Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
It’s worse than you thought: TAS security bug leaked new gTLD applicant data
The bug that brought down ICANN’s TLD Application System yesterday was actually a security hole that leaked data about new gTLD applications.
The vulnerability enabled TAS users to view the file names and user names of other applicants, ICANN said this morning.
COO Akram Atallah said in a statement:
We have learned of a possible glitch in the TLD application system software that has allowed a limited number of users to view some other users’ file names and user names in certain scenarios.
Out of an abundance of caution, we took the system offline to protect applicant data. We are examining how this issue occurred and considering appropriate steps forward.
Given the level of secrecy surrounding the new gTLD application process, this vulnerability ranks pretty highly on the This Is Exactly What We Didn’t Want To Happen scale.
It’s not difficult to imagine scenarios in which a TAS user name or file name contains the gTLD string being applied for.
This is important, competition-sensitive data. If it’s been leaked, serious questions are raised about the integrity of the new gTLD program.
How long was this vulnerability present in TAS? Which applicants were able to look at which other applicants’ data? Did any applicants then act on this inside knowledge by filing competing bids?
If it transpires that any company filed a gTLD application specifically in order to shake down applicants whose data was revealed by this vulnerability, ICANN is in for a world of hurt.
TAS glitch “not an attack” says ICANN
ICANN’s decision this afternoon to shut down its TLD Application System until next Tuesday was not prompted by hackers, according to the organization.
“It’s not an attack,” a spokesperson told DI.
ICANN announced within the last hour that it has extended the window for new gTLD applications until next Friday as a result of unspecified “unusual behavior” in TAS.
Speculation as to the cause has already started on social media, with some pointing to the possibility of hacking, but according to ICANN we can rule out foul play.
The immediate reaction from stressed-out applicants has been split between those laughing, those crying, and those doing both.
TAS was down for scheduled maintenance for two hours last night. According to two applicants who logged in afterwards, it was running very slowly when it came back online.
UPDATE: ICANN has just confirmed: “No application data has been lost from those who have already submitted applications, so it should not pose problems for existing applicants.”
Breaking: ICANN extends new gTLD application window after technical glitch
ICANN has extended the deadline to file new generic top-level domain applications by more than a week after its TLD Application System experienced “unusual behavior”.
TAS will be down until next Tuesday while ICANN fixes the unspecified problem, ICANN said.
Here’s the meat of ICANN’s announcement:
Recently, we received a report of unusual behavior with the operation of the TAS system. We then identified a technical issue with the TAS system software.
ICANN is taking the most conservative approach possible to protect all applicants and allow adequate time to resolve the issue. Therefore, TAS will be shut down until Tuesday at 23:59 UTC – unless otherwise notified before that time.
In order to ensure all applicants have sufficient time to complete their applications during the disruption, the application window will remain open until 23:59 UTC on Friday, 20 April 2012.
What this means for the Big Reveal, currently scheduled for April 30, is not yet clear. More when we get it.
How to get a $180,000 new gTLD refund
ICANN will give new gTLD applicants a $180,000 refund on their application fee if they withdraw before May 2, it has emerged.
This refund is not mentioned in the Applicant Guidebook, in which the maximum refund available is $148,000. Nor could I find any reference to it on the ICANN new gTLDs microsite.
However, in response to an inquiry from DI last night, an ICANN customer service rep said:
Applications withdrawn prior to the posting of the applied-for strings are qualified for a $180000 refund (if such payment has been made and reconciled by ICANN). The USD5000 registration fee is non-refundable.
The posting of the applied-for strings occurs approximately 2 weeks after the end of the application window, which closes on 12 April 2012. Applications withdrawn after the posting of the applied-for strings will receive refunds according to the refund schedule in section 1.5 of the Applicant Guidebook.
At least one other person, new gTLD consultant Michael Palage of Pharos Global, was told substantially the same thing by the new gTLD service center earlier this week.
I believe ICANN is currently targeting May 2 for its Big Reveal, when we all find out who’s applying for what. May 1, I believe, has been ruled out because it’s a public holiday in some parts of the world.
I don’t think this apparently obscure refund opportunity significantly increases the risk of gaming, but I can see how it might alter some applicants’ strategies.
It’s possible, for example, that in some cases it might now make more sense for an applicant to announce its bid between April 12 and May 2.
After April 12, nobody will be able to file a competing, gaming application, but revealing a strong bid might be enough to scare already-competing applicants into dropping out for a 97% refund.
I don’t think it really helps reluctant dot-brand applicants, which have asked for the $180,000 refund to be available after they know what the competitive landscape for similar strings looks like.
ICANN adds 266 new gTLD applicants in a week
Remember that last-minute rush I was telling you about?
ICANN has revealed that it now has 556 registered users in its Top-Level Domain Application System, up from 290 just a week ago.
Each TAS account can be used to apply for 49 new gTLDs (not 50 as previously reported), so we’re looking at anywhere from 0 to 27,244 new gTLD applications.
Based on what I’ve heard from consultants, I estimate that the true number of applications represented by these 556 accounts could be over 1,000.
Companies applying for dot-brand gTLDs are in many cases also applying for a couple of keyword gTLDs related to their vertical industry too, I hear.
Fairwinds Partners, which has been mostly working with skeptical brands, said this week that its clients on average are applying for 2.7s gTLD each.
Applied across all the TAS accounts registered to date, that would mean 1,501 applications.
The deadline for new TAS registrations is this Thursday, March 29, at 2359 UTC. That’s 1659 in ICANN’s native California and 1959 on America’s east coast.
