Latest news of the domain name industry

Recent Posts

ICANN turns 20 today (or maybe not)

Kevin Murphy, September 18, 2018, Domain Policy

ICANN is expected to celebrate its 20th anniversary at its Barcelona meeting next month, but by some measures it has already had its birthday.

If you ask Wikipedia, it asserts that ICANN was “created” on September 18, 1998, 20 years ago today.

But that claim, which has been on Wikipedia since 2003, is unsourced and probably incorrect.

While it’s been repeated elsewhere online for the last 15 years, I’ve been unable to figure out why September 18 has any significance to ICANN’s formation.

I think it’s probably the wrong date.

It seems that September 16, 1998 was the day that IANA’s Jon Postel and Network Solutions jointly published the organization’s original bylaws and articles of incorporation, and first unveiled the name “ICANN”.

That’s according to my former colleague and spiritual predecessor Nick Patience (probably the most obsessive journalist following DNS politics in the pre-ICANN days), writing in now-defunct Computergram International on September 17, 1998.

The Computergram headline, helpfully for the purposes of the post you are reading, is “IANA & NSI PUBLISH PLAN FOR DNS ENTITY: ICANN IS BORN”.

Back then, before the invention of the paragraph and when ALL CAPS HEADLINES were considered acceptable, Computergram was published daily, so Patience undoubtedly wrote the story September 16, the same day the ICANN proposal was published.

A joint Postel/NetSol statement on the proposal was also published September 17.

The organization was not formally incorporated until September 30, which is probably a better candidate date for ICANN’s official birthday, archived records show.

Birthday meriments are expected to commence during ICANN 63, which runs from October 20 to 25. There’s probably free booze in it, for those on-site in Barcelona.

As an aside that amused me, the Computergram article notes that Jones Day lawyer Joe Sims very kindly provided Postel with his services during ICANN’s creation on a “pro bono basis”.

Jones Day has arguably been the biggest beneficiary of ICANN cash over the intervening two decades, billing over $8.7 million in fees in ICANN’s most recently reported tax year alone.

Has the world’s biggest new gTLD registry gone bankrupt?

Has Famous Four Media, by some measures the largest new gTLD registry, gone bankrupt?

There’s some startling evidence that this may be the case, but the company and others concerned are maintaining radio silence.

Last week, IANA’s administrative contact for all of the company’s 16 TLDs changed from its CEO, Geir Rasmussen, to someone called Edgar Lavarello. Here’s an example.

Lavarello, it turns out, is a partner at PricewaterhouseCoopers in Gibraltar who specializes in insolvency and liquidation.

Here he is in a three-year-old interview explaining why my headline today technically really should have used the word “insolvent” rather than “bankrupt”.

On Wednesday, I reached out for comment to Rasmussen and Lavarello, along with others known to work at FFM (at least recently) but have not received any responses.

Absence of a reply is not proof of anything of course — FFM has never been the most communicative company in the world and nobody is under any obligation to respond to inquiries from a humble blogger.

But I suspect that if I posed the straightforward if slightly cheeky question “Has your company gone bankrupt?” to almost any other member of the domain name industry, I’d usually expect to receive a denial in short order.

Sadly, insolvency records in laissez-faire British tax haven Gibraltar, where FFM is based, do not appear to be a matter of public record.

Even if FFM has not gone insolvent, I think there are clear signs it is having problems.

Its primary web site at famousfourmedia.com has been stripped back to be little more than a privacy policy and a contact form. Gone are all the sales pitches, press releases and TLD-specific pages. It’s now basically a one-pager.

The web site of its parent company, Domain Venture Partners, no longer resolves.

Reaching out to industry sources who have business relationships with FFM, I was unable to find anyone who’d talked to the company recently, though there were rumors of departing staff.

Earlier this year, company chair Iain Roache spent £3.9 million ($5.4 million) to buy out former FFM COO Charles Melvin, after Melvin filed a lawsuit against him and Rasmussen.

The nature of the suit is not particularly clear from public records, but at one point Gibraltar’s top judge ruled that the defendants had filed inaccurate — technically “forged” — documents to the court.

