Latest news of the domain name industry

Recent Posts

One year on, Namecheap still fighting aborted .org takeover and may target GoDaddy and Donuts next

Kevin Murphy, February 5, 2021, Domain Registrars

Even though Ethos Capital’s proposed takeover of Public Interest Registry was rejected last May, registrar Namecheap is still doggedly pursuing legal action against ICANN’s handling of the deal, regardless.

The Independent Review Process complaint filed last February is still active, with Namecheap currently fighting a recent ICANN motion to dismiss the case.

The company is also demanding access to information about GoDaddy’s acquisition of Neustar and Donuts’ acquisition of Afilias, and is threatening to file separate actions related to both those deals.

Namecheap has essentially two beefs with ICANN. First, that it should not have lifted price caps in its .org, .biz and .info registry contracts. Second, that its review of Ethos’ bid for PIR lacked the required level of transparency.

ICANN’s trying to get the IRP complaint thrown out on two fairly simple grounds. First, that Namecheap lacks standing because it’s failed to show a lack of price caps have harmed it. Second, that it rejected the PIR acquisition, so Namecheap’s claims are moot.

In its motion to dismiss (pdf), its lawyers wrote:

Namecheap’s entire theory of harm, however, is predicated on the risk of speculative future harm. In fact, nearly every explanation of Namecheap’s purported harm includes the words “may” or “potential.” Namecheap has not identified a single actual, concrete harm it has suffered.

Namecheap’s claims related to the Change of Control Request should be dismissed because ICANN’s decision not to consent to the request renders these claims moot
and, separately, Namecheap cannot demonstrate any harm resulting from this decision.

In December, Namecheap had submitted as evidence two analyses of its business prospects in the event of registry price increases, one compiled by its own staff, the other prepared by a pair of outside expert economists.

While neither shows Namecheap has suffered any directly quantifiable harm, such as a loss of revenue or customers, Namecheap argues that that doesn’t matter and that the likelihood of future harm is in fact a current harm.

A mere expectation of an increase in registry prices is sufficient to show harm. This is because such expectation reduces Namecheap’s expected profits and its net present value.

It further argues that if Namecheap was found to not have standing, it would give ICANN the ability to evade future IRP accountability by simply adding a 12-month delay to the implementation of controversial decisions, pushing potential complainants outside the window in which they’re able to file for IRP.

On the PIR change of control requests, Namecheap says it’s irrelevant that ICANN ultimately blocked the Ethos acquisition. The real problem is that ICANN failed in its transparency requirements related to the deal, the company claims.

The fact that ICANN withheld its consent is no excuse for refusing to provide full transparency with respect to the actions surrounding the proposed acquisition and ICANN’s approval process. Namecheap’s claims relate to the non-transparent process; not the outcomes of such process. Irrespective of the outcome, lack of transparency increases the level of systemic risk in Namecheap’s business environment.

How did ICANN come to its decision? Was an imminent request for a change of control known to ICANN, when it took the decision to remove the price control provisions? What was discussed in over 30 hours of secret meetings between ICANN org and the Board? What discussions took place between ICANN, PIR and other entities involved? All these questions remain unanswered

Namecheap refers to two incidents last year in which ICANN hid its deliberations about industry acquisitions by conducting off-the-books board discussions.

The first related to the PIR deal. I called out ICANN for avoiding its obligation to provide board meeting minutes in a post last May.

The second relates to the board’s consideration of Donuts’ proposed (and ultimately approved) acquisition of Afilias last December. Again, ICANN’s board discussed the deal secretly prior to its official, minuted December 17 meeting, thereby avoiding its transparency requirements.

In my opinion, this kind of bullshit has to stop.

Namecheap is also now threatening to bring the Afilias deal and GoDaddy’s acquisition of Neustar’s registry business last April into the current IRP, or to file separate complaints related to them, writing in its response to ICANN’s motion (pdf):

Namecheap seeks leave to have ICANN’s actions and inactions regarding its consideration of the Neustar and Afilias changes of control reviewed by this IRP Panel. If, per impossibile such leave is not granted, Namecheap reserves all rights to initiate separate proceedings on these issues.

