Latest news of the domain name industry

Recent Posts

.security names priced at $3,000, .theatre at $750

Kevin Murphy, January 20, 2016, Domain Registries

XYZ.com may be best known for its budget .xyz gTLD, but its portfolio is increasingly leaning toward the super-premium end of the industry price range.

The company entered Early Access Period with its .security, .protection and .theatre gTLDs today, and they ain’t cheap.

.security and .protection are expected to carry retail prices of $3,000 a year, when they hit general availability a week from now.

Today, they’re $65,000 apiece, with the price reducing to $35,000, $15,000, $8,750 and $5,000 over the coming days.

Meanwhile, .theatre starts at $64,000, going down to $32,000, $14,000, $7,000 and $4,000 before finally settling at the GA RRP of $750.

All three gTLDs were acquired by XYZ.com from other applicants.

That was also the case for .cars, .car and .auto, which XYZ runs in a joint venture with Uniregistry, where retail prices are roughly $2,500.

In terms of competition, .security and .protection are probably up against .trust, while .theatre may well find itself in competition with .tickets, which has made inroads in Broadway.

Afilias $10 million court win slashed by judge

Kevin Murphy, January 18, 2016, Domain Services

A US judge has dramatically reduced a $10 million ruling Afilias won against Architelos in a trade secrets case.

Architelos, which a jury decided had misappropriated trade secrets from Afilias in order to build its patented NameSentry domain security service, may even be thrown a lifeline enabling it to continue business.

A little over a week ago, the judge ordered (pdf) that the $10 million judgment originally imposed by the jury should be reduced to $2 million.

That won’t be finalized, however, until she’s ruled on an outstanding injunction demanded by Afilias.

The judge said in court that the original jury award had been based on inflated Architelos revenue projections.

The company has made only around $300,000 from NameSentry subscriptions since launch, and its sales pipeline dried up following the jury’s verdict in August.

The service enables TLD registries to track and remediate domain abuse. It was built in part by former Afilias employees.

Afilias has a similar in-house system, not available on the open market, used by clients of its registry back-end business.

Even a reduced $2 million judgment is a bit too rich for Architelos, which is desperately trying to avoid bankruptcy, according to court documents.

But the judge seems to be considering an injunction that would enable Architelos to continue to exist.

It may even be permitted to sell NameSentry, as long as it gives almost a third of the product’s revenue to Afilias for up to five years or until the $2 million is paid off.

The injunction might also grant joint ownership of the disputed patents to the two companies, allowing them to jointly profit from the technology.

This has all yet to be finalized, however, and Afilias can always appeal whatever injunction the judge comes up with.

It emerged in court earlier this month that Architelos offered to give full ownership of its patent, along with NameSentry itself, to Afilias in order to settle the suit, but that Afilias refused.

Afilias is also suing Architelos over the same matters in Canada, but that case is progressing much more slowly.

Afilias seeks to freeze Architelos patent after $10m lawsuit win

Kevin Murphy, December 22, 2015, Domain Registries

Afilias seems bent on burying domain security software maker Architelos, after winning a $10 million lawsuit against it.

The registry on Friday filed a court motion to freeze the patent at the heart of the lawsuit, which Afilias says — and a jury agreed — was based on trade secrets misappropriated by former Afilias employees.

Afilias said it wants to make sure Architelos does not attempt to sell the so-called ‘801 patent, which covers domain abuse-monitoring software.

Its motion asks for a court order “prohibiting Architelos from taking any action that would dilute… or diminish Architelos’ rights or ownership interests” in the patent.

It notes that Architelos has stated that it does not have the means to pay the $10 million damages awarded by a jury in August, which might give it a reason to try to sell the patent.

Afilias said Architelos had “raised the prospect of bankruptcy” during post-trial negotiations.

The motion seems to have been filed now because the judge in the case is taking an unusually long time to render her final judgment.

Despite the case being heard on a so-called “rocket docket” in Virginia, the two companies haven’t heard a peep out of the court since late October.

According to Afilias’ motion, the judge has indicated that Afilias will wind up at least partially owning the ‘801 patent, but that the jury’s $10 million verdict may be “tweaked”.

Judging by a transcript of the August jury trial, the judge herself was not particularly impressed with Afilias’ case and did not expect the jury to crucify Architelos so badly.

Out of the jury’s earshot, she encouraged Afilias to attempt to settle the case and said “if the jury verdict comes in against what I think is the clear weight of the evidence, I will most likely adjust it.”

She also said: “I would have trouble believing that any reasonable jury would find even if they were to award damages to the plaintiff that there’s any significant amount here.”

She clearly misread the jury, which a few days later handed Afilias every penny of the $10 million it had asked for.

That’s much more money than Architelos is believed to have made in revenue since it launched four years ago.

Afilias’ latest motion is set to be heard in court in early January.