These documents included 10 invoices between FFM and AlpNames, its affiliated registrar.

Famous Four runs 16 new gTLDs — the largest among them .loan, .win and .men — and has arguably shifted more domains than any other portfolio registry.

Group volume currently runs at about 4.5 million names according to ntldstats, compared to 3.9 million for Donuts with its far larger portfolio of 241 strings.

It’s achieved this impressive scale largely by selling domains super cheap, often at or below cost and often via AlpNames.

This has resulted in huge numbers of domains being acquired by spammers. FFM strings are routinely listed in the SpamHaus top-ten list of dirtiest TLDs.

AlpNames is also regularly fingered as one of the most spam-friendly registrars.

The company’s chosen business model means that renewals, where you’d expect to make your actual revenue, are on the low side. If you take its .science as a representative example, the TLD peaked at 350,000 domains under management in April 2016 but stood at around 63,000 this February.

Root crypto rollover now slated for October

Kevin Murphy, February 6, 2018, Domain Tech

ICANN has penciled in October 11 as the new date for rolling the DNS root’s cryptographic keys, a delay of a year from its original plan.

The so-called KSK rollover will see ICANN remove the deprecated 2010 Key Signing Key, leaving only the 2017 KSK active.

The KSK acts as the “trust anchor” for DNSSEC across the whole internet.

After the rollover, any network not configured to use the latest KSK would see a service interruption.

This could mean many millions of internet users being affected, but ICANN doesn’t know the extent of the possible impact for sure.

ICANN told us in November that it knows of 176 organizations in 41 countries, fairly evenly spread across the globe, that are currently not prepared to handle the new KSK.

But its data is patchy because only a tiny number of DNS resolvers are actually configured to automatically report which KSKs they’re set up to use.

Key rollovers are recommended by DNSSEC experts to reduce the risk of brute force attacks against old keys. At the root, the original plan was to roll the keys every five years.

ICANN had named October 11 2017 as the date for the first such rollover, but this was pushed back to some time in the first quarter after ICANN became aware of the lack of support for the 2017 KSK.

This was pushed back again in December to Q3 at the earliest, after ICANN admitted it still didn’t have good enough data to measure the impact of a premature roll.

Since then, ICANN has been engaged in (not always successful) outreach to networks it knows are affected and has kicked off discussions among network operators (there’s a fairly lively mailing list on the topic) to try to gauge how cautious it needs to be.

It’s now published an updated plan that’s the same as the original plan but with a date exactly one year late — October 11, 2018.

Between now and then, it will continue to try to get hold of network operators not ready to use the new keys, but it’s not expecting to completely eliminate damage. The plan reads:

Implicit in the outreach plan is the same assumption that the community had for the earlier (postponed) plan: there will likely be some systems that will fail to resolve names starting on the day of the rollover. The outreach will attempt to minimize the number of affected users while acknowledging that the operators of some resolvers will be unreachable.

The plan is open for public comment and will require the assent of the ICANN board of directors before being implemented. You have until April 2 to respond.

Is the Trump administration really trying to reverse the IANA transition?

Kevin Murphy, January 29, 2018, Domain Policy

Questions have been raised about the US government’s commitment to an independent ICANN, following the release of letters sent by two top Trump appointees.

In the letters, new NTIA head David Redl and Secretary of Commerce Wilbur Ross expressed an interest in looking at ways to “unwind” the IANA transition, which in 2016 severed the formal ties between ICANN and the US in DNS root zone management.

Responding to questions from senators during his lengthy confirmation process, now National Telecommunications and Information Administration assistant secretary Redl wrote:

I am not aware of any specific proposals to reverse the IANA transition, but I am interested in exploring ways to achieve this goal. To that end, if I am confirmed I will recommend to Secretary Ross that we begin the process by convening a panel of experts to investigate options for unwinding the transition.

The letters were first obtained by Politico under the Freedom of Information Act. We’re publishing them here (pdf).

They were sent last August, when Redl’s confirmation to the NTIA role was being held up by Senator Ted Cruz, who vehemently opposed the transition because he said he thought it would give more power over online speech to the likes of Russia and China.

He was confirmed in November.