The deals are similar because both involve the change of control of legacy gTLD contractors with millions of domains under management that have recently had their price caps lifted — Afilias ran .info and Neustar ran .biz.

Verisign increases focus on .com after flogging public DNS to Neustar

Kevin Murphy, November 3, 2020, Domain Registries

Neustar has taken another nibble at former archrival Verisign, buying the company’s public DNS resolution service.

The companies announced yesterday that Neustar has acquired Verisign Public DNS, and will incorporate it into its existing UltraDNS Public service.

The deal means that several IP addresses used to provide the services will transition to Neustar, so end users don’t need to make any changes.

Recursive DNS services are often used by people or organizations that, for whatever reason, don’t trust their ISP to treat their browsing records confidentially.

Big players in the market include Google, Cloudflare, and Cisco’s OpenDNS.

Signing up for such services is usually free — users simply reconfigure their devices to point their DNS resolution to a provider’s IPs.

Providers get greater insight into network activity that they can use to boost their paid-for enterprise security services, and they sometimes monetize NXDOMAIN (non-existing domain) landing pages.

No monetary value was put on the deal.

“Verisign is committed to focusing on its core mission of providing critical internet infrastructure, including Root Zone management, operation of 2 of the 13 global internet root servers, operation of .gov and .edu, and authoritative resolution for the .com and .net top-level domains, which support the majority of global e-commerce,” Verisign senior VP Eb Keshavarz, said in a press release.

That quote buries the lede, of course — operating .com and .net is the only activity listed that makes Verisign any money, and now it’s pretty much the only thing Verisign does.

Neustar acquired Verisign’s security services business, including its fee-paying recursive DNS customers, two years ago.

Neustar is of course no longer competing with Verisign in the registry services market, having sold that business to GoDaddy earlier this year. It’s now GoDaddy Registry.

GoDaddy could lose control of .co this week

Kevin Murphy, September 8, 2020, Domain Registries

It looks like GoDaddy’s recently acquired .co registry could lose formal control of the ccTLD this week.

ICANN’s board of directors has “Transfer of the .CO (Colombia) top-level domain to the Ministry of Information and Communications Technologies” on its agenda for its meeting this Thursday.

Since 2009, IANA record for .co shows the Colombian company .CO Internet as the sponsor, admin contact and tech contact.

.CO Internet was acquired by Neustar for $109 million in 2014. Neustar’s registry business, including the .co contract, was acquired by GoDaddy earlier this year. Most of .CO Internet’s original staff are still with the company.

GoDaddy now has the contract to run .co for the next five years, but as a service provider rather than having full administrative control of the TLD.

A redelegation to the Colombian ministry will not affect that contract, and in fact seems to have been envisaged by it.

Back in April when the renewal was announced, MinTIC said it would in future “be in charge of its [.co’s] administration through a group dedicated to Internet governance with technical personnel with knowledge and ability to manage and administer the domain”.

The new deal also sees Colombia receive 81% of the profits from .co, compared to the 6-7% it received under the old deal.

Assuming the ICANN board gives the redelegation the nod this week, it usually only takes IANA a day or two to make the appropriate updates to its registry.

Three big registries will take down opioid domains for US govt

Verisign, Public Interest Registry and Neustar (now part of GoDaddy) will suspend domain names being used to illegally sell opioids under a pilot scheme with the US government.

The Food and Drug Administration announced this week that this new “trusted notifier” program will go into effect for 120 days.

When the FDA finds a site suspected of selling opioids illegally, it will notify the registry as well as the web site’s owner and hosting provider.

The registries will then be able to decide whether to suspend the domain or not. It’s voluntary.

The National Telecommunications and Information Administration will also take part in the project.

Verisign runs .com and .net, PIR runs .org and Neustar runs .us, .co and .biz.

Opioids are legal, pharmaceutical pain-killers derived from opium. They’re ridiculously addictive and account for as many drug overdose deaths in the US as heroin, but are over-prescribed by US doctors.

