Latest news of the domain name industry

Recent Posts

Is the .co rebid biased toward Afilias? Yeah, kinda

Kevin Murphy, January 17, 2020, Domain Registries

The Colombian government has come under fire for opening up the .co registry contract for rebid in a way that seems predetermined to pick Afilias as the winner, displacing its fierce rival Neustar.

As I blogged in November, Colombia thinks it might be able to secure a better registry deal, so it plans to shortly open .co up to competitive proposals.

A company called .CO Internet, acquired by Neustar for $109 million in 2014, has been running the ccTLD for the last decade. There are currently around 2.3 million .co domains under management, according to Colombia.

With the renewal deadline looming, the government’s technology ministry, MinTIC, published an eyebrow-raising request for proposals last month.

What’s surprising about the RFP is that some of the four main technical performance criteria listed are so stringent that probably only two companies in the industry qualify — Verisign and Afilias, and so far Verisign has not been involved in the RFP process.

The companies that have been engaging with the government to date are Afilias, Neustar/.CO, Nominet, CentralNic and Donuts.

First, MinTIC wants a registry that’s had at least two million domains under management across its portfolio continuously for two years. All five registries qualify there.

Second, it wants a registry that’s been involved in the migration of a TLD of at least one million names, either as the gaining or losing back-end.

That immediately narrows the pack to just two of the five aforementioned registries — Neustar and Afilias.

Verisign would also qualify, if it’s in the bidding, but I suspect it’s not. Taking over .co would look like a “buy it to kill it” strategy, which would be horrible optics for the Colombian government.

There have only ever been three migrations over one million names, to my knowledge: the Verisign->Afilias .org transition of 2003, the Neustar->Afilias .au move of 2018, and last year’s Afilias->Neustar .in handover.

CentralNic, Nominet and Donuts have all moved numerous TLDs between back-ends, but with much smaller per-TLD domain volumes.

Third — and here’s the kicker — the successful .co bidder will have to show that it processes on average 25 million registry transactions — defined as “billable EPP (write) transactions, as well as all EPP search (read) transactions” — per day. (All of the RFP quotes in this post have been machine-translated from Spanish by Google and run by a few generous Spanish speakers for verification.)

The RFP is not entirely clear on what exact data points it’s looking at here, but my take is that qualifying transactions include, at an absolute minimum, attempts to create a domain, renew a domain, transfer a domain and check whether a domain is registered.

The vast majority of such transactions are in the check and create functions, and I believe a great deal of that activity relates to drop-catching, where registries are flooded with add requests for just-deleted domains.

Whichever way you split it, 25 million a day is a ludicrously high number. Literally only .com, which sees 2.3 billion checks and 1.5 billion adds per month, sees that kind of action.

According to Neustar, which actually runs .co, it only sees 6.4 million transactions per day on average. The requirement to handle 25 million a day is “exaggerated, unjustified and discriminatory” against Neustar, Neustar told MinTIC.

But the RFP allows for the bidding registries to spread their 25-million-a-day quota across all of the TLDs they manage, and this MAY sneak Afilias over the line.

I say MAY in big letters because I don’t believe the numbers that Afilias (and probably other registries too) reports to ICANN every month are reliable.

If you add up the reported, qualifying EPP transactions for September in Afilias’ top four legacy gTLDs — .org, .info, .mobi and .pro — you get to over 25 million per day.

But those same records show that, for example, .mobi, .pro and .info had exactly the same number of EPP availability checks that month — 215,988,497 each.

This is clearly bad data.

I reported on this issue last May, when ICANN’s Security and Stability Advisory Committee informed ICANN that major registries were providing “not reliable” or possibly “fabricated” data about port 43 Whois queries.

Afilias, which was one of the apparent offenders, told me at the time that it was addressing the issue with ICANN, but it does not yet appear to have fully fixed its reporting to enable TLD-by-TLD breakdowns of its registry activity.

It is of course quite possible, even very likely, that Afilias has on average more than 25 million qualifying EPP transactions per day, but how’s it going to prove that to the Colombian government when the numbers it reports under contract to ICANN are clearly unreliable?

