Latest news of the domain name industry

Recent Posts

After .org price outrage, ICANN says it has NOT scrapped public comments

Kevin Murphy, October 11, 2019, Domain Policy

ICANN this evening said that it will continue to open up gTLD registry contract amendments for public comment periods, despite posting information yesterday suggesting that it would stop doing so.

The organization recently formalized what it calls “internal guidelines” on when public comment periods are required, and provided a summary in a blog post yesterday.

It was very easy to infer from the wording of the post that ICANN, in the wake of the controversy over the renegotiation of Public Interest Registry’s .org contract, had decided to no longer ask for public comments on future legacy gTLD contract amendments.

I inferred as much, as did another domain news blogger and a few other interested parties I pinged today.

I asked ICANN if that was a correct inference and Cyrus Namazi, head of ICANN’s Global Domains Division, replied:

No, that is not correct. All Registry contract amendments will continue to be posted for public comment same as before.

He went on to say that contract changes that come about as a result of Registry Service Evaluation Process requests or stuff like change of ownership will continue to not be subject to full public comment periods (though RSEP does have its own, less-publicized comment system).

The ICANN blog post lists several scenarios in which ICANN is required to open a public comment period. On the list is this:

ICANN org base agreements with registry operators and registrars.

The word “base” raised at least eight eyebrows of people who read the post, including my two.

The “base” agreements ICANN has with registries and registrars are the 2013 Registrar Accreditation Agreement and the 2012/2017 Registry Agreement.

The RAA applies to all accredited registrars and the base RA applies to all new gTLD registries that applied in the 2012 round.

Registries that applied for, or were already running, gTLDs prior to 2012 all have bespoke contracts that have been gradually brought more — but not necessarily fully — into line with the 2012/17 RA in renewal renegotiations over the last several years.

In all cases, the renegotiated legacy contracts have been subject to public comment, but in no cases have the comments had any meaningful impact on their ultimate approval by ICANN.

The most recent such renewal was Public Interest Registry’s .org contract.

Among the changes were the introduction of the Uniform Rapid Suspension anti-cybersquatting policy, and the removal of price caps that had limited PIR to a 10% increase per year.

The comment period on this contract attracted over 3,200 comments, almost all of which objected to the price regulation changes or the URS.

But the contract was signed regardless, unaffected by the comments, which caused one registrar, NameCheap, to describe the process as a “sham”.

With this apparently specific reference to “base” agreements coming so soon thereafter, it’s easy to see how we could have assumed ICANN had decided to cut off public comment on these contentious issues altogether, but that appears to not be the case.

What this seems to mean is that when .com next comes up for renewal, it will be open for comment.

Google has big, innovative plans for .new

Kevin Murphy, August 5, 2019, Domain Registries

Google is set to launch .new next year with a innovative value proposition that changes how domain names are used.

The company plans to slowly release .new domains to a carefully controlled customer base, starting in the first quarter 2020.

In a Registry Service Evaluation Process request filed with ICANN last week, the company said:

Google Registry plans to launch the .new TLD with a usage-based restriction in its domain registration policy that requires that all domain names be used for action generation or online content creation

The phrase “action generation or online contention creation” is key here, repeated across multiple Google documents.

What it means is that registrants will have to commit to use their .new domains in much the same way as Google itself is using its own batch of proof-of-concept names.

If you type doc.new into your browser address bar today, you’ll be taken to a fresh word processing document hosted on Google Docs, assuming you’re logged in to Google.

The same goes for domains such as spreadsheet.new, slides.new and a few others.

Looking at the .new zone file, it appears Google has plans to expand the concept beyond Office-style online applications into areas such as email, bug-reporting, support-ticketing, forms, reminders, and web site creation.

These services appear to be live but currently restricted to authorized users.

When Google opens up the .new space to third-party registrants, it’s easy to imagine domains such as tweet.new taking users directly to a Twitter composition page or blog.new immediately opening up a new post on something like WordPress or Medium.

Right now, Google is declining to comment on the specifics of its launch plan, but we can infer some details from its activity in the ICANN world.

I get the impression that the company does not want to be overly prescriptive in how .new domains are used, as long as they adhere to the “action generation or online contention creation” mantra.

Stephanie Duchesneau, Google program manager, told attendees at an ICANN summit this May that .new will be a space “where anyone is able to register, but the domain name has to be used in a certain way”.

While that may eventually be the case, at first Google plans to operated a Limited Registration Period under ICANN rules, during which only hand-vetted registrants will be able to grab domains.

