Latest news of the domain name industry

Recent Posts

Junk drop cuts .xyz in half, .top claims volume crown

The .xyz gTLD has seen its zone file halve in size, as millions of free and cheap domains were not renewed.

The former volume leader among new gTLDs started this month with a tad over 5.2 million domains in its zone.

But its July 17 zone contained 2.5 million, much less than half as many, DI analysis shows.

The precipitous decline means that Chinese-run gTLD .top, increasingly notorious as a go-to TLD for spammers, is now literally at the top of the league table, when you measure new gTLDs by zone file volume, with 2.6 million names.

The primary reason for .xyz losing so many names is of course the expiration of most of the domains that were sold for just $0.01 — or given away for free — in the first few days of June 2016, and the aggressive promotional pricing on offer for the remainder of that month.

On May 30, 2016, there were just under 2.8 million names in the .xyz zone. By July 1, 2016, that number had topped 6.2 million, an increase of 3.4 million over a single month.

That was .xyz’s peak. The zone has been in gradual decline ever since.

Domains generally take 45 days to drop, so it’s entirely possible XYZ.com will see further losses over the next month or so.

There’s nothing unusual about seeing a so-called “junk drop” a year after a TLD launches or runs a free-domains promotion. It’s been well-understood for over a decade and has been anticipated for .xyz for over a year.

But compounding its problems, the .xyz registry appears to still be banned in China, where a substantial portion of its former customer base is located.

The company disclosed over two months ago that it had a “temporary” problem that had seen its license to sell domains via Chinese registrars suspended.

The ban was related to XYZ falling out with its original “real name verification” provider, ZDNS, which was tasked with verifying the identities of Chinese registrants per local government regulations.

I’ve never been able to confirm with either party the cause of this split, but everyone else involved in the Chinese market I’ve asked has told me it related to a dispute over money.

Regardless, two months later the major Chinese registrars I checked today still appear to not be carrying .xyz names.

XYZ has meanwhile signed up with alternative Chinese RNV provider Tele-info, and just three days ago submitted the necessary paperwork (pdf) with ICANN to have the move approved as a registry service under its contract.

In that request, XYZ said the new RNV service “will allow XYZ to reenter certain domain name markets”, suggesting that it has not yet regained Chinese government approval to operate there.

Country names to finally be released in new gTLDs

Kevin Murphy, May 24, 2017, Domain Policy

It looks like hundreds of domain names matching the names of countries are to finally get released from ICANN limbo.

The ICANN board last week passed a resolution calling for the organization to clear a backlog of over 60 registry requests to start selling or using country and territory names in their gTLDs.

Some of the requests date back to 2014. They’ve all been stuck in red tape while ICANN tried to make sure members of the Governmental Advisory Committee was cool with the names being released.

The result of these three years of pondering is scrappy, but will actually allow some names to hit the market this year.

The new resolution calls for ICANN to “take all steps necessary to grant ICANN approvals for the release of country and territory names at the second-level”, but only “to the extent the relevant government has indicated its approval”.

And that’s the catch.

Some governments, such as the US and UK, don’t care who registers matching names. Dozens of others want to vet each registry request on a case-by-case basis.

The wishes of each government are record in a GAC database.

The only territories to so far give a blanket waiver over their names are: Denmark, Finland, Ireland, the Netherlands, Norway, Sweden, the UK, the USA, Guernsey and Pitcairn.

Almost 70 other countries have said they need to be told when a registry wants to sell a domain matching their name. Ten others give carte blanche to closed dot-brands, but require notification in the case of open gTLDs.

The majority of countries in the world have yet to officially express a preference one way or the other.

Of the roughly 60 new gTLD registries to request country name releases over the last few years, the vast majority are dot-brands. The number of open gTLDs with such requests appears to be in the single figures, and the only ones with mass-market appeal appear to be .xyz and .global.

How .com became a restricted TLD

Verisign has been given approval to start restricting who can and cannot register .com and .net domain names in various countries.

Customers of Chinese registrars are the first to be affected by the change to the registry’s back-end system, which was made last year.

ICANN last week gave Verisign a “free to deploy” notice for a new “Verification Code Extension” system that enables the company to stop domains registered via selected registrars from resolving unless the registrant’s identity has been verified and the name is not on China’s banned list.

