Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
NTIA fights Big Content’s corner, tells ALL new gTLD applicants to submit PICs
The National Telecommunications and Information Administration said today that all new gTLD applicants, even those that have not already been hit by government warnings, should submit Public Interest Commitments to ICANN.
In a rare comment sent to an ICANN public forum today, the NTIA suggested that applicants should use the process to help combat counterfeiting and piracy.
The agency, the part of the US Department of Commerce that oversees ICANN and participates in its Governmental Advisory Committee, said (emphasis in original):
NTIA encourages all applicants for new gTLDs to take advantage of this opportunity to address the concerns expressed by the GAC in its Toronto Communique, the individual early warnings issued by GAC members, and the ICANN public comment process on new gTLDs, as appropriate.
PICs were introduced by ICANN earlier this month as a way for applicants to voluntarily add binding commitments — for example, a promise to restrict their gTLD to a certain user base — to their registry contracts.
The idea is to let applicants craft and agree to stick to special terms they think will help them avoid receiving objections from the GAC, GAC members and others.
NTIA said that applicants should pay special attention in their PICs to helping out the “creative sector”.
Specifically, this would entail “ensuring that WHOIS data is verified, authentic and publicly accessible”.
They should also “consider providing an enforceable guaranty that the domain name will only be used for licensed and legitimate activities”, NTIA said, adding:
NTIA believes that these new tools may help in the fight against online counterfeiting and piracy and is particularly interested in seeing applicants commit to these or similar safeguards.
The PICs idea isn’t going down too well in the applicant community, judging by other submissions this week.
The Registries Stakeholder Group of ICANN, for example, says its members are feeling almost “blackmailed” into submitting PICs, saying the timing is “completely unreasonable”.
As DI noted when PICs was first announced, applicants have been given until just March 5 to submit their commitments, raising serious questions about the timetable for objections and GAC advice.
The RySG has even convened a conference call for March 4 to discuss the proposal, which it says “contains so many serious and fundamental flaws that it should be withdrawn in
its entirety”.
Big Content issues gTLD lock-down demands
Twenty members of the movie, music and games businesses have asked ICANN to impose strict anti-piracy rules on new top-level domains related to their industries.
In a position statement, “New gTLDs Targeting Creative Sectors: Enhanced Safeguards”, the groups say that such gTLDs are “fraught with serious risks” and should be controlled more rigorously than other gTLDs.
“If new gTLDs targeted to these sectors – e.g., .music, .movies, .games – are launched without adequate safeguards, they could become havens for continued and increased criminal and illegal activity,” the statement says.
It goes on to make seven demands for regulations covering Whois accuracy, enforced anti-piracy policies, and private requests for domain name take-downs.
The group also says that the content industries should be guaranteed “a seat at the table” when these new gTLD registries make their policies.
The statement is directed to ICANN, but it also appears to address the Governmental Advisory Committee, which has powers to object to new gTLD applications:
In evaluating applications for such content-focused gTLDs, ICANN must require registry operators (and the registrars with whom they contract) to implement enhanced safeguards to reduce these serious risks, while maximizing the potential benefits of such new domains.
Governments should use similar criteria in the exercise of their capability to issue Early Warnings, under the ICANN-approved process, with regard to new gTLD applications that are problematic from a public policy or security perspective.
The statement was sent to ICANN by the Coalition for Online Accountability, which counts the American Society of Composers, Authors and Publishers, the Motion Picture Association of America, the Recording Industry Association of America and Disney among its members.
It was separately signed by the many of the same groups that are supporting Far Further’s .music application, including the American Association for Independent Music and the International Federation of the Phonographic Industry.
RIAA backs .music new gTLD bid
The Recording Industry Association of America has picked a side. It’s supporting Far Further’s application for the .music generic top-level domain, according to the company.
The RIAA is one of over a dozen music industry groups that are currently listed as supporters of the Far Further bid.
Among them is the influential International Federation of Phonographic Industries and The Recording Academy, which hands out the Grammys.
The support was hard won, according to Far Further president John Styll.
“The RIAA put together a loose coalition of organizations from sectors from around the world and ran a pretty intensive RFI process,” he said.
The company beat off competition from several other respondents and received word that the RIAA would support its .music application a few months ago, he said.
It’s been clear for some time that any .music applicant that does not have the backing of the RIAA will very likely get beaten up by the notoriously protective organization instead.
The RIAA wrote to the US Department of Commerce last August to demand that any music-themed gTLD should implement “heightened security measures” to prevent copyright infringement.
And that’s pretty much what Far Further has promised.
Its .music would be restricted, along the same lines as gTLDs such a .pro, to card-carrying members of what the company calls “accredited Global Music Community Members”.
“It’s not open to everyone,” Styll said. “You’d have to join an organization.”
