Latest news of the domain name industry

Recent Posts

Country names to finally be released in new gTLDs

Kevin Murphy, May 24, 2017, Domain Policy

It looks like hundreds of domain names matching the names of countries are to finally get released from ICANN limbo.

The ICANN board last week passed a resolution calling for the organization to clear a backlog of over 60 registry requests to start selling or using country and territory names in their gTLDs.

Some of the requests date back to 2014. They’ve all been stuck in red tape while ICANN tried to make sure members of the Governmental Advisory Committee was cool with the names being released.

The result of these three years of pondering is scrappy, but will actually allow some names to hit the market this year.

The new resolution calls for ICANN to “take all steps necessary to grant ICANN approvals for the release of country and territory names at the second-level”, but only “to the extent the relevant government has indicated its approval”.

And that’s the catch.

Some governments, such as the US and UK, don’t care who registers matching names. Dozens of others want to vet each registry request on a case-by-case basis.

The wishes of each government are record in a GAC database.

The only territories to so far give a blanket waiver over their names are: Denmark, Finland, Ireland, the Netherlands, Norway, Sweden, the UK, the USA, Guernsey and Pitcairn.

Almost 70 other countries have said they need to be told when a registry wants to sell a domain matching their name. Ten others give carte blanche to closed dot-brands, but require notification in the case of open gTLDs.

The majority of countries in the world have yet to officially express a preference one way or the other.

Of the roughly 60 new gTLD registries to request country name releases over the last few years, the vast majority are dot-brands. The number of open gTLDs with such requests appears to be in the single figures, and the only ones with mass-market appeal appear to be .xyz and .global.

How .com became a restricted TLD

Verisign has been given approval to start restricting who can and cannot register .com and .net domain names in various countries.

Customers of Chinese registrars are the first to be affected by the change to the registry’s back-end system, which was made last year.

ICANN last week gave Verisign a “free to deploy” notice for a new “Verification Code Extension” system that enables the company to stop domains registered via selected registrars from resolving unless the registrant’s identity has been verified and the name is not on China’s banned list.

It appears to be the system Verisign deployed in order to receive its Chinese government license to operate in China.

Under Verification Code Extension, Verisign uses ICANN records to identify which registrars are based in countries that have governmental restrictions. I believe China is currently the only affected country.

Those registrars are able to register domains normally, but Verisign will prevent the names from resolving (placing them in serverHold status and keeping them out of the zone file) unless the registration is accompanied by a verification code.

These codes are distributed to the affected registrars by at least two verification service providers. Verisign, in response to DI questions, declined to name them.

Under its “free to deploy” agreement with ICANN (pdf), Verisign is unable to offer verification services itself. It must use third parties.

The company added the functionality to its .com and .net registry as an option in February 2016, according to ICANN records. It seems to have been implemented last July.

A Verisign spokesperson said the company “has implemented” the system.

The Verification Code Extension — technically, it’s an extension to the EPP protocol pretty much all registries use — was outlined in a Registry Services Evaluation Process request (pdf) last May, and approved by ICANN not long after.

Verisign was approved to operate in China last August in the first wave of gTLD registries to obtain government licenses.

Under Chinese regulations, domain names registered in TLDs not approved by the government may not resolve. Registrars are obliged to verify the identities of their registrants and names containing certain sensitive terms are not permitted.

Other gTLDs, including .vip, .club, .xyz .site and .shop have been granted approval over the last few months.

Some have chosen to work with registration gateway providers in China to comply with the local rules.

Apart from XYZ.com and Verisign, no registry has sought ICANN approval for their particular implementation of Chinese law.

Because Chinese influence over ICANN is a politically sensitive issue right now, it should be pointed out that the Verification Code Extension is not something that ICANN came up with in response to Chinese demands.

Rather, it’s something Verisign came up with in response to Chinese market realities. ICANN has merely rubber-stamped a service requested by Verisign.

This, in other words, is a case of China flexing market muscle, not political muscle. Verisign, like many other gTLD registries, is over-exposed to the Chinese market.

It should also be pointed out for avoidance of doubt that the Chinese restrictions do not apply to customers of non-Chinese registrars.

However, it appears that Verisign now has a mechanism baked into its .com and .net registries that would make it much easier to implement .com restrictions that other governments might choose to put into their own legislation in future.

Registrars say Amazon is “closing” open gTLD

Kevin Murphy, April 25, 2016, Domain Registries

A group comprising some of the largest domain registrars has claimed Amazon is attempting to close off a new gTLD that it previously indicated would be unrestricted.

