid ICANN less than half of Binky’s total last year.

The anomaly, which may be temporary, is ShortDot, the company that runs .icu, .cyou and .bond. It paid ICANN $1.6 million, which would have been almost all transaction fees for .icu, which peaked at about 6.5 million names earlier this year.

Here’s the list:

VeriSign, Inc.$45,565,544
GoDaddy.com, LLC$10,678,376
Binky Moon, LLC$5,231,898
Public Interest Registry$2,515,416
NameCheap, Inc.$1,755,932
Tucows Domains Inc.$1,747,648
ShortDot SA$1,643,103
Charleston Road Registry Inc.$1,385,356

Combined, the total is over $70.5 million.

The full spreadsheet of all 3,000+ contributors can be found over here.

Google’s .new now generally available

After many months of pre-launch registration periods, Google has taken its .new gTLD to general availability today.

Names in .new are not cheap, have strict usage restrictions, and are not available at most of the larger registrars.

You may recall that Google is doing something quite innovative with the gTLD — each .new domain must resolve to a page in which the visitor can immediately (or after logging in) create something new, such as a blog, image, spreadsheet, presentation, webcast and so on.

Over 500 domains have been claimed during sunrise and limited registration periods so far, and dozens are live and functioning according to spec already.

I’ve seen prices ranging from about $450 at Gandi to $550 at 101domain. Google Domains prices names at about $540.

Due to the high registry pricing and restrictions, many registrars do not seem to be carrying the TLD. But GA started just a few minutes ago at time of posting so it’s possible more might come online shortly.

Mucho weirdness as Google “forgets” to renew major domain

Google has lost control of a key domain name, breaking millions of URLs used by its customers.

It emerged today that the domain blogspot.in expired in May and was deleted around June 24.

It was promptly re-registered via a non-ICANN registrar based in India called Domainming and put up for sale on Sedo for $5,999.

Blogspot is the brand used by people using Google’s Blogger platform. While the .com is the primary domain, the company localizes URLs to the ccTLD of the visitor’s home country in most cases.

There are currently over four million blogspot.in URLs listed in Google’s index.

Most of the reports I’ve read today chalk the loss of the domain down to corporate forgetfulness, but it appears to be weirder than that.

Google uses MarkMonitor to manage its portfolio, so if it is a case of the registrar forgetting to renew a client’s domain, it would be hugely embarrassing for whoever looks after Google over there.

However, historical Whois records archived by DomainTools suggests something odder is going on. It looks like MarkMonitor would have been prevented from renewing the domain by the .in registry.

These records show that from June 1, 2018, blogspot.in has had a serverRenewProhibited status applied, basically meaning the registry won’t allow the registrar to renew the domain.

ICANN describes the code like this:

This status code indicates your domain’s Registry Operator will not allow your registrar to renew your domain. It is an uncommon status that is usually enacted during legal disputes or when your domain is subject to deletion.

Often, this status indicates an issue with your domain that needs to be addressed promptly. You should contact your registrar to request more information and resolve the issue. If your domain does not have any issues, and you simply want to renew it, you must first contact your registrar and request that they work with the Registry Operator to remove this status code. This process can take longer than it does for clientRenewProhibited because your registrar has to forward your request to your domain’s registry and wait for them to lift the restriction.

The domain was placed into clientDeleteProhibited, clientTransferProhibited, clientUpdateProhibited, serverDeleteProhibited, serverTransferProhibited, and serverUpdateProhibited statuses at the same time.

Basically, it was fully locked down at both registrar and registry levels.

All of those status codes apart from serverRenewProhibited were removed in the first week of May this year, after almost two years.

The registry for .in is government-affiliated NIXI, but the back-end provider is Neustar.

At the time the domain was locked down, Afilias ran the back end, and there was a somewhat fractious battle going on between the two companies for the .in contract.

Judging by the changing status codes, it appears that two years ago somebody — Google, MarkMonitor, NIXI or Afilias — put the domain into a state in which it could not be renewed, transferred or deleted.

