Latest news of the domain name industry

Recent Posts

Newbie domain registrant discovers Whois, has Twitter meltdown

Kevin Murphy, April 26, 2012, Domain Tech

The need for the domain name industry to enforce accurate Whois is often cited by law enforcement and intellectual property interests as a consumer protection measure.

But most regular internet users haven’t got a clue that Whois even exists, let alone what data it contains or how to use it.

A study (pdf) carried out for ICANN’s Whois Review Team last year found that only 24% of consumers know what Whois is.

This stream of tweets I chanced across this afternoon, from what appears to be a first-time domain registrant, is probably more representative of consumer attitudes to Whois.

UPDATE (April 27): I’ve removed the tweets per the request of the Twitter user in question.

Big Content issues gTLD lock-down demands

Kevin Murphy, March 11, 2012, Domain Policy

Twenty members of the movie, music and games businesses have asked ICANN to impose strict anti-piracy rules on new top-level domains related to their industries.

In a position statement, “New gTLDs Targeting Creative Sectors: Enhanced Safeguards”, the groups say that such gTLDs are “fraught with serious risks” and should be controlled more rigorously than other gTLDs.

“If new gTLDs targeted to these sectors – e.g., .music, .movies, .games – are launched without adequate safeguards, they could become havens for continued and increased criminal and illegal activity,” the statement says.

It goes on to make seven demands for regulations covering Whois accuracy, enforced anti-piracy policies, and private requests for domain name take-downs.

The group also says that the content industries should be guaranteed “a seat at the table” when these new gTLD registries make their policies.

The statement is directed to ICANN, but it also appears to address the Governmental Advisory Committee, which has powers to object to new gTLD applications:

In evaluating applications for such content-focused gTLDs, ICANN must require registry operators (and the registrars with whom they contract) to implement enhanced safeguards to reduce these serious risks, while maximizing the potential benefits of such new domains.

Governments should use similar criteria in the exercise of their capability to issue Early Warnings, under the ICANN-approved process, with regard to new gTLD applications that are problematic from a public policy or security perspective.

The statement was sent to ICANN by the Coalition for Online Accountability, which counts the American Society of Composers, Authors and Publishers, the Motion Picture Association of America, the Recording Industry Association of America and Disney among its members.

It was separately signed by the many of the same groups that are supporting Far Further’s .music application, including the American Association for Independent Music and the International Federation of the Phonographic Industry.

Thick .com Whois policy delayed

Kevin Murphy, February 16, 2012, Domain Registries

ICANN’s GNSO Council has deferred a decision on whether Verisign should have to thicken up the Whois database for .com and its other gTLDs.

A motion to begin an official Policy Development Process on thick Whois was kicked down the road by councilors this afternoon at the request of the Non-Commercial Users Constituency.

It will now be discussed at the Council’s face-to-face meeting in Costa Rica in March. But there were also calls from registries to delay a decision for up to a year, calling the PDP a “distraction”.

Verisign’s .com registry contract and the standard Registrar Accreditation Agreement are currently being renegotiated by ICANN, both of which could address Whois in some way.

Today, all contracted gTLD registries have to operate a thick Whois, except Verisign with its .com, .net, .jobs, etc, where the registrars manage the bulk of the Whois data.

ICANN tells Congressmen to chillax

Kevin Murphy, January 25, 2012, Domain Policy

ICANN senior vice president Kurt Pritz has replied in writing to great big list of questions posed by US Congressmen following the two hearings into new gTLDs last month.

The answers do what the format of the Congressional hearings made impossible – provide a detailed explanation, with links, of why ICANN is doing what it’s doing.

The 27-page letter (pdf), which addresses questions posed by Reps. Waxman, Eshoo and Dingell, goes over some ground you may find very familiar, if you’ve been paying attention.

These are some of the questions and answers I found particularly interesting.

Why are you doing this?

Pritz gives an overview of the convoluted ICANN process responsible for conceiving, creating and honing the new gTLD program over the last few years.

It explains, for example, that the original GNSO Council vote, which set the wheels in motion back in late 2007, was 19-1 in favor of introducing new gTLDs.

The “lone dissenting vote”, Pritz notes, was cast by a Non-Commercial Users Constituency member – it was Robin Gross of IP Justice – who felt the program had too many restrictions.

The letter does not mention that three Council members – one from the Intellectual Property Constituency and two more from the NCUC – abstained from the vote.

Why aren’t the trademark protection mechanisms finished yet?

The main concern here is the Trademark Clearinghouse.

New gTLD applicants will not find out how the Clearinghouse will operate until March at the earliest, which is cutting it fine considering the deadline for registering as an applicant is March 29.

Pritz, however, tells the Congressmen that applicants have known all they need to know about the Clearinghouse since ICANN approved the program’s launch last June.

The Clearinghouse is a detail that ideally should have been sorted out before the program launched, but I don’t believe it’s the foremost concern for most applicants or trademark owners.

The unresolved detail nobody seems to be asking about is the cost of a Uniform Rapid Suspension complaint, the mechanism to quickly take down infringing second-level domain names.

