Latest news of the domain name industry

Recent Posts

New gTLD delegations probably not delayed by US government shutdown

Kevin Murphy, September 30, 2013, Domain Policy

If the US government shuts down tonight, would that delay the delegation of new gTLDs?

Probably not, from what I gather.

For reasons beyond the ken of most sane people*, the US legislature is currently deadlocked on a bill that would provide the funds to keep the executive wing of the government running.

It’s looking increasingly likely that the government is to shut down.

That’s a big deal for a whole range of important reasons, obviously, but it also has implications for new gTLD applicants.

The DNS root zone belongs to the US government, remember.

It’s managed by Verisign and ICANN’s IANA department suggests appropriate changes, but without USG the tripartite relationship that enables new TLDs to be delegated falls apart.

Without the NTIA in the mix, ICANN can make all the root zone change requests it wants and Verisign lacks the authority to execute them.

So there’s a reason to be worried if you’re a new gTLD applicant. If the National Telecommunications and Information Administration is out of the office for an indeterminate period, you may be looking at more delays.

However, it looks like the NTIA may have got that covered.

According to the Department of Commerce’s “Plan for Orderly Shutdown Due to Lapse of Congressional Appropriations”, (pdf) a “Telecomm. Policy Specialist”, tasked with “Emergency protection of internet management (ICANN)” is on the list of “Excepted Positions”.

I gather that this means that there’s going to be an NTIA person working during any possible shutdown to manage root zone changes, including gTLD delegations.

* It’s been several years since I lived in the States, and my grasp of the nuance of American political life has waned accordingly, but I gather the shutdown is somehow related to protecting insurance companies’ profit margins. Or defending the constitutional right to get better healthcare than people poorer than yourself. Something like that.

No, ICANN isn’t moving to Switzerland

Kevin Murphy, September 6, 2013, Domain Policy

There’s a rumor going around this morning that ICANN is planning to up sticks from its US base in California and become subject to Swiss jurisdiction instead.

While this would be a huge change for ICANN, which has been tethered to the US government since its formation in 1998, it’s almost certainly not what’s happening.

The rumor emerged following CEO Fadi Chehade’s speech at the Asia Pacific Regional Internet Governance Forum in Korea yesterday, during which he talked about setting up a “legal structure” in Switzerland.

Addressing long-standing criticisms that ICANN is too US-centric, he discussed the recent creation of “hub” offices in Istanbul and Singapore, then said:

You heard me announce recently in Durban that ICANN, for the first time, is setting up a legal structure in Switzerland. That means that ICANN is going to seek to become an international organization that is serving the world, not just as a private corporation in California. These are important fundamental steps that we are exploring in order for ICANN to take a new global posture.

That ICANN wants a Swiss presence is not news. At the Durban meeting in July Chehade said publicly that ICANN had opened an “engagement center” in Geneva, headed by his senior adviser Tarek Kamel.

But the version of the Chehade quote doing the rounds on mailing lists today capitalizes “International Organization”, which arguably changes the meaning and makes his remarks seem more profound.

A capitalized “International Organization” can mean one of two legal structures: either an International Non-Governmental Organization or an Intergovernmental Organization.

That would, indeed, imply a change of jurisdiction. ICANN is currently, legally, a California non-profit corporation.

However, if Chehade just said “international organization” with no implied upper-case letters, it just means it’s an organization with offices and legal entities internationally.

I think this is closer to the truth, and so do People In A Position To Know whom I’ve run this by this morning.

It’s important to note that ICANN’s Affirmation of Commitments with the US government forces it to stay headquartered in the US:

ICANN affirms its commitments to: … remain a not for profit corporation, headquartered in the United States of America with offices around the world to meet the needs of a global community;

While Chehade has expansionist plans on a scale beyond any of his predecessors, it seems unlikely that these include breaking the AoC, incurring the wrath of the US government.

UPDATE: ICANN has provided DI with the following statement:

ICANN is not currently planning to set up a headquarters office in Switzerland. We will have an engagement center in Geneva, along with others scattered around the world but our three main hubs, as Fadi has previously announced, will be in L.A., Istanbul and Singapore.

NTIA alarmed as Verisign hints that it will not delegate new gTLDs

Kevin Murphy, August 5, 2013, Domain Tech

Verisign has escalated its war against competition by telling its government masters that it is not ready to add new gTLDs to the DNS root, raising eyebrows at NTIA.

The company told the US National Telecommunications and Information Administration in late May that the lack of uniform monitoring across the 13 root servers means it would put internet security and stability at risk to start delegating new gTLDs now.

In response, the NTIA told Verisign that its recent position on DNS security is “troubling”. It demanded confirmation that Verisign is not planning to block new gTLDs from being delegated.

