Latest news of the domain name industry

Recent Posts

Verisign and Afilias testing Whois killer

Kevin Murphy, October 25, 2017, Domain Tech

Verisign and Afilias have become the first two gTLD registries to start publicly testing a replacement for Whois.

Both companies have this week started piloting implementations of RDAP, the Registration Data Access Protocol, which is expected to usurp the decades-old Whois protocol before long.

Both pilots are in their very early stages and designed for a technical audience, so don’t expect your socks to be blown off.

The Verisign pilot offers a web-based, URL-based or command-line interface for querying registration records.

The output, by design, is in JSON format. This makes it easier for software to parse but it’s not currently very easy on the human eye.

To make it slightly more legible, you can install a JSON formatter browser extension, which are freely available for Chrome.

Afilias’ pilot is similar but does not currently have a friendly web interface.

Both pilots have rudimentary support for searching using wildcards, albeit with truncated result sets.

The two new pilots only currently cover Verisign’s .com and .net registries and Afilias’ .info.

While two other companies have notified ICANN that they intend to run RDAP pilots, these are the first two to go live.

It’s pretty much inevitable at this point that RDAP is going to replace Whois relatively soon.

Not only has ICANN has been practically champing at the bit to get RDAP compliance into its registry/registrar contracts, but it seems like the protocol could simplify the process of complying with incoming European Union privacy legislation.

RDAP helps standardize access control, meaning certain data fields might be restricted to certain classes of user. Cops and IP enforcers could get access to more Whois data than the average blogger or domainer, in other words.

As it happens, it’s highly possible that this kind of stratified Whois is something that will be legally mandated by the EU General Data Protection Regulation, which comes into effect next May.

Verisign confirms first price increase under new .net contract

Verisign is to increase the wholesale price of an annual .net domain registration by 10%, the company confirmed yesterday.

It’s the first in an expected series of six annual 10% price hikes permitted under its recently renewed registry agreement with ICANN.

The annual price of a .net registration, renewal, or transfer will go up from $8.20 to $9.02, effective February 1, 2018

If all six options are exercised, the price of a .net would be $15.27 by the time the current contract expires, including the $0.75 ICANN fee. It would be $14.52 without the ICANN fee.

The increase was confirmed by CEO Jim Bidzos as Verisign reported its second-quarter earnings yesterday.

For the quarter, Verisign saw net income go up to $123 million from $113 million a year ago, on revenue that was up 0.7% at $289 million.

It now has cash of $1.8 billion, up $11 million on a year ago.

It ended the quarter with 144.3 million .com and .net names in its registry, up 0.8% on last year and 0.68 million sequentially.

.net price increases approved

Verisign has been given the right to continue to raise the wholesale price of .net domains.

It now seems likely the price charged to registrars will top $15 by 2023.

ICANN’s board of directors at the weekend approved the renewal of the .net Registry Agreement, which gives Verisign the right increase its prices by 10% per year for the six years of the contract.

Assuming the company exercises all six options — and there’s no reason to assume it will not — the price of a .net would be $15.27 by the time the contract expires, $0.75 of which would be paid to ICANN in fees.

There was some negative public comment (pdf) about the increases, largely from domainers and those representing domainers, but the ICANN board saw nothing to persuade it to change the terms of the contract.

In notes appended to its resolution, the board stated:

the Board understands that the current price cap provisions in Verisign’s Registry Agreements, including in the .NET Registry Agreement, evolved historically to address various market factors in cooperation with constituencies beyond ICANN including the Department of Commerce. During the negotiations for the renewal, Verisign did not request to alter the pricing cap provisions, the parties did not negotiate these provisions and the provisions remain changed from the previous agreement. The historical 10% price cap was arguably included to allow the Registry Operator to increase prices to account for inflation and increased costs/investments and to take into account other market forces but were not dictated solely by ICANN.

(I assume the word “changed” in that quote should have read “unchanged”.)

Unlike contract renewals for other pre-2012 gTLDs, the .net contract does not include any of the new gTLD program’s rights protection mechanisms, such as the Uniform Rapid Suspension policy.

ICANN explained this disparity by saying these mechanisms are not consensus policies and that it has no right to impose them on legacy gTLD registry operators.

Verisign to keep price increase power under new .net contract

Kevin Murphy, April 21, 2017, Domain Registries

The wholesale price of a .net domain is likely to top $15 by 2023, under a proposed renewal of its ICANN contract revealed today.

ICANN-imposed price caps are staying in the new Registry Agreement, but Verisign retains the right to increase its fees by 10% in each of the six years of the deal’s lifespan.

