Latest news of the domain name industry

Recent Posts

ICANN told to ban .bank or get sued

Kevin Murphy, November 21, 2010, Domain Registries

A major financial services lobby group has threatened to sue ICANN unless it puts strict limitations on “.bank” top-level domains.

BITS, the technology policy arm of the Financial Services Roundtable, said financial domains should be banned from the first round of new TLDs, until rules governing security are developed.

In a November 4 letter to ICANN chief executive Rod Beckstrom, BITS said:

If these critical issues are not fully resolved and ICANN chooses not to defer financial TLD delegation, BITS, its members and its partners are prepared to employ all available legislative, regulatory, administrative and judicial mechanisms.

BITS counts all the major US banks among its membership, as well as many large insurance companies and share-trading services.

The organization is concerned that TLDs such as .bank could lead to consumer confusion and an increase in fraud online if delegated into the wrong hands.

While BITS said that it “prefer[s] a prudent solution”, it has threatened to file “legal complaints in one or more jurisdictions” and to lobby the US Congress for legislation.

It noted that ICANN’s IANA contract, which gives it the power to create new TLDs, expires next August, and said that it may lobby Congress for legislation mandating better security as a condition of the renewal.

BITS and other financial groups have already written to members of Congress, in September, expressing disappointment with the absence of a high-security TLD policy from ICANN and adding:

In recognition of the need for higher levels of security and stability in financial services gTLDs than in gTLDs generally, we urge you to support inclusion of language in cyber security legislation language that prevents ICANN from adding financial services gTLDs to the root zone unless the IANA contract specifies higher levels of security for such gTLDs.

The Federal Deposit Insurance Corporation, the US government body responsible for insuring banks, has also written to the Department of Commerce, expressing its concerns about the possible introduction of a .bank TLD.

Currently, I’m not aware of any public initiative to apply for .bank, but it’s possible that restrictions on financial services TLDs could capture the recently launched German “.insurance” project.

The BITS correspondence was published (pdf) as an attachment to an ongoing Reconsideration Request lodged by Michael Palage, chair of the High Security Top Level Domain Verification Program Advisory Group.

The HSTLD group has been working on a set of technological policy specifications for registries managing high-security TLDs.

Palage is annoyed that ICANN’s board seems to have distanced itself from the HSTLD concept before the group has even finished its work, by resolving in September that:

ICANN will not endorse or govern the program, and does not wish to be liable for issues arising from the use or non-use of the standard.

The HSTLD group, by contrast, has a “clear majority in support of ICANN retaining a continued oversight role”, according to Palage. He wrote:

The ICANN Board’s unilateral actions also have a chilling effect on future bottom up consensus efforts because participants have no basis to know when the ICANN Board will take such unilateral actions in the future.

He’s not alone in worrying about recent top-level ICANN decisions that appear to put corporate legal liability ahead of the wishes of the community. I reported on the issue last week.

Go Daddy objects to numeric .tel domains

Kevin Murphy, November 19, 2010, Domain Registries

Go Daddy has objected to Telnic’s plan to start selling numeric .tel domain names, saying that it, among other things, “smells a lot like gaming”.

Telnic applied to ICANN last month to revise its registry contract to enable it to start selling domains containing numbers and hyphens.

I speculated a month ago that the International Telecommunications Union might object to the proposal, for reasons I explained in some depth.

(Briefly, Telnic won the .tel sponsored TLD partly because it promised for years not to enable domains that could look like phone numbers.)

But the ITU had nothing to say, at least in terms of the ICANN public comment period.

Go Daddy’s Tim Ruiz did object last Saturday on related grounds, telling ICANN:

We believe that this request cannot be granted without requiring the rebidding of the .tel sTLD itself. It is unfair to other applicants and potential applicants to allow an sTLD to change its purpose after the fact.

Since community, purpose, and use were such important aspects of the sTLD allocation decisions it seems inappropriate, fundamentally unfair, and even smells a lot like gaming, to allow an sTLD to change those aspects without an opportunity for others to bid competitively.