Its recent RSEP request (pdf) asks ICANN permission to deploy an authentication system based on RFC 8495 to handle the LRP roll-out.

To the best of my understanding, RFC 8495 is a newish extension to EPP designed to deal with domain allocation, rather than usage, so it does not appear to be the means by which Google will enforce its policies.

The RSEP says it is Google’s plan to “seed” the gTLD with a bunch of third-party .new domains that adhere to the usage concept it has laid out.

This is due to happen some time in Q1 next year, but Google has not yet filed its TLD startup information with ICANN, so the exact dates are not known.

Under ICANN rules, as far as I can tell an LRP can run more or less indefinitely, so it’s not entirely clear when .new will become available to the general registrant.

Brand-blocking service plotted for porn gTLDs

MMX wants to offer a new service for trademark owners worried about cybersquatting in its four porn-themed gTLDs.

The proposed Adult Block Services would be similar to Donuts’ groundbreaking Domain Protected Marks List and the recent Trademark Sentry offering from .CLUB Domains.

The service would enable big brands to block their marks from registration across all four TLDs for less than the price of individual defensive registrations.

Prices have not been disclosed, but a more-expensive “Plus” version would also allow the blocking of variants such as typos. The registry told ICANN:

The Adult Block Services will be offered as a chance for trademark owners to quickly and easily make labels unavailable for registration in our TLDs. For those trademark owners registering domain names as a defensive measure only, the Adult Block Services offer an easy, definitive, and cost-effective method for achieving their goals by offering at-a-stroke protection for TLDs included in the program. The Adult Block Services are similar to the Donuts’ DPML, Uniregistry’s EP and EP Plus and the .Club UNBS and should be immediately understood and accepted by the trademark community.

The Adult Block will allow trademark owners to block unregistered labels in our TLDs that directly match their trademarks. The Adult Block Plus will allow trademark owners to block unregistered, confusingly similar variations of their trademarks in our TLDs.

It seems more akin to DPML, and Uniregistry’s recently launched clone, than to .CLUB’s forthcoming single-TLD offering.

The Registry Service Evaluation Process request was filed by ICM Registry, which was acquired by MMX last year.

It only covers the four porn gTLDs that ICM originally ran, and not any of the other 22 gTLDs managed by MMX (aka Minds + Machines).

This will certainly make the service appear less attractive to the IP community than something like DPML, which covers Donuts stable of 242 TLDs.

While there’s no public data about how successful blocking services have been, anecdotally I’m told they’re quite popular.

What we do have data on is how popular the ICM gTLDs have been in sunrise periods, where trademark owners showed up in higher-than-usual numbers to defensively register their marks.

.porn, .adult and .sex garnered about 2,000 sunrise regs each, more than 20 times the average for a new gTLD, making them three of the top four most-subscribed sunrise periods.

Almost one in five of the currently registered domains in each of these TLDs is likely to be a sunrise defensive.

Now that sunrise is long gone, there may be an appetite in the trademark community for less-expensive blocks.

But there have been calls for the industry to unify and offer blocking services to cover all gTLDs.

The brand-protection registrar Com Laude recently wrote:

What brands really need is for registry operators to come together and offer a universal, truly global block that applies across all the open registries and at a reasonable price that a trademark owner with multiple brands can afford.

Quite how that would happen across over 1,200 gTLDs is a bit of a mystery, unless ICANN forced such a service upon them.

Uniregistry working on bulk trademark blocking service

Kevin Murphy, November 21, 2018, Domain Registries

Uniregistry is planning to launch a bulk trademark block service, along the same lines as Donuts’ Domain Protected Marks List.

But it’s going to be roughly 50% more expensive than DPML, on a per-TLD basis.

The company has applied to ICANN to run what it calls “Uni EP” across its whole portfolio of 26 gTLDs.

Uni EP would be “largely identical” to DPML, according to Uniregistry’s Registry Service Evaluation Requests.

This means that anyone who has their trademark registered in the Trademark Clearinghouse will be able to block the matching string in all of Uniregistry’s TLDs.

Nobody else would be able to register that mark unless they also had a TMCH-validated trademark for the same string.

The pricing would be lower than if the brand owner individually defensively registered in each of the 26 TLDs.

With Donuts, which manages a portfolio almost 10 times as large, DPML tends to be priced around the $6,000 mark retail for a five-year block. That works to about $5 per TLD per year.

Uniregistry CEO Frank Schilling said Uni EP could be priced as low as $200 per year. That would work out to about $7.70 per TLD.

The relatively higher pricing might make sense when you consider the larger variation in regular pricing for Uniregistry TLDs, compared to Donuts.

