Wow. Somebody actually did it.
CITIC, China’s biggest conglomerate, has started redirecting its established .com domain to its new dot-brand gTLD, .citic.
Almost everyone reading this post will agree that as a memorable, attractive domain it’s a step backwards.
But CITIC does seem to be the first dot-brand to make the leap from .com to dot-brand with both feet, and it seems to have done so with little to no penalty to its Google ranking (at least as far as searches for its company name go).
A Google search for “citic” here returns limited.citic as the third result, behind Wikipedia and one of CITIC’s sister companies.
The original citic.com doesn’t appear in the top results.
The company also has ranking for group.citic, one of the five second-level names active in the .citic zone file right now.
It’s not the first dot-brand to launch a web site at its new gTLD — destination.monash and annualreport.axa spring to mind — but it does seem to be the first to throw away its .com completely.
CITIC does not appear to have activated its matching Chinese-script gTLD, .中信, in the same way, however. Only nic.中信 appears in search results for sites under that TLD.
Thanks to Jothan Frakes of NamesCon for the tip.
A number of companies have experienced errors on their networks due to collisions with a newly introduced gTLD.
The initial outcry from victims can be characterized as a storm of profanity, which it could be argued is a good thing for security but not great for ICANN’s reputation.
The collisions, which I believe are the first to be publicly and widely reported, are due to Google’s new gTLD .prod, which was delegated September 1.
Google intends to use the TLD as a shorthand for “product”, but it seems some companies use it internally to mean “production”, meaning production servers rather than testing or development servers.
Issues started being reported on online fora on September 3, with Google unfairly bearing the brunt of the initial blame. Here are a few of the earliest examples from Twitter:
Hey Google, fuck you for making .prod a valid TLD, what the fuck is wrong with you
— eesperan (@eesperan) September 3, 2014
anyone else having fun name resolution issues because of the new .prod tld google just put online? http://t.co/jq104uAym0
— Chris Johnson (@point9repeating) September 3, 2014
— Allan Parsons (@allanparsons) September 3, 2014
— jeremy avnet (@brainsik) September 3, 2014
A day later, Reddit user “cunttard”, under a post entitled “Fuck Google”, wrote:
Google recently activated prod. TLD.
They also decided to wildcard DNS all entries to 127.0.53.53 to resolve name collisions for internal organisations. All because they wanted .prod for product? Why not fucking request .product?
The implications have been fucking horrendous. I am in the process of helping a mate unfuck his organisations DNS, which heavily relied on resolver search $FQDN to map xyz.prod to xyz.prod.$FQDN. Note this wasn’t even used as an internal TLD. Now they’re all resolving short names to 127.0.53.53. Lesson learnt; always use FQDN everywhere.
I’m just fucking sick of ICANN / Google continuing to fuck DNS.
LinuxQuestions user “fantasygoat” started a thread entitled “New tLD .prod is messing with my configs”, in which he wrote:
I used to be able to refer to just the subdomain in a DNS lookup, like “www1.prod” and it would know I meant “www1.prod.example.com”, my local domain. I’ve been using prod.example.com for decades as the production subdomain for various things.
Now it resolves to 127.0.53.53, which I believe is ICANN’s hack DNS answer for tLDs.
So, I have a bunch of config files without the domain name and it’s messing stuff up. Does anyone have a workaround so I can have my DNS respond to .prod requests as a subdomain of my domain?
I’ve found a couple of other examples on various mailing lists and web forums with systems administrators experiencing similar issues over the last week.
In each reported case of a .prod collision I’ve been able to find, the admin either had already worked out that he needed to use a fully-qualified domain name (eg www.prod.example.com instead of www.prod) or was swiftly advised to do so by those responding to his post.
Most seem to have spotted that instead of returning NXDOMAIN errors, Google is returning the IP address 127.0.53.53, which was chosen because it’s an internal IP and because 53 is the TCP/IP port number for DNS.
Diverting to 127.0.53.53 is designed to catch the eye, alerting admins to the need to correctly configure their networks.
It certainly seems to be doing that, but it’s not winning ICANN or new gTLD registries any new friends.
Nobody has yet reported death or injury due to a collision.
Update: There has been one previously reported collision, concerning .guru.
