Latest news of the domain name industry

Recent Posts

Registrars say Amazon is “closing” open gTLD

Kevin Murphy, April 25, 2016, Domain Registries

A group comprising some of the largest domain registrars has claimed Amazon is attempting to close off a new gTLD that it previously indicated would be unrestricted.

The 12-strong group, which includes Go Daddy, Network Solutions and Tucows, also claims that the company’s proposal for a “Registration Authentication Platform” is anti-competitive.

The complaints follow Amazon’s filing of a Registry Services Evaluation Process request with ICANN in March.

The RSEP speaks in broad terms about rejigging the conventional domain registration path so that all .moi sales are funneled through Amazon’s registry site, where registrants will have their eligibility verified and then be offered a set of add-on “technology tools” before being bounced back to their chosen registrar.

Amazon hasn’t said who will be eligible to register .moi domains, nor has it explained what technology tools it plans to offer. I expect the tools will include things such as hosting and security, where many registrars currently make money.

Unsurprisingly, many registrars are not happy about these vague proposals.

In a comment (pdf) to the RSEP filed yesterday, they said:

Ultimately, the use of pre-registration verification and “optional” value added services will negatively impact competition. By tying both practices in a TLD, a TLD Operator can create a “captive audience” via the pre-registration verification and then offering optional services. This will effectively bypass the existing registration and purchase process, putting TLD Operator in a privileged position. The TLD is set up to capture customers earned via the Registrars marketing efforts to promote its own tools and services.

It’s not unusual for “sponsored” or “restricted” gTLDs to implement registry-side verification, they admitted, but said that .moi is meant to be “open”.

They wrote:

While this practice is not explicitly prohibited under gTLDs, we believe that post-delegation inclusion of these practices should only be allowed in compelling circumstances because they are, in effect, retroactively “closing” what was applied for and approved to be operated as an open, generic TLD.

Amazon’s application for .moi, like all of its new gTLD applications, is not entirely clear on what the company’s plans are. There’s vague talk about eligibility, but no details and nothing substantial to suggest a tightly restricted zone.

The signatories to the registrar comment represent the majority of registered domain names. They are: Astutium, Blacknight Internet Solutions, Domain.com, EuroDNS, GoDaddy.com, OpenproviderNetEarth One, Key-Systems, Netistrar, Network Solutions, Nordreg, Realtime Register, Tucows Domains.

One registrar, Com Laude, whose sister company Valideus handles Amazon’s gTLD applications, wrote a comment (pdf) expressing the opposite view.

Com Laude says that it’s not unusual for registries to require registry-side verification. It points to .bank, .pharmacy and .travel as examples.

The company also claims that the 12 registrars are in essence complaining about the idea of vertical integration — where registries and registrars are under common ownership — which is already in place at companies such as Uniregistry and Rightside.

Com Laude’s Jeff Neuman wrote:

We do not believe that it is unacceptable for a company like Amazon to do what these other companies have been doing for some time. To apply different standards to Amazon Registry than it does for each of the other vertically integrated entities would single them out for disparate treatment – especially when there is no factual basis to believe that Amazon Registry has not adhered to its vertical integration-related obligations under the Registry Agreement.

What’s going on here, I suspect, is a bit of a proxy war.

Neither Amazon nor the registrars care a great deal about .moi, I think. The gTLD is merely a canary for Amazon’s 30-odd yet-to-be-launched gTLDs. The company has the rights to potentially more attractive strings, including .book, .song and .tunes.

Amazon originally wanted to make these strings “closed generics”, or what ICANN calls “exclusive access” gTLDs, where only Amazon could register names.

It has since disavowed such plans, but still hasn’t said who will be able to register names in its portfolio or how they will prove eligibility.

.moi was not originally identified as a closed generic by ICANN, but it could represent a model for what Amazon plans to do with the rest of its stable.

Amazon plotting registrar workaround?

Amazon has given an early hint at how it may manage its new gTLD registries.

