Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
Amazon and Google among .internal TLD ban backers
Google and Amazon have publicly backed ICANN’s plan to reserve the top-level domain .internal for private behind-the-firewall uses.
ICANN picked the string “internal” as the one that it will promise to never delegate to the DNS root, allowing network administrators and software developers to confidently use it with a lower risk of data leakage should the TLD come under a registry’s control in future.
The public comment period over its choice is coming to a close tomorrow, with a generally supportive vibe coming from the 30-odd comments submitted so far.
Notably, tech giants Amazon and Google have both filed comments backing .internal, with both companies saying that they already use the TLD extensively for internal purposes (Google in its Cloud services) and that to allow it to be delegated in future would cause big problems.
Some commenters niggled that .internal is too long, and that something like .local or .lan, both already reserved, might be better. Others wondered why strings such as .corp or .home, which are already effectively banned due to the high risk of name collisions, were not chosen instead.
ICANN picks the domain it will never, ever release
ICANN has picked the TLD string that it will recommend for safe use behind corporate firewalls on the basis that it will never, ever be delegated.
The string is .internal, and the choice is now open for public comment.
It’s being called a “private use” TLD. Organizations would be able to use it behind their firewalls safe in the knowledge that it will never appear in the public DNS, mitigating the risk of public/private name collisions and data leakage.
.internal beat fellow short-lister .private to ICANN’s selection because it was felt that .private might lure people into a false sense of security.
While it’s unlikely that anyone was planning to apply for .internal as a commercial or brand gTLD in future, it’s important to note that when it makes it to the ICANN reserved list all confusingly similar strings will also be banned, under the current draft of the Applicant Guidebook.
So reserving .internal also potentially bans .internat, which Google tells me is the French word for a boarding school, or .internai, which is a possible brand for an AI for interns (yes, I’m grasping here, but you get my point).
The public comment period is open now and ends March 21.
.mail, .home, .corp hopefuls could get exit plan in January
The twenty remaining applicants for the gTLDs .corp, .home and .mail could get the option to bow out with a full refund as early as January.
The ICANN board of directors earlier this month discussed several options for how to treat the in-limbo applications, one of which was a refund.
According to minutes of its December 13 meeting:
Staff outlined some potential options for the Board to consider, which ranged from providing a full refund of the New gTLD Program application fee to the remaining .CORP, .HOME, and .MAIL applicants, to providing priority in subsequent rounds of the New gTLD Program if the applicants were to reapply for the same strings.
Applicants for these strings that already withdrew their applications for a partial refund were also discussed.
The three would-be gTLDs have been frozen for years, after a study showed that they receive vast amounts of error traffic already on a daily basis.
This means there would be likely a large number of name collisions with zones on private networks, should these strings be delegated to the authoritative root.
The ICANN board instructed the staff to draft some resolutions to be voted on at “a subsequent meeting”, suggesting directors are close to reaching a decision.
It seems possible a vote could even happen at a January meeting, given that the board typically meets up almost every month.
Refund “options” for in-limbo gTLD applicants?
ICANN may just be a matter of weeks away from giving applicants for the .mail, .corp and .home gTLDs an exit strategy from their four years in limbo.
Its board of directors on Thursday passed a resolution calling for staff to “provide options for the Board to consider to address the New gTLD Program applications for .CORP, .HOME, and .MAIL by the first available meeting of the Board following the ICANN60 meeting in Abu Dhabi”.
It’s possible this means the board could consider the matter before the end of the year.
Twenty remaining applications for the three strings have been on hold since they were identified as particularly risky in August 2013.
A study showed that all three — .home and .corp in particular — already experience vast amounts of erroneous DNS traffic on a daily basis.
This is due to so-called “name collisions”, which come about when a newly delegated TLD is actually already in use on corporate or public networks.
Many companies use .corp and .mail already behind their firewalls, a practice sometimes historically encouraged by commercial technical documentation, and .home is known to be used by some ISPs in residential and business routers.
Both of these scenarios and others can lead to DNS queries spilling out onto the public internet, which could cause breakage or data leakage.