It has several that retail for around $100 a year, and three — .cars, .car and .auto — that sell for close to $3,000 a year.

Still, the Uni EP price is obviously going to be a lot cheaper than regular defensive registrations.

Companies that have already purchased defensively would get to add their domains to the block service after the current registration expires, the RSEP states.

Like DPML, Uni EP would also have a “Plus” version, in which confusingly similar strings in eight scripts would also be blocked.

Uniregistry says it consulted with three brand protection registrars — CSC, MarkMonitor and Safenames — about the service and that their reactions were “favorable”.

Uniregistry’s current portfolio comprises .country, .audio, .car, .blackFriday, .auto, .cars, .christmas, .click, .diet, .flowers, .game, .gift, .guitars, .help, .hiphop, .hiv, .hosting, .juegos, .link, .lol, .mom, .photo, .pics, .property, .sexy, and .tattoo.

Justice gives nod to O.com auction

Kevin Murphy, December 18, 2017, Domain Registries

The US Department of Justice does not intend to prevent Verisign from auctioning off the single-letter domain o.com.

Aaron Hoag, chief of the department’s Technology & Financial Services Section, told ICANN in a letter (pdf) that it does not intend to probe Verisign’s proposal.

The letter reads in its entirety:

Your letter dated December 7, 2017, to Makan Delrahim, Assistant Attorney General of the Antitrust Division, regarding VeriSign’s proposal to auction O.COM, has been referred to the Technology & Financial Services Section for review. After careful consideration of the matter, the Division can report that it does not intend to open an investigation into the proposed auction described in the attachment to your letter.

Verisign asked ICANN’s permission to auction o.com, with most of the the proceeds going to good causes, after over a decade of nagging from retailer Overstock.com, which desperately wants to own the currently reserved name.

It would set a precedent for the company to sell off the remaining 22 single-letter domains, not to mention the 10 digits, which are all currently reserved due to a decades-old technical policy no longer considered necessary.

Verisign would only receive its $7.85 base registry fee from the sale, despite the fact that single-letter domains could easily fetch seven or eight figures.

The company asked ICANN for permission to release the name via its Registry Services Evaluation Process last month.

ICANN said earlier this month that it had no objection on technical grounds, but referred it to US competition authorities for a review.

With the DoJ apparently not interested, the door is open for ICANN to approve the RSEP before the end of the year, meaning Verisign could carry out the auction in 2018.

The big question now is whether anyone other than Overstock will want to take part in the auction. Overstock has US trademarks on “O.com”, despite the fact that it’s never actually owned the domain.

ICANN punts o.com auction to US watchdogs

Kevin Murphy, December 11, 2017, Domain Registries

Verisign’s proposed auction of the domain o.com might have a negative effect on competition and has been referred to US regulators.

That’s according to ICANN’s response to the .com registry’s request to release the domain, which is among the 23 single-letter domains currently reserved under the terms of its contract.

ICANN has determined that the release “might raise significant competition issues” and has therefore been referred to “to the appropriate governmental competition authority”.

It’s forwarded Verisign’s request to the US Department of Justice.

Verisign late last month asked ICANN if it could release o.com to auction as a test that could presumably lead to other single-character .com names being released in future.

The plan is for a charity auction, in which almost all the proceeds are donated to internet-related good causes.

Only the company running the auction would make any significant money; Verisign would just take its standard $7.85 annual fee.

ICANN told the company that it could find no technical reason that the release could not go ahead.

The only barrier is the fact that Verisign arguably has government-approved, cash-printing, market dominance and is therefore in a sensitive political position.

Whether its profitless plan will be enough to see the auction given the nod remains to be seen.

A certain bidder in the proposed auction would be Overstock.com, the online retailer, which has been pressuring ICANN and Verisign for the release of O.com for well over a decade and even owns trademarks covering the domain.

Disclosure: several years ago I briefly provided some consulting/writing services to a third party in support of the Verisign and Overstock positions on the release of single-character domain names, but I have no current financial interest in the matter.

Verisign wants to auction off O.com for charity

Kevin Murphy, December 1, 2017, Domain Registries

The internet could soon gets just its fourth active single-character .com domain name, after Verisign revealed plans to auction off o.com for charity.

The company has asked ICANN to allow it to release just one of the 23 remaining one-letter .com domains, which are currently reserved under the terms of the .com registry agreement.

It’s basically a proof of concept that would lead to this contractual restriction being lifted entirely.

O.com has been picked as the guinea pig, because of “long-standing interest” in the domain, according to Verisign.

