Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
.top says Facebook shakedown was just a typo
Jiangsu Bangning Science & Technology, the .top registry, is blaming a typo for a Facebook executive’s claim that it wanted $30,000 or more for facebook.top.
Information provided to the ICANN GNSO Council by Facebook domain manager Susan Kawaguchi yesterday showed that .top wanted RMB 180,000 (currently $29,000) for a trademarked name that previously had been blocked due to ICANN’s name collisions policy.
But Mason Zhang, manager of the registry’s overseas channel division, told DI today that the price is actually RMB 18,000 ($2,900):
We were shocked when seeing that our register price for TMCH protected names like Facebook during Exclusive Registration Period is changed from “eighteen thousand” into what is written, the “one hundred and eighty thousand”.
I think that might be a type mistake from our side, and we checked and we are certain that the price is CNY EIGHTEEN THOUSAND.
The 18,000-yuan sunrise fee is published on the registry’s official web site, as I noted yesterday.
The registry email sent to Facebook is reproduced in this PDF.
I wondered yesterday whether a breakdown in communication may to be blame. Perhaps I was correct.
While $3,000 is still rather high for a defensive registration, it doesn’t stink of extortion quite as badly as $30,000.
Still, it’s moderately good news for Facebook and any other company worried they were going to have to shell out record-breaking prices to defensively register their brands.
Here’s how the new number two new gTLD got so big so quick
Attentive DI readers will recall my journalistic meltdown last week, when I tried to figure out how the Chinese new gTLD .网址 managed to hit #2 in the new gTLD zone file size league table, apparently shifting a quarter of a million names in a week.
Well, after conversations with well-placed sources here at NamesCon in Las Vegas this week, I’ve figured it out.
.网址 is the Chinese for “.url”.
Its rapid growth — hitting 352,000 names today — can be attributed primarily to two factors.
First, these weren’t regular sales. The registry, Knet, which acquired original applicant Hu Yi last year, operates a keyword-based navigation system in China that predates Chinese-script gTLDs.
The company has simply grandfathered its keyword customers into .网址, I’m told.
The keyword system allows Latin-script domains too, which explains the large number of western brands that appear in the .网址 zone.
The second reason for the huge bump is the fact that many of the domains are essentially duplicates.
Chinese script has “traditional” and “simplified” characters, and in many cases domains in .网址 are simply the traditional equivalents of the simplified versions.
I understand that these duplicates may account for something like 30% of the zone file.
I’ve been unable to figure out definitively why the .网址 Whois database appeared to be so borked.
As I noted last week, every domain in the .网址 space had a Knet email address listed in its registrant, admin and technical contact fields.
It seems that Knet was substituting the original email addresses with its own when Whois queries were made over port 43, rather than via its own web site.
Its own Whois site (which doesn’t work for me) returned the genuine email addresses, but third-party Whois services such as DomainTools and ICANN returned the bogus data.
Whether Knet did this by accident or design, I don’t know, but it would have almost certainly have been a violation of its contractual commitments under its ICANN Registry Agreement.
However, as of today, third-party Whois tools are now returning the genuine Whois records, so whatever the reason was, it appears to be no longer an issue.
The new massive number two new gTLD has me paralyzed with confusion
The Chinese-script gTLD .网址 powered to the number two spot in the new gTLD rankings by zone file size this week, but it’s doing some things very strangely.
.网址 is Chinese for “.site”, “.url” or “.webaddress”.
The registry is Hu Yi Global, ostensibly a Hong Kong-based registrar but, judging by IANA’s records, actually part of its Beijing-based back-end Knet.
I’m going to come out and admit it: even after a few hours research I still don’t know a heck of a lot about these guys. The language barrier has got me, and the data is just weird.
These are the things I can tell you:
- .网址 has 352,727 domains in its zone file today, up by about a quarter of a million names since the start of the week.
- The names all seem to be using knet.cn name servers
- I don’t think any of them resolve on the web. I tried loads and couldn’t find so much as a parking page. Google is only aware of about eight resolving .网址 pages.
- They all seem to have been registered via the same Chinese registrar, which goes by the name of ZDNS (also providing DNS for the TLD itself).
- They all seem to be registered with “nameinfo@knet.com” in the email address field for the registrant, admin and technical contacts in Whois, even when the registrants are different.
- That’s even true for dozens of famous trademarks I checked — whether it’s the Bank of China or Alexander McQueen, they’re all using nameinfo@knet.cn as their email address.
- I’ve been unable to find a Whois record with a completed Registrant Organization field.
- Nobody seems to be selling these things. ZDNS (officially Internet Domain Name System Beijing Engineering Research Center) is apparently the only registrar to sell any so far and its web site doesn’t say a damn thing about .网址. The registry’s official nic.网址 site doesn’t even have any information about how to buy one either.
- ZDNS hasn’t sold a single domain in any other gTLD.
- News reports in China, linked to from the registry’s web site, boast about how .网址 is the biggest IDN TLD out there.
So what’s going on here? Are we looking at a Chinese .xyz? A bunch of registry-reserved names? A seriously borked Whois?
