Latest news of the domain name industry

Recent Posts

ZADNA CEO suspended for “hybrid misconduct”

The CEO of South Africa’s ccTLD registry has reportedly been suspended amid claims of “acts of misconduct”.

According to reports in the local tech press, Vika Mpisane was suspended in early December and has been subject to a delayed disciplinary process since January.

“Mr Vika Mpisane was suspended for serious hybrid acts of misconduct including mismanagement of ZADNA funds and others,” ZADNA chair Motlatjo Ralefatane told MyBroadband.

While details are rather thin on the ground, there are local rumors that some of the allegations relate to Mpisane’s salary and bonuses.

Ralefatane reportedly said that forensic accounting investigations are ongoing.

ZADNA, the ZA Domain Name Authority, is a non-profit organization and official ccTLD manager for .za. It answers to the South African government, but is not funded by it. It should not be confused with ZACR, the commercial entity that actually runs the .za registry on ZADNA’s behalf.

Mpisane has come under increased scrutiny this week as it turns out he is running unopposed for the Southern Africa seat on the board of AFRINIC, the Regional Internet Registry responsible for handing out IP addresses on the continent, apparently without ZADNA’s knowledge.

According to MyBroadband, Ralefatane believes Mpisane should not be representing that he has ZADNA’s support for his run.

His CV (pdf), posted to the AFRINIC web site in April, states that he is the current CEO of ZADNA, with no reference to his suspension.

Ralefatane reportedly added that she is not sure if AFRINIC or ICANN are aware of the allegations against him. They are now.

Mpisane is still listed on ZADNA’s web site as its CEO, also with no reference to the suspension.

His bio on the site reads, in its entirety (errors from the original): “The voice of reason and wisdom An outstanding leader with passion about the internet and what is has to offer. He walks the talk and talks the talk”.

Brand kills off gTLD that is actually being USED

Two more companies have told ICANN they’ve changed their minds about running a dot-brand gTLD, including the first example of a TLD that is actually in use.

Dun & Bradstreet has said it no longer wishes to launch .duns, and Australian insurance company iSelect has had enough of .iselect.

Both companies filed to voluntarily terminate their ICANN registry agreements in March, and ICANN published its preliminary decision to allow them to do so this week.

While business data provider D&B never got around to using .duns, .iselect has had dozens of active domains for years.

The company started putting domains in its zone file about three years ago and had over 90 registered names at the last count, with about a dozen indexed by Google. That’s a quite a lot for a dot-brand.

It is using domains such as home.iselect, news.iselect and careers.iselect as redirects to parts of its main corporate site, while domains such as gas.iselect, creditcards.iselect and health.iselect send customers to specific product pages.

They all redirect to its main iselect.com.au site. There are no web sites as far as I can tell that keep visitors in the .iselect realm.

I’m pretty certain this is the first example of a voluntary contract termination by a dot-brand that is actually in active use.

There have been 52 such terminations to date, including these two latest ones, almost all of which have been dot-brands that never got out of the barn door.

That’s over 10% of the dot-brands that were delegated from the 2012 gTLD application round.

Time for some more ICANN salary porn

Kevin Murphy, June 3, 2019, Domain Policy

ICANN has filed its tax return for its fiscal 2018, so it’s once again that time of the year in which the community gets to salivate over how much its top staffers get paid.

The latest form 990, covering the 12 months to June 30, 2018, shows that the top 21 ICANN employees were compensated to the tune of $10.3 million, an average of $492,718 each.

That’s up about 4% from $9.9 million in the previous year, an average across the top 21 staffers of $474,396 apiece.

These numbers include base salary, bonuses, and benefits such as pension contributions.

Employee compensation overall increased from $60 million to $73.1 million.

The biggest earner was of course CEO Göran Marby, who is now earning more than his immediate predecessor Fadi Chehadé but a bit less than last-but-one boss Rod Beckstrom.

Marby’s total compensation was $936,585, having received a bonus of almost $200,000 during the year. His base salary was $673,133.

The number of staffers receiving six-figure salaries increased from 159 in fiscal 2017 to 183 — about 44% of its estimated end-of-year headcount.

Towards the end of the reported year, as ICANN faced a budget crunch, many members of the ICANN community had called on the organization to rein in its spending on staff.

ICANN says it targets compensation in the 50th to 75th percentile range for the relevant industry.