It’s not the first time registries have agreed to trusted notifier programs. Some new gTLD registries have deals with the movie and music industries to suspend domains involved in copyright infringement.

The announcement comes just a few weeks after ICANN rejected a deal that would have seen PIR create a community oversight body with responsibilities to monitor domain-suspension policies in .org.

End of the road for Neustar as GoDaddy U-turns again and buys out its registry biz

GoDaddy has changed its mind about the registry side of the industry yet again, and has acquired the business of Neustar, one of the largest and oldest registries.

The deal will see GoDaddy purchase, for an undisclosed sum, all of Neustar’s registry assets, amounting to 215 TLDs and about 12 million domains.

It means the gTLD .biz is now under the new GoDaddy Registry umbrella, as are the contracts to run the ccTLDs .us, .in, and .co, 130 dot-brand gTLDs and 70 open gTLDs.

Neustar’s registry staff are also being taken on.

“We’re bringing the whole team aboard. One of the things we’re very excited about is bringing the team aboard,” Andrew Low Ah Kee, GoDaddy’s chief operating officer, told DI today.

He added that, due to coronavirus job insecurities wracking many minds right now, GoDaddy has promised its entire workforce that there will be no layoffs in the second quarter.

Nicolai Bezsonoff, currently senior VP of Neustar’s registry business, will run the new unit. He said for him the opportunity for “innovation” was at the heart of the deal.

“We’ve always been one step removed from the customer, so it can be hard to understand what customer wants to do,” he said. “This gives us huge customer insight into what customers want and how they want to use domains.”

Pressed for hypothetical examples of innovation, Bezsonoff floated ideas about selling domains for partial-year periods, or doing more to crack down on DNS abuse.

The deal is an example of “vertical integration”, which has been controversial due to the potential risk of a dominant registry playing favorites with its in-house registrar, or vice versa.

While registries such as Donuts, CentralNic and until recently Uniregistry vertically integrated with little complaint, the industry is currently nervous about Verisign’s newfound ability under its ICANN contract to own and run a registrar.

Because GoDaddy is the Verisign — the runaway market leader — of the registrar side of the industry, one might expect this deal (expected to close this quarter) to get more scrutiny than most.

But the company says it’s going to “strictly adhere to a governance model that maintains independence between the GoDaddy registry and registrar businesses”.

Low Ah Kee said that this means the registry and registrar “won’t share any information that gives or appears to given any unfair advantage” to the GoDaddy registrar, that their business performance will be assessed separately, and that they’ll be audited to make sure they’re not breaking this separation.

If GoDaddy appears to be preemptively expecting criticism, there’s a good reason why: the proposed acquisition of .org manager PIR by private equity group Ethos Capital has caused huge upset in recent months, and there are some parallels here.

First, like .org, pricing restrictions were lifted in Neustar’s .biz under a contract renewal with ICANN last year. It fell under the radar a little as .biz is substantially smaller, not a legacy gTLD as such, and not widely used.

Like the .org deal, the transfer of control of .biz will also be subject to ICANN’s approval before GoDaddy and Neustar can seal the deal.

Could we be looking at another big public fight over a gTLD acquisition?

But unlike Ethos with .org, GoDaddy says it has no intention of raising prices with .biz.

“We will not be raising prices, in fact we will look into reducing prices for some TLDs,” Bezsonoff said.

One TLD where one assumes prices won’t be going down is .co, where Neustar has just had its margins massively slashed by the Colombian government.

The acquisition was announced just days after the Colombian government announced that it has renewed its contract with Neustar to run .co for another five years, but under financial terms hugely more favorable to itself.

Whereas the initial 10-year term saw the government being paid 6% to 7% of the .co take, that number has soared to 81%, making .co — arguably Neustar’s registry crown jewel — a substantially less-attractive TLD to manage.

One assumes that the acquisition price would have fluctuated wildly based on the outcome of the .co renegotiation, but the GoDaddy/Neustar execs I talked to today didn’t want to talk about terms.

GoDaddy’s history with the registry side of the business has been changeable.

