Latest news of the domain name industry

Recent Posts

Industry lays into Verisign over .com deal renewal

Kevin Murphy, August 15, 2016, Domain Registries

Some of Verisign’s chickens have evidently come home to roost.

A number of companies that the registry giant has pissed off over the last couple of years have slammed the proposed renewal of its .com contract with ICANN.

Rivals including XYZ.com (sued over its .xyz advertising) and Donuts (out-maneuvered on .web) are among those to have filed comments opposing the proposed new Registry Agreement.

They’re joined by business and intellectual property interests, concerned that Verisign is being allowed to carry on without implementing any of the IP-related obligations of other gTLDs, and a dozens of domainers, spurred into action by a newsletter.

Even a child protection advocacy group has weighed in, accusing Verisign of not doing enough to prevent child abuse material being distributed.

ICANN announced last month that it plans to renew the .com contract, which is not due to expire for another two years, until 2024, to bring its term in line with Verisign’s contracts related to root zone management.

There are barely any changes in the proposed new RA — no new rights protection mechanisms, no changes to how pricing is governed, and no new anti-abuse provisions.

The ensuing public comment period, which closed on Friday, has attracted slightly more comments than your typical ICANN comment period.

That’s largely due to outrage from readers of the Domaining.com newsletter, who were urged to send comments in an article headlined “BREAKING: Verisign doubles .COM price overnight!”

That headline, for avoidance of doubt, is not accurate. I think the author was trying to confer the idea that the headline could, in his opinion, be accurate in future.

Still, it prompted a few dozen domainers to submit brief comments demanding “No .com price increases!!!”

The existing RA, which would be renewed, says this about price:

The Maximum Price for Registry Services subject to this Section 7.3 shall be as follows:

(i) from the Effective Date through 30 November 2018, US $7.85;

(ii) Registry Operator shall be entitled to increase the Maximum Price during the term of the Agreement due to the imposition of any new Consensus Policy or documented extraordinary expense resulting from an attack or threat of attack on the Security or Stability of the DNS, not to exceed the smaller of the preceding year’s Maximum Price or the highest price charged during the preceding year, multiplied by 1.07.

The proposed amendment (pdf) that would extend the contract through 2024 does not directly address price.

It does, however, contain this paragraph:

Future Amendments. The parties shall cooperate and negotiate in good faith to amend the terms of the Agreement (a) by the second anniversary of the Effective Date, to preserve and enhance the security and stability of the Internet or the TLD, and (b) as may be necessary for consistency with changes to, or the termination or expiration of, the Cooperative Agreement between Registry Operator and the Department of Commerce.

The Cooperative Agreement is the second contract in the three-way relationship between Verisign, ICANN and the US Department of Commerce that allows Verisign to run not only .com but also the DNS root zone.

It’s important because Commerce exercised its powers under the agreement in 2012 to freeze .com prices at $7.85 a year until November 2018, unless Verisign can show it no longer has “market power”, a legal term that plays into monopoly laws.

So what the proposed .com amendments mean is that, if the Cooperative Agreement changes in 2018, ICANN and Verisign are obligated to discuss amending the .com contract at that time to take account of the new terms.

If, for example, Commerce extends the price freeze, Verisign and ICANN are pretty much duty bound to write that extension into the RA too.

There’s no credible danger of prices going up before 2018, in other words, and whether they go up after that will be primarily a matter for the US administration.

The US could decide that Verisign no longer has market power then and drop the price freeze, but would be an indication of a policy change rather than a reflection of reality.

The Internet Commerce Association, which represents high-volume domainers, does not appear particularly concerned about prices going up any time soon.

It said in its comments to ICANN that it believes the new RA “will have no effect whatsoever upon the current .Com wholesale price freeze of $7.85 imposed on Verisign”.

XYZ.com, in its comments, attacked not potential future price increases, but the current price of $7.85, which it characterized as extortionate.

