Latest news of the domain name industry

Recent Posts

.hotel losers gang up to threaten ICANN with legal bills

Kevin Murphy, August 30, 2016, Domain Registries

The six losing applicants for the .hotel new gTLD are collectively threatening ICANN with a second Independent Review Process action.

Together, they this week filed a Request for Reconsideration with ICANN, challenging its decision earlier this month to allow the Afilias-owned Hotel Top Level Domain Sarl application to go ahead to contracting.

HTLD won a controversial Community Priority Evaluation in 2014, effectively eliminating all rival applicants, but that decision was challenged in an IRP that ICANN ultimately won.

The other applicants think HTLD basically cobbled together a bogus “community” in order to “game” the CPE process and avoid an expensive auction.

Since the IRP decision, the six other applicants — Travel Reservations, Famous Four Media, Radix, Minds + Machines, Donuts and Fegistry — have been arguing that the HTLD application should be thrown out due to the actions of Dirk Krischenowski, a former key executive.

Krischenowski was found by ICANN to have exploited a misconfiguration in its own applicants’ portal to download documents belonging to its competitors that should have been confidential.

But at its August 9 meeting, the ICANN board noted that the timing of the downloads showed that HTLD could not have benefited from the data exposure, and that in any event Krischenowski is no longer involved in the company, and allowed the bid to proceed.

That meant the six other applicants lost the chance to win .hotel at auction and/or make a bunch of cash by losing the auction. They’re not happy about that.

It doesn’t matter that the data breach could not have aided HTLD’s application or its CPE case, they argue, the information revealed could prove a competitive advantage once .hotel goes on sale:

What matters is that the information was accessed with the obvious intent to obtain an unfair advantage over direct competitors. The future registry operator of the .hotel gTLD will compete with other registry operators. In the unlikely event that HTLD were allowed to operate the .hotel gTLD, HTLD would have an unfair advantage over competing registry operators, because of its access to sensitive business information

They also think that HTLD being given .hotel despite having been found “cheating” goes against the spirit of application rules and ICANN’s bylaws.

The RfR (pdf) also draws heavily on the findings of the IRP panel in the unrelated Dot Registry (.llc, .inc, etc) case, which were accepted by the ICANN board also on August 9.

In that case, the panel suggested that the board should conduct more thorough, meaningful reviews of CPE decisions.

It also found that ICANN staff had been “intimately involved” in the preparation of the Dot Registry CPE decision (though not, it should be noted, in the actual scoring) as drafted by the Economist Intelligence Unit.

The .hotel applicants argue that this decision is incompatible with their own IRP, which they lost in February, where the judges found a greater degree of separation between ICANN and the EIU.

Their own IRP panel was given “incomplete and misleading information” about how closely ICANN and the EIU work together, they argue, bringing the decision into doubt.

The RfR strongly hints that another IRP could be in the offing if ICANN fails to cancel HTLD application.

The applicants also want a hearing so they can argue their case in person, and a “substantive review” of the .hotel CPE.

The HTLD application for .hotel is currently “On Hold” while ICANN sorts through the mess.

.web auction to go ahead after ICANN denies Donuts/Radix appeal

The new gTLD .web seems set to go to auction next week after ICANN rejected an 11th-hour delay attempt by two applicants.

ICANN’s Board Governance Committee said yesterday that there is no evidence that applicant Nu Dot Co has been taken over by a deep-pocketed third party.

The BGC therefore rejected Donuts’ and Radix’s joint attempt to have the July 27 “last resort” auction delayed.

Donuts and Radix had argued in a Request for Reconsideration earlier this week that Nu Dot Co has changed its board of directors since first applying for .web, which would oblige it to change the application.

Its failure to do so meant they auction should be delayed, they said.

They based their beliefs on an email from NDC director Jose Ignacio Rasco, in which he said one originally listed director was no longer involved with the application but that “several others” were.

There’s speculation in the contention set that a legacy gTLD operator such as Verisign or Neustar might now be in control of NDC.