The top five outside contractors in the year were:

  • Jones Day, ICANN’s go-to law firm. It received $5.4 million, down from $8.7 million in 2017.
  • Zensar Technologies, the IT consultancy that develops and supports ICANN software. It received $3.7 million.
  • IIS, the Swedish ccTLD registry, which does pre-delegation testing for new gTLDs. It received $1.3 million.
  • Iron Mountain, the data escrow provider. It received $1.1 million.
  • Infovity, which provides Oracle software support. It received $1 million.

The return shows that ICANN made a loss of $23.9 million in the year, on revenue that was down from $302.6 million to $136.7 million.

The primary reason for this massive decrease in revenue was the $135 million Verisign paid for the rights to run .web, at an ICANN last-resort auction, in ICANN’s fiscal 2017.

The tax form for 2018 can be found here (pdf) and 2017’s can be found here (pdf).

These 27 companies have ditched the .com for their dot-brand

Earlier today, I listed what I believe might be the top 10 dot-brand gTLDs with the most active web sites, but noted that it was probably a rubbish way to gauge the success of the dot-brand concept.

As a follow-up, I thought I’d figure out which brands have taken the bold step of ditching the .com and made their dot-brand their primary web destination.

I found 27 TLDs, which is simultaneously not a lot and easily twice as many as I was expecting.

The most-popular second-level string was “home”, with 12 examples. The string “global” occurs five times on the list.

I did this research manually with Google and a list of 275 dot-brands — anything with Spec 13 in its contract and more than two domains in its zone file — culled from my database.

To get on this list, at least one of the following had to be true:

  • The dot-brand was the top hit on Google when searching for the brand in question.
  • The .com redirects to the dot-brand.

Sometimes I had to factor out Google’s enormously irritating habit of localizing results, which would prioritize a .uk domain, particularly in the case of automotive brands.

On a few occasions, if I could not be certain whether the “official” primary site was in a ccTLD or the dot-brand, I used the brand’s Wikipedia page as a tie-breaker.

Some entries on the list may be a bit debatable.

I’m not sure whether .barclays should be there, for example. There’s little doubt in my mind that barclays.co.uk is the site that the majority of Barclays’ banking customers use, but barclays.com redirects visitors to home.barclays, so it fits my criteria.

In general, I’ve erred on the side of caution. If the top search result was for the brand’s .com, it was immediately ruled out, no matter how enthusiastic a dot-brand user the company otherwise appeared to be.

Here’s the list. Please let me know if you think I’ve missed any.

TLDBrand2LD
bnpparibasBNP Paribasgroup
bradescoBanco Bradesco S.A.banco
canonCanon Inc.global
cernEuropean Organization for Nuclear Research (CERN)home
cuisinellaSALM S.A.S.ma
dhlDeutsche Post AGlogistics
fageFage International S.A.home
hisamitsuHisamitsu Pharmaceutical Co.,Inc.global
ipirangaIpiranga Produtos de Petroleo S.A.portal
komatsuKomatsu Ltd.home
kpmgKPMG International Cooperativehome
locusLocus Analytics LLChome
neustarNeuStar, Inc.home
pictetPictet Europe S.A.group
pioneerPioneer Corporationglobal
praxiPraxi S.p.A.praxi
sandvikSandvik ABhome
saxoSaxo Bank A/Shome
schmidtSALM S.A.S.home-design
senerSener Ingeniería y Sistemas, S.A.ingenieriayconstruccion
toyotaToyota Motor Corpglobal
warmanWeir Group IP Limitedhome*
weberSaint-Gobain Weber SAhome
weirWeir Group IP Limitedglobal

Twenty-seven gTLDs is not a great many, of course, considering that some dot-brands have been delegated for half a decade already.

It’s about half as many as have already torn up their ICANN registry agreements, and it represents less than 6% of the new gTLDs that my database says have Spec 13 in their contracts.

But I reiterate that this is not a list of companies using their dot-brands but rather of those apparently putting their .com firmly in the back seat to their dot-brand.

These are the 10 most-used dot-brands

This article was deleted October 1, 2019 after numerous errors were discovered.

Four presidents slam .amazon decision

Kevin Murphy, May 28, 2019, Domain Policy

The leaders of four of the eight governments of the Amazon region of South America have formally condemned ICANN’s decision to move ahead with the .amazon gTLD.

In a joint statement over the weekend, the presidents of Peru, Colombia, Ecuador and Bolivia, said they have agreed to “to join efforts to protect the interests of our countries related to geographical or cultural names and the right to cultural identity of indigenous peoples”.