For some reason, the domain stayed like that until just a couple of weeks before it expired, when the prohibitions on deletion and transfer were removed.

I’ve been unable to find any information about legal trouble Google had in India two years ago that would have led to this unusual state of affairs.

It doesn’t seem to be a simple case of forgetfulness, however.

Google launches .meet gTLD after Meet service goes free during lockdown

Google Registry is to launch its .meet gTLD next week with a sunrise period for trademark owners, but, perhaps controversially, it intends to keep the rest of the domains for itself.

It is expected that the company plans to use .meet domains in its Google Meet conferencing service, which was recently revamped and went free-to-use after Google realized that rival Zoom was eating its lunch during the coronavirus lockdown.

Google bought the .meet gTLD from Afilias back in 2015 but has kept it unused so far, even after the Meet service opened in 2017.

But according to ICANN records, it’s due to go into a one-month sunrise period from May 25, with an open-ended Trademark Claims period from June 25.

In a brief statement on its web site Google says:

Google Registry is launching the .meet TLD. This domain is Spec 9/ROCC exempt, which means we will be the registrant for all domains on the TLD and it will not be made generally available. The RRA for the TLD is available upon request, but registrations on behalf of the registry will be processed through a small number of registrars with whom the relevant product teams at Google work.

Translated from ICANN-speak, this means that Google has an exemption from Specification 9 in its .meet registry contract, releasing it from the Registry Operator Code of Conduct, which obliges registries to treat all registrars equally.

This means Google can’t sell the domains to anyone else, nor can it allow them to be controlled by anyone else, and it can use a limited pool of registrars to register names.

Spec 9 is a bit different to Spec 13, which exempts dot-brands from ICANN trademark-protection rules such as sunrise and Trademark Claims. You could argue that Spec 9 is “dot-brand lite”.

But what both Spec 9 and Spec 13 have in common is that they can’t be used in gTLDs ICANN considers a “generic string”, which is defined as:

a string consisting of a word or term that denominates or describes a general class of goods, services, groups, organizations or things, as opposed to distinguishing a specific brand of goods, services, groups, organizations or things from those of others.

Does .meet qualify there? It’s undoubtedly a dictionary word, but does it also describe a class of things? Maybe.

Google’s search engine itself gives one definition of “meet” as “an organized event at which a number of races or other athletic contests are held”, which one could reasonably argue is a class of services.

When Afilias applied for .meet in 2012, it expected it to be used by dating sites.

Google did not addresses the non-genericness of the string in its Spec 9 application. That judgement appears to have been made by ICANN alone.

Previously, requests for Spec 9 exemptions from the likes of .giving, .star, .analytics, .latino, .mutual, and .channel have been rejected or withdrawn.

It seems that Spec 9 exemption is going to somewhat limit .meet’s utility, given that third-parties will not be able to get “control or use of any registrations”.

As pricey .new launches, Google reveals first set of big-name users including rapper Drake

Kevin Murphy, December 4, 2019, Domain Registries

Google Registry has opened up its .new gTLD for registration for the first time, but whether you get to buy one or not will depend on a team of Google judges.

The company opened up its “Limited Registration Period” on Monday, and it doing so revealed a bunch of early-adopter registrants including eBay, Bitly, Spotify, Github, Medium, Stripe and the Canadian musician Drake.

It’s not an open registration period. If you want a .new domain you’re going to need to present Google with a business case, showing how you intend to use your chosen domain.

These applications will be judged by Google in seven roughly month-long batches, the first of which ends January 5 and the last of which ends June 21 next year.

Competing applications for the same domain in the same batch will be decided in a beauty contest by Google itself. Needless to say, if you’re champing at the bit for a .new domain, you’ll be wanting to apply in as early a batch as possible.

If you’re lucky enough to get to register a domain, you’ll have 100 days to put it to its promised use, otherwise Google will suspend the name and keep your money.