If .com were put out to competitive tender, XYZ would be prepared to reduce the price to $1 per name per year, CEO Daniel Negari wrote, saving .com owners over $850 million a year — more than the GDP of Rwanda.

ICANN should not passively go along with Verisign’s selfish goal of extending its unfair monopoly over the internet’s most popular top-level domain name.

Others in the industry chose to express that the proposed contract does not even attempt to normalize the rules governing .com with the rules almost all other gTLDs must abide by.

Donuts, in its comment, said that the more laissez-faire .com regime actually harms competition, writing:

It is well known that new gTLDs and now many other legacy gTLDs are heavily vested with abuse protections that .COM is not. Thus, smaller, less resource-rich competitors must manage gTLDs laden (appropriately) with additional responsibilities, while Verisign is able to operate its domains unburdened from these safeguards. This incongruence is a precise demonstration of disparate treatment, and one that actually hinders effective competition and ultimately harms consumers.

It points to numerous statistics showing that .com is by far the most-abused TLD in terms of spam, phishing, malware and cybersquatting.

The Business Constituency and Intellectual Property Constituency had similar views about standardizing rules on abuse and such. The IPC comment says:

The continued prevalence of abusive registrations in the world’s largest TLD registry is an ongoing challenge. The terms of the .com registry agreement should reflect that reality, by incorporating the most up-to-date features that will aid in the detection, prevention and remediation of abuses.

The European NGO Alliance for Child Safety Online submitted a comment with a more narrow focus — child abuse material and pornography in general.

Enasco said that 41% of sites containing child abuse material use .com domains and that Verisign should at least have the same regulatory regime as 2012-round gTLDs. It added:

Verisign’s egregious disinterest in or indolence towards tackling these problems hitherto hardly warrants them being rewarded by being allowed to continue the same lamentable
regime.

I couldn’t find any comments that were in unqualified support of the .com contract renewal, but the lack of any comments from large sections of the ICANN community may indicate widespread indifference.

The full collection of comments can be found here.

NTIA gives nod to IANA transition

Kevin Murphy, June 9, 2016, Domain Policy

The US National Telecommunications and Information Administration has formally thrown its weight behind the community-led proposal that would remove the US government, itself in effect, from DNS root oversight.

Assistant secretary Larry Strickling held a press conference this afternoon to confirm the hardly surprising development, but dodged questions about a Republican move to scupper the plan in Congress.

The IANA transition plan, which was developed by the ICANN community over about two years, meets all the criteria NTIA had set out in its surprise 2014 announcement, Strickling confirmed.

Namely, NTIA said in a press release that the the plan would:

  • Support and enhance the multistakeholder model;
  • Maintain the security, stability, and resiliency of the Internet DNS;
  • Meet the needs and expectations of the global customers and partners of the IANA services; and
  • Maintain the openness of the Internet.

Probably more importantly, NTIA agrees with everyone else that the plan does not replace NTIA’s role with more government meddling.

US Sen. Ted Cruz and Rep. Sean Duffy see things differently. They yesterday introduced the Protecting Internet Freedom Act, which would stop the transition going ahead.

Strickling said that NTIA has been talking to Congress members about the transition, but declined to “speculate” about the new bill’s likelihood of success.

“We’ve been up on the Hill doing briefings and will continue to do so with any member that wants to talk to us,” he said.

Currently, NTIA is forbidden by law from spending any money on the transition, but that prohibition expires (unless it is renewed) at the end of the current federal budget cycle.

The plan is to carry out the transition after that, Strickling said.

The current IANA contract expires September 30. It may be extended, depending on how quickly ICANN and Verisign proceed on their implementation tasks.

US gov: we can’t support ICANN accountability plan

Kevin Murphy, September 24, 2015, Domain Policy

The US National Telecommunications and Information Administration has waded into the ICANN accountability debate, possibly muddying the waters in the process.

In a blog post last night, NTIA head Larry Strickling said that community proposals for enhancing accountability were not yet detailed enough, and had not reached the desired level of consensus, for the NTIA to support them.