These four countries comprise the Andean Community, an economic cooperation group covering the nations through which the Andes pass, which has just concluded a summit on a broad range of issues.

The presidents said they have “deep concerns” about ICANN’s decision to proceed towards delegating .amazon to Amazon the company, over the objections of the eight-nation Amazon Cooperation Treaty Organization.

ICANN is “setting a serious precedent by prioritizing private commercial interests over public policy considerations of the States, such as the rights of indigenous peoples and the preservation of the Amazon in favor of humanity and against global warming”, they said (via Google Translate).

ACTO had been prepared to agree to Amazon running .amazon, but it wanted effective veto power on the TLD’s policy-setting committee and a number of other concessions that Amazon thought would interfere with its commercial interests.

As it stands, Amazon has offered to block thousands of culturally sensitive domains and to give the ACTO nations a minority voice in its policy-making activities.

ICANN will soon open these proposed commitments to public comment, and will likely decide to put .amazon into the root not too long thereafter.

Major registries posting “fabricated” Whois data

One or more of the major gTLD registries are publishing Whois query data that may be “fabricated”, according to some of ICANN’s top security minds.

The Security and Stability Advisory Committee recently wrote to ICANN’s top brass to complain about inconsistent and possibly outright bogus reporting of Whois port 43 query volumes.

SSAC said (pdf):

it appears that the WHOIS query statistics provided to ICANN by registry operators as part of their monthly reporting obligations are generally not reliable. Some operators are using different methods to count queries, some are interpreting the registry contract differently, and some may be reporting numbers that are fabricated or otherwise not reflective of reality. Reliable reporting is essential to the ICANN community, especially to inform policy-making.

SSAC says that the inconsistency of the data makes it very difficult to make informed decisions about the future of Whois access and to determine the impact of GPDR.

While the letter does not name names, I’ve replicated some of SSAC’s research and I think I’m in a position to point fingers.

In my opinion, Google, Verisign, Afilias and Donuts appear to be the causes of the greatest concern for SSAC, but several others exhibit behavior SSAC is not happy about.

I reached out to these four registries on Wednesday and have published their responses, if I received any, below.

SSAC’s concerns relate to the monthly data dumps that gTLD registries new and old are contractually obliged to provide ICANN, which publishes the data three months later.

Some of these stats concern billable transactions such as registrations and renewals. Others are used to measure uptime obligations. Others are largely of academic interest.

One such stat is “Whois port 43 queries”, defined in gTLD contracts as “number of WHOIS (port-43) queries responded during the reporting period”.

According to SSAC, and confirmed by my look at the data, there appears to be a wide divergence in how registries and back-end registry services providers calculate this number.

The most obvious example of bogosity is that some registries are reporting identical numbers for each of their TLDs. SSAC chair Rod Rasmussen told DI:

The largest issue we saw at various registries was the reporting of the exact or near exact same number of queries for many or all of their supported TLDs, regardless of how many registered domain names are in those zones. That result is a statistical improbability so vanishingly small that it seems clear that they were reporting some sort of aggregate number for all their TLDs, either as a whole or divided amongst them.

While Rasmussen would not name the registries concerned, my research shows that the main culprit here appears to be Google.

In its December data dumps, it reported exactly 68,031,882 port 43 queries for each of its 45 gTLDs.

If these numbers are to be believed, .app with its 385,000 domains received precisely the same amount of port 43 interest as .gbiz, which has no registrations.

As SSAC points out, this is simply not plausible.

A Google spokesperson has not yet responded to DI’s request for comment.

Similarly, Afilias appears to have reported identical data for a subset of its dot-brand clients’ gTLDs, 16 of which purportedly had exactly 1,071,939 port 43 lookups in December.

Afilias has many more TLDs that did not report identical data.

An Afilias spokesperson told DI: “Afilias has submitted data to ICANN that addresses the anomaly and the update should be posted shortly.”

SSAC’s second beef is that one particular operator may have reported numbers that “were altered or synthesized”. SSAC said in its letter:

In a given month, the number of reported WHOIS queries for each of the operator’s TLDs is different. While some of the TLDs are much larger than others, the WHOIS query totals for them are close to each other. Further statistical analysis on the number of WHOIS queries per TLD revealed that an abnormal distribution. For one month of data for one of the registries, the WHOIS query counts per TLD differed from the mean by about +/- 1%, nearly linearly. This appeared to be highly unusual, especially with TLDs that have different usage patterns and domain counts. There is a chance that the numbers were altered or synthesized.

