Latest news of the domain name industry

Recent Posts

India to have SIXTEEN ccTLDs

While most countries are content to operate using a single ccTLD, India is to up its count to an unprecedented 16.

It already has eight, but ICANN’s board of directors at the weekend approved the delegation of an additional eight.

The new ccTLDs, which have yet to hit the root, are .ಭಾರತ, .ഭാരതം, .ভাৰত, .ଭାରତ, .بارت, .भारतम्, .भारोत, and .ڀارت.

If Google Translate and Wikipedia can be trusted, these words all mean “India” in, respectively, Kannada, Malayalam, Bengali, Odia, Arabic, Nepali, Hindi and Sindhi.

They were all approved under ICANN’s IDN ccTLD Fast Track program and will not operate under ICANN contract.

India already has seven internationalized domain name versions of its ccTLD in seven other scripts, along with its vanilla ASCII .in.

National Internet Exchange of India (NIXI) will be ccTLD manager for the whole lot.

India may have as many as 122 languages, according to Wikipedia, with 30 spoken by more than a million people.

Forget emojis, you can buy Egyptian hieroglyph .com domains

Call them the Emojis of the Ancient World.

Egyptian hieroglyphs were once the cutting edge of written communication, and it turns out Verisign lets you register .com domains using them.

Internationalized domain names expert Andre Schapp discovered a couple months ago that the Unicode code points for the ancient script have been approved in 16 Verisign gTLDs, and apparently no others.

This means that domains such as hieroglyph should resolve.

Unfortunately, DI’s database does not support these characters, so I’m having to use images.

But at least one domain investor seems have snapped up a few dozen single-pictograph Egyptian hieroglyph names about a month ago, and his page has clickable links.

Whether you see the hieroglyph or the Punycode, prefixed “xn--“, seems to depend on your browser configuration.

Ancient Egyptian is apparently not the only dead script that Verisign supports.

According to IANA, you can also get .com domains in Sumero-Akkadian cuneiform, which went out of fashion in the second century CE, as well Phoenician, the world’s oldest known script.

Then there’s Imperial Aramaic, Meitei, Kharosthi, ‘Phags-pa, Sylheti Nagari and goodness knows how many other extinct writing systems.

It seems .com has been approved for 237 IDN scripts, in total. Let it not be said that Verisign does not offer domainers ample opportunity to spunk their cash on gibberish.

No Klingon, though.

About that $3,800 emoji domain sale…

Kevin Murphy, June 5, 2017, Domain Tech

The debate over the age of the emoji domain name ☮.com may have been settled. It probably is as old as it was claimed to be.

You may recall that last week I blogged about the €3,400 ($3,816) sale of the domain to an end user. It wasn’t a big sale or a big story, but it’s so rare to see an emoji name sell I thought it was worth a few paragraphs.

It had been claimed, and I reported, that the name was 16 years old, having been registered in April 2001.

Later that day, ICANN principle technologist Paul Hoffman, who was co-author of the IDNA2003 standard that governed how non-ASCII domains were represented in the DNS, questioned whether the name could possibly be that old.

Under IDNA2003, IDNs are encoded with the “xn--” prefix. While applications may render ☮.com as the “peace” symbol, in the DNS it is in fact xn--v4h.com.

Hoffman told me that the prefix had been picked more or less at random in March 2003, so there was no way a speculator could have known in April 2001 how to register a domain that would have no meaning for another two years.

In addition, the Punycode standard that converts non-Latin characters to ASCII was not finalized until 2003 either.

It seemed more likely that the creation date in the Whois record was incorrect, so I updated the original blog post with the new information.

That kicked off a bit of a debate in the comments about scenarios in which the creation date was correct. Some commenters wondered whether the original buyer had registered many domains with different prefixes with the hope of getting lucky.

What none of us considered was that the domain itself changed between 2001 and 2003. Given new information Hoffman supplied over the weekend, that now strikes me as the most plausible scenario.

What most of us had forgotten was that Verisign launched an IDN registration test-bed all the way back in December 2000 (archive.org link).

That roll-out, controversial at the time, encoded the domains with Punycode predecessor RACE and used the bq– prefix.

However, after the IDNA2003 and Punycode standards were published in 2003, Verisign then converted all of the existing IDN .com domains over to the two new standards. Names beginning bq– were changed to xn--, and the encoding of the subsequent characters was changed.

So ☮.com very probably was registered in 2001, but in ASCII it was a completely different domain name back then.

We seem to have a rare(ish) case here of the creation date in the Whois being “right” but the domain name itself being “wrong”.

There may be as many as half a million .com domains with similar issues in their Whois.

I hope this clears up any confusion.