But the BGC said ICANN had already “diligently” investigated these claims:

in response to the Requesters’ allegations, ICANN did diligently investigate the claims regarding potential changes to Nu Dot’s leadership and/or ownership. Indeed, on several occasions, ICANN staff communicated with the primary contact for Nu Dot both through emails and a phone conversation to determine whether there had been any changes to the Nu Dot organization that would require an application change request. On each occasion, Nu Dot confirmed that no such changes had occurred, and ICANN is entitled to rely upon those representations.

ICANN staff had asked Rasco via email and then telephone whether there had been any changes to NDC’s leadership or control, and he said there had not.

He is quoted by he BGC as saying:

[n]either the ownership nor the control of Nu Dotco, LLC has changed since we filed our application. The Managers designated pursuant to the company’s LLC operating agreement (the LLC equivalent of a corporate Board) have not changed. And there have been no changes to the membership of the LLC either.

The RfR has therefore been thrown out.

Unless further legal action is taken, the auction is still scheduled for July 27. The deadline for all eight applicants (seven for .web and one for .webs) to post deposits with ICANN passed on Wednesday.

As it’s a last resort auction, all funds raised will go into an ICANN pot, the purpose of which has yet to be determined. The winning bid will also be publicly disclosed.

Had the contention set been settled privately, all losing applicants would have made millions of dollars of profit from their applications and the price would have remained a secret.

NDC is the only applicant refusing to go to private auction.

The applicants for .web are NDC, Radix, Donuts, Schlund, Afilias, Google and Web.com. Vistaprint’s bid for .webs is also in the auction.

The RfR decision can he read here (pdf).

Donuts joins fight to delay .web gTLD auction with emergency appeal

Donuts and Radix have filed an “emergency” appeal with ICANN in an attempt to get the forthcoming auction for the .web gTLD delayed.

The companies, both of which have applied for .web, say they have evidence that one of their rival bidders recently changed ownership without telling ICANN, in breach of application rules.

They filed a Request for Reconsideration (pdf) with ICANN (pdf) on Sunday, demanding the delay and an investigation into whether Nu Dot Co LLC is under new control.

The move follows speculation, which we reported last week, that Nu Dot Co is now being controlled by a major legacy gTLD registry player such as Verisign.

The evidence for the the change of ownership comes to light for the first time in the RfR. It’s an email from Nu Dot Co director Jose Ignacio Rasco to Donuts dated June 7. It reads:

Nicolai is at NSR full time and no longer involved with our TLD applications. I’m still running our program and Juan sits on the board with me and several others.

“Nicolai” is Nicolai Bezsonoff, who is listed as an NDC director in its .web application. NSR is presumably Neustar, where Bezsonoff went to work when it acquired .CO Internet.

“Juan” is Juan Calle, the third NDC director, CEO, and former CEO of .CO Internet.

Donuts and Radix believe that Bezsonoff’s departure and the apparent appointment of the unnamed “several others” as NDC directors gave NDC the obligation, under Applicant Guidebook rules, to inform ICANN of the changes.

The Guidebook states:

If at any time during the evaluation process information previously submitted by an applicant becomes untrue or inaccurate, the applicant must promptly notify ICANN via submission of the appropriate forms. This includes applicant-specific information such as changes in financial position and changes in ownership or control of the applicant.

(With that in mind, one wonders whether the acquisition of .blog at auction was strictly legit).

Donuts and Radix now want ICANN to delay the “last resort” auction, which is currently slated for July 27, and “conduct a thorough and transparent investigation into the apparent discrepancies and/or changes in NDC’s .WEB/.WEBS application”.

NDC is believed to be the only one of the eight .web/.webs applicants to be refusing to settle the contention set via a private auction, where the losers get an equal share of the winning bid.

If the set goes to ICANN’s last-resort auction, ICANN gets all the cash.

The final price of .web could easily be in the ball park of $50 million, so each applicant stands to lose several million dollars if the July 27 auction goes ahead as planned.

Radix and fellow .web applicant Schlund had previously written to ICANN to request the delay, but were rebuffed in a letter last week.

The decision outlined in that letter is what the new RfR challenges.