The solution for all new gTLDs delegated to date has been to wildcard the entire zone with the message “Your DNS needs immediate attention” for a period before registrations are accepted.
This has led to some new gTLDs with far less collision traffic seeing small but notable pockets of outrage when delegated — Google’s .prod (used by some as an internal shorthand for “production”) in 2014.
Studies to date have concentrated on the volume of error traffic to applied-for gTLDs, but last Thursday the ICANN board kicked off a study that will look at what the real-world impact of name collisions in .mail, .corp and .home could be.
It’s tasked the Security and Stability Advisory Committee with carrying out the study in conjunction with related groups such as the IETF.
But this is likely to take quite a long time, so the board also resolved to think up “options” for the 20 affected applications.
Could the applicants be offered a full refund, as opposed to the partial one they currently qualify for? Could there be some kind of deferment option, such as that offered to unsuccessful 2000-round applicants? Either seems possible.
Security experts say ICANN should address collisions before approving more new TLDs
ICANN’s Security and Stability Advisory Committee has told ICANN it needs to do more to address the problem of name collisions before it approves any more new gTLDs.
In its latest advisory (pdf), published just before Christmas, SSAC says ICANN is not doing enough to coordinate with other technical bodies that are asserting authority over “special use” TlDs.
The SAC090 paper appears to be an attempt to get ICANN to further formalize its relationship with the Internet Engineering Task Force as it pertains to reserved TLDs:
The SSAC recommends that the ICANN Board of Directors take appropriate steps to establish definitive and unambiguous criteria for determining whether or not a syntactically valid domain name label could be a top-level domain name in the global DNS.
…
Pursuant to its finding that lack of adequate coordination among the activities of different groups contributes to domain namespace instability, the SSAC recommends that the ICANN Board of Directors establish effective means of collaboration on these issues with relevant groups outside of ICANN, including the IETF.
The paper speaks to at least two ongoing debates.
First, should ICANN approve .home and .corp?
These two would-be gTLDs were applied for by multiple parties in 2012 but have been on hold since August 2013 following an independent report into name collisions.
Names collisions are generally cases in which ICANN delegates a TLD to the public DNS that is already broadly used on private networks. This clash can result in the leakage of private data.
.home and .corp are by a considerable margin the two strings most likely to be affected by this problem, with .mail also seeing substantial volume.
But in recent months .home and .corp applicants have started to put pressure on ICANN to resolve the issue and release their applications from limbo.
The second incident the SSAC paper speaks to is the reservation in 2015 of .onion
If you’re using a browser on the privacy-enhancing Tor network, .onion domains appear to you to work exactly the same as domains in any other gTLDs, but under the hood they don’t use the public ICANN-overseen DNS.
The IETF gave .onion status as a “Special Use Domain“, in order to prevent future collisions, which caused ICANN to give it the same restricted status as .example, .localhost and .test.
But there was quite a lot of hand-wringing within the IETF before this status was granted, with some worrying that the organization was stepping on ICANN’s authority.
The SSAC paper appears to be designed at least partially to encourage ICANN to figure out how much it should take its lead from the IETF in this respect. It asks:
The IETF is an example of a group outside of ICANN that maintains a list of “special use” names. What should ICANN’s response be to groups outside of ICANN that assert standing for their list of special names?
For members of the new gTLD industry, the SSAC paper may be of particular importance because it raises the possibility of delays to subsequent rounds of the program if ICANN does not spell out more formally how it handles special use TLDs.
“The SSAC recommends that ICANN complete this work before making any decision to add new TLD names to the global DNS,” it says.
Verisign says new gTLDs put millions at risk
Verisign has revived its old name collisions security scare story, publishing this week a weighty research paper claiming millions are at risk of man-in-the-middle attacks.
It’s actually a study into how a well-known type of attack, first documented in the 1990s, might become easier due to the expansion of the DNS at the top level.
According to the paper there might be as many as 238,000 instances per day of query traffic intended for private networks leaking to the public DNS, where attackers could potentially exploit it to all manner of genuinely nasty things.
But Verisign has seen no evidence of the vulnerability being used by bad guys yet and it might not be as scary as it first appears.
You can read the paper here (pdf), but I’ll attempt to summarize.