I think SSAC could be either referring here to Donuts or Verisign

Looking again at December’s data, all but one of Donuts’ gTLDs reported port 43 queries between 99.3% and 100.7% of the mean average of 458,658,327 queries.

Is it plausible that .gripe, with 1,200 registrations, is getting almost as much Whois traffic as .live, with 343,000? Seems unlikely.

Donuts has yet to provide DI with its comments on the SSAC letter. I’ll update this post and tweet the link if I receive any new information.

All of the gTLDs Verisign manages on behalf of dot-brand clients, and some of its own non-.com gTLDs, exhibit the same pattern as Donuts in terms of all queries falling within +/- 1% of the mean, which is around 431 million per month.

So, as I put to Verisign, .realtor (~40k regs) purportedly has roughly the same number of port 43 queries as .comsec (which hasn’t launched).

Verisign explained this by saying that almost all of the port 43 queries it reports come from its own systems. A spokesperson told DI:

The .realtor and .comsec query responses are almost all responses to our own monitoring tools. After explaining to SSAC how Verisign continuously monitors its systems and services (which may be active in tens or even hundreds of locations at any given time) we are confident that the accuracy of the data Verisign reports is not in question. The reporting requirement calls for all query responses to be counted and does not draw a distinction between responses to monitoring and non-monitoring queries. If ICANN would prefer that all registries distinguish between the two, then it is up to ICANN to discuss that with registry operators.

It appears from the reported numbers that Verisign polls its own Whois servers more than 160 times per second. Donuts’ numbers are even larger.

I would guess, based on the huge volumes of queries being reported by other registries, that this is common (but not universal) practice.

SSAC said that it approves of the practice of monitoring port 43 responses, but it does not think that registries should aggregate their own internal queries with those that come from real Whois consumers when reporting traffic to ICANN.

Either way, it thinks that all registries should calculate their totals in the same way, to make apples-to-apples comparisons possible.

Afilias’ spokesperson said: “Afilias agrees that everyone should report the data the same way.”

As far as ICANN goes, its standard registry contract is open to interpretation. It doesn’t really say why registries are expected to collect and supply this data, merely that they are obliged to do so.

The contracts do not specify whether registries are supposed to report these numbers to show off the load their servers are bearing, or to quantify demand for Whois services.

SSAC thinks it should be the latter.

You may be thinking that the fact that it’s taken a decade or more for anyone to notice that the data is basically useless means that it’s probably not all that important.

But SSAC thinks the poor data quality interferes with research on important policy and practical issues.

It’s rendered SSAC’s attempt to figure out whether GDPR and ICANN’s Temp Spec have had an effect on Whois queries pretty much futile, for example.

The meaningful research in question also includes work leading to the replacement of Whois with RDAP, the Registration Data Access Protocol.

Finally, there’s the looming possibility that ICANN may before long start acting as a clearinghouse for access to unredacted Whois records. If it has no idea how often Whois is actually used, that’s going to make planning its infrastructure very difficult, which in turn could lead to downtime.

Rasmussen told DI: “Our impression is that all involved want to get the numbers right, but there are inconsistent approaches to reporting between registry operators that lead to data that cannot be utilized for meaningful research.”

Hold your horses! The last wave of comments on .amazon hasn’t started yet

ICANN has yet to open the final (?) public comment period on Amazon’s .amazon gTLD applications, but it’s been receiving comments anyway.

As I blogged at the weekend, ICANN has now given all but final approval to .amazon, and the last hurdle is 30 days of public comments, on Amazon’s proposed Public Interest Commitments.

I noted at the time that the ability to comment had not yet opened, or that it was well hidden.

Over the last 24 hours or so, ICANN has nevertheless received about 15 comments about .amazon on its old new gTLD application comment system.

They’re all negative, urging ICANN to prioritize the rights of the Amazon region of South America over Amazon’s corporate IP rights.

Go here and search for the string “amazon” to locate and read them.

But according to ICANN, the 30 days of comment has not yet kicked off.

A spokesperson told DI last night that the .amazon applications are still being processed and that the PICs have not yet been formally published.

It’s not yet clear whether the new gTLD application comment system will be used, or whether ICANN will use the email-based system it uses by default for comment periods.

I expect ICANN will make a formal announcement when comments do open. Either way, I’ll blog about it here when the time comes.

