Latest news of the domain name industry

Recent Posts

Looks like .music is finally on its way

The hard-fought battle for .music appears to be over.

I’m not yet in a position to tell you which of the eight applicants for the new gTLD has been successful, but I can tell you some of those who were not.

Two applicants have this week withdrawn their bids, an almost certain sign that the contention set has been privately settled.

The first applicant to ditch its bid was dot Music Ltd, an application vehicle of Domain Venture Partners (we used to call this outfit Famous Four Media, but that’s changed).

The other is .music LLC, also known as Far Further.

We can almost certainly expect all but one of the remaining applicants to withdraw their applications over the coming days.

Applicants typically sign NDAs when they settle contention privately, usually via an auction.

Far Further was one of two unsuccessful “community” applicants for .music. It had the backing of dozens of music trade groups, including the influential Recording Industry Association of America. Even Radiohead’s guitarist chipped in with his support.

Evidently, none of these groups were prepared to fund Far Further to the extent it could win the .music contention set.

The .music contention set has been held up by the continuing protestations of the other community applicant, DotMusic Limited, the company run by long-time .music cheerleader Constantinos Roussos.

After DotMusic lost its Community Priority Evaluation in 2016, on the basis that the “community” was pretty much illusory under ICANN rules, it started to complain that the process was unfair.

The applicant immediately filed a Request for Reconsideration with ICANN.

.music then found itself one of several proposed gTLDs frozen while ICANN conducted an outside review of alleged irregularities in the CPE process.

That review found no impropriety in early 2018, a verdict DotMusic’s lawyer dismissed as a “whitewash”.

It has since stalled the process several times with requests for information under ICANN’s Documentary Information Disclosure Policy, and more RfRs when those requests were denied.

But this series of appeals finally came to an end March 14, when ICANN’s board of directors finally ruled against DotMusic’s 2016 RfR.

That appears to have opened up the .music set for private resolution.

So who won? I don’t know yet, but the remaining applicants are: DotMusic itself, Google, Amazon, MMX, Donuts and Radix.

There are certainly two very deep-pocketed companies on that list. Could we be looking at Google or Amazon as the new proprietors of .music?

If either of those companies has won, prospective registrants might find they have a long wait before they can pick up a .music domain. Neither of these giants has a track record of rushing its new gTLDs to market.

If the victor is a conventional gTLD registry, we’d very probably be looking at a launch in 2019.

Yanks beat Aussies to accountancy gTLD

Kevin Murphy, February 20, 2019, Domain Registries

The contention set for .cpa has been resolved, clearing the way for a new accountancy-themed gTLD.

The winner is the American Institute of Certified Public Accountants, which submitted two bids for the string — one “community”, one vanilla, both overtly defensive in nature — back in 2012.

Its main rival, CPA Australia, which also applied on a community basis, withdrew its application two weeks ago.

Commercial registries Google, MMX and Donuts all have withdrawn their applications since late December, leaving only the two AICPA applications remaining.

This week, AICPA withdrew its community application, leaving its regular “single registrant” bid the winner.

AICPA is the US professional standards body for accountants, CPA Australia is the equivalent organization in Australia. ACIPA has 418,000 members, CPA Australia has 150,000.

Both groups failed their Community Priority Evaluations back in 2015 on the basis that their communities were tightly restricted to their own membership, and therefore too restrictive.

AICPA later amended its community application to permit CPAs belonging to non-US trade groups to register.

Both organizations were caught up in the CPE review that also entangled and delayed the likes of .music and .gay. They’ve also both appealed to ICANN with multiple Requests for Reconsideration and Cooperative Engagement Process engagements.

CPA Australia evidently threw in the towel after a December 14 resolution of ICANN’s Board Accountability Mechanisms Committee decision to throw out its latest RfR. It quit its CEP January 9.

It’s likely a private resolution of the set, perhaps an auction, occurred in December.

The winning application from AICPA states fairly unambiguously that the body has little appetite for actually running .cpa as a gTLD:

The main reasons for which AICPA submits this application for the .cpa gTLD is that it wants to prevent third parties from securing the TLD that is identical to AICPA’s highly distinctive and reputable trademark

So don’t get too excited if you’re an accountant champing at the bit for a .cpa domain. It’s going to be an unbelievably restrictive TLD, according to the application, with AICPA likely owning all the domains for years after delegation.