The problem concerns a virtually ubiquitous protocol called WPAD, for Web Proxy Auto-Discovery.
It’s used by mostly by Windows clients to automatically download a web proxy configuration file that tells their browser how to connect to the web.
Organizations host these files on their local networks. The WPAD protocol tries to find the file using DHCP first, but fails over to DNS.
So, your browser might look for a wpad.dat file on wpad.example.com, depending on what domain your computer belongs to, using DNS.
The vulnerability arises because companies often use previously undelegated TLDs — such as .prod or .global — on their internal networks. Their PCs could belong to domains ending in .corp, even though .corp isn’t real TLD in the DNS root.
When these devices are roaming outside of their local network, they will still attempt to use the DNS to find their WPAD file. And if the TLD their company uses internally has actually been delegated by ICANN, their WPAD requests “leak” to registry or registrant.
A malicious attacker could register a domain name in a TLD that matches the domain the target company uses internally, allowing him to intercept and respond to the WPAD request and setting himself up as the roaming laptop’s web proxy.
That would basically allow the attacker to do pretty much whatever he wanted to the victim’s browsing experience.
Verisign says it saw 20 million WPAD leaks hit its two root servers every single day when it collected its data, and estimates that 6.6 million users are affected.
The paper says that of the 738 new gTLDs it looked at, 65.7% of them saw some degree of WPAD query leakage.
The ones with the most leaks, in order, were .global, .ads, .group, .network, .dev, .office, .prod, .hsbc, .win, .world, .one, .sap and .site.
It’s potentially quite scary, but there are some mitigating factors.
First, the problem is not limited to new gTLDs.
Yesterday I talked to Matt Larson, ICANN’s new vice president of research (who held the same post at Verisign’s until a few years ago).
He said ICANN has seen the same problem with .int, which was delegated in 1988. ICANN runs one of .int’s authoritative name servers.
“We did a really quick look at 24 hours of traffic and saw a million and a half queries for domain names of the form wpad.something.int, and that’s just one name server out of several in a 24-hour period,” he said.
“This is not a new problem, and it’s not a problem that’s specific to new gTLDs,” he said.
According to Verisign’s paper, only 2.3% of the WPAD query leaks hitting its root servers were related to new gTLDs. That’s about 238,000 queries every day.
With such a small percentage, you might wonder why new gTLDs are being highlighted as a problem.
I think it’s because organizations typically won’t own the new gTLD domain name that matches their internal domain, something that would eliminate the risk of an attacker exploiting a leak.
Verisign’s report also has limited visibility into the actual degree of risk organizations are experiencing today.
Its research methodology by necessity was limited to observing leaked WPAD queries hitting its two root servers before the new gTLDs in question were delegated.
The company only collected relevant NXDOMAIN traffic to its two root servers — DNS queries with answers typically get resolved closer to the user in the DNS hierarchy — so it has no visibility to whether the same level of leaks happen post-delegation.
Well aware of the name collisions problem, largely due to Verisign’s 11th-hour epiphany on the subject, ICANN forces all new gTLD registries to wildcard their zones for 90 days after they go live.
All collision names are pointed to 127.0.53.53, a reserved IP address picked in order to catch the attention of network administrators (DNS uses TCP/IP port 53).
Potentially, at-risk organizations could have fixed their collision problems shortly after the colliding gTLD was delegated, reducing the global impact of the vulnerability.
There’s no good data showing how many networks were reconfigured due to name collisions in the new gTLD program, but some anecdotal evidence of admins telling Google to go fuck itself when .prod got delegated.
A December 2015 report from JAS Advisors, which came up with the 127.0.53.53 idea, said the effects of name collisions have been rather limited.
ICANN’s Larson echoed the advice put out by security watchdog US-CERT this week, which among other things urges admins to use proper domain names that they actually control on their internal networks.
It’s official: new gTLDs didn’t kill anyone
The introduction of new gTLDs posed no risk to human life.
That’s the conclusion of JAS Advisors, the consulting company that has been working with ICANN on the issue of DNS name collisions.
It is final report “Mitigating the Risk of DNS Namespace Collisions”, published last night, JAS described the response to the “controlled interruption” mechanism it designed as “annoyed but understanding and generally positive”.