The company seems to be planning to make its own web site the place to go to for its new gTLD domains, relegating registrars to secondary players in the sales path.

It also seems to be planning to up-sell registrants with services, possibly including hosting, before they even get to the registrar’s storefront.

Amazon has filed a Registry Services Evaluation Process request with ICANN, relating to its gTLD .moi (French for “.me”) covering a “Registration Authentication Platform”.

.moi isn’t a brand, but Amazon says it plans to verify registrant “eligibility” before allowing a registration to take place.

To date, it has not revealed what the eligibility requirements for .moi are.

Its RSEP filing says that it intends to offer registrants a suite of optional add-on “technology tools or applications” at the point of verification.

Crucially, that’s before they get bounced to their registrar of choice to actually register the name.

Amazon is basically putting its up-sell pitch into the sales path before registrars get to do the same.

The RSEP explains it like this:

After the customer selects the Technology Tools of interest and/or ancillary products or services (if any), the customer will select its registrar of choice from among the complete list of .MOI-accredited registrars and be directed to that registrar’s site to permit that registrar to collect the required registrant information for the domain name registration, and to submit payment for the selected .MOI domain name. Upon completion of these steps, the registrar, through the normal EPP processes, shall transmit the required registration information to the Registry and the .MOI domain name shall be registered. A customer that first visits a .MOI-accredited registrar’s website will be directed to the Registry’s .MOI website to undergo the process noted above. After pre-registration policy verification, those customers will be transitioned back to the originating registrar’s site.

The RSEP does not explain what the “technology tools” are, but I’d be very surprised if they did not include for example web hosting, a staple higher-margin registrar product.

It’s not entirely clear what, if any, consultations Amazon has had with registrars regarding its proposals. The RSEP language is evasive:

Amazon Registry reached out to several registrars to have general discussions about their experience with pre-registration policy verification and how that experience (including customer experience) could be improved. Any consultations that may have occurred regarding the Technology Tools and the ancillary products and services would have occurred subject to a Mutual Non-Disclosure Agreement and cannot be disclosed.

Currently, the RSEP only covers .moi. Amazon would have to file additional RSEPs if it wanted the new service applied to its 32-TLD-strong portfolio, which includes the likes of .book, .song and .tunes.

ICANN has already made a preliminary determination that the RSEP “does not raise significant competition, security or stability issues”.

As usual, there’s a public comment period, which ends April 14.

XYZ to put global block on domains banned in China

Kevin Murphy, October 12, 2015, Domain Registries

XYZ.com plans to slap a global ban on domain names censored by the Chinese government.

Chinese words meaning things such as “human rights” and “democracy” are believed to be on the block list, which an industry source says could contain as many as 40,000 words, names and phrases.

(UPDATE: Gavin Brown, CTO of XYZ back-end CentralNic, tweeted that the list is nowhere near 40,000 names long.)

The registry seems to be planning to allow the Chinese government to censor its new gTLDs, which include .xyz, .college, .rent, .protection and .security, in every country of the world.

And it might not be the last non-Chinese registry to implement such a ban.

The surprising revelation came in a fresh Registry Services Evaluation Process request (pdf), filed with ICANN on Friday.

The RSEP asks ICANN to approve the use of a gateway service on the Chinese mainland, which the company says it needs in order to comply with Chinese law.

As previously reported, Chinese citizens are allowed to register domains in non-Chinese registries, but they may not activate them unless the registry complies with the law.

That law requires the registry to be located on the Chinese mainland. XYZ plans to comply by hiring local player ZDNS to proxy its EPP systems and mirror its Whois.

But the Chinese government also bans certain strings — which I gather are mostly but not exclusively in Chinese script — from being registered in domain names.

Rather than block them at the ZDNS proxy, where only Chinese users would be affected, XYZ has decided to ban them internationally.

Registrants in North America or Europe, for example, will not be able to register domains that are banned in China. XYZ said in its RSEP:

XYZ will reserve names prohibited for registration by the Chinese government at the registry level internationally, so the Gateway itself will not need to be used to block the registration of of any names. Therefore, a registrant in China will be able to register the same domain names as anyone else in the world.

