Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
Did Whois blow the lid off a Labour leadership coup, or is this just pig-fuckery?
A British Member of Parliament has been forced to deny he was behind the registration of several domain names promoting him as a future leader of the Labour party.
Clive Lewis, until recently a member of the shadow cabinet, told the Guardian yesterday that he did not register the batch of domains, which included cliveforleader.org.uk, cliveforlabour.org.uk and their matching .org, .uk and .co.uk domains.
“None of this is true: I haven’t done this,” he told the paper, following a Huffington Post article revealing the names had been registered June 29 last year, just a couple of days after he was appointed shadow defence secretary.
Lewis resigned from the shadow cabinet three weeks ago after refusing to vote in favor of triggering the Article 50 process that will take the UK out of the European Union.
The Labour Party has been dogged by stories about potential leadership challenges ever since Jeremy Corbyn — popular among grassroots party members, unpopular with voters — took over.
Questions about Corbyn’s leadership reemerged last week after a disastrous by-election defeat for the party.
The domains were taken as an indication that Lewis had been plotting a coup for many months, which he has denied.
The Whois records do not support a conclusion one way or another.
Under Nominet rules, individuals are allowed to keep their phone number, postal and email addresses out of Whois if the domains are to be used for non-commercial purposes, a right the registrant of the names in question chose to exercise.
Public Whois records show the .uk names registered to “Clive Lewis”, but contain no contact information.
They do contain the intriguing statement “Nominet was able to match the registrant’s name and address against a 3rd party data source on 29-Jun-2016”, a standard notice under Nominet’s Whois validation program.
But Nominet does not validate the identity of registrants, nor does it attempt to link the registrant’s name to their purported address.
The statement in the Whois records translates merely that Nominet was able to discover that a person called Clive Lewis exists somewhere in the world, and that the postal address given is a real address.
The .org and .com domains, registered the same day by the same registrar, use a Whois privacy service and contain no information about the registrant whatsoever.
Lewis himself suspects the batch of names may have been registered by a political opponent in order to force him to deny that he registered them, noting that fellow MP Lisa Nandy had a similar experience last July.
His initial statement to HuffPo, on which he reportedly declined to elaborate, was:
A lesson from LBJ [US President Lyndon B Johnson] in how to smash an opponent. Legend has it that LBJ, in one of his early congressional campaigns, told one of his aides to spread the story that Johnson’s opponent f*cked pigs. The aide responded: ‘Christ, Lyndon, we can’t call the guy a pigf*cker. It isn’t true.’ To which LBJ supposedly replied: ‘Of course it ain’t true, but I want to make the son-of-a-bitch deny it.’
Since then, along with his denial to the Guardian, he’s told his local Norwich newspaper that he’s tasked his lawyers with finding out who registered the names.
“I have instructed a solicitor to go away and look at this. They can try and make sure we find the identity, the IP address and the payment details,” he told the Eastern Daily Press.
.uk suspension problems worse than I thought
Problems validating the addresses of .uk domain registrants, which caused one registrar to dump the TLD entirely, are broader than I reported yesterday.
Cronon, which does business as Strato, announced last week that it has stopped selling .uk domain names because in more than a third of cases Nominet, the registry, is unable to validate the Whois data.
In many cases the domain is subsequently suspended, causing customer support headaches.
It now transpires that the problems are not limited to .uk second-level names, are not limited to UK registrants, and are not caused primarily by mailing address validation failures.
Michael Shohat, head of registrar services at Cronon, got in touch last night to clarify that most of its affected customers are in fact from its native Germany or from the Netherlands.
All of the affected names are .co.uk names, not .uk SLDs, he added.
And the validation is failing in the large majority of cases not due to Nominet’s inability to validate a mailing address, but rather its inability to validate the identity of the registrant.
“This is where the verification is failing. The database they are using can’t find many of our registrants’ company names,” Shohat said.
“So 30% of our registrations were being put on hold, almost all of them from [Germany] and [the Netherlands], and 90% of them because of the company name. We checked lots of them and in every single case the name of the company was correct, and the address as well,” he said.
Michele Neylon of the ICANN Registrar Stakeholders Group said that Cronon is not the only registrar to have been affected by these issues. Blacknight Solutions, the registrar Neylon runs, has been complaining about the problem since May.