He urged everyone involved to simplify the proposals and to work on areas where there is still confusion or disagreement.

The comments were directed at the Cross Community Working Group on Enhancing Accountability (CCWG), a diverse volunteer committee that has been tasked with coming up with ways to improve ICANN accountability after the US government severs formal oversight of the IANA functions.

That group spent a year coming up with a set of draft proposals, outlining measures such as stronger, harder-to-change bylaws and improvements to the Independent Review Process.

But the main organizational change it proposed is where the most conflict has emerged.

CCWG thinks the best way to give the community a way to enforce accountability is to change ICANN into a membership organization, a certain type of legal entity under California law.

It would have a Sole Member, a legal entity peopled by members of each part of the community, which would have to right to take ICANN to court to enforce its bylaws.

The ICANN board doesn’t dig this idea one bit. Its outside attorneys at Jones Day have counseled against such a move as untested, overly complex and potentially subject to capture.

On a recent three-hour teleconference, the board proposed the Sole Member model be replaced by a “Multistakeholder Enforcement Mechanism”.

The MEM would create a binding arbitration process — enforceable in California court — through which ICANN’s supporting organizations and advisory committees could gang up to challenge decisions that they believe go against ICANN’s Fundamental Bylaws.

Since this bombshell, a key question facing the CCWG has been: is the board’s view being informed primarily by its lawyers, or has Strickling been quietly raising NTIA concerns about the proposal via back-channels?

If it’s the former, the CCWG and its own outside counsel could robustly argue the community’s corner.

If it’s the latter, it’s pretty much back to the drawing board — because if the NTIA doesn’t like the plan, it won’t be approved.

Unfortunately, Strickling’s latest blog post avoids giving any straight answers, saying “it is not our role to substitute our judgment for that of the community”.

But his choice of language may suggest a degree of support for the board’s position.

As I stated in Argentina in June, provide us a plan that is as simple as possible but still meets our conditions and the community’s needs. Every day you take now to simplify the plan, resolve questions, and provide details will shorten the length of time it will take to implement the plan and increase the likelihood that the plan will preserve the security and stability of the Internet. Putting in the extra effort now to develop the best possible consensus plan should enhance the likelihood that the transition will be completed on a timely schedule.

The emphasis on “simplicity” could be read as coded support for the board, which has repeatedly said that it thinks the Sole Member model may be too complicated for the NTIA to swallow.

Both the board and Strickling’s latest post refer back to a speech he made in Buenos Aires in June, in which he said:

If a plan is too complex, it increases the likelihood there will be issues that emerge later. Unnecessary complexity increases the possibility that the community will be unable to identify and mitigate all the consequences of the plan. And a complex plan almost certainly will take longer to implement.

Strickling certainly knows that the board has been citing these comments in its objection to the Sole Member model, so the fact that he chose to repeat them may be indicative of which way he is leaning. Or maybe it isn’t.

Either way, I think it’s going to be tough for the CCWG to easily dismiss the board’s concerns.

CCWG members are currently on planes heading to ICANN headquarters in Los Angeles for a two-day face-to-face meeting at which the chairs “expect that a large portion of our time… will be reserved to answering the tough questions”.

Many believe that unless this meeting is extraordinarily successful, it’s going to be tough for an IANA transition proposal to be approved by the NTIA under the current US administration.

Anger as ICANN’s member flops before board

Kevin Murphy, September 4, 2015, Domain Policy

ICANN’s board of directors came to blows with its key accountability working group this week, over proposals that would give ICANN the community the right to sue ICANN the organization.

An extraordinary three-hour teleconference between the board and the Cross Community Working Group on Enhancing Accountability (CCWG) Wednesday night came across like some kind of weird, Orwellian, passive-aggressive piece of emotional domestic abuse.

The CCWG, a group of volunteers coming from all parts of the ICANN community, has created a set of proposals for improving ICANN’s accountability to the community as part of its transition process away from US government oversight.