The 12-strong group, which includes Go Daddy, Network Solutions and Tucows, also claims that the company’s proposal for a “Registration Authentication Platform” is anti-competitive.

The complaints follow Amazon’s filing of a Registry Services Evaluation Process request with ICANN in March.

The RSEP speaks in broad terms about rejigging the conventional domain registration path so that all .moi sales are funneled through Amazon’s registry site, where registrants will have their eligibility verified and then be offered a set of add-on “technology tools” before being bounced back to their chosen registrar.

Amazon hasn’t said who will be eligible to register .moi domains, nor has it explained what technology tools it plans to offer. I expect the tools will include things such as hosting and security, where many registrars currently make money.

Unsurprisingly, many registrars are not happy about these vague proposals.

In a comment (pdf) to the RSEP filed yesterday, they said:

Ultimately, the use of pre-registration verification and “optional” value added services will negatively impact competition. By tying both practices in a TLD, a TLD Operator can create a “captive audience” via the pre-registration verification and then offering optional services. This will effectively bypass the existing registration and purchase process, putting TLD Operator in a privileged position. The TLD is set up to capture customers earned via the Registrars marketing efforts to promote its own tools and services.

It’s not unusual for “sponsored” or “restricted” gTLDs to implement registry-side verification, they admitted, but said that .moi is meant to be “open”.

They wrote:

While this practice is not explicitly prohibited under gTLDs, we believe that post-delegation inclusion of these practices should only be allowed in compelling circumstances because they are, in effect, retroactively “closing” what was applied for and approved to be operated as an open, generic TLD.

Amazon’s application for .moi, like all of its new gTLD applications, is not entirely clear on what the company’s plans are. There’s vague talk about eligibility, but no details and nothing substantial to suggest a tightly restricted zone.

The signatories to the registrar comment represent the majority of registered domain names. They are: Astutium, Blacknight Internet Solutions, Domain.com, EuroDNS, GoDaddy.com, OpenproviderNetEarth One, Key-Systems, Netistrar, Network Solutions, Nordreg, Realtime Register, Tucows Domains.

One registrar, Com Laude, whose sister company Valideus handles Amazon’s gTLD applications, wrote a comment (pdf) expressing the opposite view.

Com Laude says that it’s not unusual for registries to require registry-side verification. It points to .bank, .pharmacy and .travel as examples.

The company also claims that the 12 registrars are in essence complaining about the idea of vertical integration — where registries and registrars are under common ownership — which is already in place at companies such as Uniregistry and Rightside.

Com Laude’s Jeff Neuman wrote:

We do not believe that it is unacceptable for a company like Amazon to do what these other companies have been doing for some time. To apply different standards to Amazon Registry than it does for each of the other vertically integrated entities would single them out for disparate treatment – especially when there is no factual basis to believe that Amazon Registry has not adhered to its vertical integration-related obligations under the Registry Agreement.

What’s going on here, I suspect, is a bit of a proxy war.

Neither Amazon nor the registrars care a great deal about .moi, I think. The gTLD is merely a canary for Amazon’s 30-odd yet-to-be-launched gTLDs. The company has the rights to potentially more attractive strings, including .book, .song and .tunes.

Amazon originally wanted to make these strings “closed generics”, or what ICANN calls “exclusive access” gTLDs, where only Amazon could register names.

It has since disavowed such plans, but still hasn’t said who will be able to register names in its portfolio or how they will prove eligibility.

.moi was not originally identified as a closed generic by ICANN, but it could represent a model for what Amazon plans to do with the rest of its stable.

Amazon plotting registrar workaround?

Amazon has given an early hint at how it may manage its new gTLD registries.

The company seems to be planning to make its own web site the place to go to for its new gTLD domains, relegating registrars to secondary players in the sales path.

It also seems to be planning to up-sell registrants with services, possibly including hosting, before they even get to the registrar’s storefront.

Amazon has filed a Registry Services Evaluation Process request with ICANN, relating to its gTLD .moi (French for “.me”) covering a “Registration Authentication Platform”.

.moi isn’t a brand, but Amazon says it plans to verify registrant “eligibility” before allowing a registration to take place.

To date, it has not revealed what the eligibility requirements for .moi are.

Its RSEP filing says that it intends to offer registrants a suite of optional add-on “technology tools or applications” at the point of verification.

Crucially, that’s before they get bounced to their registrar of choice to actually register the name.