ICANN puts deadline on .amazon talks

Kevin Murphy, January 21, 2019, Domain Policy

ICANN’s board of directors has voted to put a March deadline on talks over the future of the .amazon gTLD.

Late last week, the board formally resolved to “make a decision” on .amazon at ICANN 64, which runs in Kobe, Japan from March 9 to March 14.

It would only do so if Amazon the e-commerce giant and the eight governments of the Amazon Cooperation Treaty Organization fail to come to a “mutually agreed solution” on their differences before then.

CEO Goran Marby is instructed to facilitate these talks.

Here are the relevant resolved clauses from the resolution:

Resolved (2019.01.16.03), the Board hereby reiterates that Resolution 2018.10.25.18 was taken with the clear intention to grant the President and CEO the authority to progress the facilitation process between the ACTO member states and the Amazon corporation with the goal of helping the involved parties reach a mutually agreed solution, but in the event they are unable to do so, the Board will make a decision at ICANN 64 on the next steps regarding the potential delegation of .AMAZON and related top-level domains.

Resolved (2019.01.16.04), the Board encourages a high level of communication between the President and CEO and the relevant stakeholders, including the representatives of the Amazonian countries and the Amazon corporation, between now and ICANN 64, and directs the President and CEO to provide the Board with updates on the facilitation process in anticipation of revisiting the status of the .AMAZON applications at its meeting at ICANN64.

The vote came following ACTO’s demand that ICANN reverse its decision to take .amazon, and Chinese and Japanese translations, off their “Will Not Proceed” status, which heavily implied they will ultimately end up in the root.

ACTO, which claims its members have a greater right to the string due to its geographical and cultural significance, says it has not yet agreed to Amazon’s peace offering, which includes safeguards, financial support for future gTLD applications, and free Kindles.

The ICANN board has now formally rejected the demand — so .amazon is still officially on the path to delegation — but has published mountains of clarification explaining that ACTO misinterpreted what the status change implied.

The board now says that the status change was necessary in order for ICANN to negotiate the inclusion of Public Interest Commitments — PICs, which would give ACTO the right to challenge Amazon if it breaches any of its cultural safeguards — in the .amazon contracts.

With ACTO’s Request for Reconsideration now dealt with, the ball moves into ACTO’s court.

Will ACTO come back to the negotiating table, or will it retain the hard line it has been adopting for the last few months? We’ll find out before long.

How a single Whois complaint got this registrar shitcanned

Kevin Murphy, August 15, 2018, Domain Registrars

A British registrar has had its ICANN contract terminated after a lengthy, unprecedented fight instigated by a single complaint about the accuracy of a single domain’s Whois.

Astutium, based in London and with about 5,000 gTLD domains under management, finally lost its right to sell gTLD domains last week, after an angry battle with ICANN Compliance, the Ombudsman, and the board of directors.

While the company is small, it does not appear to be of the shady, fly-by-night type sometimes terminated by ICANN. Director Rob Golding has been an active face at ICANN for many years and Astutium has, with ICANN approval, taken over portfolios from other de-accredited registrars in the past.

Nevertheless, its Registrar Accreditation Agreement has been torn up, as a result of a complaint about the Whois for the domain name tomzink.com last December.

Golding told DI today that he considers the process that led to his de-accreditation broken and that he’s considering legal action.

The owner of tomzink.com and associated web site appears to be a Los Angeles-based music producer called Tom Zink. The web site seems legit and there’s no suggestion anywhere that Zink has done anything wrong, other than possibly filling out an incomplete Whois record.

The person who complained about the Whois accuracy, whose identity has been redacted from the public record and whose motives are still unclear, had claimed that the domain’s Whois record lacked a phone and fax number and that the registrant and admin contacts contained “made-up” names.

Historical Whois records archived by DomainTools show that in October last year the registrant name was “NA NA”.

The registrant organization was “Astutium Limited” and the registrant email was an @astutium.com address. The registrant mailing address was in Long Beach, California (the same as Zink). There were no phone/fax numbers in the record.

Golding told DI that some of these details were present when the domain was transferred in from another registrar. Others seem to have been added because the registrar was looking after the name on behalf of its client.

The admin and technical records both contained Astutium’s full contact information.

Following the December complaint, the record was cleaned up to remove all references to Astutium and replace them with Zink’s contact data. Judging by DomainTools’ records, this seems to have happened the same day as ICANN forwarded the complaint to Astutium, December 20.

So far, so normal. This kind of Whois cleanup happens many times across the industry every day.