The idea is to create sufficient accountability mechanisms so that if in future the entire ICANN board grows goatee beards and turns Eeevil, the community will still be able to hold them to their bylaws commitments.

The CCWG, following the advice of an independent law firm, decided that the best way to do this was to turn ICANN into a membership organization with a “Sole Member”.

This member would be a legal entity run by community members that would have the right under California law to sue ICANN if it ever failed to live up to its bylaws.

For example, if ICANN refused to implement the decisions of an Independent Review Panel, the member could seek to have the ruling enforced by a court.

This is just one of many proposals made by the CCWG currently open for public comment.

Highly unusually for a public comment period, the ICANN board is going to be a commenter in this case. While its comments have not been published yet, it has taken advice from its lawyers at Jones Day that may give an indication of how it is leaning.

Wednesday night’s call was designed to give the board the chance to bring its initial thinking to the CCWG.

Instead, it wound up being almost entirely about the proposed membership model and the board’s statements that while it supported the CCWG’s proposals 100% it also wanted them fundamentally rewritten.

The board wants the idea of a Sole Member model thrown out and replaced with a new arbitration process that would be legally enforceable in California courts.

So, instead of a legal-entity “member” suing ICANN, some as-yet unidentified community entity would take ICANN to arbitration. The decision of the arbitration panel could then be enforced by the courts if ICANN failed to abide by it.

When CCWG members asked who, in the absence of a legal entity, would take ICANN to arbitration and then sue it, the board had no answer. Instead, directors said the CCWG’s legal advisers should talk to Jones Day to hammer out the “technical” details.

Some members claimed that it would be “impossible” to give the community legal standing to sue ICANN without a membership model. Others said that the board’s 11th hour suggested rewrites would make it “impossible” to hit the deadline for a final proposal by the Dublin meeting next month.

At least a third of the 2-hour 47-minute call was wasted as the CCWG struggled to understand the doublespeak the board had brought into the discussion.

Directors continually insisted that they “completely supported” CCWG’s proposals on enforcement “without reservation”, while simultaneously saying the Sole Member model should be thrown out.

Half way through the call, CCWG co-chair Thomas Rickert reflected exasperation among members: “There is obviously difficulty to understand by many on this call how you fully support what we are doing while proposing something which appears like a complete rewrite.”

Shortly thereafter, Chehade responded:

Why don’t we just agree that we are agreeing with you that the community must be able to get enforcement in California courts, that we will ensure that they have the standing to do it without question. And if we are all in agreement that we are in agreement with each other let’s then let the technical people go solve this. If they call come back and tell us that frankly that advice was flawed, then let’s deal with it then in good faith. But that’s what we’re sharing with you.

Directors said that the proposed member model might have unintended consequences, and that the US government may not approve a proposal that overly complicates ICANN’s legal structure.

An hour later, the CCWG was still scratching its head, nerves were beginning to wear, and the tone was getting increasingly testy as the CCWG repeatedly asked the board to explain how it could express support and simultaneously propose an alternative solution.

“There is absolutely no new proposal,” Chehade said, eventually. “We are embracing your proposal and the objectives of the community. Please hear me on this. There is no new proposal.”

He said:

Take your work and break it down: board removal, standing reconsideration, enhancing – getting the IRP back on the track we set, you know, fundamental bylaw, binding arbitration or mechanisms of enforceability. All of the things you have come up with, we are accepting. So when your reaction to our two last hours is that we’re refusing to add any accountability, I don’t know how you come to that frankly…

you yourself in the proposal say that this proposal is not finished, it needs a lot of work. So what we’re saying to you is let’s take this proposal which is not finished and let’s figure out ways to make it real, and real in the next few weeks so we can move forward…

The only area where we are telling you we would like to propose a different mechanism to achieve the same goal is the enforceability.