The question is whether Redl was serious about unwinding the transition, or whether he was just bullshitting Cruz in order to remove a roadblock to his confirmation.

Technically, he only promised to “recommend” convening a panel of experts to his boss, Ross.

NTIA declined to comment last week when DI asked whether the department still supports the IANA transition, whether any efforts are underway to unwind it, and whether the panel of experts has already been convened.

Redl’s statements on ICANN since his confirmation have been more or less consistent with his Obama-era predecessor, Larry Strickling, in terms of expressing support for multi-stakeholder models, but with perhaps some causes for concern.

During his first public speech, delivered at the CES show in Las Vegas earlier this month, Redl expressed support for multi-stakeholder internet governance amid pushes for more multi-lateral control within venues such as the International Telecommunications Union.

However, he added:

I’ll also focus on being a strong advocate for U.S. interests within ICANN. We need to ensure transparency and accountability in ICANN’s work. And in light of the implementation of the European General Data Privacy Regulation, or GDPR, we need to preserve lawful access to WHOIS data, which is a vital tool for the public.

In the coming weeks, I’ll be seeking out the views of stakeholders to understand how else NTIA can best serve American interests in these global Internet fora.

Could this be an allusion to the “panel of experts”? It’s unclear at this stage.

One of Redl’s first moves as NTIA chief was to slam ICANN for its lack of accountability concerning the shutdown of a review working group, but that was hardly a controversial point of view.

And in a letter to Senator Brian Schatz, the Democrat ranking member of the Senate Commerce Subcommittee on Communications, Technology, Innovation, and the Internet, sent earlier this month, Redl expressed support for the multi-stakeholder model and wrote:

NTIA will be a strong advocate for US interests with the Governmental Advisory Committee of the Internet Cooperation [sic] for Assigned Names and Numbers (ICANN) in the existing post-transition IANA phase. NTIA will also monitor the [IANA operator] Public Technical Identifiers (PTI) and take action as necessary to ensure the security and stability of the DNS root.

That certainly suggests NTIA is happy to work in the new paradigm, while the promise to “take action as necessary” against PTI may raise eyebrows.

While a lot of this may seem ambiguous, my hunch is that there’s not really much appetite to reverse the IANA transition. Apart from appeasing Cruz’s demons, what could possibly be gained?

Ross, quizzed by Cruz at his own confirmation hearing a year ago, seemed reluctant to commit to such a move.

New Trump appointee slams ICANN after security group shutdown

Kevin Murphy, December 19, 2017, Domain Policy

Not even a month into the job, the US official with most direct responsibility over domain name policy has criticized ICANN for shutting down a security working group.

David Redl, the new assistant secretary at the National Telecommunications and Information Administration, wrote to ICANN (pdf) last week to complain about its board unilaterally shutting down, temporarily, its supposedly independent Security, Stability and Resiliency of the DNS Review team.

He wrote that the action “calls into question” ICANN’s commitment to transparency and accountability, writing:

Everything documented to date about these reviews stresses the importance of openness, transparency and community consultation. Unfortunately, it seems that with the October 28th action, the ICANN Board violated these principles by substituting its judgement for that of the community.

SSR-2, as it is known, is one of the reviews previously mandated by ICANN’s Affirmation of Commitments with the US government (via the NTIA) but which can now be found instead embedded in its bylaws.

The ICANN board of directors temporarily suspended it in October, something like a soft reboot, after growing concerned that it was stepping outside of its mandate and that its members lacked expertise.

The move attracted broad criticism and it would be disingenuous of me to suggest that Redl’s position is a controversial one — you’d be hard pressed to find any section of the community that wholeheartedly supports the board’s action.

Indeed, the US representative to the Governmental Advisory Committee voiced similar concerns at the ICANN meeting in Abu Dhabi in late October, prior to Redl’s confirmation to the NTIA job.

Redl took the post November 21, having been nominated by Donald Trump back in May, replacing Obama appointee Larry Strickling, who left the agency in January.

He’s the first NTIA chief since ICANN’s inception not to enjoy the special position of power over ICANN granted by the old IANA contract, which was scrapped in September 2016.