But this is where relations between Astutium and ICANN began to break down, badly.

Even though the Whois record had been cleaned up already, Golding responded to Compliance, via the ICANN complaints ticketing system:

Please dont forward bigus/meaningless whois complaints which are clearly themselves totally inaccurate… No action is necessary or will be taken on bogus/incomplete/rubbish reports. [sic]

Golding agreed with me today that his tone was fairly belligerent from the outset, but noted that it was far from the first time he’d received a compliance complaint he considered bogus.

In the tomzink.com case, he took issue with the fact that the complainant had said that the admin/tech records contained no fax number. Not only was this not true (it was Astutium’s own fax number), but fax numbers are optional under ICANN’s Whois policy.

He today acknowledges that some parts of the complaint were not bogus, but notes that the Whois record had been quickly updated with the correct information.

But simply changing the Whois record is not sufficient for ICANN. It wants you to show evidence of how you resolved the problem in the form of copies of or evidence of communications with the registered name holder.

The Whois Accuracy Program Specification, which is part of the RAA, requires registrars to verify and validate changes to the registered name holder either automated by phone or email, or manually.

Golding told DI that in this case he had called the client to advise him to update his contact information, which he did, so the paper trail only comprises records of the client logging in and changing his contact information.

What he told ICANN in January was:

If ICANN compliance are unable to do the simple job they have been tasked with (to correctly vet and format the queries before sending them on, as they have repeatedly agreed they will do *on record* at meetings) then Registrars have zero obligations to even look at them. Any ‘lack of compliance’ is firmly at your end and not ours in this respect.

However in this specific case we chose to look, contacted the registrant, and had them update/correct/check the records, as can easily be checked by doing a whois

ICANN then explained that “NA NA” and the lack of a phone number were legitimate reasons that the complaint was not wholly bogus, and again asked Golding to provide evidence of Astutium’s correspondence with Zink.

After ignoring a further round or two of communication via the ticketing system, Golding responded: “No, we don’t provide details of private communications to 3rd parties”.

He reiterated this point a couple more times throughout February, eventually saying that nothing in WAPS requires Astutium to “demonstrate compliance” by providing such communications to ICANN, and threatening to escalate the grievance to the Ombudsman.

(That may be strictly true, but the RAA elsewhere does require registrars to keep records and allow ICANN to inspect them on demand.)

It was around the same time that Compliance started trying to get in touch with Golding via phone. While it was able to get through to the Astutium office landline, Compliance evidently had the wrong mobile phone number for Golding himself.

Golding told DI the number ICANN was trying to use (according to ICANN it’s the one listed in RADAR, the official little black book for registrars) had two digits transposed compared to his actual number, but he did not know why that was. Several other members of ICANN staff have his correct number and call him regularly, he said.

By February 27, Compliance had had enough, and issued Astutium with its first public breach notice (pdf)

Allowing a compliance proceeding to get to this stage is always bad news for a registrar — when ICANN hits the public breach notice phase, staff go out and actively search for other areas of potential non-compliance.

Golding reckons Compliance staff are financially incentivized, or “get paid by the bullet point”, at this stage, but I have no evidence that is the case.

Whatever the reason, Compliance in February added on claims:

  • that Astutium was failing to output Whois records in the tightly specified format called for by the RAA (Golding blames typos and missed memos for this and says the errors have been corrected),
  • that Astutium’s registration agreement failed to include renewal and post-renewal fees (Golding said every single page of the Astution web site, including the registration agreement page, carries a link to its price list. While he admitted the text of the agreement does not include these prices, he claimed the same could be said of some of the biggest registrars),
  • that the registration agreement does not specify how expiration notices are delivered (according to Golding, the web site explains that it’s delivered via email)
  • that the address published on the Astutium web site does not match the one provided via the Registrar Information Specification, another way ICANN internally tracks contact info for its registrars (Golding said that his company’s address is published on every single page of its site)

A final bullet point asked the company to implement corrective measures to ensure it “will respond to ICANN compliance matters timely, completely and in line with ICANN’s Expected Standards of Behavior”.

The reference to the Expected Standards of Behavior — ICANN’s code of politeness for the community — is a curious one, not typically seen in breach notices. Unless I’m reading too much into it, it suggests that somebody at ICANN wasn’t happy with Golding’s confrontational, sometimes arguably condescending, attitude.

Golding claims that some of ICANN’s allegations in this breach notice are “provably false”.