But domain investors do have at least one reason to be cheerful — while the contract adds many features of the standard new gTLD registry agreement, it does not include a commitment to implement the Uniform Rapid Suspension anti-cybersquatting procedure.

The current .net annual fee charged to registrars is $8.95 — $8.20 for Verisign, $0.75 for ICANN — but Verisign will continue to be allowed to increase its portion by up to 10% a year.

That means the cost of a .net could hit $15.27 wholesale (including the $0.75 ICANN fee) by the time the proposed contract expires in 2023.

Verisign has form when it comes to utilizing its price-raising powers. It exercised all six options under its current contract, raising its share of the fee from $4.65 in 2011.

On the bright side for volume .net holders, the prices increases continue to be predictable. ICANN has not removed the price caps.

Also likely to cheer up domainers is the fact that there are no new intellectual property protection mechanisms in the proposed contract.

Several post-2000 legacy gTLDs have agreed to incorporate the URS into their new contracts, leading to outrage from domainer organization the Internet Commerce Association.

ICA is worried that URS will one day wind up in .com without a proper ICANN community consensus, opening its members up to more risk of losing valuable domains.

The fact that URS is not being slipped into the .net contract makes it much less likely to be forced on .com too.

But Verisign has agreed to several mostly technical provisions that bring it more into line with the standard 2012-round new gTLD RA.

For example, it appears that daily .net zone files will become accessible via ICANN’s Centralized Zone Data Service before the end of the year.

Verisign has also agreed to standardize the format of its data escrow, Whois and monthly transaction reports.

The company has also agreed to start discussions about handing .net over to an emergency back-end operator in the event it files for bankruptcy.

The current contract is due to expire at the end of June and the proposed new deal would kick in July 1.

It’s now open for public comment until June 13.

How .com became a restricted TLD

Verisign has been given approval to start restricting who can and cannot register .com and .net domain names in various countries.

Customers of Chinese registrars are the first to be affected by the change to the registry’s back-end system, which was made last year.

ICANN last week gave Verisign a “free to deploy” notice for a new “Verification Code Extension” system that enables the company to stop domains registered via selected registrars from resolving unless the registrant’s identity has been verified and the name is not on China’s banned list.

It appears to be the system Verisign deployed in order to receive its Chinese government license to operate in China.

Under Verification Code Extension, Verisign uses ICANN records to identify which registrars are based in countries that have governmental restrictions. I believe China is currently the only affected country.

Those registrars are able to register domains normally, but Verisign will prevent the names from resolving (placing them in serverHold status and keeping them out of the zone file) unless the registration is accompanied by a verification code.

These codes are distributed to the affected registrars by at least two verification service providers. Verisign, in response to DI questions, declined to name them.

Under its “free to deploy” agreement with ICANN (pdf), Verisign is unable to offer verification services itself. It must use third parties.

The company added the functionality to its .com and .net registry as an option in February 2016, according to ICANN records. It seems to have been implemented last July.

A Verisign spokesperson said the company “has implemented” the system.

The Verification Code Extension — technically, it’s an extension to the EPP protocol pretty much all registries use — was outlined in a Registry Services Evaluation Process request (pdf) last May, and approved by ICANN not long after.

Verisign was approved to operate in China last August in the first wave of gTLD registries to obtain government licenses.

Under Chinese regulations, domain names registered in TLDs not approved by the government may not resolve. Registrars are obliged to verify the identities of their registrants and names containing certain sensitive terms are not permitted.

Other gTLDs, including .vip, .club, .xyz .site and .shop have been granted approval over the last few months.

Some have chosen to work with registration gateway providers in China to comply with the local rules.

Apart from XYZ.com and Verisign, no registry has sought ICANN approval for their particular implementation of Chinese law.

Because Chinese influence over ICANN is a politically sensitive issue right now, it should be pointed out that the Verification Code Extension is not something that ICANN came up with in response to Chinese demands.

Rather, it’s something Verisign came up with in response to Chinese market realities. ICANN has merely rubber-stamped a service requested by Verisign.

This, in other words, is a case of China flexing market muscle, not political muscle. Verisign, like many other gTLD registries, is over-exposed to the Chinese market.

It should also be pointed out for avoidance of doubt that the Chinese restrictions do not apply to customers of non-Chinese registrars.

However, it appears that Verisign now has a mechanism baked into its .com and .net registries that would make it much easier to implement .com restrictions that other governments might choose to put into their own legislation in future.