As far as ICANN contract is concerned, it is already a registry because it owns the .godaddy dot-brand. But that’s currently unused, with the registry functions outsourced to — cough — Neustar’s arch-rival Afilias.

Given Neustar’s religious devotion to the dot-brand concept, and the weirdness of using one of your primary competitors for a key function, one might expect both of those situations to change.

GoDaddy did also apply for .casa and .home back in 2012, but changed its mind and abandoned both bids fairly early in the process.

The sudden excitement about the registry business today begs the question of why GoDaddy didn’t buy Uniregistry’s registry business at the same time as it bought its secondary market and registrar earlier this year, but apparently it was not for sale.

Following the acquisition, Neustar is keeping its DNS resolution services and GoDaddy will continue to use them, so Neustar is not entirely out of the domain game, but it looks like the end of the road for Neustar as a brand I regularly report on.

The registry started life in 2000 as “NeuLevel”, a joint-venture between Neustar and Aussie registrar Melbourne IT formed to apply to ICANN for new gTLDs. It wanted .web, but got .biz, which now has about 1.7 million names under management, down from a 2014 peak of 2.7 million.

Is the .co rebid biased toward Afilias? Yeah, kinda

Kevin Murphy, January 17, 2020, Domain Registries

The Colombian government has come under fire for opening up the .co registry contract for rebid in a way that seems predetermined to pick Afilias as the winner, displacing its fierce rival Neustar.

As I blogged in November, Colombia thinks it might be able to secure a better registry deal, so it plans to shortly open .co up to competitive proposals.

A company called .CO Internet, acquired by Neustar for $109 million in 2014, has been running the ccTLD for the last decade. There are currently around 2.3 million .co domains under management, according to Colombia.

With the renewal deadline looming, the government’s technology ministry, MinTIC, published an eyebrow-raising request for proposals last month.

What’s surprising about the RFP is that some of the four main technical performance criteria listed are so stringent that probably only two companies in the industry qualify — Verisign and Afilias, and so far Verisign has not been involved in the RFP process.

The companies that have been engaging with the government to date are Afilias, Neustar/.CO, Nominet, CentralNic and Donuts.

First, MinTIC wants a registry that’s had at least two million domains under management across its portfolio continuously for two years. All five registries qualify there.

Second, it wants a registry that’s been involved in the migration of a TLD of at least one million names, either as the gaining or losing back-end.

That immediately narrows the pack to just two of the five aforementioned registries — Neustar and Afilias.

Verisign would also qualify, if it’s in the bidding, but I suspect it’s not. Taking over .co would look like a “buy it to kill it” strategy, which would be horrible optics for the Colombian government.

There have only ever been three migrations over one million names, to my knowledge: the Verisign->Afilias .org transition of 2003, the Neustar->Afilias .au move of 2018, and last year’s Afilias->Neustar .in handover.

CentralNic, Nominet and Donuts have all moved numerous TLDs between back-ends, but with much smaller per-TLD domain volumes.

Third — and here’s the kicker — the successful .co bidder will have to show that it processes on average 25 million registry transactions — defined as “billable EPP (write) transactions, as well as all EPP search (read) transactions” — per day. (All of the RFP quotes in this post have been machine-translated from Spanish by Google and run by a few generous Spanish speakers for verification.)

The RFP is not entirely clear on what exact data points it’s looking at here, but my take is that qualifying transactions include, at an absolute minimum, attempts to create a domain, renew a domain, transfer a domain and check whether a domain is registered.

The vast majority of such transactions are in the check and create functions, and I believe a great deal of that activity relates to drop-catching, where registries are flooded with add requests for just-deleted domains.

Whichever way you split it, 25 million a day is a ludicrously high number. Literally only .com, which sees 2.3 billion checks and 1.5 billion adds per month, sees that kind of action.

According to Neustar, which actually runs .co, it only sees 6.4 million transactions per day on average. The requirement to handle 25 million a day is “exaggerated, unjustified and discriminatory” against Neustar, Neustar told MinTIC.