It seems that XYZ plans to keep its banned domain list updated as China adds more strings to its own list, which I gather it does regularly.

Customers outside of China who have already registered banned domains will not be affected, XYZ says.

If China subsequently bans more strings, international customers who already own matching domains will also not be affected, it says.

CEO Daniel Negari told DI: “To be clear, we will not be taking action against names registered outside of China based on Chinese government requests.”

But Chinese registrants do face the prospect losing their domains, if China subsequently bans the words and XYZ receives a complaint from Chinese authorities.

“We treat requests from the Chinese government just like we treat requests from the US government or any other government,” Negari said.

“When we receive a valid government or court order to take action against a name and the government has jurisdiction over the registration, we will take action the registration,” he said.

Up to a third of the .xyz zone — about three hundred thousand names — is believed to be owned by Chinese registrants who are currently unable to actually use their names.

The company clearly has compelling business reasons to comply with Chinese law.

But is giving the Chinese government the ongoing right to ban tens of thousands of domain names internationally a step too far?

ICANN allows anyone to file public comments on RSEP requests. I expect we’ll see a few this time.

Sharp wants dot-brand Whois requirement relaxed

Electronics firm Sharp wants to remove part of its new gTLD registry contract relating to Whois.

The company has filed a Registry Services Evaluation Process request to get its requirement to offer “searchable Whois” dropped. RSEP is the mechanism registries use to amend their contracts.

ICANN’s initial review has not found any security, stability or competition problems and has now opened the request up for public comment.

Because .sharp will be a dot-brand, all the domains would belong to Sharp and its affiliates, reducing the value of searchable Whois.

Searchable Whois is an enhanced Whois service that allows users to search on all fields (such as registrant, email address, etc) rather than just the domain name.

Such services are not mandatory under ICANN’s new gTLD rules, but applicants that said they would offer them could score an extra point in their Initial Evaluation.

In Sharp’s case, a one-point difference would not have affected the outcome of its IE. In any event, it did not score the extra point.

Sharp said it was requesting the change because it’s switching back-ends from GMO Internet to JPRS, which apparently does not or does not want to support searchable Whois.

Governments totally cool with two-letter domains

Kevin Murphy, October 13, 2014, Domain Registries

ICANN’s Governmental Advisory Committee does not plan to advise against the release of two-character domain names in new gTLDs.

In fact, judging by a GAC discussion at ICANN 51 in Los Angeles yesterday, the governments of many major nations are totally cool with the idea.

Under the standard Registry Agreement for new gTLD registries, all two-character domains (any combination of letters, numbers) must not be sold or activated in the DNS.

The blanket ban was designed to avoid clashes with two-letter ccTLD codes, both existing and future.

ICANN left the door open for registries to request the release of such names, however, and many companies have formally applied to do so via the Registry Services Evaluation Process.

Some registries want all two-character domains released, others have only asked for permission to sell those strings that do not match allocated ccTLDs.

There seems to have been an underlying assumption that governments may want to protect their geographic turf. That assumption may turn out to be untrue.

Representatives from the United States, Netherlands, Spain, Denmark, Australia, Austria and Iran all said yesterday that the GAC should not issue formal advice against the the two-character proposals.

No governments opposed that apparent consensus view.

“The use of the ‘US’ two-letter country code at the second level has not presented any technical or policy issues for the United States,” US rep Suzanne Radell said.

“We, in fact, do not require any approval for the use of US two-character country codes at the second level in existing gTLDs, and do not propose to require anything for new gTLDs,” she said.

She even highlighted domains such as us.com and us.org — which are marketed by UK-based CentralNic as alternatives to the .us ccTLD — as being just fine and dandy with the US government.

It seems likely that the GAC will instead suggest to ICANN that it is the responsibility of individual governments to challenge the registries’ requests via the RSEP process.