RfRs have a long track record of being dismissed by ICANN’s Board Governance Committee, very often because the requester has not supplied ICANN with any new information with which to change its mind.

That’s a risk here, too, given that ICANN seems to have been in possession of the Rasco email since June 22, before decision to go ahead with the auction was made.

However, that decision seems to have been made by ICANN staff. An RfR makes sure it gets the attention of the ICANN board of directors.

Radix joins the Hollywood content police

Radix has become the second major gTLD registry to announce a content policing deal with the movie industry.

It today said it has signed an agreement with the Motion Picture Association of America similar to the one Donuts announced in February.

Like Donuts, Radix will treat the MPAA as a “trusted notifier” for the purposes of taking down “large-scale pirate websites”.

Radix said the deal “imposes strict standards for such referrals, including that they be accompanied by evidence of clear and pervasive copyright infringement, and a representation that the MPAA has first attempted to contact the registrar and hosting provider for resolution.”

Donuts described its notifier program in this document (pdf). Radix said its arrangement is “similar”.

The Donuts-MPAA deal proved somewhat controversial.

The Electronic Frontier Foundation invoked the slippery slope argument, saying of it:

The danger in agreements like this is that they could become a blanket policy that Internet users cannot avoid. If what’s past is prologue, expect to see MPAA and other groups of powerful media companies touting the Donuts agreement as a new norm, and using it to push ICANN and governments towards making all domain name registries disable access to an entire website on a mere accusation of infringement.

The EFF said these kinds of deals could ultimately lead to legal freedom of speech being curtailed online.

We’re not quite there yet — right now we have two gTLD registries (albeit covering over 200 gTLDs) and one trusted notifier — but I expect more similar deals in future, branching out into different industries such as music and pharamaceuticals.

The deals stem in part from the Domain Name Association’s Healthy Domains Initiative, which aims to avoid ICANN/government regulation by creating voluntary best practices for the industry.

The advantage of a voluntary arrangement is that there’s no risk of a terminal sanction — such as losing your registry contract — if you fail to live up to its terms.

Radix’s portfolio includes .website, .space, .online and .tech. It’s also a .music and .web applicant.

Donuts wins .doctor

Donuts has emerged the victor of the .doctor gTLD contention set.

Competing applicants Radix and The Medical Registry both withdrew their applications last week.

The string wasn’t due to head to its ICANN last-resort auction until May 25, indicating that the contention set was settled privately.

.doctor has been the subject of some controversy.

ICANN’s Governmental Advisory Committee had insisted that .doctor should be reserved purely for licensed medical doctors.

Donuts had complained that this would rule out use by any of the myriad other types of doctor, as well as registrants using “doctor” in a fanciful sense (like “rug doctor” or “PC doctor”).

ICANN initially accepted the GAC advice, but changed its mind this February, declining to impose such restrictive language on .doctor’s contractual Public Interest Commitments.

So it seems that .doctor will be generally unrestricted.

Donuts will have to sign up to the standard “Category 1” PICs, which require the registry to work with relevant regulatory bodies, however.

Radix targets a million .online names in 2-3 years

Kevin Murphy, August 27, 2015, Domain Registries

Having just finished the most-successful new gTLD launch day to date, Radix Registry reckons it can get .online to seven figures in two to three years.

“We’re at 37,170 names as of an hour ago,” Radix CEO Bhavin Turakhia told DI at about 1000 UTC this morning.

That represents less than a full day of general availability. The company said last night that 28,000 names were registered in the first 30 minutes.

UPDATE: At the 24-hour mark, Radix tweeted this:

That beats .club’s 25,000-ish, which was Radix’s publicly stated goal, but it also tops .berlin’s 31,000 first-day names.

The CEOs of both these rival registries had publicly predicted their positions would be toppled and actively encouraged Radix to claim the crown.

Turakhia said that the majority of names registered came from pre-orders, largely at 1&1.

“Fourteen thousand names came from 1&1, 6,000 from Go Daddy, 2,700 from United Domains, 1,900 from Name.com and 1,400 from Tucows,” he said, partially breaking down the 37,170 figure by registrar.