It appears to be the system Verisign deployed in order to receive its Chinese government license to operate in China.

Under Verification Code Extension, Verisign uses ICANN records to identify which registrars are based in countries that have governmental restrictions. I believe China is currently the only affected country.

Those registrars are able to register domains normally, but Verisign will prevent the names from resolving (placing them in serverHold status and keeping them out of the zone file) unless the registration is accompanied by a verification code.

These codes are distributed to the affected registrars by at least two verification service providers. Verisign, in response to DI questions, declined to name them.

Under its “free to deploy” agreement with ICANN (pdf), Verisign is unable to offer verification services itself. It must use third parties.

The company added the functionality to its .com and .net registry as an option in February 2016, according to ICANN records. It seems to have been implemented last July.

A Verisign spokesperson said the company “has implemented” the system.

The Verification Code Extension — technically, it’s an extension to the EPP protocol pretty much all registries use — was outlined in a Registry Services Evaluation Process request (pdf) last May, and approved by ICANN not long after.

Verisign was approved to operate in China last August in the first wave of gTLD registries to obtain government licenses.

Under Chinese regulations, domain names registered in TLDs not approved by the government may not resolve. Registrars are obliged to verify the identities of their registrants and names containing certain sensitive terms are not permitted.

Other gTLDs, including .vip, .club, .xyz .site and .shop have been granted approval over the last few months.

Some have chosen to work with registration gateway providers in China to comply with the local rules.

Apart from XYZ.com and Verisign, no registry has sought ICANN approval for their particular implementation of Chinese law.

Because Chinese influence over ICANN is a politically sensitive issue right now, it should be pointed out that the Verification Code Extension is not something that ICANN came up with in response to Chinese demands.

Rather, it’s something Verisign came up with in response to Chinese market realities. ICANN has merely rubber-stamped a service requested by Verisign.

This, in other words, is a case of China flexing market muscle, not political muscle. Verisign, like many other gTLD registries, is over-exposed to the Chinese market.

It should also be pointed out for avoidance of doubt that the Chinese restrictions do not apply to customers of non-Chinese registrars.

However, it appears that Verisign now has a mechanism baked into its .com and .net registries that would make it much easier to implement .com restrictions that other governments might choose to put into their own legislation in future.

Registrars say Amazon is “closing” open gTLD

Kevin Murphy, April 25, 2016, Domain Registries

A group comprising some of the largest domain registrars has claimed Amazon is attempting to close off a new gTLD that it previously indicated would be unrestricted.

The 12-strong group, which includes Go Daddy, Network Solutions and Tucows, also claims that the company’s proposal for a “Registration Authentication Platform” is anti-competitive.

The complaints follow Amazon’s filing of a Registry Services Evaluation Process request with ICANN in March.

The RSEP speaks in broad terms about rejigging the conventional domain registration path so that all .moi sales are funneled through Amazon’s registry site, where registrants will have their eligibility verified and then be offered a set of add-on “technology tools” before being bounced back to their chosen registrar.

Amazon hasn’t said who will be eligible to register .moi domains, nor has it explained what technology tools it plans to offer. I expect the tools will include things such as hosting and security, where many registrars currently make money.

Unsurprisingly, many registrars are not happy about these vague proposals.

In a comment (pdf) to the RSEP filed yesterday, they said:

Ultimately, the use of pre-registration verification and “optional” value added services will negatively impact competition. By tying both practices in a TLD, a TLD Operator can create a “captive audience” via the pre-registration verification and then offering optional services. This will effectively bypass the existing registration and purchase process, putting TLD Operator in a privileged position. The TLD is set up to capture customers earned via the Registrars marketing efforts to promote its own tools and services.

It’s not unusual for “sponsored” or “restricted” gTLDs to implement registry-side verification, they admitted, but said that .moi is meant to be “open”.

They wrote:

While this practice is not explicitly prohibited under gTLDs, we believe that post-delegation inclusion of these practices should only be allowed in compelling circumstances because they are, in effect, retroactively “closing” what was applied for and approved to be operated as an open, generic TLD.

Amazon’s application for .moi, like all of its new gTLD applications, is not entirely clear on what the company’s plans are. There’s vague talk about eligibility, but no details and nothing substantial to suggest a tightly restricted zone.