It’s a little harder to determine whether Neustar would qualify under the 25-million transaction rule, because some of its largest zones are ccTLDs — .co, .in and .us — that do not publicly report this kind of data. Its comments to the RFP suggest it would not.

Numbers aside, I’ll note that there’s very probably an inherent bias towards legacy gTLD operators like Afilias and against relative newcomers such as CentralNic if you’re counting EPP transactions. As I noted above, a lot of these transactions are coming from drop-catch activity, which is more prevalent on larger, older TLDs where there are more dropping domains that are more likely to have existing backlinks and traffic.

The fourth technical requirement in the Colombian RFP that looks a bit fishy is the requirement that the new registry must have channel relationships with at least 10 of the largest 25 registrars, as listed by a web site called domainstate.com.

I can’t say I’ve looked at domainstate.com very often, if at all, but a quick look at its numbers for September strongly suggests to me that it does not count post-2012 new gTLD registrations in its registrar league table. One registrar with almost four million domains under management doesn’t even show up on the list. This arguably could give an advantage to a registry that plays strongly in legacy gTLDs.

That said, it’s probably an academic point — I don’t think any of the bidders for the .co contract would have difficulty showing that they have 10 of the top 25 registrars on board, whichever way you calculate that league table.

Cumulatively, these four technical hurdles have led some to suggest that Afilias has somehow steered MinTIC towards creating an RFP only it could win.

Apart from what I’ve discussed here, I’ve no evidence that is the case, and Afilias has not yet responded to my request for comment today.

Luckily for the bidding registries, the Columbian RFP has not yet been finalized. Comments submitted by the bidders and others are apparently going to be taken on board, so the barriers to entry for respondents could be lowered before bids are finally accepted.

MinTIC posted an update last night that extends the period that the RFP could run, and the transition period should Neustar lose the contract. A handover, should one happen at all, could now happen as late as February next year.

Criminal .uk suspensions down this year

Kevin Murphy, November 26, 2019, Domain Registries

Nominet suspended fewer .uk domain names due to reports of criminality in the last 12 months that in did in the prior period.

The registry said last week that is suspended 28,937 domains in the year to the end of October, down from 32,813 in the 2018 period.

That’s 0.22% of all .uk names, Nominet said.

As usual, complaints about intellectual property infringement — filed by copyright owners to the IP cops and handed to Nominet — account for the vast majority of takedowns, some 28,606 in the period.

The rest were suspended due to complaints about fraud, trading standards, financial conduct and healthcare products.

Only 16 requests were denied by Nominet, down from 114 in the previous year, and only five false-positive suspensions were reversed.

The controversial ban on “rape” domains resulted in 1,600 new regs getting automatically flagged, but zero getting suspended.

There were no requests from the Internet Watch Foundation to take down child sexual abuse material.

Nominet’s newish automated anti-phishing system, which uses pattern recognition to flag potential phishing domains at point of registration, saw 2,668 domains suspended before going live, of which 274 were released after the registrant passed due diligence checks.

Three big changes could be coming to .uk

Kevin Murphy, October 9, 2019, Domain Registries

Nominet wants to know what you thinking about three significant policy changes that could be implemented in the next year or so.

The .uk registry today published a consultation document covering two security-related changes and one related to expired domains.

First, Nominet wants to know if it should be allowed to preemptively block resolution on newly registered domains where it has “identified a high risk the domain will be used for phishing”.

It looks like more of a cosmetic policy change, given that the company is already blocking suspected phishing domains where the registrant fails to adequately verify their identity.

About 1,500 domains were blocked like this in the 12 months ending July 2019, Nominet says, on the basis of its Domain Watch program, which combines technical and manual oversight to identify phishy-looking names.

Second, Nominet want to know if it should display an standard informational web page when it blocks a domain on the basis of fraud, copyright infringement, and counterfeiting.

Currently, the company takes down tens of thousands of names every year on this basis, but the names are simply removed from the zone file and refuse to resolve.