Emoji domains get a 👎 from security panel

Kevin Murphy, May 30, 2017, Domain Tech

The use of emojis in domain names has been discouraged by ICANN’s Security and Stability Advisory Committee.

In a paper late last week, SSAC told ICANN that emojis — aka emoticons or smileys — lack standardization, are barred by the relevant domain name technical standards, and could cause user confusion.

Emoji domains, while technically possible, are not particularly prevalent on the internet right now.

They’re implicitly banned in gTLDs due to the contractual requirement to adhere to the IDNA2008 standard, which restricts internationalized domain names to actual spoken human languages, and the only ccTLD I’m aware of actively marketing the names is Samoa’s .ws.

There was a notable example of Coca Cola registering 😀.ws (xn--h28h.ws) for a billboard marketing campaign in Puerto Rico a couple of years ago, but that name has since expired and been registered by an Australian photographer.

The SSAC said that emoji use should be banned in TLDs and discouraged at the second level for several reasons.

Mainly, the problem is that while emojis are described in the Unicode standards, there’s no standardization across devices and applications as to how they are displayed.

A certain degree of creative flair is permitted, meaning a smiling face in one app may look unlike the technically same emoji in another app. On smaller screens and with smaller fonts, technically different emojis may look alike.

This could lead to confusion, which could lead to security problems, SSAC warns:

It is generally difficult for people to figure out how to specify exactly what happy face they are trying to produce, and different systems represent the same emoji with different code points. The shape and color of emoji can change while a user is viewing them, and the user has no way of knowing whether what they are seeing is what the sender intended. As a result, the user is less likely to reach the intended resource and may instead be tricked by a phishing site or other intentional misrepresentation.

SSAC added that it:

strongly discourages the registration of any domain name that includes emoji in any of its labels. The SSAC also advises registrants of domain names with emoji that such domains may not function consistently or may not be universally accessible as expected

The brief paper can be read here (pdf).

Companies losing $10 BILLION by ignoring new gTLDs — report

Kevin Murphy, April 11, 2017, Domain Registries

The world economy is “conservatively” losing out on almost $10 billion of annual revenue due to a lack of support for new gTLDs and internationalized domain names, according to an ICANN-commissioned research report.

The report, conducted by Analysys Mason for the semi-independent Universal Acceptance Steering Group, calculated that patchy new gTLD support means $3.6 billion of activity is lost, with lack of IDN support costing $6.2 billion.

Despite “new” gTLDs being around for a decade and a half, there are still plenty of web sites and apps that incorrectly assume that all TLDs are either two or three characters. Others don’t support non-Latin scripts.

This leads to internet users abandoning transactions, the report says, when their email addresses are rejected as invalid.

Mason calculated the $3.6 billion number by multiplying the estimated number of email addresses using new gTLD domains (152 million) by the estimated average annual revenue generated per email address ($360), then calculating what portion of these transactions cannot happen due to incomplete TLD support.

Earlier research by .CLUB Domains suggests that 13% of sites do not support new gTLDs, so that’s the number Mason used. The researchers then cut the number in half, to account for the 50% of people it reckons would simply switch to an email address in a legacy TLD name.

That gets you to $3.6 billion of potential revenue lost for want of gTLD support.

Another, more cynical way to spin this would be to say that new gTLDs are causing $3.6 billion of economic damage. After all, if everyone were to use legacy TLDs there would be no problem.

For the IDN number, Mason calculated how many users of five major language groups (Russian, Chinese, Arabic, Vietnamese and Indian languages) are not currently online, then estimated how much revenue would be generated if just 5% of these users (17 million people) were persuaded online by the existences of IDN TLDs.

The report was commissioned in order to raise awareness of the financial benefits of universal acceptance.

The UASG has spent most of its efforts so far focusing on UA as a “bug fix” to be communicated to engineers, so the report is intended to broaden its message to catch the attention of the money people too.

The report, which goes into much more detail about how the numbers were arrived at, can be downloaded here.

Why you can’t register emojis in gTLDs

Kevin Murphy, February 25, 2015, Domain Tech

The popular “emoji” smiley faces are banned as gTLD domain names for technical reasons, according to ICANN.

Emojis are a form of emoticon that originated on Japanese mobile networks but are now used by 12-year-old girls worldwide due to their support on Android and iPhone operating systems.

CokeIt emerged last week that Coca-Cola has registered a bunch of smiley-face domain names under .ws, the Samoan ccTLD, for use in an billboard advertising campaign in Puerto Rico.

.ws was selected because it’s one of only a few TLDs that allow emojis to be registered. Coke is spinning its choice of TLD as an abbreviation for “We Smile”.