Amazon is basically putting its up-sell pitch into the sales path before registrars get to do the same.

The RSEP explains it like this:

After the customer selects the Technology Tools of interest and/or ancillary products or services (if any), the customer will select its registrar of choice from among the complete list of .MOI-accredited registrars and be directed to that registrar’s site to permit that registrar to collect the required registrant information for the domain name registration, and to submit payment for the selected .MOI domain name. Upon completion of these steps, the registrar, through the normal EPP processes, shall transmit the required registration information to the Registry and the .MOI domain name shall be registered. A customer that first visits a .MOI-accredited registrar’s website will be directed to the Registry’s .MOI website to undergo the process noted above. After pre-registration policy verification, those customers will be transitioned back to the originating registrar’s site.

The RSEP does not explain what the “technology tools” are, but I’d be very surprised if they did not include for example web hosting, a staple higher-margin registrar product.

It’s not entirely clear what, if any, consultations Amazon has had with registrars regarding its proposals. The RSEP language is evasive:

Amazon Registry reached out to several registrars to have general discussions about their experience with pre-registration policy verification and how that experience (including customer experience) could be improved. Any consultations that may have occurred regarding the Technology Tools and the ancillary products and services would have occurred subject to a Mutual Non-Disclosure Agreement and cannot be disclosed.

Currently, the RSEP only covers .moi. Amazon would have to file additional RSEPs if it wanted the new service applied to its 32-TLD-strong portfolio, which includes the likes of .book, .song and .tunes.

ICANN has already made a preliminary determination that the RSEP “does not raise significant competition, security or stability issues”.

As usual, there’s a public comment period, which ends April 14.

XYZ to put global block on domains banned in China

Kevin Murphy, October 12, 2015, Domain Registries

XYZ.com plans to slap a global ban on domain names censored by the Chinese government.

Chinese words meaning things such as “human rights” and “democracy” are believed to be on the block list, which an industry source says could contain as many as 40,000 words, names and phrases.

(UPDATE: Gavin Brown, CTO of XYZ back-end CentralNic, tweeted that the list is nowhere near 40,000 names long.)

The registry seems to be planning to allow the Chinese government to censor its new gTLDs, which include .xyz, .college, .rent, .protection and .security, in every country of the world.

And it might not be the last non-Chinese registry to implement such a ban.

The surprising revelation came in a fresh Registry Services Evaluation Process request (pdf), filed with ICANN on Friday.

The RSEP asks ICANN to approve the use of a gateway service on the Chinese mainland, which the company says it needs in order to comply with Chinese law.

As previously reported, Chinese citizens are allowed to register domains in non-Chinese registries, but they may not activate them unless the registry complies with the law.

That law requires the registry to be located on the Chinese mainland. XYZ plans to comply by hiring local player ZDNS to proxy its EPP systems and mirror its Whois.

But the Chinese government also bans certain strings — which I gather are mostly but not exclusively in Chinese script — from being registered in domain names.

Rather than block them at the ZDNS proxy, where only Chinese users would be affected, XYZ has decided to ban them internationally.

Registrants in North America or Europe, for example, will not be able to register domains that are banned in China. XYZ said in its RSEP:

XYZ will reserve names prohibited for registration by the Chinese government at the registry level internationally, so the Gateway itself will not need to be used to block the registration of of any names. Therefore, a registrant in China will be able to register the same domain names as anyone else in the world.

It seems that XYZ plans to keep its banned domain list updated as China adds more strings to its own list, which I gather it does regularly.

Customers outside of China who have already registered banned domains will not be affected, XYZ says.

If China subsequently bans more strings, international customers who already own matching domains will also not be affected, it says.

CEO Daniel Negari told DI: “To be clear, we will not be taking action against names registered outside of China based on Chinese government requests.”

But Chinese registrants do face the prospect losing their domains, if China subsequently bans the words and XYZ receives a complaint from Chinese authorities.

“We treat requests from the Chinese government just like we treat requests from the US government or any other government,” Negari said.

“When we receive a valid government or court order to take action against a name and the government has jurisdiction over the registration, we will take action the registration,” he said.

Up to a third of the .xyz zone — about three hundred thousand names — is believed to be owned by Chinese registrants who are currently unable to actually use their names.

The company clearly has compelling business reasons to comply with Chinese law.

But is giving the Chinese government the ongoing right to ban tens of thousands of domain names internationally a step too far?

ICANN allows anyone to file public comments on RSEP requests. I expect we’ll see a few this time.