Registry pricing has not been disclosed, but 101domain is listing .new names at $550 retail. You need the nod from Google before you get to buy the domain from a registrar.

Google says the pricing, which it acknowledges is “high”, is partly to pay for ongoing compliance monitoring. If you run a paid-for service in a .new domain, you’ll have to give Google a free account so it can check you’re sticking to your original plan.

It seems Google is going to be fairly strict about usage, which as I’ve previously reported is tied to “action generation or online creation flows”.

What this basically means is that when you type a live .new domain into your browser, you’ll be taken immediately to a page where you can create something, such as a text document, graphic design, auction listing, or blog post.

The only exception to this rule is when the web site needs a user to be logged in and redirects them to a login page instead. Most of the first tranche of registrants are currently doing this.

Google’s own .new domains include doc.new, which takes uses to a fresh sheet of blank paper at Google Docs.

The gTLD’s major anchors tenants have now been revealed at registry web site whats.new, and they include:

  • eBay: type sell.new into your browser address bar and you’ll be taken to a page where you can create a new auction/sales page.
  • Medium: story.new takes you to a blog post creation page.
  • Spotify: create a new music playlist at playlist.new
  • Webex: open up a web conference at webex.new or letsmeet.new.
  • Bitly: create a shortened link at link.new.
  • OVO Sound: this is a record label in the Warner Music stable, founded by Drake. It currently appears to be being used to plug two of OVO’s artists, which I think is a horrible waste of a nice domain. There’s no “content creation” that I can see, and I reckon it could be a prime candidate for deletion unless “listen to this crappy Drake song” counts as “action generation”.

There are a few more anchor tenants publicized at whats.new, but you get the idea.

.new will enter general availability next July.

Google quietly launches .new domains sunrise

Kevin Murphy, October 14, 2019, Domain Registries

Google Registry will allow trademark owners to register domains matching their marks in the .new gTLD from tomorrow.

While the company hasn’t made a big public announcement about the launch, the startup dates it has filed with ICANN show that its latest sunrise period will run from October 15 to January 14.

As previously reported, .new is a bit of a odd one. Google plans to place usage restrictions that require registrants to use the domains in the pursuit of “action generation or online contention creation”.

In other words, it wants registrants to use .new in much the same way as Google is today, with domains such as docs.new, which automatically opens up a fresh Google Docs word processing document when typed into a browser address bar.

From January 14, all the way to July 14, Google wants to run a Limited Registration Period, which will require wannabe registrants to apply to Google directly for the right to register a name.

During that period, registrants will have to that they’re going to use their names in compliance with .new’s modus operandi. It’s Google’s hope that it can seed the space with enough third-party content for .new’s value proposition to become more widely known.

If you’re wanting to pick up a .new domain in general availability, it looks like you’ve got at least nine more months to wait.

Amazon and Google have been BEATEN by a non-profit in the fight for .kids

Kevin Murphy, August 5, 2019, Domain Registries

One of the longest-fought new gTLD contests has finally been resolved, with a not-for-profit bid beating out Google and Amazon.

Amazon last week withdrew its application for .kids, leaving Hong Kong-based DotKids Foundation the only remaining applicant.

DotKids now has a clear run at the gTLD, with only ICANN contracting and technical testing before .kids goes live in the DNS root. We could be looking at a commercial launch within a year.

It’s a surprising outcome, not only because Amazon has all the money in the world, but also because it actually has a product called the Echo Dot Kids Edition, a candy-striped, parentally-controlled version of its creepy corporate surveillance device.

The fight between the two applicants was settled privately.

While ICANN has scheduled them in for a “last resort” auction more than once, the contention set was “On Hold” due to DotKids’ repeated use of ICANN appeals processes to delay.

My understanding is that it was not an auction. I don’t know whether any money changed hands to settle the dispute. It may just be a case of DotKids beating Amazon in a war of attrition.