While many members of the community are getting upset about the plan to make it harder for ICANN’s board to overrule GAC advice, today we got a reminder that the board is not the GAC’s lapdog.
The New gTLD Program Committee is standing firm on the way it creatively reinterpreted Governmental Advisory Committee advice to make it less punishing on a few dozen new gTLD registries.
The NGPC passed a resolution on Monday approving an updated scorecard to send to the GAC. ICANN chair Steve Crocker delivered it to GAC chair Heather Dryden yesterday.
A “GAC scorecard” is a table of the GAC’s demands, taken from the formal advice it issues at the end of each public meeting, with the NGPC’s formal responses listed alongside.
The latest scorecard (pdf) addresses issues raised in the last five ICANN meetings, dating back to the Beijing meeting in April 2013.
The issues mainly relate to the GAC’s desire that certain new gTLDs, such as those related to regulated industries, be locked down much tighter than many of the actual applicants want.
One big point of contention has been the GAC’s demand that registrants in gTLDs such as .attorney, .bank and .doctor should be forced to provide a relevant licence or other credentials at point of sale.
The GAC’s exact words, from its Beijing communique (pdf), were:
At the time of registration, the registry operator must verify and validate the registrants’ authorisations, charters, licenses and/or other related credentials for participation in that sector.
However, when the NGPC came up with its first response, in November last year, it had substantially diluted the advice. The creative reinterpretation I mentioned earlier read:
Registry operators will include a provision in their Registry-Registrar Agreements that requires Registrars to include in their Registration Agreements a provision requiring a representation that the Registrant possesses any necessary authorisations, charters, licenses and/or other related credentials for participation in the sector associated with the Registry TLD string.
In other words, rather than presenting your medical licence to a registrar when buying a .doctor domain, registrants would merely assert they have such a licence on the understanding that they could lose their domain if they fail to present it on demand in future.
The GAC, which isn’t entirely stupid, spotted ICANN’s reimagining of the Beijing communique.
At the Singapore meeting this March, it issued a list of passive-aggressive questions (pdf) for the NGPC, noting that its Beijing advice had been “amended” by the board and wondering whether this would lead to “greater risks of fraud and deception” in new gTLDs.
ICANN’s response this week is quite lengthy.
The NGPC said it had “to balance many competing positions” when figuring out how to respond to the Beijing communique, and that it tried “to address all of the completing concerns in a way that respected the spirit and intent of the GAC’s advice.”
The committee gives a number of examples (starting on page 15 of this PDF) explaining why the GAC’s original demands would be unreasonably burdensome not only on registries and registrars but also on registrants.
Here’s one example:
consider a potential registrant that is a multinational insurance company seeking to register a domain name in the .insurance TLD. Suppose the multinational insurance company has locations in over 30 countries, including the United States and Kenya. If the potential registrant insurance company attempts to register a domain name in the .insurance TLD, would that trigger an obligation to verify and validate its credentials, licenses, charters, etc. in the location of its headquarters, or all of the places around the globe where it does business. Is it realistic for a Registry Operator or Registrar to have the knowledge and expertise to determine precisely what credentials or authorizations are required in every country around the world (and in every city, county or other political division if those political subdivisions also require credentials [e.g. in the United States, insurance is primarily regulated at the state level and require a license in each of the 50 states])?
The short version is that the NGPC isn’t budging on this particular issue.
Rather than backpedaling, it’s giving the GAC the reasons it disagreed with its advice and explaining how it attempted to at least comply with the spirit, if not the letter, of Beijing.
As far as I can tell, that seems to be the case in each of the 39 items in the new scorecard — explanation not capitulation. Read the full thing here.
The European Broadcasting Union is likely to win the right to the .radio new gTLD, beating three portfolio applicants, after a favorable Community Priority Evaluation.
The main reason the EBU managed to score a passing 14 out of 16 points in the CPE is that there was no significant objection to the EBU’s bid on the public record.
The EBU managed to win, under ICANN’s complex scoring system, despite the fact that the CPE panel ruled that no one entity, not even the EBU, can claim to represent the “radio” community.
The win means that Donuts, Afilias and BRS Media, which all applied for open .radio gTLDs, will likely have to withdraw their bids and leave .radio in the hands of the EBU’s more restrictive policies.