But the RFP allows for the bidding registries to spread their 25-million-a-day quota across all of the TLDs they manage, and this MAY sneak Afilias over the line.

I say MAY in big letters because I don’t believe the numbers that Afilias (and probably other registries too) reports to ICANN every month are reliable.

If you add up the reported, qualifying EPP transactions for September in Afilias’ top four legacy gTLDs — .org, .info, .mobi and .pro — you get to over 25 million per day.

But those same records show that, for example, .mobi, .pro and .info had exactly the same number of EPP availability checks that month — 215,988,497 each.

This is clearly bad data.

I reported on this issue last May, when ICANN’s Security and Stability Advisory Committee informed ICANN that major registries were providing “not reliable” or possibly “fabricated” data about port 43 Whois queries.

Afilias, which was one of the apparent offenders, told me at the time that it was addressing the issue with ICANN, but it does not yet appear to have fully fixed its reporting to enable TLD-by-TLD breakdowns of its registry activity.

It is of course quite possible, even very likely, that Afilias has on average more than 25 million qualifying EPP transactions per day, but how’s it going to prove that to the Colombian government when the numbers it reports under contract to ICANN are clearly unreliable?

It’s a little harder to determine whether Neustar would qualify under the 25-million transaction rule, because some of its largest zones are ccTLDs — .co, .in and .us — that do not publicly report this kind of data. Its comments to the RFP suggest it would not.

Numbers aside, I’ll note that there’s very probably an inherent bias towards legacy gTLD operators like Afilias and against relative newcomers such as CentralNic if you’re counting EPP transactions. As I noted above, a lot of these transactions are coming from drop-catch activity, which is more prevalent on larger, older TLDs where there are more dropping domains that are more likely to have existing backlinks and traffic.

The fourth technical requirement in the Colombian RFP that looks a bit fishy is the requirement that the new registry must have channel relationships with at least 10 of the largest 25 registrars, as listed by a web site called domainstate.com.

I can’t say I’ve looked at domainstate.com very often, if at all, but a quick look at its numbers for September strongly suggests to me that it does not count post-2012 new gTLD registrations in its registrar league table. One registrar with almost four million domains under management doesn’t even show up on the list. This arguably could give an advantage to a registry that plays strongly in legacy gTLDs.

That said, it’s probably an academic point — I don’t think any of the bidders for the .co contract would have difficulty showing that they have 10 of the top 25 registrars on board, whichever way you calculate that league table.

Cumulatively, these four technical hurdles have led some to suggest that Afilias has somehow steered MinTIC towards creating an RFP only it could win.

Apart from what I’ve discussed here, I’ve no evidence that is the case, and Afilias has not yet responded to my request for comment today.

Luckily for the bidding registries, the Columbian RFP has not yet been finalized. Comments submitted by the bidders and others are apparently going to be taken on board, so the barriers to entry for respondents could be lowered before bids are finally accepted.

MinTIC posted an update last night that extends the period that the RFP could run, and the transition period should Neustar lose the contract. A handover, should one happen at all, could now happen as late as February next year.

Neustar’s .co contract up for grabs

Kevin Murphy, November 6, 2019, Domain Registries

Colombia is looking for a registry operator for its .co ccTLD.

If you’re interested, and you’re reading this before noon on Wednesday November 6 and you’re at ICANN 66 in Montreal, hightail it to room 514A for a presentation from the Colombian government that will be more informative than this blog post.

Hurry! Come on! Move it!

The Ministry of Information Technology and Communications (MinTIC) has published a set of documents describing some of the plan to find a potentially new home for .co.

There doesn’t appear to be a formal RFP yet, but I gather one is imminent.

What the documents do tell us is that Neustar’s contract to run .co expires in February, and that MinTIC is looking into the possibility of a successor registry.

Currently, .co is delegated to .CO Internet, a Colombian entity that relaunched the TLD in 2010 and was acquired by Neustar for $109 million in 2014.

But under a law passed earlier this year, it appears as if MinTIC is taking over policy management for .co and may therefore seek IANA redelegation.