Remember that while the UK switches from GMT (which is the same as UTC) to BST tomorrow morning, UTC does not observe daylight savings and remains the same.
Today is your first new gTLD deadline
If you’re planning to apply to ICANN for more than one new generic top-level domain and you do not already have a TLD Application System account, today might be your last day to get one.
Go here to get one.
It’s been widely publicized that April 12 is the last day to file a new gTLD application with ICANN.
It’s also been widely publicized that March 29 is the last day to register an account with TAS, which is a prerequisite to filing an application.
A less well-known date is today, March 23, five business days before TAS closes to new registrants.
According to ICANN, organizations applying for more than one gTLD with the same TAS account need to get registered in TAS at least a week before registration closes.
ICANN said this today, in reply to a DI inquiry:
29 March is the deadline for registration.
This means applicants will have until 29 March to request an application.
If the applicant is a new user and wishes to submit only one application, the applicant may initiate and complete the application request on the same day (29 March for example).
If an applicant wishes to submit multiple applications, it will need to initiate the registration process several days in advance of the application window.
The reason being that only registered TAS users may request multiple applications.
The process for becoming a registered TAS user not only includes completing the application request as mentioned, but also the legal review, USD 5000 registration fee payment, reconciliation of the registration fee payment, and receipt of TAS login credentials.
ICANN announced a few weeks ago that “ICANN recommends that organizations wishing to submit several TLD applications under a single TAS user account complete steps 1 and 2 several days (e.g. 5 to 7 business days) in advance of 29 March.”
It seems that if you need to submit multiple new gTLD applications and you haven’t already, you will still be able to do so before March 29, as long as you file them under separate newly created TAS accounts.
But please don’t take my word for it. ICANN’s communications on this particular issue have not been great.
Go check out the official site or contact ICANN if you’re worried.
New gTLD registrants now at 290
There are now 290 registered users of ICANN’s Top-Level Domain Application System, according to the organization.
As before, there’s not a one-to-one mapping of TAS accounts to gTLD applications, because each account can hold up to 50 applications.
It’s difficult to estimate how many individual gTLD applications these 290 slots represent, but I expect it could be easily double that number.
Many attendees at ICANN 43 in Costa Rica last week were expecting a last-minute rush of TAS registrations over the next 10 days before ICANN closes the doors to new registrants.
Big brands are expected to be among the last to sign up for their TAS accounts, but perhaps not for the reasons you might think.
In order to sign up for a TAS account, you have to answer the first handful of basic Applicant Guidebook questions by including the contact details of the applying entity and its officers.
For many organizations, getting this information has apparently caused difficulties internally – directors of large public companies for example don’t want to hand over their home addresses, even though ICANN has promised not to publish them.
Despite all the other controversies, vagaries and uncertainties in the Guidebook, simply confirming the name of the applicant is turning out to be a big problem for some applicants.
Some likely applicants are therefore likely to set up a shell LLC or two, along with a bunch of straw-men officers, before registering with TAS.
This, according to consultants and registries, is one of the major reasons ICANN might see a last-minute rush of applicants shortly before the March 29 registration deadline.
ICANN has no plans to extend new gTLD window
The March 29 and April 12 deadlines to register for and submit new gTLD applications are currently not open to negotiation, according to ICANN chair Steve Crocker.
“We don’t really have any indication of sufficient reasons to change the schedule,” Crocker said at a press conference here at ICANN’s public meeting in Costa Rica this afternoon.
“We have no proposals we are actively working on to cause it to be changed at the moment,” he said. “The message needs to be understood that the application window will close April 12.”
I asked about the possibility of an extension largely because almost every registry services provider and new gTLD consultant I’ve talked to recently is expecting a mad rush of new gTLD applicants.
There are only 17 days remaining for applicants to sign up for a TLD Application System account. After March 29, applicants then have two weeks to file and pay for their applications.
Despite these pressing deadlines, many potential applicants – including dot-brands and some geographic gTLDs – have yet to make their minds up about applying.
Other confirmed applicants still haven’t selected their partners – I heard today about a city gTLD with a tender offer closing March 20, just nine days before the sign-up deadline.
ICANN said today that it has 254 registered TAS users.
A last-minute stampede for application services seems likely. With a limited number of registry back-end providers and decent consultants on the market, we could see bottlenecks.
But it seems that the ICANN board — which is the only body that could extend the schedule — has no plans to do so presently.
New gTLD applicants up to 207
With the registration deadline less than four weeks away, ICANN has revealed that it has received 207 sign-ups for generic top-level domain applications.
That’s an increase of 63 over the last week and up 163 on February 13.
As with previous announcements of this kind, certain caveats apply.
ICANN is talking about registered users of its TLD Application System. Each TAS account can be used to file up to 50 applications.
In practice I expect very few accounts will be used to file that many.
New gTLD magic number upped to 144
The number of registered new gTLD applicants has increased to 144, according to ICANN.
That’s up from 100 two weeks ago and up from 25 on January 19.
It refers to the number of registered users in the TLD Application System, the web-based tool used for filing new gTLD applications.
Each TAS slot can be used to file up to 50 applications; 144 registered TAS users could mean anything from 144 to 7,200 gTLD applications.
I err towards the lower number. Some consultants have told me they open a new account for each application they plan to file, due to some technical limitations in the system.
Most people are expecting a last-minute rush of applications — primarily hold-out dot-brand applicants — shortly before the system closes to new registrants March 29.
Recent Comments