“What we see at the moment is that ICANN is putting these RSEP requests out for public comment and it would be open to any government to use that public comment period if they did feel in some instances that there was a concern,” Australian GACer Peter Nettlefold said.

I’ve not been able to find any government comments to the relevant RSEP requests.

For example, Neustar’s .neustar, which proposes the release of all two-character strings including country codes, has yet to receive a comment from a government.

Many comments in other RSEP fora appear to be from fellow dot-brand registries that want to use two-letter codes to represent the countries where they operate.

Wikipedia to get single-letter .wiki domain

Top Level Design has scored a bit of a coup for its forthcoming .wiki gTLD — Wikimedia Foundation, which runs Wikipedia, has signed up as an anchor tenant.

According to the registry, Wikimedia will use w.wiki as a URL shortener and they’re in talks about other domains.

The company has also applied to ICANN to release hundreds of two-letter language codes that the foundation wants to use for language-specific short links.

The deal is reminiscent of .CO Internet’s launch, when it allocated the now-ubiquitous t.co for Twitter’s in-house URL shortener, giving it a much-needed marketing boost.

The deal for two-letter domains stands only a slim chance of of being ready in time for .wiki’s general availability, scheduled for May 26, in my view.

Under ICANN’s standard Registry Agreement, all two-character strings are blocked, in order to avoid clashes with country codes used in the ccTLD naming schema.

Top Level Design has now used the Registry Services Evaluation Process to try to get 179 two-letter strings, each of which represents a language code, unblocked.

Wikimedia explicitly endorses the proposal, in a letter attached to the March 11 RSEP (pdf)

The organization plans to use domains such as fr.wiki to redirect to French-language Wikipedia pages and so forth.

It remains to be seen whether ICANN will approve the request. It’s previously been envisaged that registries would approach each country individually to have its ccTLD’s matching string released.

Top Level Design points out that the strings it wants unblocked are from the ISO 639-1 language codes list, not the ISO 3166-1 lists from which ccTLD names are drawn.

But it’s a bit of an argument to nowhere — the strings are identical in most cases.

Under the RSEP policy, Top Level Design really should have been given a preliminary determination by now. It filed its request March 11 but it was only posted last week.

The clock, which gives ICANN 15 days to give the nod or not, may have only just started.

After the preliminary determination, there would be a public comment period and a board of directors decision. The timetable for this would not allow .wiki to launch with the two-letter names active.

But even with the delay, it seems that the registry will be coming out of the door with at least one strong anchor tenant, which is something most new gTLDs have so far failed to manage.

VeriSign yanks domain seizure power request

Kevin Murphy, October 13, 2011, Domain Registries

That was quick.

VeriSign has withdrawn its request for new powers to delete domain names being used for abusive purposes, just a few days after filing it with ICANN.

The company had proposed a policy that would give law enforcement the ability to seize .com and .net names apparently without a court order, and a new malware scanning service.

The former came in for immediate criticism from groups including the American Civil Liberties Union and the Electronic Frontier Foundation, while the latter appeared to have unnerved some registrars.

But now both proposals have been yanked from ICANN’s Registry Services Evaluation Process queue.

This is not without precedent. Last year, VeriSign filed for and then withdrew requests to auction off one-letter .net names and a “Domain Name Exchange” service that looked a bit like domain tasting.

Both came in for criticism, and have not reappeared.

Whether the latest abuse proposals will make a reappearance after VeriSign has had time to work out some of the more controversial kinks remains to be seen.

VeriSign’s .com takedown power grab causing controversy

Kevin Murphy, October 11, 2011, Domain Policy

VeriSign’s request for a wide-ranging set of powers that would enable it to shut down .com and .net domain names that are suspected of abuse is already attracting criticism.

The proposals came in a Registry Services Evaluation Process request to ICANN that I reported on for The Register this morning.

It’s asking (pdf) to be able to create a new anti-abuse policy that would refocus many of the controls currently in the hands of registrars to the registry level instead.