DotKids, much like ultimately successful .music applicant DotMusic, pulled every trick in the book to delay .kids going to auction.

It’s filed no fewer than four Requests for Reconsideration with ICANN over the last five years, challenging almost every decision the organization made about the contention set.

Last year, DotKids (which had a reduced application fee under ICANN’s applicant support program) even asked ICANN for money to help it fight Amazon and Google at auction, then filed an RfR when ICANN refused.

The company has been in a Cooperative Engagement Process — a precursor to more formal appeals — with ICANN since February.

DotKids until recently also faced competition from Google, which had applied for the singular .kid but withdrew its application last October.

DotKids Foundation is run by Edmon Chung, perhaps best-known as the founder and CEO of 2003-round gTLD .asia.

I can’t help but feel that he has grasped a poison chalice.

The two examples we have of child-friendly domains to date are .kids.us, which was introduced by point-scoring US politicians under the Bush administration and promptly discarded when (almost literally) nobody used it, and .дети, the Russian equivalent, which usually has fewer than a thousand names in its zone file.

I believe that would-be registrants are broadly wary of signing up to vague content restrictions that could prove PR disasters if inadvertently violated.

In its 2012 application, DotKids said that .kids “will have a core mandate to advocate the production and publishing of more kids friendly content online”.

But what is a “kid”? DotKids said it would adopt the United Nations Convention on the Rights of Child definition as “every human under 18 years old”.

Because the parents of every five-year-old would be happy for their kid to view sites designed for 17-year-olds, right?

It’s going to be challenging to get this one right, I think.

Major registries posting “fabricated” Whois data

One or more of the major gTLD registries are publishing Whois query data that may be “fabricated”, according to some of ICANN’s top security minds.

The Security and Stability Advisory Committee recently wrote to ICANN’s top brass to complain about inconsistent and possibly outright bogus reporting of Whois port 43 query volumes.

SSAC said (pdf):

it appears that the WHOIS query statistics provided to ICANN by registry operators as part of their monthly reporting obligations are generally not reliable. Some operators are using different methods to count queries, some are interpreting the registry contract differently, and some may be reporting numbers that are fabricated or otherwise not reflective of reality. Reliable reporting is essential to the ICANN community, especially to inform policy-making.

SSAC says that the inconsistency of the data makes it very difficult to make informed decisions about the future of Whois access and to determine the impact of GPDR.

While the letter does not name names, I’ve replicated some of SSAC’s research and I think I’m in a position to point fingers.

In my opinion, Google, Verisign, Afilias and Donuts appear to be the causes of the greatest concern for SSAC, but several others exhibit behavior SSAC is not happy about.

I reached out to these four registries on Wednesday and have published their responses, if I received any, below.

SSAC’s concerns relate to the monthly data dumps that gTLD registries new and old are contractually obliged to provide ICANN, which publishes the data three months later.

Some of these stats concern billable transactions such as registrations and renewals. Others are used to measure uptime obligations. Others are largely of academic interest.

One such stat is “Whois port 43 queries”, defined in gTLD contracts as “number of WHOIS (port-43) queries responded during the reporting period”.

According to SSAC, and confirmed by my look at the data, there appears to be a wide divergence in how registries and back-end registry services providers calculate this number.

The most obvious example of bogosity is that some registries are reporting identical numbers for each of their TLDs. SSAC chair Rod Rasmussen told DI:

The largest issue we saw at various registries was the reporting of the exact or near exact same number of queries for many or all of their supported TLDs, regardless of how many registered domain names are in those zones. That result is a statistical improbability so vanishingly small that it seems clear that they were reporting some sort of aggregate number for all their TLDs, either as a whole or divided amongst them.

While Rasmussen would not name the registries concerned, my research shows that the main culprit here appears to be Google.

In its December data dumps, it reported exactly 68,031,882 port 43 queries for each of its 45 gTLDs.