Nominet’s friends in law enforcement reckon that allowing the the domains to instead resolve to a standard web page instead could help victims of fraudulent sites help with police investigations, and Nominet wants to know if you agree.

A side-effect of this would be that the names would remain in the zone, so we’d be able to see for the first time which names get suspended for fraud.

Third, Nominet wants to know whether it should start openly publishing drop-lists, the list of domains that have expired registrations and are about to become available.

This appears to be bad news for those registrars currently “excessively” pinging the registry to compile their own lists and get the jump on competitors when it comes to drop-catching valuable names for resale.

Nominet seems to want to see fewer dropped domains winding up in the hands of domainers, saying currently “not all dropping domains are registered and actively used by the new registrant, reducing the vibrancy of .UK domains”.

It’s proposing to give drop-lists just to registrars, or to publish them openly.

All three questions are open for comment until December 15.

Nominet raises .uk prices

Kevin Murphy, October 1, 2019, Domain Registries

Nominet is to raise the price of a .uk domain name in January, adding a couple million quid to its top line.

The company’s annual registry fee will increase by 4%, from £3.75 to £3.90 ($4.77), on January 13 next year.

Nominet said the increase is to reflect “some of the increased costs of running the registry business since prices last changed in 2016.”

While it’s a modest £0.15 extra per name per year, at the current registration volume that works out to just shy of £2 million ($2.45 million) more revenue per annum.

Perhaps predicting a backlash from large-volume registrants, Nominet told registrars:

We appreciate that price rises are never popular, but even after this modest rise, .UK domains remain extremely competitively priced in the market and accessible to all.

If US dollars are your frame of reference, .uk names will still actually be cheaper following the price increase than they were following the 2016 price increase, due to exchange rate fluctuations.

The last price increase went into effect in March 2016. Before that, prices had been unchanged since 1999.

These two ccTLDs drove two thirds of all domain growth in Q2

Kevin Murphy, August 30, 2019, Domain Registries

The number of registered domain names in the world increased by 2.9 million in the second quarter, driven by .com and two ccTLDs.

That’s according to the latest Verisign Domain Name Industry Brief, which was published (pdf) overnight, and other data.

The quarter ended with 354.7 million domains. Verisign’s own .com was up 1.5 million over Q1 at 142.5 million names.

ccTLDs across the board grew by 1.9 million names sequentially to 158.7 million. Year-over-year, the increase was 10.5 million domains.

The sequential ccTLD increase can be attributed almost entirely to two TLDs: .tw and .uk. These two ccTLDs appear to account for two thirds of the overall net new domains appearing in Q2.

Taiwan grew by about 600,000 in the quarter, presumably due to an ongoing, unusual pricing-related growth spurt among Chinese domainers that I reported in June.

The UK saw an increase of roughly 1.3 million domains, ending the quarter at 13.3 million.

That’s down to the deadline for registering second-level .uk matches for third-level .co.uk domains, which passed June 25.

Nominet data shows that 2LDs increased by about 1.2 million in the period, even as 3LDs dipped. The difference between this and the Verisign data appears to be rounding.

Factoring out the .uk and .tw anomalies, we have basically flat ccTLD growth, judging by the DNIB data.

Meanwhile, the new gTLD number was 23 million. That’s flat after rounding, but Verisign said that the space was actually up by about 100,000 names.

Growth as a whole was tempered by what I call the “other” category. That comprises the pre-2012 gTLDs such as .net, .org, .info and .biz. That was down by about a half a million names.

.net continued its gradual new gTLD-related decline, down 200,000 names sequentially at 13.6 million, while .org was down by 100,000 names.

The overall growth numbers are subject to the usual DNIB-related disclaimers: Verisign (and most everyone else) doesn’t have good data for some TLDs, including large zones such as .tk and .cn.

.blog registry handover did NOT go smoothly

Kevin Murphy, August 29, 2019, Domain Registries

The transition of .blog between registry back-end providers ended up taking six times longer than originally planned, due to “a series of unforeseen issues”.