Amazon’s proposed PICs were published as part of a letter to ICANN (pdf) last month.

Given the timing, it seems ICANN only has a few days to open the comment period if it wants to have any hope of approving .amazon during ICANN 65, which runs in Marrakech from June 24 to 27.

.gay picks the absolutely perfect launch date

Top Level Design has announced the launch date for its forthcoming .gay gTLD, and the timing couldn’t be more symbolic.

It’s picked October 11 as the date for general availability, which also happens to be National Coming Out Day in the US.

National Coming Out Day, which has been observed by gay rights organizations since 1987, is meant to celebrate LBGTQ people “coming out of the closet” and publicly acknowledging their sexual identity.

It happens on the same date every year to commemorate a 1987 civil rights march in Washington, DC.

According to Wikipedia, the event is also celebrated in Ireland, Switzerland, the Netherlands and the UK.

Leading up to its GA launch, Top Level Design plans to kick off its sunrise period in August.

Given that .gay has not yet been delegated, and has not filed its startup plan with ICANN, I imagine there’s some flexibility to the launch timetable.

The registry has recently been brainstorming ideas about how to promote positive content and reduce the inevitable abuse in its new TLD.

Dot-brand .bond has been acquired and will relaunch as a generic this July

The domain name’s Bond, dot Bond… or something.

Sorry.

ShortDot, the registry behind the .icu top-level domain, has acquired a dot-brand gTLD and plans to repurpose it as a generic.

The seller is Bond University, a newish, smallish university in Queensland, Australia, and the gTLD is .bond.

ShortDot co-founder Kevin Kopas confirmed the deal to DI tonight, and said the new owner hopes .bond will prove attractive to bail bondsmen, offerers of financial bonds and, yes, fans of the James Bond franchise.

There’s also the dictionary meaning of “bonding” with somebody in a familial, friendly or business sense.

A new Bond movie is due to come out next April, so .bond might pick up a few regs then, assuming the registry is careful not to too closely associate itself with the heavily-guarded IP.

Kopas said that the current plan is to launch a 60-day sunrise period July 9 this year. ShortDot is currently working on unbranding the TLD within its ICANN contract, to allow it to sell to an unrestricted audience.

Premium domains will be offered with premium renewal fees.

ShortDot also plans to move away from Neustar’s back-end to CentralNic.

Bond University never actually used its TLD, which would have been a single-registrant space for its own exclusive use. It’s been dormant since its 2014 delegation, with just a single placeholder domain in its zone file.

There are plenty of those. About 50 owners of unused dot-brands have chosen to terminate their ICANN contracts and simply fizzle away to nothing.

But a small handful of others have chosen to instead sell their contracts to registries that think they can make a bit of money marketing them as generic strings.

The most obvious example of this to date would be .monster, which XYZ.com recently relaunched as a quirky open generic after the jobs site Monster.com decided it didn’t need a dot-brand after all. It’s been on sale for about a month and has about 1,750 names in its zone file.

The first example, I believe, was .observer, which Top Level Spectrum acquired from the Observer newspaper in 2016. That TLD went on sale two years ago but has fewer than 1,000 domains under management today.

Kopas said that the plan is to sell .bond names for between $5 and $10 wholesale.

“Overall the goal of ShortDot is to offer domains that are affordable for end users and profitable for registrars,” he said.

It’s only the company’s second TLD. The first was .icu, which it bought from One.com (which hadn’t really used it) and relaunched in May 2018.

Since then, it’s grown extremely rapidly and is currently the eighth-largest new gTLD by zone file volume.

It had over 765,000 domains in its zone today, up from basically nothing a year ago, no doubt largely due to its incredibly low prices.

Before AlpNames died, it was selling .icu names to Chinese customers for the yuan equivalent of just $0.50.

Today, the domain is available from NameCheap and NameSilo, its two largest registrars, for about $1.50.

Remarkably, spam fighters haven’t highlighted much to be concerned about in .icu yet.

The TLD has a 6.4% “badness” rating with SpamHaus, roughly the same as the similarly sized MMX offering .vip, which is also popular in China, and lower than .com itself.

Compare to .loan, which has a bit over a million names and which SpamHaus gives a 28.7% “bad” score.

In other words, .icu seems to be doing very well, volume-wise, without yet attracting huge amounts of abuse.

It’s a neat trick, if you can pull it off. But is the success repeatable? I guess we’ll find out with .bond when it launches.