Don’t expect any answers from DI today on this one. I’ve been staring at Chinese characters for hours and my brain is addled.
I give up. You tell me.
.reise is first live new gTLD to hit the auction block
German domain registry Dotreise has become the first company to reveal that it wants to sell off a new gTLD.
Innovative Auctions is to handle an auction on February 27 at which Dotreise will attempt to unload the unwanted string, it emerged this evening.
The word “reise” is German for “travel”.
The gTLD has failed to capture much interest since it launched. As of today, it has just 1,254 domains in its zone file, about 1,000 of which were registered in its first week of general availability last August.
At launch, it had just a handful of registrars. Only four registrars sold more than 100 names in August.
It’s currently a relatively big-ticket TLD, which may account for the low sales. It retails for about $170 to $180 at United-Domains, the registrar that has shifted the most .reise names to date.
That would put revenue for .reise at under a quarter of a million dollars a year, based on its current volume, I guess.
It competes with Donuts’ .reisen, which has pretty much the same meaning but has been available a month longer and retails for under $25 a year; .reisen has a slightly bigger zone file, at 3,839 domains.
According to Innovative, the company behind Applicant Auction, which helps settle new gTLD contention sets with auctions:
The .REISE TLA will be a simultaneous ascending clock auction, similar to the format of the Applicant Auction. There will be no buyer commission for this auction, so no additional fees – you just pay the winning price if you win.
It’s a one-day auction.
Innovative had planned to auction off multiple live gTLDs in October, but was hit by delays.
Fatal timeout? A dozen dot-brands procrastinating to death
Over a dozen new gTLD applications have been iced because the applicants couldn’t or wouldn’t talk to ICANN about signing contracts before their deadlines.
Volvo and PricewaterhouseCoopers are among the 13 dot-brand applicants whose $185,000+ investments could vanish in a puff of smoke because they can’t bring themselves to sign on the dotted line, I’ve discovered.
The following gTLD applications, filed by 10 different companies, are no longer active because of contracting problems:
.select, .compare, .axis, .origins, .changiairport, .nissay, .lamer, .clinique, .pwc, .volvo, .amp, .招聘 (Chinese “.recruitment”), .wilmar
They’re all uncontested applications. They’re also all, with the exception of .招聘, envisaged having single-registrant policies (dot-brands, in other words).
All had their apps flagged by ICANN as “Will Not Proceed” in the new gTLD process late last year, having failed to sign or start negotiating their Registry Agreements in time.
Under program rules, applicants originally had nine months from the day they were invited to contract with ICANN in which to sign their RAs.
After protests from dot-brand applicants planning to sign up for so-called “Spec 13” code of conduct exemptions, ICANN last June gave such applicants an extension until July 2015, as long as they hit a September 1 deadline to respond to ICANN’s overtures.
Applicants that did not request an extension had an October 29 deadline to sign their RAs.
According to an ICANN spokesperson, a failure to hit such “interim milestones” disqualifies applicants from signing RAs.
It’s not entirely clear from the Applicant Guidebook how applicants can extricate themselves from this limbo state without withdrawing their applications, but ICANN assures us it is possible.
“Will not Proceed is not a final status,” the spokesperson cautioned. “But they are currently not eligible to sign the RA with ICANN. But if that status changes, we’ll update it accordingly on the site.”
Withdrawals would qualify the applicants for a 35% refund on their application fees, he confirmed.
Schilling laughing as Uniregistry beats Google to .lol
Uniregistry’s portfolio of quirky new gTLDs grew today. The company seems to have beaten Google to .lol in a private deal.
The two companies were the only ones to apply for .lol, and Google’s application was formally withdrawn today.
As usual for private contention set settlements, the winning price has not been disclosed.
Uniregistry has 18 delegated gTLDs in its stable, with five more currently uncontested applications (.lol makes six) waiting in the wings.
I like .lol as a gTLD. It’s a punchy, short, meaningful string that certainly belongs to the right of the dot.
I can see it being deployed in the near term by the incessant sewer of BuzzFeed clones that are increasingly stinking up social media, which could give increased visibility and helpful viral marketing.
Longer term, there may be a worry if in future the kidz stop using “lol” and start viewing it as something their parents say, but we’re probably a ways from that yet.
One company now owns almost a third of all registrars
TurnCommerce acquired another 299 registrar accreditations from ICANN over Christmas week.
The company, which is behind domain properties including DropCatch.com, now has at least 452 registrars in its stable. That’s over 31% of the 1,456 total currently reported by Internic.
Each of the new accreditations is named “DropCatch”, followed by a number from 446 to 751. Each has a matching .com domain as its nominal base of operations and an associated LLC shell company.
At $4,000 a year for the base accreditation fee, TurnCommerce must be spending close to $2 million a year in ICANN fees alone.
Companies in the drop-catching business acquire large numbers of registrars in order to control more batches of connections with which to spam gTLD registries with “add” requests when potentially valuable domains expire and are deleted.
With almost a third of all accredited registrars now operating under the same control, one imagines TurnCommerce’s chances of securing the names it wants have been significantly improved.