Overstock.com, the $1.8 billion-a-year US retailer, is known to have huge interest in the name.

The company acquired o.co from .CO Internet for $350,000 during the ccTLD’s 2010 relaunch, then embarked upon a disastrous rebranding campaign that ended when the company estimated it was losing 61% of its type-in traffic to o.com.

Overstock has obsessed over its unobtainable prize for over a decade and would almost certainly be involved in any auction for the domain.

In fact, I wouldn’t be surprised to discover that Overstock pressured Verisign into requesting the release of o.com.

Despite the seven or eight figures that a single-letter .com domain could fetch, Verisign’s cut of the auction proceeds would be just $7.85, its base registry fee.

Regardless, it has a payment schedule in mind that would see the winning bidder continue to pay premium renewal fees for 25 years, eventually doubling the sale price.

The winner would pay their winning bid immediately and get a five-year registration, but then would have to pay 5% of that bid to renew the domain for years six through 25.

In other words, if the winning bid was $1 million, the annual renewal fee after the first five years would be $50,000 and the total amount paid would eventually be $2 million.

All of this money, apart from the auction provider’s cut, would go to a trust that would distribute the funds to internet-focused non-profit organizations, such as those promoting security or open protocols.

There’s also a clause that would seem to discourage domain investors from bidding. The only way to transfer the domain would be if the buyer was acquired entirely, though this could be presumably circumvented with the use of a shell company.

It’s an elaborate auction plan, befitting of the fact that one-character .com domains are super rare.

Only x.com, q.com and z.com are currently registered and it’s Verisign policy to reserve them in the unlikely event they should ever expire.

Billionaire entrepreneur Elon Musk this July reacquired x.com, the domain he used to launch PayPal in the 1990s, back from PayPal for an undisclosed sum.

Z.com was acquired by GMO Internet for $6.8 million in 2014.

Single-character domains are typically not reserved in the ICANN contracts of other gTLDs, whether pre- or post-2012, though it’s standard practice for the registry to reserve them for auction anyway.

Verisign’s reservations in .com and .net are a legacy of IANA policy, pre-ICANN and have been generally considered technically unnecessary for some years.

Still, there’s been a reluctance to simply hand Verisign, already a money-printing machine through accident of history, another windfall of potentially hundreds of millions of dollars by allowing it to sell off the names for profit. Hence the elaborate plan with the O.com trust fund.

The proposal to release O.com requires a contractual amendment, so Verisign has filed a Registry Services Evaluation Process request (pdf) with ICANN that is now open for public comment.

As a matter of disclosure: several years ago I briefly provided some consulting/writing services to a third party in support of the Verisign and Overstock positions on the release of single-character domain names, but I have no current financial interest in the matter.

Junk drop cuts .xyz in half, .top claims volume crown

The .xyz gTLD has seen its zone file halve in size, as millions of free and cheap domains were not renewed.

The former volume leader among new gTLDs started this month with a tad over 5.2 million domains in its zone.

But its July 17 zone contained 2.5 million, much less than half as many, DI analysis shows.

The precipitous decline means that Chinese-run gTLD .top, increasingly notorious as a go-to TLD for spammers, is now literally at the top of the league table, when you measure new gTLDs by zone file volume, with 2.6 million names.

The primary reason for .xyz losing so many names is of course the expiration of most of the domains that were sold for just $0.01 — or given away for free — in the first few days of June 2016, and the aggressive promotional pricing on offer for the remainder of that month.

On May 30, 2016, there were just under 2.8 million names in the .xyz zone. By July 1, 2016, that number had topped 6.2 million, an increase of 3.4 million over a single month.

That was .xyz’s peak. The zone has been in gradual decline ever since.

Domains generally take 45 days to drop, so it’s entirely possible XYZ.com will see further losses over the next month or so.

There’s nothing unusual about seeing a so-called “junk drop” a year after a TLD launches or runs a free-domains promotion. It’s been well-understood for over a decade and has been anticipated for .xyz for over a year.

But compounding its problems, the .xyz registry appears to still be banned in China, where a substantial portion of its former customer base is located.

The company disclosed over two months ago that it had a “temporary” problem that had seen its license to sell domains via Chinese registrars suspended.

The ban was related to XYZ falling out with its original “real name verification” provider, ZDNS, which was tasked with verifying the identities of Chinese registrants per local government regulations.

I’ve never been able to confirm with either party the cause of this split, but everyone else involved in the Chinese market I’ve asked has told me it related to a dispute over money.

Regardless, two months later the major Chinese registrars I checked today still appear to not be carrying .xyz names.