The EBU’s bid envisages a post-registration enforcement regime, in which registrants’ web sites and Whois records are vetted to ensure they have a community “nexus” and are using their domains in the spirit of the community.
Registrants would have to provide a statement of their usage intent at the point of registration.
Domain investors are explicitly not welcome in the TLD, judging by the EBU’s application.
The EBU, as mentioned, scored 14 out of 16 points in the CPE. The threshold to pass is 14.
As I’ve been saying for years, passing a CPE should be very difficult because applicants can immediately lose two points if there’s any decent opposition to their applications.
The other three applicants for .radio could have easily beaten back the EBU had they managed to effectively organize just a single significant member of the radio community against the EBU’s bid.
However, they failed to do so.
The EBU scored the maximum of two points under the “Opposition” part of the CPE, because, in the words of the panel:
To receive the maximum score for Opposition, the application must not have received any opposition of relevance. To receive a partial score for Opposition, the application must have received opposition from, at most, one group of non-negligible size.
The application received letters of opposition, which were determined not to be relevant, as they were (1) from individuals or groups of negligible size, or (2) were not from communities either explicitly mentioned in the application nor from those with an implicit association to such communities.
Donuts, Afilias and BRS Media all submitted comments in opposition to the EBU application. As competing applicants, these submissions were (probably correctly) disregarded by the panel.
There were a small number of other objecting comments on the record that the CPE panel (again probably correctly) chose to disregard as coming from organizations of negligible size.
A third comment came from the Webcaster Alliance, a group that made a bit of a name for itself a decade ago but which today has a one-page web site that doesn’t even list its members (assuming it has any).
Attempts by BRS Media, which already runs .am and .fm, to orchestrate a campaign of opposition seem to have failed miserably.
In short, the panel’s decision that there was no relevant, on-the-record opposition seems to be on pretty safe ground.
What’s slightly disturbing about the CPE is that the panel seems to have decided that the EBU does not actually represent the radio community as described in its application.
It dropped one point on the “Community Establishment” criteria, and another on the “Nexus between Proposed String and Community” criteria.
Specifically, it lost a point because, as the panel stated:
Based on information provided in the application materials and the Panel’s research, there is no such entity that organizes the community defined in the application. Therefore, as there is no entity that is mainly dedicated to the community as defined in the .RADIO application, as the Panel has determined, there cannot be documented evidence of community activities.
In other words, there may be a “radio community”, but nobody, not even the EBU, is responsible for organizing it.
It also lost a point because while the string “radio” does “identify” the community, it does not “match” it.
The panel explained:
To receive the maximum score for Nexus, the applied-for string must “match” the name of the community or be a well-known short-form or abbreviation of the community name. To receive a partial score for Nexus, the applied-for string must “identify” the community. “Identify” means that the applied-for string should closely describe the community or the community members, without over-reaching substantially beyond the community.
Failing to get full marks on community and nexus would usually, in my view, indicate that an application would not succeed in its CPE bid.
However, the lack of any outcry from significant members of the community (either because there was no such opposition or the three rival applicants failed to muster it) seems set to allow .radio to be managed by the applicant with the most restrictive policies.
Poor GA-day results from .global are being blamed on registrars being swamped by a cluster of new gTLD launches occurring in close proximity.
Dot Global added 1,074 domains in the first seven hours of .global’s general availability, bringing its zone to 1,637 names in total.
CEO Rolf Larsen told us the number of registrations yesterday was actually closer to 1,200.
The numbers aren’t great for a first day, considering that .global is in place at about 80 registrars, but Larsen said that the lack of a long runway of pre-registrations was to blame.
“We are not unhappy with the 1,200, but unhappy to not have had months of pre-regs to make that number higher,” he said.
“Most registrars don’t even do pre-regs,” he said. “Those who do have had a hard time keeping up with all the launches. Our launch was in a very busy period, so difficult to get on board with all those registrars early. Some, including GoDaddy did pre-regs for us, but over just a few weeks instead of months like with many other launches.”
Go Daddy was the biggest registrar yesterday, he said.
Dot Global has a number of plans to increase its marketing over the coming weeks and months, by itself and in conjunction with its registrar partners.
These plans include broad promotions to registrars’ existing customer bases as well as targeted mailings to companies that already have the word “global” at the second level of their domains.