This got me thinking: would emojis be something new gTLD registries could start to offer in order to differentiate themselves?

Coke’s emoji domains, it turns out, are just a form of internationalized domain name, like Chinese or Arabic or Greek.

Emoji symbols are in the Unicode standard and could therefore be converted to the ASCII-based, DNS-compatible Punycode under the hood in web browsers and other software.

One of Coke’s (smiley-face).ws domain names is represented as xn--h28h.ws in the DNS.

Unfortunately for gTLD registries, ICANN told DI last night that emojis are not permitted in gTLDs.

“Emoticons cannot be used as IDNs as these code points are DISALLOWED under IDNA2008 protocol,” ICANN said in a statement.

IDNA2008 is the latest version of the IETF standard used to define what Unicode characters can and cannot appear in IDNs.

RFC 5892 specifies what can be included in an IDNA2008 domain name, eliminating thousands of letters and symbols that were permissible under the old IDNA2003 standard.

These characters were ostensibly banned due to the possibility of IDN homograph attacks — when bad guys set up spoof web sites on IDNs that look almost indistinguishable from a domain used by, for example, a bank or e-commerce site.

But Unicode, citing Google data, reckons symbols could only ever be responsible for 0.000016% of such attacks. Most homograph attacks are much simpler, relying on for example the visual similarity of I and l.

Regardless, because IDNA2008 only allows Unicode characters that are actually used in spoken human languages, and because gTLD registries are contractually obliged to adhere to the IDNA2008 technical standards, emojis are not permitted in gTLDs.

All new gTLDs have to provide ICANN with a list of the Unicode code points they plan to support as IDNs when they undergo pre-delegation testing. Asking to support characters incompatible with IDNA2008 would result in a failed test, ICANN tells us.

ICANN does not regulate ccTLDs, of course, so the .ws registry is free to offer whatever domains it wants.

However, ICANN said that emoji domains are only currently supported by software that has not implemented the newer IDN protocol:

Emoticon domains only work in software that has not implemented the latest IDNA standard. Only the older, deprecated version of the IDNA standard allowed emoticons, more or less by accident. Over time, these domains will increasingly not work correctly as software vendors update their implementations.

So Coke, while winning brownie points for novelty, may have registered a bunch of damp squibs.

ICANN also told us that, regardless of what the technical standards say, you’d never be able to apply for an emoticon as a gTLD due to the “letters only” principle, which already bans numbers in top-level strings.

New ccTLDs may have to block name collisions

Kevin Murphy, January 26, 2015, Domain Registries

ICANN is thinking about expanding its controversial policy on name collisions from new gTLDs to new ccTLDs.

The country code Names Supporting Organization has been put on notice (pdf) that ICANN’s board of directors plans to pass a resolution on the matter shortly.

The resolution would call on the ccNSO to “undertake a study to understand the implications of name collisions associated with the launch of new ccTLDs” including internationalized domain name ccTLDs, and would “recommend” that ccTLD managers implement the same risk mitigation plan as new gTLDs.

Because ICANN does not contract with ccTLDs, a recommendation and polite pressure is about as far as it can go.

Name collisions are domains in currently undelegated TLDs that nevertheless receive DNS root traffic. In some cases, that may be because the TLDs are in use on internal networks, raising the potential of data leakage or breakages if the TLDs are then delegated.

ICANN contracts require new gTLDs to block such names or wildcard their zones for 90 days after launch.

Some new gTLD registry executives have mockingly pointed to the name collisions issue whenever a new ccTLD has been delegated over the last year or so, asking why, if collisions are so important, the mitigation plan does not apply to ccTLDs.

If the intent was to persuade ICANN that the collisions management framework was unnecessary, the opposite result has been achieved.

Here’s how the new number two new gTLD got so big so quick

Kevin Murphy, January 13, 2015, Domain Registries

Attentive DI readers will recall my journalistic meltdown last week, when I tried to figure out how the Chinese new gTLD .网址 managed to hit #2 in the new gTLD zone file size league table, apparently shifting a quarter of a million names in a week.

Well, after conversations with well-placed sources here at NamesCon in Las Vegas this week, I’ve figured it out.

.网址 is the Chinese for “.url”.

Its rapid growth — hitting 352,000 names today — can be attributed primarily to two factors.

First, these weren’t regular sales. The registry, Knet, which acquired original applicant Hu Yi last year, operates a keyword-based navigation system in China that predates Chinese-script gTLDs.

The company has simply grandfathered its keyword customers into .网址, I’m told.

The keyword system allows Latin-script domains too, which explains the large number of western brands that appear in the .网址 zone.

The second reason for the huge bump is the fact that many of the domains are essentially duplicates.