XYZ has meanwhile signed up with alternative Chinese RNV provider Tele-info, and just three days ago submitted the necessary paperwork (pdf) with ICANN to have the move approved as a registry service under its contract.

In that request, XYZ said the new RNV service “will allow XYZ to reenter certain domain name markets”, suggesting that it has not yet regained Chinese government approval to operate there.

Country names to finally be released in new gTLDs

Kevin Murphy, May 24, 2017, Domain Policy

It looks like hundreds of domain names matching the names of countries are to finally get released from ICANN limbo.

The ICANN board last week passed a resolution calling for the organization to clear a backlog of over 60 registry requests to start selling or using country and territory names in their gTLDs.

Some of the requests date back to 2014. They’ve all been stuck in red tape while ICANN tried to make sure members of the Governmental Advisory Committee was cool with the names being released.

The result of these three years of pondering is scrappy, but will actually allow some names to hit the market this year.

The new resolution calls for ICANN to “take all steps necessary to grant ICANN approvals for the release of country and territory names at the second-level”, but only “to the extent the relevant government has indicated its approval”.

And that’s the catch.

Some governments, such as the US and UK, don’t care who registers matching names. Dozens of others want to vet each registry request on a case-by-case basis.

The wishes of each government are record in a GAC database.

The only territories to so far give a blanket waiver over their names are: Denmark, Finland, Ireland, the Netherlands, Norway, Sweden, the UK, the USA, Guernsey and Pitcairn.

Almost 70 other countries have said they need to be told when a registry wants to sell a domain matching their name. Ten others give carte blanche to closed dot-brands, but require notification in the case of open gTLDs.

The majority of countries in the world have yet to officially express a preference one way or the other.

Of the roughly 60 new gTLD registries to request country name releases over the last few years, the vast majority are dot-brands. The number of open gTLDs with such requests appears to be in the single figures, and the only ones with mass-market appeal appear to be .xyz and .global.

How .com became a restricted TLD

Verisign has been given approval to start restricting who can and cannot register .com and .net domain names in various countries.

Customers of Chinese registrars are the first to be affected by the change to the registry’s back-end system, which was made last year.

ICANN last week gave Verisign a “free to deploy” notice for a new “Verification Code Extension” system that enables the company to stop domains registered via selected registrars from resolving unless the registrant’s identity has been verified and the name is not on China’s banned list.

It appears to be the system Verisign deployed in order to receive its Chinese government license to operate in China.

Under Verification Code Extension, Verisign uses ICANN records to identify which registrars are based in countries that have governmental restrictions. I believe China is currently the only affected country.

Those registrars are able to register domains normally, but Verisign will prevent the names from resolving (placing them in serverHold status and keeping them out of the zone file) unless the registration is accompanied by a verification code.

These codes are distributed to the affected registrars by at least two verification service providers. Verisign, in response to DI questions, declined to name them.

Under its “free to deploy” agreement with ICANN (pdf), Verisign is unable to offer verification services itself. It must use third parties.

The company added the functionality to its .com and .net registry as an option in February 2016, according to ICANN records. It seems to have been implemented last July.

A Verisign spokesperson said the company “has implemented” the system.

The Verification Code Extension — technically, it’s an extension to the EPP protocol pretty much all registries use — was outlined in a Registry Services Evaluation Process request (pdf) last May, and approved by ICANN not long after.

Verisign was approved to operate in China last August in the first wave of gTLD registries to obtain government licenses.

Under Chinese regulations, domain names registered in TLDs not approved by the government may not resolve. Registrars are obliged to verify the identities of their registrants and names containing certain sensitive terms are not permitted.

Other gTLDs, including .vip, .club, .xyz .site and .shop have been granted approval over the last few months.

Some have chosen to work with registration gateway providers in China to comply with the local rules.

Apart from XYZ.com and Verisign, no registry has sought ICANN approval for their particular implementation of Chinese law.

Because Chinese influence over ICANN is a politically sensitive issue right now, it should be pointed out that the Verification Code Extension is not something that ICANN came up with in response to Chinese demands.

Rather, it’s something Verisign came up with in response to Chinese market realities. ICANN has merely rubber-stamped a service requested by Verisign.

This, in other words, is a case of China flexing market muscle, not political muscle. Verisign, like many other gTLD registries, is over-exposed to the Chinese market.

It should also be pointed out for avoidance of doubt that the Chinese restrictions do not apply to customers of non-Chinese registrars.

However, it appears that Verisign now has a mechanism baked into its .com and .net registries that would make it much easier to implement .com restrictions that other governments might choose to put into their own legislation in future.