He said the goal is to have a .online zone measured in the millions of names.

“I estimate that we should be able to get to a million names in a period of two to three years,” he said. “That’s on a conservative basis.”

Depending on how you count domains, .xyz may have already been the first to hit one million. Its zone never got as high as a million names, but it may have briefly crossed a million in terms of domains under management earlier this year.

At auction, .online sold for what is believed to be an eight-figure sum, originally to a joint venture of Radix, Tucows and Namecheap.

Radix bought out its partners earlier this year.

That was an increase in risk exposure Radix business head Sandeep Ramchandani said made him nervous. He said launch day’s numbers show .online’s potential.

Turahkhia said that there are 680,000 names in the .com zone that end in “online” today, and a million that have “online” somewhere in the second level, showing that the string is desirable to registrants.

Radix said last night that its Early Access Period — during which names are sold for a higher price — ended with 1,130 sales.

Turahkhia said that of these, about 1,000 were registered in the last three days, during which time the price was $100. Regular .online pricing is around the same as .com ($14.99 at 1&1 and Go Daddy), but some registrars are selling for as much at $50.

Radix targets 25,000 names for .online’s first day

Kevin Murphy, August 18, 2015, Domain Registries

Radix Registry reckons .online will move at least 15,000 domains in its first day of general availability, but it’s aiming higher.

“We are confident .online will be amongst the biggest new gTLDs that have launched,” Radix business head Sandeep Ramchandani said in a press release today.

“The same sentiment across several Registrar Partners has reinforced our beliefs. We expect to start off with at least 15,000 registrations at launch and would love to break .club’s launch record,” he said.

When .CLUB Domains launched .club in 2014, its zone file showed over 25,000 domains after the first 10 hours.

Radix is basing its projections not only on its registrar conversations, but also on .online’s sunrise period, which ended yesterday with 775 sales.

That number is of course low by pre-2012 standards, but it’s in the top tier of sunrise periods for non-controversial new gTLDs.

The only strings to top 1,000 names to date have been ICM Registry’s .porn and .adult and Vox Populi’s .sucks.

.CLUB’s sunrise weighed in at 454 domains.

Radix had better hope .online is successful — the gTLD sold for seven or eight figures at private auction.

The gTLD will go to its Early Access Period tomorrow before settling down to regular pricing August 26.

New gTLD phishing still tiny, but .xyz sees most of it

New gTLDs are not yet being widely used to carry out phishing runs, but most such attacks are concentrated in .xyz.

That’s one of the conclusions of the Anti-Phishing Working Group, which today published its report for the second half of 2014.

Phishing was basically flat in the second half of the year, with 123,972 recorded attacks.

The number of domains used to phish was 95,321, up 8.4% from the first half of the year.

However, the number of domains that were registered maliciously in order to phish (as opposed to compromised domains) was up sharply — by 20% to 27,253 names.

In the period, 272 TLDs were used, but almost 54% of the attacks used .com domains. In terms of maliciously registered domains, .com fared worse, with over 62% share.

According to APWG, 75% of maliciously registered domains were in .com, .tk, .pw, .cf and .net.

Both .tk and .cf are Freenom-administered free ccTLDs (for Tokelau and the Central African Republic) while low-cost .pw — “plagued” by Chinese phishers — is run by Radix for Palau.

New gTLDs accounted for just 335 of the maliciously registered domains — 1.2% of the total.

That’s about half of what you’d expect given new gTLDs’ share of the overall domain name industry.

Twenty-four new gTLDs had malicious registrations, but .xyz saw most of them. APWG said:

Almost two-thirds of the phishing in the new gTLDs — 288 domains — was concentrated in the .XYZ registry. (Of the 335 maliciously registered domains, 274 were in .XYZ.) This is the first example of malicious registrations clustering in one new gTLD, and we are seeing more examples in early 2015.

XYZ.com aggressively promoted cheap or free .xyz names during the period, but APWG said that only four .xyz phishing names were registered via freebie partner Network Solutions.