The policy would “allow the denial, cancellation or transfer” of any VeriSign-managed domain if any any of these conditions were triggered:

(a) to protect the integrity, security and stability of the DNS;

(b) to comply with any applicable court orders, laws, government rules or requirements, requests of law enforcement or other governmental or quasi-governmental agency, or any dispute resolution process;

(c) to avoid any liability, civil or criminal, on the part of Verisign, as well as its affiliates, subsidiaries, officers, directors, and employees;

(d) per the terms of the registration agreement,

(e) to respond to or protect against any form of malware (defined to include, without limitation, malicious code or software that might affect the operation of the Internet),

(f) to comply with specifications adopted by any industry group generally recognized as authoritative with respect to the Internet (e.g., RFCs),

(g) to correct mistakes made by Verisign or any Registrar in connection with a domain name registration, or

(h) for the non-payment of fees to Verisign. Verisign also reserves the right to place upon registry lock, hold or similar status a domain name during resolution of a dispute;

As you can see, that’s a pretty broad range of justifications.

Notably, it would enable a domain to be canceled or transferred at the “requests of law enforcement or other governmental or quasi-governmental agency”, which would seem to circumvent the current practice of a court order being obtained before a domain is seized.

The question of what constitutes a “quasi-governmental agency” is also interesting. Is ICANN itself such a thing?

The policy would also enable a take-down “to avoid any liability, civil or criminal”, which seems to be just begging for VeriSign to be named spuriously in commercial lawsuits between .com registrants.

The RSEP also suggests that VeriSign plans to extend its hand of friendship to law enforcement agencies from outside the US:

Pilots with European Law Enforcement, Government CERTS and Registrars are planned, and other global test pilots will follow, to ensure global collaboration in the continuing development of the procedures.

Today, US agencies can get court orders instructing VeriSign to hand over domains. While imposing US law on .com owners from other countries is controversial, at least overseas registrants know where they stand.

Now VeriSign is talking about cooperating with European law enforcement agencies too.

At the risk of getting dangerously close to invoking Godwin’s Law, this brings us back to an old jurisdictional problem – what if the French police demand the seizure of a .com site selling Nazi memorabilia, which is illegal in France but legal in the US, for example?

Taking it a step further, what if VeriSign starts entertaining takedown requests from some of the world’s least pleasant theocracies, banana republics and dictatorships?

Half of .com could disappear overnight.

Since VeriSign has a business to run, that’s obviously not going to happen. So the company is going to have to draw a line somewhere, separating criminality from legitimate behavior and free speech.

I’m speculating wildly here, of course, but the RSEP doesn’t contain nearly enough detailed information about VeriSign’s proposed procedures to make a more informed analysis.

VeriSign knows what it is proposing is controversial. The RSEP says:

Registrants may be concerned about an improper takedown of a legitimate website. Verisign will be offering a protest procedure to support restoring a domain name to the zone.

The proposals have been made following many months of discussions between registries, registrars, law enforcement agencies and other community stakeholders.

It’s not entirely clear from VeriSign’s RSEP, which sometimes confusingly conflates the abuse policy with a separate proposed malware scanning service, how a takedown notice would be processed.

One likely reading is that VeriSign would act almost like a centralized clearinghouse for takedown requests, forwarding them to individual registrars for enforcement.

The registrars could be obliged by the terms of an amended Registry-Registrar Agreement to follow whatever process had been laid down.

There seems to be some concern in the ICANN community about this.

ICANN senior VP of stakeholder relations Kurt Pritz recently sent a document to PIR’s David Maher and Oversee.net’s Mason Cole outlining the procedure for amending the RRA.

The flowchart (pdf) describes a trilateral negotiation between the registry proposing the change, the Registrars Stakeholder Group and ICANN, with the ICANN board having the ultimate decision-making authority.

However this proceeds through ICANN, it’s going to cause some heated community debate.

Registry objects to .jobs shutdown threat

Employ Media will appeal ICANN’s threatened termination of its .jobs registry contract.

The company released a statement (pdf) late yesterday, following ICANN’s unprecedented threat, in which it said ICANN’s claims are “utterly without merit”.