Amateur bands would have to be members of an accredited songwriters association to get a .music address, for example.
In addition, the content of .music web sites would be policed in a similar way to .xxx or .cat, with regular spidering to ensure the content does not break the rules.
“We’re definitely looking at content, and besides the vetting process, in the registrant agreement there’ll be a warrant you’re not going to violate anyone’s intellectual property rights,” said Styll.
“We’re retaining the right to conduct searches,” he said. “If we find evidence of infringing activity we’ll give you the opportunity to correct that, or we can take down the site.”
Far Further is not the only known .music applicant, of course.
Constantine Roussos of Music.us and MyTLD has been passionately campaigning for the gTLD for years, and his enthusiasm has not waned even if his chances have.
“We’re still going after .music,” he confirmed yesterday. He added that he expects it to be a two-horse race, given these recent developments.
Make no mistake, with backing from the RIAA and other influential industry groups Far Further is now the runaway favorite in the battle for .music. Roussos has quite a fight on his hands.
DomainIncite PRO subscribers can read more about it here.
.xxx to tackle piracy, child abuse and censorship
The International Foundation For Online Responsibility, the policy oversight group for .xxx domains, says it wants to help fight piracy, child abuse material and internet censorship.
Those are the three priorities to emerge from IFFOR’s inaugural two-day meeting last month, according to the organization. It has set up three working groups to look at the issues.
On filtering, a pretty hot topic given the various pieces of copyright-related legislation currently under consideration in the US and elsewhere, IFFOR said:
The filtering working group will review the state of global filtering laws, regulations and plans with a view to educating legislators and others about the advantages and effectiveness of user-defined filtering as opposed to mandated filtering or blocking at the ISP or router-level.
While there’s yet to be a proven case of an entire nation blocking .xxx domains, some countries have said they are considering it and I’ve heard several anecdotal cases of companies blocking the TLD.
IFFOR also said wants to find a way to help combat piracy “that can work across the entire dot-xxx registry” and is looking at both technical and legal measures.
The child abuse imagery working group, headed by veteran cyber-cop Sharon Girling, plans to work with existing third-party organizations on reporting and policy-making.
All three goals are self-evidently noble. Whether IFFOR will be able to make a noticeable impact on any will of course depend on what policies its working groups come up with.
IFFOR’s Policy Council comprises nine members: five from the porn industry, a free speech advocate, a child protection advocate, a security expert and an ICM Registry representative.
Pirates set up domain seizure workaround
Movie and music pirates are setting up alternative DNS services to help users work around the government seizure of domain names.
A new service, BlockAid.me, launched an open beta at the end of September. It’s currently being promoted prominently on at least one major movie/music/games-sharing site.
The site encourages internet users to reconfigure their computers to use BlockAid’s DNS servers. That way, if a domain name used by a piracy web site is seized by law enforcement, BlockAid will be able to direct surfers to the original owner’s IP address more or less transparently.
This is exactly what the experts predicted would happen.
Ever since the US Immigration and Customs Enforcement agency started seizing domain names associated with pirated content and US politicians have been discussing legislation to streamline the process, workarounds have been expected.
In May, DNS experts including Paul Vixie, Dan Kaminsky and now-ICANN chair Steve Crocker said that the Protect-IP Act in the US would persuade many users to switch to offshore DNS servers.
They warned that this would lead to a rise in cybercrime against consumers, as disreputable or insecure DNS providers send surfers to spoofs of banks and other sensitive sites.
While there’s no reason to believe the BlockAid project has this kind of nefarious activity in mind, if the idea catches on it’s probably inevitable that a similar service operated by crooks will emerge eventually.
Amusingly, BlockAid’s web site says that it may financially support itself in future by showing ad-laden web pages instead of returning NXDOMAIN errors, a much-criticized money-making tactic many ISPs already use.
Note also that the .me registry is managed by Afilias, a heavily US-based company, which likely makes BlockAid.me just as vulnerable to seizure as any .com address.
Big Content calls for government new gTLD oversight
The music, movie and advertising industries have backed a US move that could see governments getting more control over the approval of new top-level domains.
They’ve urged the National Telecommunications and Information Administration to keep a proposed rule that would force ICANN to show a new gTLD is in the “global public interest” before giving it the nod.
But they are opposed by many other stakeholders who responded to the NTIA’s Further Notice Of Inquiry on the renewal of ICANN’s IANA contract.
The FNOI resulted in about 35 responses, from companies and organizations on five continents.
The most controversial question posed by the NTIA was whether the IANA contract should include this provision:
For delegation requests for new generic TLDS (gTLDs), the Contractor [ICANN] shall include documentation to demonstrate how the proposed string has received consensus support from relevant stakeholders and is supported by the global public interest.
This was broadly interpreted as a way for governments to have a de facto veto over new gTLD applications, via ICANN’s Governmental Advisory Committee.