New text added since the July first draft says: “ICANN has received fewer than 30 reports of disruptive collisions since the first delegation in October of 2013. None of these reports have reached the threshold of presenting a danger to human life.”
That’s a reference to Verisign’s June 2013 claim that name collisions could disrupt “life-supporting” systems such as those used by emergency response services.
Names collisions, you will recall, are scenarios in which a newly delegated TLD matches a string that it is already used widely on internal networks.
Such scenarios could (and have) led to problems such as system failure and DNS queries leaking on to the internet.
The applied-for gTLDs .corp and .home have been effectively banned, due to the vast numbers of organizations already using them.
All other gTLDs were obliged, following JAS recommendations, to redirect all non-existent domains to 127.0.53.53, an IP address chosen to put network administrators in mind of port 53, which is used by the DNS protocol.
As we reported a little over a year ago, many administrators responded swearily to some of the first collisions.
JAS says in its final report:
Over the past year, JAS has monitored technical support/discussion fora in search of posts related to controlled interruption and DNS namespace collisions. As expected, controlled interruption caused some instances of limited operational issues as collision circumstances were encountered with new gTLD delegations. While some system administrators expressed frustration at the difficulties, overall it appears that controlled interruption in many cases is having the hoped-for outcome. Additionally, in private communication with a number of firms impacted by controlled interruption, JAS would characterize the overall response as “annoyed but understanding and generally positive” – some even expressed appreciation as issues unknown to them were brought to their attention.
There are a number of other substantial additions to the report, largely focusing on types of use cases JAS believes are responsible for most name collision traffic.
Oftentimes, such as the random 10-character domains Google’s Chrome browser uses for configuration purposes, the collision has no ill effect. In other cases, the local system administrators were forced to remedy their software to avoid the collision.
The report also reveals that the domain name corp.com, which is owned by long-time ICANN volunteer Mikey O’Connor, receives a “staggering” 30 DNS queries every second.
That works out to almost a billion (946,728,000) queries per year, coming when a misconfigured system or inexperienced user attempts to visit a .corp domain name.
ICANN Compliance probing Hunger Games domain
ICANN’s Compliance department is looking into whether Donuts broke the rules by activating a domain name for the forthcoming The Hunger Games movie.
Following up from the story we posted earlier today, ICANN sent DI the following statement:
We are well aware of this issue and are addressing it through our normal compliance resolution process. We attempt to resolve compliance matters through a collaborative informal resolution process, and we do not comment on what happens during the informal resolution phase.
At issue is whether Donuts allowed the movie’s marketers to launch thehungergames.movie before the new gTLD’s mandatory 90-day “controlled interruption” phase was over.
Under a strict reading of the CI rules, there’s something like 10 to 12 days left before Donuts is supposed to be allowed to activate any .movie domain except nic.movie.
Donuts provided the following statement:
This is a significant step forward in the mainstream usage of new domains. One of the core values of the new gTLD program is the promotion of consumer choice and competition, and Donuts welcomes this contribution to the program’s success, and to the promotion of the film. We don’t publicly discuss specific matters related to ICANN compliance.
I imagine what happened here is that Donuts got an opportunity to score an anchor tenant with huge visibility and decided to grasp it with both hands, even though distributor Lion’s Gate Entertainment’s (likely immovable) launch campaign schedule did not exactly chime with its own.
It may be a technical breach of the ICANN rules on name collisions — which many regard as over-cautious and largely unnecessary — but it’s not a security or stability risk.
Of course, some would say it also sets a precedent for other registries to bend the rules if they score big-brand backing in future.
Is The Hunger Games’ new .movie domain illegal?
Donuts may have launched its best new gTLD anchor tenant in violation of ICANN rules.
The company revealed earlier this week that The Hunger Games movies are using thehungergames.movie to promote the fourth and final installment of the wildly successful “trilogy”.
The domain name even features in the trailer for the film, which currently has over 1.7 million YouTube views.
But it has been claimed that Donuts activated the domain in the DNS two weeks before it was allowed to under its ICANN registry contract.