There’s no indication I could see that there’s a plan to reverse the policy of allowing anyone anywhere in the world to register a .co, indeed MinTIC seems quite proud of its international success.

The documents also give us the first glimpse for years into .co’s growth.

It had 2,374,430 names under management in September, after a couple of years of slowing growth. The documents state that .co had an average of 323,590 new regs per year for the first seven years, which has since declined to an average of 32,396.

.co is not the cheapest TLD out there, renewing at around $25 at the low end.

Radix acquires another gTLD

Kevin Murphy, October 7, 2019, Domain Registries

Radix has added the 10th new gTLD to its portfolio with an acquisition last month, bringing its total TLD stable to 11.

The company has acquired .uno from Missouri-based Dot Latin LLC for an undisclosed amount.

.uno, which of course means “one” in Spanish, has been around for over five years but has struggled to grow.

It’s current ranked as the 131st largest new gTLD, with 16,271 domains in its zone file. It peaked at about 22,000 about three years ago.

That said, it appears to have rather strong renewals, at least by Radix standards, with no evidence of relying on discounts or throwaway one-year registrations for growth.

.uno names can currently be obtained for roughly $12 to $20 per year.

Radix said its expects to migrate the TLD off its current Neustar back-end onto long-time registry partner CentralNic by “early 2020”.

The company appears to be excited that its only the second three-letter TLD in its portfolio.

It already runs .fun, along with the likes of .website, .tech and .online. It also runs .pw, the repurposed ccTLD for Palau.

.uno was Dot Latin’s only gTLD, though affiliated entity Dot Registry LLC signed its ICANN registry agreement for .llp (for “Limited Liability Partnership”) in August. That TLD has yet to launch.

Mystery .vu registry revealed

Kevin Murphy, August 13, 2019, Domain Registries

Neustar has been selected as the back-end domain registry operator for the nation of Vanuatu.

The company, and the Telecommunications Radiocommunications and Broadcasting Regulator, announced the appointment, which came after a competitive tender process between nine competing back-end providers, last night.

The ccTLD is .vu.

It’s unrestricted, with no local presence requirements, and currently costs $50 per year if you buy directly from the registry, Telecom Vanuatu Ltd (TVL).

Unusually, if you show up at TVL’s office in Vanuatu capital Port Vila, you can buy a domain for cash. I’ve never heard of that kind of “retail” domain name option before.

A handful of international registrars also sell the domains marked up, generally to over the $80 mark.

TVL was originally the sponsor of the ccTLD, but ICANN redelegated it to TRBR in March after Vanuatu’s government passed a law in 2016 calling for redelegation.

Under the deal, Neustar will take over the registry function from TVL after its 24 years in charge, bringing the .vu option to hundreds of other registrars.

Most registrars are already plugged in to Neustar, due to its operation of .us, .biz and .co. It also recently took over India’s .in.

There’s no public data on the number of domains under management, but Vanuatu is likely to have a much smaller footprint that Neustar’s main ccTLD clients.

It’s quite a young country, gaining independence from France and the UK in 1980, a Pacific archipelago of roughly 272,000 people.

Neustar expects the transition to its back-end to be completed September 30.

Neustar takes control of two new gTLDs

Kevin Murphy, August 12, 2019, Domain Registries

Neustar has started taking over former dot-brand new gTLDs belonging to its former clients.

It recently took control of .compare and .select, which previously belonged to Australian insurance company iSelect.

Neustar had been the back-end registry provider for both TLDs.

As previously blogged, iSelect abandoned its primary dot-brand, .iselect, in June.

That was despite that fact that it was actually in use, with domains such as home.iselect, news.iselect and careers.iselect all resolving to web sites.

Now, the generic dot-brands .compare and .select have been assigned to the blandly named Registry Services LLC, a new Neustar subsidiary.

They’re not the first examples of dictionary words functioning as dot-brands being repurposed as generics.

Notably, XYZ.com took over .monster from Monster.com and ShortDot bought .bond from Bond University.

Neustar has not yet announced its plans for its two new acquisitions.