The signatories to the registrar comment represent the majority of registered domain names. They are: Astutium, Blacknight Internet Solutions, Domain.com, EuroDNS, GoDaddy.com, OpenproviderNetEarth One, Key-Systems, Netistrar, Network Solutions, Nordreg, Realtime Register, Tucows Domains.

One registrar, Com Laude, whose sister company Valideus handles Amazon’s gTLD applications, wrote a comment (pdf) expressing the opposite view.

Com Laude says that it’s not unusual for registries to require registry-side verification. It points to .bank, .pharmacy and .travel as examples.

The company also claims that the 12 registrars are in essence complaining about the idea of vertical integration — where registries and registrars are under common ownership — which is already in place at companies such as Uniregistry and Rightside.

Com Laude’s Jeff Neuman wrote:

We do not believe that it is unacceptable for a company like Amazon to do what these other companies have been doing for some time. To apply different standards to Amazon Registry than it does for each of the other vertically integrated entities would single them out for disparate treatment – especially when there is no factual basis to believe that Amazon Registry has not adhered to its vertical integration-related obligations under the Registry Agreement.

What’s going on here, I suspect, is a bit of a proxy war.

Neither Amazon nor the registrars care a great deal about .moi, I think. The gTLD is merely a canary for Amazon’s 30-odd yet-to-be-launched gTLDs. The company has the rights to potentially more attractive strings, including .book, .song and .tunes.

Amazon originally wanted to make these strings “closed generics”, or what ICANN calls “exclusive access” gTLDs, where only Amazon could register names.

It has since disavowed such plans, but still hasn’t said who will be able to register names in its portfolio or how they will prove eligibility.

.moi was not originally identified as a closed generic by ICANN, but it could represent a model for what Amazon plans to do with the rest of its stable.

Amazon plotting registrar workaround?

Amazon has given an early hint at how it may manage its new gTLD registries.

The company seems to be planning to make its own web site the place to go to for its new gTLD domains, relegating registrars to secondary players in the sales path.

It also seems to be planning to up-sell registrants with services, possibly including hosting, before they even get to the registrar’s storefront.

Amazon has filed a Registry Services Evaluation Process request with ICANN, relating to its gTLD .moi (French for “.me”) covering a “Registration Authentication Platform”.

.moi isn’t a brand, but Amazon says it plans to verify registrant “eligibility” before allowing a registration to take place.

To date, it has not revealed what the eligibility requirements for .moi are.

Its RSEP filing says that it intends to offer registrants a suite of optional add-on “technology tools or applications” at the point of verification.

Crucially, that’s before they get bounced to their registrar of choice to actually register the name.

Amazon is basically putting its up-sell pitch into the sales path before registrars get to do the same.

The RSEP explains it like this:

After the customer selects the Technology Tools of interest and/or ancillary products or services (if any), the customer will select its registrar of choice from among the complete list of .MOI-accredited registrars and be directed to that registrar’s site to permit that registrar to collect the required registrant information for the domain name registration, and to submit payment for the selected .MOI domain name. Upon completion of these steps, the registrar, through the normal EPP processes, shall transmit the required registration information to the Registry and the .MOI domain name shall be registered. A customer that first visits a .MOI-accredited registrar’s website will be directed to the Registry’s .MOI website to undergo the process noted above. After pre-registration policy verification, those customers will be transitioned back to the originating registrar’s site.

The RSEP does not explain what the “technology tools” are, but I’d be very surprised if they did not include for example web hosting, a staple higher-margin registrar product.

It’s not entirely clear what, if any, consultations Amazon has had with registrars regarding its proposals. The RSEP language is evasive:

Amazon Registry reached out to several registrars to have general discussions about their experience with pre-registration policy verification and how that experience (including customer experience) could be improved. Any consultations that may have occurred regarding the Technology Tools and the ancillary products and services would have occurred subject to a Mutual Non-Disclosure Agreement and cannot be disclosed.

Currently, the RSEP only covers .moi. Amazon would have to file additional RSEPs if it wanted the new service applied to its 32-TLD-strong portfolio, which includes the likes of .book, .song and .tunes.

ICANN has already made a preliminary determination that the RSEP “does not raise significant competition, security or stability issues”.

As usual, there’s a public comment period, which ends April 14.