It boils down to “controlled interruption”, the controversial mechanism by which registries mitigate the risk of potentially harmful name collisions in the DNS.
Under ICANN’s rules for CI, for 90 days registries have to implement a wildcard in their zone file that redirects all domains other than nic.[tld] to 127.0.53.53 and your-dns-needs-immediate-attention.[tld].
“The Registry Operator must not activate any other names under the TLD until after the 90-day controlled interruption period has been completed,” the rules say, in bold text.
Donuts’ .movie was delegated on or around March 26, which means when thehungergames.movie was activated there were still about two weeks left on the .movie CI clock.
As far as I can tell from reading ICANN documentation on CI, there are no carve-outs for anchor tenants.
The .movie zone file has five other domains related to The Hunger Games in it — the only names other than nic.movie — but they don’t seem to resolve.
There’s no actual security or stability risk here, of course.
If .movie had used the old method of blocking a predefined list of identified name collisions, thehungergames.movie would not have even been affected — it’s not on .movie’s list of collisions.
However, if ICANN decides rules have been broken and Donuts is forced to deactivate the domain, it would be a painfully embarrassing moment for the new gTLD industry.
It can perhaps be hoped that ICANN’s process of investigating such things takes about two weeks to carry out.
I’ve contacted Donuts for comment and will provide an update if and when I receive any additional information.
New gTLD extortion? Registry asks Facebook for $35,000 to register its brand
More Chinese weirdness, or just plain old trademark owner extortion?
The registry for the new gTLD .top is asking Facebook to cough up $35,000 in order to defensively register one of its trademarks as a .top domain — probably facebook.top — according to a Facebook executive.
The registry’s demand — which some are cautiously likening to “extortion” — is linked to the release of name collision domains in .top, which is due to start happening today.
Nanjing, China-based registry Jiangsu Bangning Science & Technology runs the .top gTLD.
It has been in general availability since November 18 and currently has just shy of 40,000 names in its zone file, making it the 16th-largest new gTLD.
I haven’t checked whether they’re all legitimate buyer registrations, but given the shape the new gTLD industry is in right now I have my doubts.
From today, Jiangsu Bangning is running a month-long “Exclusive Registration Period”, according to ICANN records.
But Facebook domain manager Susan Kawaguchi today complained on an ICANN GNSO Council call that the registry had asked for $4,500 for a Sunrise period registration and now wants an extra RMB 180,000 ($30,000) because the desired domain is on its collisions block-list.
UPDATE: The registry says the price is just RMB 18,000. It blames a typo for the error.
I don’t know for sure what domain Facebook wants — I’ve reached out to Kawaguchi for clarification — but I rather suspect it’s facebook.top, which appeared on the list of 30,205 name collisions that Jiangsu Bangning was obliged by ICANN to block.
Name collisions are domains that were already receiving traffic prior to the launch of the new gTLD program. ICANN forces registries to block them for a minimum of 90 days in order to mitigate potential security risks.
According to the registry’s web site, Sunrise registrations cost RMB 18,000 per name per year. That’s about $3,000 a year for a defensive registration, a ridiculously high sum when compared to most new gTLDs.
There’s no mention on its site that I can find of the additional RMB 180,000 collision release fee, but Kawaguchi forwarded an email to the GNSO Council that strongly suggests that trademark owners with brands on the .top collisions list face the inexplicable extra $30,000.
Sunrise prices, just like regular general availability prices, are not controlled by ICANN in new gTLDs.
There are no rules I’m aware of governing pricing for collision names, nor am I aware of any registry costs that could justify a $30,000 fee to register one. A premium generic string may be worth that much, but asking that amount for a trademark smacks of extortion.
So, assuming this isn’t just a breakdown of communication, is the registry trying to screw Facebook in a targeted fashion, knowing it has deep pockets and a cybersquatting target painted on its back, or is it applying a $30,000 fee to every domain coming off its collisions list this week?
Facebook isn’t the only big tech company with its primary trademark on the list — Microsoft, Google, Twitter and Amazon also appear on it, along with many other famous brands.
Kawaguchi said she’s taken her complaint to ICANN Compliance.
Recent Comments