The letters (pdf and pdf) were published by ICANN over the weekend, over two months after the first was sent.

Verisign senior VP Pat Kane wrote in the May letter:

we strongly believe certain issues have not been addressed and must be addressed before any root zone managers, including Verisign, are ready to implement the new gTLD Program.

We want to be clearly on record as reporting out this critical information to NTIA unequivocally as we believe a complete assessment of the critical issues remain unaddressed which left unremediated could jeopardize the security and stability of the DNS.

we strongly recommend that the previous advice related to this topic be implemented and the capability for root server system monitoring, instrumentation, and management capabilities be developed and operationalized prior to beginning delegations.

Kane’s concerns were first outlined by Verisign in its March 2013 open letter to ICANN, which also expressed serious worries about issues such as internal name collisions.

Verisign is so far the only root server operator to publicly express concerns about the lacking of coordinated monitoring, and many people believe that the company is simply desperately trying to delay competition for its $800 million .com business for as long as possible.

These people note that in early November 2012, Verisign signed a joint letter with ICANN and NTIA that said:

the Root Zone Partners are able to process at least 100 new TLDs per week and will commit the necessary resources to meet all root zone management volume increases associated with the new gTLD program

That letter was signed before NTIA stripped Verisign of its right to increase .com prices every year, depriving it of tens or hundreds of millions of dollars of additional revenue.

Some say that Verisign is raising spurious security concerns now purely because it’s worried about its bottom line.

NTIA is beginning to sound like one of these critics. In its response to the May 30 letter, sent by NTIA and published by ICANN on Saturday, deputy associate administrator Vernita Harris wrote:

NTIA and VeriSign have historically had a strong working relationship, but inconsistencies in VeriSign’s position in recent months are troubling… NTIA fully expects VeriSign to process change requests when it receives an authorization to delegate a new gTLD. So that there will be no doubt on this point, please provide me a written confirmation no later than August 16, 2013 that VeriSign will process change requests for the new gTLD program when authorized to delegate a new gTLD.

Harris said that a system is already in place that would allow the emergency rollback of the root zone, basically ‘un-delegating’ any gTLD that proves to cause a security or stability problem.

This would be “sufficient for the delegation of new gTLDs”, she wrote.

Could Verisign block new gTLDs?

It’s worth a reminder at this point that ICANN’s power over the DNS root is something of a facade.

Verisign, as operator of the master A root server, holds the technical keys to the kingdom. Under its NTIA contract, it only processes changes to the root — such as adding a TLD — when NTIA tells it to.

NTIA in practice merely passes on the recommendations of IANA, the department within ICANN that has the power to ask for changes to the root zone, also under contract with NTIA.

Verisign or NTIA in theory could refuse to delegate new gTLDs — recall that when .xxx was heading to the root the European Union asked NTIA to delay the delegation.

In practice, it seems unlikely that either party would stand in the way of new gTLDs at the root, but the Verisign rhetoric in recent months suggests that it is in no mood to play nicely.

To refuse to delegate gTLDs out of commercial best interests would be seen as irresponsible, however, and would likely put its role as custodian of the root at risk.

That said, if Verisign turns out to be the lone voice of sanity when it comes to DNS security, it is ICANN and NTIA that will ultimately look like they’re the irresponsible parties.

What’s next?

Verisign now has until August 16 to confirm that it will not make trouble. I expect it to do so under protest.

According to the NTIA, ICANN’s Root Server Stability Advisory Committee is currently working on two documents — RSSAC001 and RSSAC002 — that will outline “the parameters of the basis of an early warning system” that will address Verisign’s concerns about root server management.

These documents are likely to be published within weeks, according to the NTIA letter.

Meanwhile, we’re also waiting for the publication of Interisle Consulting’s independent report into the internal name collision issue, which is expected to recommend that gTLDs such as .corp and .home are put on hold. I’m expecting this to be published any day now.

Senators slate NTIA, to demand answers on new gTLD security

Kevin Murphy, July 23, 2013, Domain Policy

Did Verisign get to the US Congress? That’s the intriguing question emerging from a new Senate appropriations bill.

In notes attached to the bill, the Senate Appropriations Committee delivers a brief but scathing assessment of the National Telecommunication and Information Administration’s performance on ICANN’s Governmental Advisory Committee.

It says it believes the NTIA has “not been a strong advocate for U.S. companies and consumers”.

The notes would order the agency to appear before the committee within 30 days to defend the “security” aspects of new gTLDs and “urges greater participation and advocacy within the GAC”.

While the NTIA had a low-profile presence at the just-finished Durban meeting, it would be difficult to name many other governments that participate or advocate more on the GAC.

This raises an eyebrow. Which interests, in the eyes of the committee, is the NTIA not sufficiently defending?