In response to Ruiz’s letter, Telnic chief executive Khashayar Mahdavi wrote to ICANN:

The restriction on all-numeric strings has nothing to do with the nature of .tel and was instead a measure put in place to address initial concerns about potential conflicts with ENUM… We believe time and the growing understanding of the .tel technology have proven such a conflict does not exist.

ENUM is a protocol for addressing voice services using the DNS. It uses dots between each individual digit of a phone number, which would be specifically disallowed under Telnic’s plans.

Mahdavi also expressed confusion as to why Go Daddy bothered to object – it is not currently a registry, it does not carry .tel domains and it will presumably not be affected by the relaxation of the .tel rules.

Is it possible the registrar is taking a principled stance?

Ruiz also noted:

We believe that certain other recent requests under the guise of the RSEP [Registry Services Evaluation Process] by sTLDs were also likely inappropriate for similar reasons

He didn’t specify which sTLDs he was talking about. Without wishing to put words into his mouth, I can think of at least one that fits the description.

The Telnic proposal has already passed ICANN’s staff evaluation. I expect it could come before the board next month at its Cartagena meeting.

In separate news, Telnic’s less-controversial proposal to start selling one and two-character .tel domains has now passed its ICANN evaluation (pdf).

How “final” is the new TLD guidebook?

Kevin Murphy, November 19, 2010, Domain Registries

Many would-be new top-level domain registries were pleasantly surprised a week ago when ICANN published the latest Applicant Guidebook and referred to it as the “proposed final” version.

But it was pretty clear, even on a cursory reading, that the AGB is far from complete; in some cases, text is explicitly referred to as being subject to further revision.

There’s also a public comment period ongoing, providing feedback some of which will presumably be taken on board by ICANN at its Cartagena meeting next month.

But ICANN has now provided a little bit more clarity on how “final” the “proposed final” AGB really is.

Senior veep Kurt Pritz, ICANN’s point man on the new TLD program, had this to say on Thursday’s teleconference of the GNSO Council:

There are always going to be changes to the guidebook. And so, even though this is the proposed final guidebook, we’re doing some final work on trying to find areas of accommodation with the Recommendation 6 working group and making some changes there, and working through perhaps a registry code of conduct; there are perhaps some issues with data protection there.

If folks want to consider this as final it will have to be with the understanding that the guidebook will always be changing, but having an understanding that those changes really don’t materially change the positions of applicants or the decisions of whether or not to go ahead and apply or the resources necessary to apply or sustain registry operations.

I reported on some of the issues with the Rec 6 working group, which is dealing with the “morality an public order objections” process, earlier this week.

The registry code of conduct, which sets limits on what data can be shared in co-owned registries/registrars, was new in the latest AGB draft. It looks to me like the kind of thing you’d normally expect to be debated for many months before being accepted.

But apparently future changes to these parts of the guidebook will not be substantive enough to change potential applicants’ plans.

Pritz said on the GNSO call that the current public comment period, which ends on the day of the Cartagena board meeting, could be thought of as similar to the comment periods that precede votes on ICANN’s budget.

In those cases, the board votes to approve the budget subject to changes based on public comments in advance of those changes being made.

It seems to me that the board’s options in Cartagena are to a) approve the AGB, b) approve it subject to directed changes (the “budget” scenario), or c) delay approval pending further community work.

I’m guessing option b) is the preferred outcome, but there’s no predicting what surprises could emerge over the next few weeks.

Sponsor stonewalls .jobs critics

Kevin Murphy, November 19, 2010, Domain Registries

The sponsor of the .jobs top-level domain appears to be giving opponents including Monster.com a hard time as they continue to challenge the liberalization of the domain.

In its most recent ICANN filing (pdf), the Society for Human Resource Management said it does not want to meet with the .JOBS Charter Compliance Coalition and ICANN to help resolve their differences.

Last week, SHRM declined to given ICANN a straight answer when it asked whether jobs sites like Monster.com will be able to register domains under the new .jobs rules.