The whole three hours reminded me of a nightmare-scenario interview where the interviewee has been media-trained up the wazoo and refuses to sway from a set of vaguely scripted talking points.

But which proposal is the right one for ICANN?

Beats me. What does seem quite clear to me is that the board and CCWG are at odds now, despite what ICANN says, and that the expected delivery of a final accountability proposal by Dublin is in serious doubt.

Following the call, ICANN chair Steve Crocker posted a blog post that sought to clarify the board’s position, characterizing it as agreement in principle but disagreement on implementation. He wrote:

We have suggestions on how these [CCWG proposals] could be operationalized. With regards to the mechanisms for community enforceability, where the current proposal still warrants much detail that may not be achievable we have a suggestion on how to deliver on it in a stable way, as increased enforceability must not open up questions of, for example, capture or diminishing of checks and balances.

The Wednesday meeting’s audio, transcript and other notes can all be found here.

US gives ICANN an extra year to complete transition

Kevin Murphy, August 18, 2015, Domain Policy

US government oversight of ICANN and the domain name system will end a year later than originally expected.

The National Telecommunications and Information Administration said last night that it has extended ICANN’s IANA contract until September 30, 2016, giving the community and others more time to complete and review the transition proposals.

NTIA assistant secretary Larry Strickling wrote that “it has become increasingly apparent over the last few months that the community needs time to complete its work, have the plan reviewed by the U.S. Government and then implement it if it is approved.”

Simultaneously, NTIA has finally published a proposal — written by ICANN and Verisign — for how management of the DNS root will move away from hands-on US involvement.

The extension of the IANA contract from its September 30, 2015 end date was not unexpected. The current contract allows for such extensions.

As we recently reported, outgoing ICANN CEO Fadi Chehade had guessed a mid-2016 finalization of the transition.

Regardless, expect op-eds in the coming days to claim this as some kind of political victory against the Obama administration.

Part of the reason for the extension, beyond the fact that the ICANN community hasn’t finished its work yet, is legislation proposed in the US.

The inappropriately named DOTCOM Act, passed by the House but frozen for political reasons in the Senate by Tea Party presidential hopeful Sen Ted Cruz, would give Congress 30 legislative days (which could equal months of real time) to review the IANA transition proposals.

There are basically three prongs to the transition, each with very long names.

The “Proposal to Transition the Stewardship of the Internet Assigned Numbers Authority (IANA) Functions from the U.S. Commerce Department’s National Telecommunications and Information Administration (NTIA) to the Global Multistakeholder Community” is the first.

That was created by the multistakeholder IANA Stewardship Transition Coordination Group (ICG) and deals with how the IANA contract will be managed after the US government goes away.

The second prong comes from the Cross Community Working Group on Enhancing ICANN Accountability, which deals with how ICANN itself can improve its accountability to the internet community without the Damoclean sword of US intervention hanging over it.

The CCWG’s latest draft report would strengthen the ICANN board against capture by, for example, making certain bylaws harder to amend and giving the community the right to fire directors.

Both of these proposals are currently open for public comment here.

The third prong, which only appears to have been published this week, deals with the nuts and bolts of how changes to the DNS root zone are made.

The current system is a tripartite arrangement between IANA, NTIA and Verisign.

When a TLD operator needs a change to the DNS root — for example adding a name server for its TLD — the request is submitted to and processed by IANA, sent to NTIA for authorization, then actually implemented on the primary root server by Verisign.

Under the new proposal (pdf) to phase the NTIA out of this arrangement, the NTIA’s “authorization” role would be temporarily complemented by a parallel “authentication” role.

The proposal is not written in the clearest English, even by ICANN standards, but it seems that the current Root Zone Management System would be duplicated in its entirety and every change request would have to be processed by both systems.

The output of both would be compared for discrepancies before Verisign actually made the changes to the root.

It seems that this model is only being proposed as a temporary measure, almost like a proof of concept to demonstrate that the NTIA’s current authorization role isn’t actually required and won’t be replaced in this brave new world.