According to Neylon, the Nominet policy causing the issue is its data quality policy, which covers all .uk and .co.uk (etc) names.
The policy itself is pretty vague — Nominet basically says it will work with each individual registrar to determine a baseline of what can be considered a “minimum proportion of valid data”, given the geographic makeup of the registrar’s customer base.
Domains that fail to meet these criteria have a “Data Quality Lock” imposed — essentially a suspension of the domain’s ability to resolve.
Earlier this year, Nominet did backtrack on plans to implement an automatic cancellation of the names after 30 days of non-compliance, following feedback from its registrars.
“It’s disappointing that Cronon have taken this step; we hope they will consider working with us to find a way to move forward,” a Nominet spokesperson added.
She said that the registry has over recent years moved to “more proactive enforcement” of Whois accuracy. She pointed out that Nominet takes on the “lion’s share of the work”, reducing the burden on registrars.
“However, our solution does not include non-UK data sets to cross-reference with, so it is possible that some false positives occur,” she said. “Registrars with a large non-UK registrant bases, who are not accredited channel partners, would be affected more than others.”
An Accredited Channel Partner is the top tier of the three Nominet offers to registrars. It has additional data validation requirements but additional benefits.
While .co.uk domains are not limited to UK-based registrants, all .uk SLD registrants do need to have a UK mailing address in their Whois for legal service.
The company’s inability to validate many non-UK business identities seems to mean .co.uk could also slowly become a UK-only space by the back door.
Big registrar dumps .uk — a glimpse of Christmas future?
German registrar Cronon, which retails domains under the Strato brand, has stopped carrying .uk domains due to what it says are onerous Whois validation rules.
In a blog post, company spokesperson Christina Witt said that over one third of all .uk sales the registrar has been making are failing Nominet’s registry-end validation checks, which she said are “buggy”.
With the introduction of direct second-level registration under .uk, Nominet introduced a new requirement that all new domains must have a UK address in the Whois for legal service, even if the registrant is based overseas.
According to its web site, Nominet checks registrant addresses against the Royal Mail Postcode Address file, which contains over 29 million UK addresses, and does a confidence-based match.
If attempts to match the supplied address with a UK address in this file prove fruitless, and after outreach to the registrant, Nominet suspends the domain 30 days after registration and eventually deletes it.
It’s this policy of terminating domains that has caused Strato to despair and stop accepting new .uk registrations.
“Databases of street directories or company registers are often inaccurate and out of date,” Witt wrote (translated from the original German). “The result: addresses that are not wrong, in fact, are be found to be invalid.”
Nominet is throwing back over a third of all .uk names registered via Strato, according to the blog post, creating a customer support nightmare.
Its affected registrants are also confused about the verification emails they receive from Nominet, a foreign company of which they have often never heard, Witt wrote.
I don’t know how many .uk names the registrar has under management, but it’s reasonably large in the gTLD space, with roughly 650,000 domains under management at the last count.
If Strato’s claim that Nominet is rejecting a third of valid addresses (and how Strato could know they’re valid is open to question), that’s quite a scary statistic.
Nominet seems to be using an address database, from the Royal Mail, which is about as close to definitive as it gets. And it’s only verifying addresses from a single country.
I shudder to imagine what the false negative rate would be like for a gTLD registrar compelled to validate addresses across 200-odd countries and territories.
The latest version of the ICANN Registrar Accreditation Agreement requires registrars to partially validate addresses, such as checking whether the street and postal code exist in the given city, but there’s no requirement for domains to be suspended if these checks fail.
[UPDATE: Thanks to Michele Neylon of the Registrars Stakeholder Group for the reminder that this RAA requirement hasn’t actually come into force yet, and won’t until the RrSG and ICANN come to terms on its technical and commercial feasibility.]
Where the 2013 RAA does require suspension is when the registrant fails to verify their email address (or, less commonly, phone number), which as we’ve seen over the last year leads to hundreds of thousands of names being yanked for no good reason.
If Strato’s story about .uk is correct and its experience shared by other registrars, I expect that will become and important data point the next time law enforcement or other interests push for even stricter Whois rules in the ICANN world.
Recent Comments