ICANN security advisor predicts “hundreds” of new gTLDs will “go dark”

Kevin Murphy, December 4, 2015, Domain Registries

A security company led by a member of ICANN’s top security committee reckons that “hundreds” of new gTLDs are set to fail, leading to web sites “going dark”.

Internet Identity, which provides threat data services, made the prediction in a press release this week.

IID’s CTO, quoted in the release, is Rod Rasmussen. He’s a leading member of the Anti-Phishing Working Group, as well as a member of ICANN’s influential Security and Stability Advisory Committee.

He has a dim view of new gTLDs:

Most new gTLDs have failed to take off and many have already been riddled with so many fraudulent and junk registrations that they are being blocked wholesale. This will eventually cause ripple effects on the entire domain registration ecosystem, including consolidation and mass consumer confusion as unprofitable TLDs are dropped by their sponsoring registries.

The press release acknowledges that ICANN has an Emergency Back-End Registry Operator (EBERO) program, which will keep failing gTLDs alive for up to three years after the original registry operator goes out of business.

But it continues:

questions abound as to who would risk an investment in poorly performing TLDs, especially as they start to number in the hundreds. “That’s why eventually some are going to just plain go dark,” added Rasmussen.

The prediction is for “2017 and beyond”. Given the existence of the EBERO, we’re probably looking at 2020 before IID’s claim can be tested.

It’s a bit of a strange prediction to come out of a security company.

The whole point of EBERO is to make sure domain names do not go dark, giving either the registry the chance to sell on the gTLD or the registrants a three-year heads-up that they need to migrate to a different TLD.

It would be a bit like being told that there’s a horrible bit of malware that is set to brick your computer, but that you’ll be fine if you change your anti-virus provider in the next three years.

I could live with that kind of security threat, personally.

But what are the chances of hundreds of live, non-dot-brand going fully post-EBERO dead in the next few years?

I’d say evidence to date shows the risk may be over-stated. It may happen to a small number of TLDs, but to “hundreds”?

We’ve already seen new gTLD registries essentially fail, and they’ve been taken over by others even when they’re by definition not profitable.

Notably, .hiv — which has a contractual agreement with ICANN to not turn a profit — failed and was nevertheless acquired by Uniregistry.

We also see registries including Afilias and Donuts actively searching for failing gTLDs to acquire.

It’s official: new gTLDs didn’t kill anyone

Kevin Murphy, December 2, 2015, Domain Tech

The introduction of new gTLDs posed no risk to human life.

That’s the conclusion of JAS Advisors, the consulting company that has been working with ICANN on the issue of DNS name collisions.

It is final report “Mitigating the Risk of DNS Namespace Collisions”, published last night, JAS described the response to the “controlled interruption” mechanism it designed as “annoyed but understanding and generally positive”.

New text added since the July first draft says: “ICANN has received fewer than 30 reports of disruptive collisions since the first delegation in October of 2013. None of these reports have reached the threshold of presenting a danger to human life.”

That’s a reference to Verisign’s June 2013 claim that name collisions could disrupt “life-supporting” systems such as those used by emergency response services.

Names collisions, you will recall, are scenarios in which a newly delegated TLD matches a string that it is already used widely on internal networks.

Such scenarios could (and have) led to problems such as system failure and DNS queries leaking on to the internet.

The applied-for gTLDs .corp and .home have been effectively banned, due to the vast numbers of organizations already using them.

All other gTLDs were obliged, following JAS recommendations, to redirect all non-existent domains to 127.0.53.53, an IP address chosen to put network administrators in mind of port 53, which is used by the DNS protocol.

As we reported a little over a year ago, many administrators responded swearily to some of the first collisions.

JAS says in its final report:

Over the past year, JAS has monitored technical support/discussion fora in search of posts related to controlled interruption and DNS namespace collisions. As expected, controlled interruption caused some instances of limited operational issues as collision circumstances were encountered with new gTLD delegations. While some system administrators expressed frustration at the difficulties, overall it appears that controlled interruption in many cases is having the hoped-for outcome. Additionally, in private communication with a number of firms impacted by controlled interruption, JAS would characterize the overall response as “annoyed but understanding and generally positive” – some even expressed appreciation as issues unknown to them were brought to their attention.

There are a number of other substantial additions to the report, largely focusing on types of use cases JAS believes are responsible for most name collision traffic.

Oftentimes, such as the random 10-character domains Google’s Chrome browser uses for configuration purposes, the collision has no ill effect. In other cases, the local system administrators were forced to remedy their software to avoid the collision.

The report also reveals that the domain name corp.com, which is owned by long-time ICANN volunteer Mikey O’Connor, receives a “staggering” 30 DNS queries every second.

That works out to almost a billion (946,728,000) queries per year, coming when a misconfigured system or inexperienced user attempts to visit a .corp domain name.