If these numbers are to be believed, .app with its 385,000 domains received precisely the same amount of port 43 interest as .gbiz, which has no registrations.

As SSAC points out, this is simply not plausible.

A Google spokesperson has not yet responded to DI’s request for comment.

Similarly, Afilias appears to have reported identical data for a subset of its dot-brand clients’ gTLDs, 16 of which purportedly had exactly 1,071,939 port 43 lookups in December.

Afilias has many more TLDs that did not report identical data.

An Afilias spokesperson told DI: “Afilias has submitted data to ICANN that addresses the anomaly and the update should be posted shortly.”

SSAC’s second beef is that one particular operator may have reported numbers that “were altered or synthesized”. SSAC said in its letter:

In a given month, the number of reported WHOIS queries for each of the operator’s TLDs is different. While some of the TLDs are much larger than others, the WHOIS query totals for them are close to each other. Further statistical analysis on the number of WHOIS queries per TLD revealed that an abnormal distribution. For one month of data for one of the registries, the WHOIS query counts per TLD differed from the mean by about +/- 1%, nearly linearly. This appeared to be highly unusual, especially with TLDs that have different usage patterns and domain counts. There is a chance that the numbers were altered or synthesized.

I think SSAC could be either referring here to Donuts or Verisign

Looking again at December’s data, all but one of Donuts’ gTLDs reported port 43 queries between 99.3% and 100.7% of the mean average of 458,658,327 queries.

Is it plausible that .gripe, with 1,200 registrations, is getting almost as much Whois traffic as .live, with 343,000? Seems unlikely.

Donuts has yet to provide DI with its comments on the SSAC letter. I’ll update this post and tweet the link if I receive any new information.

All of the gTLDs Verisign manages on behalf of dot-brand clients, and some of its own non-.com gTLDs, exhibit the same pattern as Donuts in terms of all queries falling within +/- 1% of the mean, which is around 431 million per month.

So, as I put to Verisign, .realtor (~40k regs) purportedly has roughly the same number of port 43 queries as .comsec (which hasn’t launched).

Verisign explained this by saying that almost all of the port 43 queries it reports come from its own systems. A spokesperson told DI:

The .realtor and .comsec query responses are almost all responses to our own monitoring tools. After explaining to SSAC how Verisign continuously monitors its systems and services (which may be active in tens or even hundreds of locations at any given time) we are confident that the accuracy of the data Verisign reports is not in question. The reporting requirement calls for all query responses to be counted and does not draw a distinction between responses to monitoring and non-monitoring queries. If ICANN would prefer that all registries distinguish between the two, then it is up to ICANN to discuss that with registry operators.

It appears from the reported numbers that Verisign polls its own Whois servers more than 160 times per second. Donuts’ numbers are even larger.

I would guess, based on the huge volumes of queries being reported by other registries, that this is common (but not universal) practice.

SSAC said that it approves of the practice of monitoring port 43 responses, but it does not think that registries should aggregate their own internal queries with those that come from real Whois consumers when reporting traffic to ICANN.

Either way, it thinks that all registries should calculate their totals in the same way, to make apples-to-apples comparisons possible.

Afilias’ spokesperson said: “Afilias agrees that everyone should report the data the same way.”

As far as ICANN goes, its standard registry contract is open to interpretation. It doesn’t really say why registries are expected to collect and supply this data, merely that they are obliged to do so.

The contracts do not specify whether registries are supposed to report these numbers to show off the load their servers are bearing, or to quantify demand for Whois services.

SSAC thinks it should be the latter.

You may be thinking that the fact that it’s taken a decade or more for anyone to notice that the data is basically useless means that it’s probably not all that important.

But SSAC thinks the poor data quality interferes with research on important policy and practical issues.

It’s rendered SSAC’s attempt to figure out whether GDPR and ICANN’s Temp Spec have had an effect on Whois queries pretty much futile, for example.

The meaningful research in question also includes work leading to the replacement of Whois with RDAP, the Registration Data Access Protocol.