Chinese script has “traditional” and “simplified” characters, and in many cases domains in .网址 are simply the traditional equivalents of the simplified versions.

I understand that these duplicates may account for something like 30% of the zone file.

I’ve been unable to figure out definitively why the .网址 Whois database appeared to be so borked.

As I noted last week, every domain in the .网址 space had a Knet email address listed in its registrant, admin and technical contact fields.

It seems that Knet was substituting the original email addresses with its own when Whois queries were made over port 43, rather than via its own web site.

Its own Whois site (which doesn’t work for me) returned the genuine email addresses, but third-party Whois services such as DomainTools and ICANN returned the bogus data.

Whether Knet did this by accident or design, I don’t know, but it would have almost certainly have been a violation of its contractual commitments under its ICANN Registry Agreement.

However, as of today, third-party Whois tools are now returning the genuine Whois records, so whatever the reason was, it appears to be no longer an issue.

The new massive number two new gTLD has me paralyzed with confusion

Kevin Murphy, January 8, 2015, Domain Registries

The Chinese-script gTLD .网址 powered to the number two spot in the new gTLD rankings by zone file size this week, but it’s doing some things very strangely.

.网址 is Chinese for “.site”, “.url” or “.webaddress”.

The registry is Hu Yi Global, ostensibly a Hong Kong-based registrar but, judging by IANA’s records, actually part of its Beijing-based back-end Knet.

I’m going to come out and admit it: even after a few hours research I still don’t know a heck of a lot about these guys. The language barrier has got me, and the data is just weird.

These are the things I can tell you:

  • .网址 has 352,727 domains in its zone file today, up by about a quarter of a million names since the start of the week.
  • The names all seem to be using knet.cn name servers
  • I don’t think any of them resolve on the web. I tried loads and couldn’t find so much as a parking page. Google is only aware of about eight resolving .网址 pages.
  • They all seem to have been registered via the same Chinese registrar, which goes by the name of ZDNS (also providing DNS for the TLD itself).
  • They all seem to be registered with “nameinfo@knet.com” in the email address field for the registrant, admin and technical contacts in Whois, even when the registrants are different.
  • That’s even true for dozens of famous trademarks I checked — whether it’s the Bank of China or Alexander McQueen, they’re all using nameinfo@knet.cn as their email address.
  • I’ve been unable to find a Whois record with a completed Registrant Organization field.
  • Nobody seems to be selling these things. ZDNS (officially Internet Domain Name System Beijing Engineering Research Center) is apparently the only registrar to sell any so far and its web site doesn’t say a damn thing about .网址. The registry’s official nic.网址 site doesn’t even have any information about how to buy one either.
  • ZDNS hasn’t sold a single domain in any other gTLD.
  • News reports in China, linked to from the registry’s web site, boast about how .网址 is the biggest IDN TLD out there.

So what’s going on here? Are we looking at a Chinese .xyz? A bunch of registry-reserved names? A seriously borked Whois?

Don’t expect any answers from DI today on this one. I’ve been staring at Chinese characters for hours and my brain is addled.

I give up. You tell me.

Pinyin to beat IDN? .wang ready to overtake .在线

The .wang gTLD has seen great success, relatively, in its first week of general availability, crossing the 30,000 mark yesterday and entering the top 10 new gTLDs by registration volume.

At its current rate of growth, the Zodiac Holdings domain is going to overtake .在线, the highest-ranking Chinese gTLD so far, this week.

.wang went to GA June 30. After its initial spike, it’s added one to two thousand names per day and, with 31,011 names today, currently sits at 9th place in the new gTLD program’s league table.

That’s a whisker behind TLD Registry’s .在线 (“.online”), which had a strong start when it launched at the end of April but has since plateaued at around 33,000 names, adding just a handful each day.

A skim through the zone files reveals that the vast majority of the names in .wang appear to be, like .wang itself, Pinyin — the official Latin-script transliterations of Chinese-script words.

.wang, which would be “网” in Chinese script, means “net”.

To pluck a couple of names from the zone at random, I see tanpan.wang, which could mean something like “negotiation.net” and xingshi.wang, which may or may not mean “shape.net”.

I suspect that many of the registered domains are personal names rather than dictionary words. Wang is a popular surname in China.

The vast majority of the names also appear to be registered via China-based registrars, some of which are promoting the TLD strongly on their home pages.

There certainly appears to be a lot of domainer activity in .wang, but I haven’t seen anything yet to suggest a massive orchestrated effort that would throw out the numbers considerably.

Either way, I find it fascinating that a Latin transliteration of a Chinese word seems set to out-perform the actual Chinese IDNs currently on the market.