The Coalition of jobs sites was assembled to oppose the “Phased Allocation Program”, which allows .jobs registry Employ Media to allocate thousands of premium geographic and vocational domains to its partners.

While the program has already been approved by ICANN’s board, the Coalition has filed a Reconsideration Request appeal in an attempt to get the ruling overturned.

This week, Coalition lawyer Becky Burr sent a letter (pdf) to ICANN asking for a face-to-face meeting with representatives of ICANN, the Coalition, Employ Media and SHRM.

In response, SHRM general counsel Henry Hart said the organization “does not believe that it should participate in such a meeting.”

Last week, SHRM threw its full support behind Employ Media, tersely responding (pdf) to a list of ICANN’s questions relating to the registry’s plans for the domain.

ICANN’s reconsideration committee wanted to know whether the allocation program violated the .jobs charter by allowing registrants from outside the human resources community.

SHRM said it did not, but it did confirm that it does expect .jobs – which has so far been reserved for companies to list their own job vacancies – to be used in future for aggregated jobs sites operated by Employ Media.

Did the SHRM PD Council intend to enable the Registry (Employ Media) to register domain names in the .JOBS sTLD for the purpose of allowing third-party job postings on those sites? If so, please explain how this consistent with the .JOBS Charter.

Yes. The PD Council concluded, based on input from the Community, that this would serve the needs of the international human resource management community.

But when ICANN asked whether this means Monster.com, for example, would qualify, SHRM response was more vague.

Are independent job site operators (such as Monster.com) engaged in “human resources management” for the purpose of the definition set forth in the .JOBS Charter if the job site operator is advertising for jobs outside its own organization?

Independent job site operators provide a highly valued service to the international human resource management community.

The Coalition, in Burr’s letter, said the answers “simply ignore the responses sought by the direct questions of the [Board Governance Committee”.

Hart disputed this characterization of the answers.

Employ Media plans to allocate premium domains at first via an RFP process. It’s believed that the DirectEmployers Association is set to receive the lion’s share of the good domains for its universe.jobs plan.

Some new TLDs will have traffic from day one

Kevin Murphy, November 19, 2010, Domain Registries

Some non-existent top-level domains already receive so much traffic that they would risk being overwhelmed if delegated under ICANN’s new TLD program.

That’s one of the takeaways from a new report from ICANN’s Security and Stability Advisory Committee, published this week (pdf).

Amazingly, the SSAC found that the top 10 non-existent TLDs already account for a whopping 10% of traffic at the DNS root servers, with some strings receiving many millions of lookups every day.

Over a quarter of the TLD resolutions handled by the roots result in errors, it found.

Most of these invalid lookups are the result of configuration errors on networking gear.

The word “local” is responsible for about 5% of all TLD lookups, the report says. The terms “corp”, “lan”, “home” and “belkin” also account for big slices of traffic.

This presents potentially serious security problems, as you might imagine.

Imagine that “.lan” is approved as a TLD. Previously unresolveable domains would start working, and badly configured gear could start sending private LAN data out into the cloud.

It would also put an big load on the .lan TLD operator from day one.

The SSAC said:

The .lan TLD registry operator – and generally, any TLD registry operator that chooses a string that has been queried with meaningful frequency at the root – potentially inherits millions of queries per day. These queries represent data that can be mined or utilized by the registry operator.

The report recommends that ICANN add certain highly trafficked strings from to its list of prohibited TLDs, and also that it warns applicants for TLDs that already have traffic.

We recommend that ICANN inform new TLD applicants of the problems that can arise when a previously seen string is added to the root zone as a TLD label and that ICANN should coordinate with the community to identify principles that can serve as the basis for prohibiting the delegation of strings that may introduce security or stability problems at the root level of the DNS.

If endorsed by ICANN, the recommendation could make TLDs such as .home, .corp and .local verboten. It could also present Belkin with a problem if it planned to apply for a “.brand”.

(UPDATE: .local is actually already on the reserved list)