“We view the substance of this notice to be a surprising reversal of position and contradictory to prior decisions issued by its Board of Directors,” the company said.

ICANN yesterday gave Employ Media until the end of the month to cancel its agreement to provide 40,000 .jobs domains to the DirectEmployers Association for its Universe.jobs employment board.

The organization said the allocation of the domains for non-human-resources purposes went against the letter, spirit and intent of the registry’s contract and Charter.

It essentially boils down to a claim that Employ Media hacked its contract to allow it to start making money on names beyond the limited scope of its original “sponsored” community TLD.

The .jobs TLD was originally pitched as a space for corporate HR pages, not independent jobs sites. With Universe.jobs, half of the namespace is an independent jobs site. Employ Media is believed to have a revenue-sharing arrangement with DirectEmployers.

The ICANN breach notice was welcomed by the .JOBS Charter Compliance Coalition, the ad hoc trade group formed by major commercial jobs sites to fight Universe.jobs.

Peter Weddle, executive director of the International Association of Employment Web Sites, said in a press release:

the Dot Jobs Universe was not an innovation but rather an unprecedented attempt by a registry operator to misappropriate an entire TLD for itself and its alliance partner in blatant disregard of ICANN’s rules.

Employ Media disagrees, of course, saying that Universe.jobs came about as a result of its “Phased Allocation” liberalization plan, which was approved by ICANN’s Registry Services Evaluation Process and then survived a Reconsideration Request filed by the Coalition.

The company said: “it is imperative for registry operators to have predictability in the performance of duties and that ICANN has a responsibility to honor its commitments with contracted parties.”

Its registry contract contains a dispute resolution procedure that first calls for bilateral talks and, failing agreement, arbitration via the International Chamber of Commerce.

ICANN threatens to shut down .jobs

Kevin Murphy, February 28, 2011, Domain Registries

In an unprecedented move, ICANN has threatened to cancel a top-level domain registry operator’s contract.

Employ Media, the .jobs registry, faces losing its TLD if it does not shut down Universe.jobs, the controversial jobs board operated by its partner, the DirectEmployers Association.

In a letter to the company (pdf), ICANN general counsel John Jeffrey wrote:

By not establishing any meaningful restrictions on who may register second level registrations in the .JOBS TLD, Employ Media put in operation a TLD where anyone can register names, thus defeating the purpose for which the sponsored TLD came into existence.

We are calling on Employ Media to take immediate actions to implement restricted registration policies that support the purpose for which the .JOBS top-level domain was established, and to cancel registrations and/or disavow themselves of the benefits of any registrations that are owned by related parties, if any.

The move comes following a complaint filed by the so-called .JOBS Charter Compliance Coalition, made up of jobs board such as Monster.com and CollegeRecruiter.com.

They’re annoyed that the registry licensed 40,000 premium geographic and vocational .jobs domains to DirectEmployers for Universe.jobs, which has started to compete with them.

Jeffrey wrote:

It appears that Employ Media and SHRM, through the Direct Employers Association, intend to use the .JOBS TLD primarily to compete with other internet job boards. Such use is inconsistent with the purpose stated in the .JOBS Charter and represented to the ICANN community.

The deal came as a result of a change to the .jobs registry contract, made through ICANN’s Registry Services Evaluation Process, that allowed Employ Media to lift a rule that restricted registered domain names only to the names of companies.

What the RSEP didn’t do was change the .jobs Charter, which restricts “who” may register .jobs domains. Yet, weirdly, the Charter is partly the basis for ICANN’s threat.

Jeffrey refers to the Charter restrictions, which are easily circumvented, as “specious” and “do not serve the international human resource management community”.

This is the Charter that ICANN approved back in 2005, and which hasn’t changed since, remember.

To come back into compliance, ICANN wants Employ Media to shut down Universe.jobs and get back to selling company-name registrations.

I think it’s likely Employ Media will appeal, possibly by taking the case to arbitration, as its contract allows.