He told us he still hasn’t ruled out legal action for defamation against ICANN or its staff as a result of the publication of the notice.

“I’ll be in California, serving the paperwork myself,” he said.

Astutium did not respond to the breach notice, according to ICANN documents, and it was escalated to full-blown termination March 21.

On March 30, the registrar filed a Request for Reconsideration (pdf) with ICANN. That’s one of the “unprecedented” things I referred to at the top of this article — I don’t believe a registrar termination has been challenged through the RfR process before.

The second unprecedented thing was that the RfR was referred to Ombudsman Herb Waye, under ICANN’s relatively new, post-transition, October 2016 bylaws.

Waye’s evaluation of the RfR (pdf), concluded that Astutium was treated fairly. He noted multiple times that the company had apparently made no effort to come into compliance between the breach notice and the termination notice.

Golding was not impressed with the Ombudsman’s report.

“The Ombudsman is totally useless,” he said.

“The entire system of the Ombudsman is designed to make sure nobody has to look into anything,” he said. “He’s not allowed to talk to experts, he’s not actually allowed to talk to the person who made the complaint [Astutium], his only job is to ask ICANN if they did the right thing… That’s their accountability process.”

The Board Accountability Mechanisms Committee, which handles reconsideration requests, in June found against Astutium, based partly on the Ombudsman’s evaluation.

BAMC then gave Golding a chance to respond to its decision, before it was sent to the ICANN board, something I believe may be another first.

He did, with a distinctly more conciliatory tone, writing in an email (pdf):

Ultimately my aim has always been to have the ‘final decision’ questioned as completely disproportionate to the issue raised… and the process that led to the decisions looked into so that improvements can be made, and should there still be unresolved issues, opportunity to work in a collaborative method to solve them, without the need to involve courts, lawyers, further complaints/challenge processes and so on.

And then the ICANN board voted to terminate the company, in line with BAMC’s recommendation.

That vote happened almost a month ago, but Astutium did not lose its IANA number until a week ago.

According to Golding, the company is still managing almost all of its gTLD domains as usual.

One registry, CentralNic, turned it off almost immediately, so Astutium customers are not currently able to manage domains in TLDs such as .host, he said. The other registries still recognize it, he said. (CentralNic says only new registrations and transfers are affected, existing registrants can manage their domains.)

After a registrar termination, ICANN usually transfers the affected domains to another accredited registrar, but this has not happened yet in Astutium’s case.

Golding said that he has a deal with fellow UK registrar Netistrar to have the domains moved to its care, on the understanding that they can be transferred back should Astutium become re-accredited.

He added that he’s looking into acquiring three other registrar accreditations, which he may merge.

So, what is to be learned from all this?

It seems to me that we may be looking at a case of a nose being cut off to spite a face, somebody talking themselves into a termination. This is a compliance issue that probably could have been resolved fairly quickly and quietly many months ago.

Another takeaway might be that, if the simple act of making a phone call to a registrar presents difficulties, ICANN’s Compliance procedures may need a bit of work.

A third takeaway might be that ICANN Compliance is very capable of disrupting registrars’ businesses if they fail to meet the letter of the law, so doing what you’re told is probably the safest way to go.

Or, as Golding put it today: “The lesson to be learned is: if you don’t want them fucking with your business, bend over, grab your ankles, and get ready.”

.kids auction is off

Kevin Murphy, December 12, 2017, Domain Registries

ICANN has postponed the planned auction of the .kid(s) gTLDs after an appeal from one of the applicants.

The last-resort auction had been penciled in for January 25, and there was a December 8 deadline for the three participants to submit their info to the auctioneer.

But DotKids Foundation, the shallowest-pocketed of the three, filed a Request for Reconsideration last Wednesday, asking ICANN to put the contention set back on hold.

The cancellation of the January auction appears to be to give ICANN’s board of directors time to consider the RfR under its usual process — it has not yet ruled on it.

DotKids and Amazon have applied for .kids and Google has applied for .kid. A String Confusion Objection won by Google put the two strings in the same contention set, meaning only one will eventually go live.

DotKids comprehensively lost a Community Priority Evaluation, which would negate an auction altogether, but it thinks the CPE got it wrong and wants to be treated the same way as other gTLD applicants whose CPE results are currently under review.

Reconsideration requests take between 30 and 90 days to process, and they rarely go the way of the requester, so the delay to the auction will likely not be too long.