Given the references to intellectual property, suspicions immediately fall on usual suspects such as the Association of National Advertisers, which is worried about cybersquatting and associated risks.

The ANA successfully lobbied for an ultimately fruitless Congressional hearing in late 2011, following its campaign of outrage against the new gTLD program.

It’s mellowed somewhat since, but still has fierce concerns. Judging by comments its representatives made in Durban last week, it has shifted its focus to different security issues and is now aligned with Verisign.

Verisign, particularly given the bill’s reference to “security, stability and resiliency” and the company’s campaign to raise questions about the potential security risks of new gTLDs, is also a suspect.

“Security, stability and resiliency” is standard ICANN language, with its own acronym (SSR), rolled out frequently during last week’s debates about Verisign’s security concerns. It’s unlikely to have come from anyone not intimately involved in the ICANN community.

And what of Amazon? The timing might not fit, but there’s been an outcry, shared by almost everyone in the ICANN community, about the GAC’s objection last week to the .amazon gTLD application.

The NTIA mysteriously acquiesced to the .amazon objection — arguably harming the interests of a major US corporation — largely it seems in order to play nice with other GAC members.

Here’s everything the notes to “Departments of Commerce and Justice, and Science, and related agencies appropriations Bill, 2014” (pdf) say about ICANN:

ICANN — NTIA represents the United States on the Internet Corporation for Assigned Names and Numbers [ICANN] Governmental Advisory Committee [GAC], and represents the interests of the Nation in protecting its companies, consumers, and intellectual property as the Internet becomes an increasingly important component of commerce. The GAC is structured to provide advice to the ICANN Board on the public policy aspects of the broad range of issues pending before ICANN, and NTIA must be an active supporter for the interests of the Nation. The Committee is concerned that the Department of Commerce, through NTIA, has not been a strong advocate for U.S. companies and consumers and urges greater participation and advocacy within the GAC and any other mechanisms within ICANN in which NTIA is a participant.

NTIA has a duty to ensure that decisions related to ICANN are made in the Nation’s interest, are accountable and transparent, and preserve the security, stability, and resiliency of the Internet for consumers, business, and the U.S. Government. The Committee instructs the NTIA to assess and report to the Committee within 30 days on the adequacy of NTIA’s and ICANN’s compliance with the Affirmation of Commitments, and whether NTIA’s assessment of ICANN will have in place the necessary security elements to protect stakeholders as ICANN moves forward with expanding the number of top level Internet domain names available.

While the bill is just a bill at this stage, it seems to be a strong indication that anti-gTLD lobbyists are hard at work on Capitol Hill, and working on members of diverse committees.

NTIA fights Big Content’s corner, tells ALL new gTLD applicants to submit PICs

Kevin Murphy, February 26, 2013, Domain Policy

The National Telecommunications and Information Administration said today that all new gTLD applicants, even those that have not already been hit by government warnings, should submit Public Interest Commitments to ICANN.

In a rare comment sent to an ICANN public forum today, the NTIA suggested that applicants should use the process to help combat counterfeiting and piracy.

The agency, the part of the US Department of Commerce that oversees ICANN and participates in its Governmental Advisory Committee, said (emphasis in original):

NTIA encourages all applicants for new gTLDs to take advantage of this opportunity to address the concerns expressed by the GAC in its Toronto Communique, the individual early warnings issued by GAC members, and the ICANN public comment process on new gTLDs, as appropriate.

PICs were introduced by ICANN earlier this month as a way for applicants to voluntarily add binding commitments — for example, a promise to restrict their gTLD to a certain user base — to their registry contracts.

The idea is to let applicants craft and agree to stick to special terms they think will help them avoid receiving objections from the GAC, GAC members and others.

NTIA said that applicants should pay special attention in their PICs to helping out the “creative sector”.

Specifically, this would entail “ensuring that WHOIS data is verified, authentic and publicly accessible”.

They should also “consider providing an enforceable guaranty that the domain name will only be used for licensed and legitimate activities”, NTIA said, adding:

NTIA believes that these new tools may help in the fight against online counterfeiting and piracy and is particularly interested in seeing applicants commit to these or similar safeguards.

The PICs idea isn’t going down too well in the applicant community, judging by other submissions this week.

The Registries Stakeholder Group of ICANN, for example, says its members are feeling almost “blackmailed” into submitting PICs, saying the timing is “completely unreasonable”.

As DI noted when PICs was first announced, applicants have been given until just March 5 to submit their commitments, raising serious questions about the timetable for objections and GAC advice.

The RySG has even convened a conference call for March 4 to discuss the proposal, which it says “contains so many serious and fundamental flaws that it should be withdrawn in
its entirety”.