The proposed measure has now been supported by the Recording Industry Association of America, the Association of National Advertisers, and the Coalition for Online Accountability, which represents the music and movie industries.
Brand owners want another bite
In his strongly worded response, ANA president Robert Liodice wrote that the new gTLD program “is likely to cause irreparable injury to brand owners”, adding that it supported the NTIA’s proposal.
[It] provides a layer, however thin, of contractual protection that gTLDs will not be deposited to the authoritative root zone without appropriate justification. While the ANA believes that these protections are marginal at best, and that a more secure, safe and permanent solution must be found to prevent the harms to brand owners and consumers described above; nonetheless, “something is better than nothing”
Special interests
The RIAA said in its filing that it “strongly supports” the proposal, on the basis that it thinks .music, if approved as a gTLD, could lead to more online music piracy.
there are no concrete obligations in the latest application guidebook to implement heightened security measures for these types of gTLDs that are focused on particular industries such as record music. Given the the risk that such a gTLD application could pass through the ICANN process without committing to such measures, it should be incumbent on the IANA contractor to document how its entry into the root would meet the “global public interest” standard.
It’s a drum the RIAA, never afraid of making special-interest arguments on matters of internet governance, has been beating for some time.
It stopped short of asking for all existing TLDs (and IP addresses, in the case of peer-to-peer applications) to be banned outright, which would presumably do much more to prevent piracy.
Oh no you ditn’t!
The COA, which includes the RIAA among its members, has the honor of being the first of ICANN’s critics to raise the Peter Dengate Thrush Situation to officially bash the organization.
PDT, as you’ll recall, joined Minds + Machines, likely to be a volume gTLD applicant next year, just a few weeks after he helped push through ICANN’s approval of the gTLD program.
COA counsel Steve Metalitz wrote:
This development tends to confirm COA’s view that “the new gTLD process, like so much of ICANN’s agenda, has been ‘led’ by only a small slice of the private sector, chiefly the registrars and registries who stand to profit from the introduction of new gTLDs.”
…
If a “check and balance” on addition of these new gTLDs to the root was advisable prior to this announcement, it now appears to be indispensable.
Plenty of ICANN stakeholders on both sides of the new gTLD debate have been calling for a review of ICANN’s ethics policies recently, so the COA is far from alone in highlighting the perception problem PDT’s move, and others, may have created.
It looked dodgy, and people noticed.
But on the other hand…
Many responses to the FNOI take the opposing view – saying that the “global public interest” requirements appear to run contrary to IANA’s technical coordination mandate.
IANA’s statement of work, which mandates IANA staff independence from ICANN policy-making, seems like a very odd place to introduce a vague and highly policy-driven oversight check.
Opposition came from the gTLD registry community and likely applicants, as you might expect, as well as from a number of ccTLD operators, which was perhaps less predictable.
A typical response, from the ccNSO, was:
While recognising and supporting the need for ensuring that new gTLDs have consensus support and are consistent with the global public interest, the ccNSO suggests that the IANA contractor’s role should simply be to verify that ICANN has followed the Guidebook process and that all the evaluation criteria (not just the two referred to) have been met.
A number of responses also call for the strict separation of IANA staff from ICANN’s policy-making functions to be relaxed. The way the NTIA’s proposal is currently worded, it’s not clear if IANA’s experts would be able to provide their input to important work.
How Protect IP will get you hacked
The collection of DNS experts opposing the Protect IP Act today held a press conference to outline exactly why the proposed US piracy protection legislation is dangerous.
Protect IP, currently making its may through Congress, would force ISPs to intercept and redirect domain name look-ups for proscribed piracy sites.
It’s the latest in a series of attempts by the IP lobby to push through legislation aimed at curbing the widespread bootlegging of digital content such as music and movies.
But ICANN chair Steve Crocker, DNS uber-hacker Dan Kaminsky, David Dagon of Georgia Tech, VeriSign’s Danny McPherson and BIND supremo Paul Vixie all think the Act will have unintended and dangerous consequences.
They published a white paper explaining their concerns in May, which I wrote about here, and today ramped up the campaign by talking to reporters in Washington, DC.
Here’s the problem as they see it:
Today, the vast majority of internet users take the default DNS service from their ISP. Usually, the servers are configured automatically when you’re installing the ISP’s software.
Many users are also aware of alternative DNS providers such as Google and OpenDNS. Whatever you think of these services, you can be pretty confident they’re not out to steal your identity.
What Crocker et al are worried about is that content pirates will set up services similar to OpenDNS in order to enable users to visit domains that are blocked by Protect IP in their country.
Users can configure such a service in just 30 seconds, with a single click, the experts said. If they want access to the latest movies and music, they may do so without considering the consequences.
But if you sign up to use a DNS server provided by a bunch of movie pirates, you don’t necessarily have the same reassurances you have with OpenDNS or Google.