In fact, APWG found that most of its phishing names were registered via Xin Net and used to attack Chinese brands.

But, normalizing the numbers to take account of different market shares, .xyz shapes up poorly when compared to .com and other TLDs, in terms of maliciously registered domains. APWG said:

XYZ had a phishing-per-10,000-domains score of 3.6, which was just slightly above the average of 3.4 for all TLDs, and lower than .COM’s score of 4.7. Since most phishing domains in .XYZ were fraudulently registered and most in .COM compromised, .XYZ had a significantly higher incidence of malicious domain registrations per 10,000 coming in at 3.4 versus 1.4 for .COM.

APWG said that it expects the amount of phishing to increase in new gTLDs as registries, finding themselves in a crowded marketplace, compete aggressively on price.

It also noted that the amount of non-phishing abuse in new gTLDs is “much higher” than the phishing numbers would suggest:

Tens of thousands of domains in the new gTLDs are being consumed by spammers, and are being blocklisted by providers such as Spamhaus and SURBL. So while relatively few new gTLD domains have been used for phishing, the total number of them being used maliciously is much higher.

The number of maliciously registered domains containing a variation on the targeted brand was more or less flat, up from 6.6% to 6.8%.

APWG found that 84% of all phishing attacks target Chinese brands and Chinese internet users.

The APWG report can be downloaded here.

UPDATE: XYZ.com CEO Daniel Negari responded to the report by pointing out that phishing attacks using .xyz have a much shorter duration compared to other TLDs, including .com.

According to the APWG report, the average uptime of an attack using .xyz is just shy of 12 hours, compared to almost 28 hours in .com. The median uptime was a little over six hours in .xyz, compared to 10 hours in .com.

Negari said that this was due to the registry’s “aggressive detection and takedowns”. He said XYZ has three full-time employees devoted to handling abuse.

Tucows and Namecheap exit $14m .online deal

Tucows and Namecheap have both pulled out of their joint venture with Radix to run the .online registry.

Tucows revealed the move, which will see Radix run .online solo, in a press release yesterday.

Both Tucows and Namecheap are registrars, whereas Radix is pretty much focused on being a registry nowadays.

While financial terms have not been disclosed, Tucows CEO Elliot Noss had previously said that each of the three companies had funded the new venture to the tune of $4 million to $5 million.

I estimate that this puts the total investment in the deal — which includes the price of winning .online at auction — at $13 million to $14 million.

Noss has also hinted that the gTLD sold for much more than the $6.8 million paid for .tech.

.online has not yet been delegated.

.blog won in eight-figure auction by Primer Nivel

Kevin Murphy, February 16, 2015, Domain Registries

A Colombian registrar has become the unlikely owner of the coveted .blog new gTLD, beating eight other applicants to the string at auction.

Winning bidder Primer Nivel is a Panamanian company affiliated with Bogota-based CCI REG, which runs my.co.

The company was the first to reveal its plans to apply for .blog, telling DI back in April 2012 about its ambitions of the gTLD.

Rival bidders Radix, Minds + Machines, Donuts, Afilias, Merchant Law Group, BET, Google and Top Level Design all withdrew their applications over the weekend.

We’re certainly looking at an eight-figure sale here.

Kieren McCarthy, writing at The Register, reckons it went for $30 million or more, based on the fact that M+M got $3.4 million for withdrawing from .blog and .store auctions, but his back-of-the-envelope calculations are off-target for a few reasons.

Knowledgeable DI sources say the sale price was considerably lower than $30 million.

My envelope puts it at somewhere in the range of $15 million to $18 million.

I’ve always said .blog is among my favorite new gTLD strings. The market opportunity is potentially huge, with hundreds of millions of blogs live on the web today.

Primer Nivel, which to the best of my knowledge is not (unlike some other applicants) affiliated with a particular blogging platform, plans to operate .blog as an open gTLD.

The separate auction for .store, meanwhile, was won by Radix, after withdrawals from M+M, Donuts, Amazon, Google, Dot Store and Uniregistry this weekend.