Registry Knock Knock Whois There today told registrars that the move from Nominet to CentralNic took 18 hours to complete, far longer than the two to three hours anticipated.

An “unexpected database error” was blamed at one point for the delay, but KKWT said it is still conducting a post-mortem to figure out exactly what went wrong.

During the downtime, .blog registrations, renewals, transfers and general domain management at the registry level would not have been possible.

DNS resolution was not affected, so registrants of .blog domains would have been able to use their web sites and email as usual.

The migration, which covered roughly 200,000 domains, wrapped up at around 0800 UTC this morning. It seems engineers at the two back-end providers, both based in the UK, will have been working throughout the night to fix the issues.

KKWT reported the new CentralNIC EPP back-end functioning as expected but that several days of “post-migration clean-up” are to be expected.

Eighteen hours is more than the acceptable 14 hours of monthly downtime for EPP services under ICANN’s standard Registry Agreement, but below the 24 hours of weekly downtime at which emergency measures kick in.

CentralNic already handles very large TLDs, including .xyz, but I believe this is the largest incoming migration it’s handled to date.

KKWT is owned by Automattic, the same company as WordPress.com.

CIRA replaces CORE as emergency backup registry

Kevin Murphy, August 28, 2019, Domain Registries

ICANN has switched around its line up of emergency registry providers, swapping out CORE Association for CIRA.

The organization last night announced that its three newly contracted Emergency Back-End Registry Operators are Nominet, CNNIC, and CIRA.

EBEROs are failsafe registries that will take over any gTLD that has failed or is on the verge of failing outright, putting its customers domains at risk.

The EBERO is responsible for winding down these gTLDs in an orderly fashion, giving registrants the chance to migrate to a different TLD.

So far, only .wed has entered the program, when the project with the imaginative business model of making it impractical to renew domains went out of business in 2017.

Nominet now caretakes .wed under the EBERO program.

Both Nominet (.uk) and CNNIC (.cn) have been approved EBEROs since 2013, under five-year contracts with ICANN.

CORE was also approved in 2013, but appears to have lost its contract. It’s been replaced by CIRA, the Canadian Internet Registry Association.

“We are honoured to be among this select group of trusted registry operators,” Dave Chiswell, VP of product development for CIRA, said in a statement. He said CIRA only suffered eight hours of downtime when it migrated .ca to a new back-end platform recently.

A key reason for CIRA replacing CORE is very likely geography. When ICANN put out its request for proposals last year, it made a big deal about how it wanted coverage in Europe, Asia and North America — where most gTLD registries are concentrated.

CORE is based in Switzerland. CIRA is obviously based in Canada and CNNIC is Chinese.

Another side-effect of the contract renegotiations is that ICANN is now paying 30% less for the services of the three providers, according to a recent board resolution.

The three providers are contracted for five years.

Whether, and to what extent, they’ll ever actually be triggered to provide EBERO services is open to debate.

Currently, there are six gTLDs in advanced stages of ICANN compliance proceedings, putting them at risk of having their contracts revoked: .whoswho, and five Persian-themed strings.

It’s not inconceivable than one or more of these gTLDs could wind up in EBERO, but ICANN appears to be cutting the registries a lot of slack to resolve their issues.

Cybersquatting cases down a bit in the UK

The number of cybersquatting complaints filed with Nominet declined slightly in 2018, according to the registry.

Nominet’s Dispute Resolution Service, which is a bit like the UDRP, handled 671 cases last year, compared to 712 in 2017.

The number of domains at issue was down from 783 to 763.

The slight decline appears to be because fewer complaints were filed against .org.uk, .me.uk and plain .uk domains.

The number of .co.uk registrations challenged was flat between 2017 and 2018 at 617 domains.

Only 49% of cases resulted in the disputed domain being transferred, according to the registry’s annual report (pdf).

1.8 million UK grandfathers die after Nominet deadline hits

The deadline for registering “grandfathered” second-level domains in .uk passed this morning, leaving at many as 1.88 million names unclaimed.