You’re basically signing up to pass all your domain name look-up data to proven rogues, what Kaminsky referred to during the press conference as “unambiguously bad guys”.
These bad guys may well direct you to the correct server for the Pirate Bay, but they may also hand you over to a spoof web site when you try to visit your bank.
You’ll think you’re looking at your bank’s site, and your computer will think it got a genuine IP address in response to its DNS query, but you’re really handing your login credentials to a crook.
DNS blocking already takes place with respect to content such as child pornography, of course, but it has not to date created a huge reaction with millions of users taking their DNS overseas.
“The scale of the reaction is what we fear,” Kaminsky said. Vixie added: “To the extent that the content is extremely popular the bypass mechanisms will also be popular.”
The measures proposed by Protect IP would also break DNSSEC, but that’s still pretty much pie-in-the-sky stuff, so the press conference did not spend much time focusing on that.
ICE seizes more piracy domains
The US Immigration and Customs Enforcement agency has seized a small number of domain names that were allegedly being used to distribute bootleg movies and other goods.
But the number of domains falling to Operation In Our Sites in the latest round appears to be smaller than reported over the weekend by TorrentFreak.
The newly seized domains seem to be watchnewfilms.com, mygolfaccessory.com and re1ease.net.
Another half-dozen domains reportedly grabbed within the last few days were actually seized last November, as part of ICE’s major Thanksgiving crackdown.
The false positives were likely spotted because the domains recently changed name servers to ICE’s seizedservers.com, but this appears to be due to a domain management issue, rather than a fresh seizure.
ICE domain seizures enter second phase
The US Immigration & Customs Enforcement agency seems to be consolidating its portfolio of seized domain names by transferring them to its own registrar account.
Many domains ICE recently seized at the registry level under Operation “In Our Sites” have, as of yesterday, started naming the agency as the official registrant in the Whois database.
ICE, part of the Department of Homeland Security, has collected over 100 domains, most of them .coms, as part of the anti-counterfeiting operation it kicked off with gusto last November.
The domains all allegedly either promoted counterfeit physical goods or offered links to bootleg digital content.
At a technical level, ICE originally assumed control of the domains by instructing registries such as VeriSign, the .com operator, to change the authoritative name servers for each domain to seizedservers.com.
All the domains pointed to that server, which is controlled by ICE, resolve to a web server displaying the same image:
(The banner, incidentally, appears to have been updated this month. If clicked, it now sends visitors to this anti-piracy public service announcement hosted at YouTube.)
Until this week, the Whois record associated with each domain continued to list the original registrant – a great many of them apparently Chinese – but ICE now seems to be consolidating its portfolio.
As of yesterday, a sizable chunk — but by no means all — of the seized domains have been transferred to Network Solutions and now name ICE as the registrant in their Whois database records.
Rather than simply commandeering the domains, it appears that ICE now “owns” them too.
But ICE has already allowed one of its seizures to expire. The registration for silkscarf-shop.com expired in March, and it no longer points to seizedservers.com or displays the ICE piracy warning.
The domain is now listed in Redemption Period status, meaning it is starting along the road to ultimately dropping and becoming available for registration again.
Interestingly, most of the newly moved domains appear to have been transferred into NetSol from original registrars based in China, such as HiChina, Xin Net and dns.com.cn.
After consulting with a few people more intimately familiar with the grubby innards of the inter-registrar transfer process than I am, I understand that the names could have been moved without the explicit intervention of either registrar, but that it would not be entirely unprecedented if the transfers had been handled manually under the authority of a court order.
If I find out for sure, I’ll provide an update.
Plug-in works around seized domains
Disgruntled coders have come up with a new Firefox plug-in to help people find piracy web sites after their domain names are seized by the authorities.
MAFIAA-Fire hooks into the browser, checking DNS queries against a list supplied by the developers, to see if the name corresponds to a seized domain.
If it does, the browser is redirected to an approved mirror. If it does not, the DNS query is handled as normal through the browser’s regular resolvers.
The plug-in was created in response to the seizure of domain names alleged to be involved in distributing bootleg movies, music and software.
The US Immigration and Customs Enforcement agency has been sending court-ordered take-down notices to US-based registry operators such as VeriSign for the last several months.
Some sites immediately relocate to top-level domains outside of US jurisdiction. MAFIAA-Fire is designed to make the process of finding these new sites easier.
As the plug-in site acknowledges, if any fraudulent data were to make its way onto its manually-authenticated list of domains, it could cause a security problem for end users.
MAFIAA stands for “Music and Film Industry Association of America”, a corruption of RIAA and MPAA. The “Fire” suffix comes from the fact that fire melts ICE.
The plug-in, which was first reported by TorrentFreak, is hosted at a .com address.
Recent Comments