As well as DropCatch, TurnCommerce runs retail registrar NameBright and premium sales site HugeDomains. It has plans to launch additional services at Expire.com and PremiumDomains.com shortly.
Its latest crop of registrars means ICANN has accredited over 2,200 companies since the gTLD registrar market was opened for competition 15 year ago, though many have allowed their contracts to lapse or, less frequently, have been terminated by ICANN compliance efforts.
.baby and .mls fetch over $3 million each
ICANN and Power Auctions have completed December’s mini-batch of “last resort” new gTLD auctions, adding a total of $6.4 million to its mysterious auction cash pile.
Johnson & Johnson won .baby, fighting off five portfolio applicants and paying a winning bid of $3,088,888.
Meanwhile, the Canadian Real Estate Association beat Afilias to .mls, paying $3,359,000.
I called it for CREA earlier this week, noting that the organization wanted .mls enough that it filed two applications, a failed Community Priority Evaluation, and an unsuccessful Legal Rights Objection against Afilias.
ICANN has now raised over $34 million selling off 10 strings at last resort auctions, with prices ranging from $600,000 (.信息) to $6.7 million (.tech).
The money has been set aside for purposes currently undecided. At least one applicant wants ICANN to redistribute the cash to losing bidders, which I don’t think is particularly likely.
Human glitch lets hackers into ICANN
It’s 2014. Does anyone in the domain name business still fall for phishing attacks?
Apparently, yes, ICANN staff do.
ICANN has revealed that “several” staff members fell prey to a spear-phishing attack last month, resulting in the theft of potentially hundreds of user credentials and unauthorized access to at least one Governmental Advisory Committee web page.
According to ICANN, the phishers were able to gather the email passwords of staff members, then used them to access the Centralized Zone Data Service.
CZDS is the clearinghouse for all zone files belonging to new gTLD registries. The data it stores isn’t especially sensitive — the files are archives, not live, functional copies — and the barrier to signing up for access legitimately is pretty low.
But CZDS users’ contact information and login credentials — including, as a matter of disclosure, mine — were also accessed.
While the stolen passwords were encrypted, ICANN is still forcing all CZDS users to reset their passwords as a precaution. The organization said in a statement:
The attacker obtained administrative access to all files in the CZDS. This included copies of the zone files in the system, as well as information entered by users such as name, postal address, email address, fax and telephone numbers, username, and password. Although the passwords were stored as salted cryptographic hashes, we have deactivated all CZDS passwords as a precaution. Users may request a new password at czds.icann.org. We suggest that CZDS users take appropriate steps to protect any other online accounts for which they might have used the same username and/or password. ICANN is providing notices to the CZDS users whose personal information may have been compromised.
As a victim, this doesn’t worry me a lot. My contact details are all in the public Whois and published on this very web site, but I can imagine other victims might not want their home address, phone number and the like in the hands of ne’er-do-wells.
It’s the second time CZDS has been compromised this year. Back in April, a coding error led to a privilege escalation vulnerability that was exploited to view requests by users to new gTLD registries.
Also accessed by the phishers this time around were several pages on the GAC wiki, which is about as interesting as it sounds (ie, not very). ICANN said the only non-public information that was viewed was a “members-only index page”.
User accounts on the ICANN blog and its Whois information portal were also accessed, but apparently no damage was caused.
In summary, the hackers seem to have stolen quite a lot of information they could have easily obtained legitimately, along with some passwords that may allow them to cause further mischief if they can be decrypted.
It’s embarrassing for ICANN, of course, especially for the staff members gullible enough to fall for the attack.
While the phishers made their emails appear to come from ICANN’s own domain, presumably their victims would have had to click through to a web page with a non-ICANN domain in the address bar order to hand over their passwords.
That’s not the kind of practice you’d expect from the people tasked with running the domain name industry.
Hotly contested gTLDs up for auction tomorrow
ICANN’s fifth set of last-resort new gTLD auctions is set for tomorrow and it’s another small batch.
Just two contention sets — .baby and .mls — are set to be resolved, with ICANN stashing the winning bids into its special fund.
.baby is hotly contested with no fewer than six applicants — five portfolio applicants and one big brand.
Will Johnson & Johnson get what was once a single-registrant “closed generic”, or will Donuts, Google, Radix, Famous Four or Minds & Machines prevail?
Meanwhile, .mls (for “multiple listing service”, a type of real estate listings aggregation service popular in North America) is a two-horse race between Afilias and the Canadian Real Estate Association.
I’m tempted to call this one for CREA. The organization is so desperate for the .mls gTLD that it filed two applications, one “community” and one vanilla.
The community application was withdrawn earlier this year when CREA scored 11 out of 16 points on its Community Priority Evaluation, failing to pass the 14-point threshold.
The organization even filed a Legal Rights Objection against Afilias in attempt to kill off the competition, which also failed.
Having fought off these challenges, Afilias is either going to get the gTLD or walk away empty-handed. The last resort auction does not compensate unsuccessful bidders for their investments.
Recent Comments