From June 2014 until 0500 UTC this morning, anyone who owned a third-level domain in zones such as .co.uk or .org.uk had rights to register the matching 2LD under .uk.

Those rights have all expired now, and all the unclaimed 2LDs will be returned to the available pool next month.

Four days ago, Nominet said that there were still 1.88 million rights that had not been exercised. That’s from the over 10 million 3LDs whose registrants were initially given rights.

In March, 3.2 million names were still unclaimed. It seems about 1.4 million names have been claimed, or expired, at the eleventh hour, almost all in June.

One way of looking at it is that the owners of almost one in five .co.uk domains either decided they didn’t want the matching 2LD, or were unaware that it was available.

But about half of the original domains with rights have since dropped, so the portion of current 3LD owners now at risk of confusion with their 2LD match could actually be more like four in 10.

At the end of May, 2,439,181 .uk domains had been registered (including non-grandfathered domains) and there were 9,729,224 names registered at the third level.

The 1.8 million unclaimed names will now be the subject of a landrush.

On July 1, Nominet will start releasing the names in batches, alphabetically.

Accredited registrars will start slamming the registry — Nominet has set up a separate set of EPP infrastructure purely for this expected onslaught — with requests to register the most-valuable names.

Some registrars have been taking pre-registrations and will auction any names they successfully claim to the customers who put in pre-orders.

After a week, any names not already claimed by registrars will be released to the public, again in batches, starting from July 8.

The system has been criticized by smaller registrars, many of which believe Nominet is giving its larger registrars a much better chance at winning the good names simply because they have deeper pockets.

Smaller registrars say .uk release is biased towards the Big Boys

A group of small .uk registrars have complained to Nominet that the imminent release of three million second-level .uk domain names is biased towards their deep-pocketed rivals.

So far, 33 registrars have signed a petition, penned by Netistrar’s Andrew Bennett, against Nominet’s rules.

On July 1, the registry plans to start releasing .uk 2LDs that are currently reserved under its five-year-long grandfathering program.

These are domains that match existing third-level domains in .co.uk, .org.uk, etc.

The 3LD registrants have until 0500 UTC on June 25 to claim their 2LD matches. A week later, Nominet will start releasing them in alphabetical batches of 600,000 per day, over five days, to the available pool.

It’s going to be a little like “the drop” in gTLDs such as .com, with registrars all vying to pick up the most-valuable names as soon as they are released.

In the gTLD space, each registrar is given an equal number of connections, which is why drop-catch specialists such as SnapNames own hundreds of registrar accreditations.

Nominet’s doing it a little different, instead throttling connections based on how much credit registrars have with the registry, which the petitioners believe rigs the system towards the registrars with the most money.

According to the Nominet, registrars with £450 of credit get six connections per minute, rising to nine per minute for those with £4,500, 60 per minute for £45,000 and, at the top end, 150 per minute for registrars with £90,000 stashed in the Bank of Nominet.

Larger registrars with multiple Nominet accreditations, known as “tags” in the .uk space, will be able to stack their connections for an even greater chance at grabbing the best names.

Registrars such as GoDaddy are already taking pre-orders and will auction off the domains they catch to the highest bidder, if there are multiple pre-orders for the same names, so there’s potentially a fair bit of money to be made.

The small registrars say these credit-based rules are “disproportionately unfair” to their business models.

They point out that it doesn’t make much sense to rate-limit connections based on their proven ability to pay, given that there’s no link between how many they plan to register in the crucial first minute after the drop and how many they intend to register overall.

Nominet says on its web site that the tiers as described are provisional and will be firmed up the week of June 24.

The petitioners are also bothered that Nominet has not made any EPP code available to help the smaller guys, which have fewer engineering resources, to adjust to this temporary, time-sensitive registration system, and that the release plan was not communicated well to registrars.

They further claim that Nominet has not conducted enough outreach to .uk registrants to let them know their grandfathered rights will soon expire.

Many well-known brands have yet to claim their trademark.uk names, they claim.

Nominet has previously told DI that it planned to advertise the end of grandfathering in the press and on radio in the run-up to the release.