Finally, there’s the looming possibility that ICANN may before long start acting as a clearinghouse for access to unredacted Whois records. If it has no idea how often Whois is actually used, that’s going to make planning its infrastructure very difficult, which in turn could lead to downtime.

Rasmussen told DI: “Our impression is that all involved want to get the numbers right, but there are inconsistent approaches to reporting between registry operators that lead to data that cannot be utilized for meaningful research.”

Did Roussos pull off the impossible? Google, Donuts, Radix all drop out of .music race

Google won’t be the registry for the .music gTLD.

The company, along with pure-play registries Donuts and Radix, late last week withdrew their respective applications from the .music contention set, leaving just three possible winners in the running.

Those are Amazon, MMX, and DotMusic, the company run by long-time .music fanboy Constantinos Roussos.

As I blogged last week, applications from Domain Venture Partners and Far Further have also been withdrawn.

I suspect, but do not know for a fact, that the contention was settled with a private deal, likely an auction, recently.

The logical guess for a winner would be Amazon, if only because of the nexus of its business to the music industry and the amount of money it could throw at an auction.

But I’m beginning to suspect that DotMusic might have prevailed.

The company appears to have recently revamped its web site, almost as if it’s gearing up for a launch.

Comparing the current version of music.us to versions in Google’s cache, it appears that the site has been recently given a new look, new copy and even a new logo.

It’s even added a prominent header link inviting prospective resellers to sign up, using a form that also appears to have been added in the last few weeks.

These changes all seem to have been made after the crucial ICANN vote that threw out the last of DotMusic’s appeals, March 14.

Are those the actions of an applicant resigned to defeat, or has Roussos pulled off the apparently impossible, defeating two of the internet’s biggest companies to one of the industry’s most coveted and controversial strings?

Participants in gTLD auctions typically sign NDAs, so we’re going to have to wait a bit longer (probably no more than a few days) to find out which of the remaining three applicants actually won.

Yanks beat Aussies to accountancy gTLD

Kevin Murphy, February 20, 2019, Domain Registries

The contention set for .cpa has been resolved, clearing the way for a new accountancy-themed gTLD.

The winner is the American Institute of Certified Public Accountants, which submitted two bids for the string — one “community”, one vanilla, both overtly defensive in nature — back in 2012.

Its main rival, CPA Australia, which also applied on a community basis, withdrew its application two weeks ago.

Commercial registries Google, MMX and Donuts all have withdrawn their applications since late December, leaving only the two AICPA applications remaining.

This week, AICPA withdrew its community application, leaving its regular “single registrant” bid the winner.

AICPA is the US professional standards body for accountants, CPA Australia is the equivalent organization in Australia. ACIPA has 418,000 members, CPA Australia has 150,000.

Both groups failed their Community Priority Evaluations back in 2015 on the basis that their communities were tightly restricted to their own membership, and therefore too restrictive.

AICPA later amended its community application to permit CPAs belonging to non-US trade groups to register.

Both organizations were caught up in the CPE review that also entangled and delayed the likes of .music and .gay. They’ve also both appealed to ICANN with multiple Requests for Reconsideration and Cooperative Engagement Process engagements.

CPA Australia evidently threw in the towel after a December 14 resolution of ICANN’s Board Accountability Mechanisms Committee decision to throw out its latest RfR. It quit its CEP January 9.

It’s likely a private resolution of the set, perhaps an auction, occurred in December.

The winning application from AICPA states fairly unambiguously that the body has little appetite for actually running .cpa as a gTLD:

The main reasons for which AICPA submits this application for the .cpa gTLD is that it wants to prevent third parties from securing the TLD that is identical to AICPA’s highly distinctive and reputable trademark

So don’t get too excited if you’re an accountant champing at the bit for a .cpa domain. It’s going to be an unbelievably restrictive TLD, according to the application, with AICPA likely owning all the domains for years after delegation.