ICANN has said that it expects the price of URS – which involves paying an intellectual property lawyer to preside over the case – to be $300 to $500, but I don’t know anyone who believes that this will be possible.

Indeed, one of the questions asked by Rep. Waxman starts with the premise “Leading providers under Uniform Dispute Resolution Policy (UDRP) have complained that current fees collected are inadequate to cover the costs of retaining qualified trademark attorneys.”

UDRP fees usually start at around $1,000, double what ICANN expects the URS – which I don’t think is going to be a heck of a lot simpler for arbitration panels to process – to cost trademark owners.

Why isn’t the Trademark Claims service permanent?

The Trademark Claims service is a mandatory trademark protection mechanism. One of its functions is to alert trademark holders when somebody tries to register their mark in a new gTLD.

It’s only mandatory for the first 60 days following the launch of a new gTLD, but I’m in agreement with the IP community here – in an ideal world, it would be permanent.

However, commercial services already exist that do pretty much the same thing, and ICANN doesn’t want to anoint a monopoly provider to start competing with its stakeholders. As Pritz put it:

“IP Watch” services are already provided by private firms, and it was not necessary for the rights protection mechanisms specific to the New gTLD Program to compete with those ongoing watch services already available.

In other words, brands are going to have to carry on paying if they want the ongoing benefits of an infringement notification service in new gTLDs.

When’s the second round?

Nothing new here. Pritz explains why the date for the second round has not been named yet.

Essentially, it’s a combination of not knowing how big the first round is going to be and not knowing how long it will take to conduct the two (or three) post-first-round reviews that ICANN has promised to the Governmental Advisory Committee.

I tackle the issue of second-round timing in considerable detail on DomainIncite PRO. My feeling is 2015.

On Whois verification

Pritz reiterates what ICANN CEO Rod Beckstrom told the Department of Commerce last week: ICANN expects that many registrars will start to verify their customers’ Whois data this year.

ICANN is currently talking to registrars about a new Registrar Accreditation Agreement that would mandate some unspecified degree of Whois verification.

This issue is at the top of the law enforcement wish list, and it was taken up with gusto by the Governmental Advisory Committee at the Dakar meeting in October.

Pritz wrote:

ICANN is currently in negotiations with its accredited registrars over amendments to the Registrar Accreditation Agreement. ICANN is negotiating amendments regarding to the verification of Whois data, and expects its accredited registrars to take action to meet the rising call for verification of data. ICANN expects that the RAA will incorporate – for the first time – Registrar commitments to verify Whois data.

He said ICANN expects to post the amendments for comment before the Costa Rica meeting in mid-March, and the measures would be in place before the first new gTLDs launch in 2013.

I’ve heard from a few registrars with knowledge of these talks that Whois verification mandates may be far from a dead-cert in the new RAA.

But by publicly stating to government, twice now, that Whois verification is expected, the registrars are under increased pressure to make it happen.

IF Whois verification is not among the RAA amendments, expect the registrars to get another dressing down from the GAC at the Costa Rica meeting this March.

On the other hand, ICANN has arguably handed them some negotiating leverage when it comes to extracting concessions, such as reduced fees.

The registrars were prodded into these talks with the GAC stick, the big question now is what kind of carrots they will be offered to adopt an RAA that will certainly raise their costs.

ICANN expects to post the proposed RAA changes for public comment by February 20.

Whois verification rules coming this year

Kevin Murphy, January 11, 2012, Domain Policy

No more Donald Duck in the Whois?

Registrars could be obliged to verify their customers’ identities when they sell domain names under new rules proposed for later this year, according to ICANN president Rod Beckstrom.

He told National Telecommunications and Information Administration boss Larry Strickling today that the new provisions could make it into the new Registrar Accreditation Agreement by March.

Beckstrom wrote:

ICANN expects that the RAA will incorporate – for the first time – Registrar commitments to verify WHOIS data. ICANN is actively considering incentives for Registrars to adopt the anticipated amendments to the RAA prior to the rollout of the first TLD in 2013.

The RAA is currently being renegotiated by ICANN and the registrar community, following governmental outrage about the RAA at its meeting in Dakar last October.

If new Whois rules are added to the RAA, it will be up to registrars to decide whether to implement them immediately or wait until their existing ICANN contracts expire — hence the need for “incentives”.

Documents ICANN has been posting following its RAA meetings have been less than illuminating, so the letter to Strickling today is the first public insight into what the new contract may contain.

Whois verification, which is often found at the top of the wish-lists of intellectual property and law enforcement communities, is of course hugely controversial.

Civil rights advocates believe that checking registrant identities will infringe on rights to privacy and free speech, while not helping to prevent crime. Actual criminals will of course not hand over their true identities when registering domain names.

The process of verifying Whois data may also wind up making domain names more expensive, due to the costs registrars will incur implementing or subscribing to automated verification systems.

Nevertheless, the anti-new-gTLDs campaign in Washington DC led by the Association of National Advertisers recently led to Whois – a separate issue – being placed firmly on the new gTLDs agenda.

The chairman of the Federal Trade Commission, as well as Strickling, both wrote to ICANN to express concern about the lack of progress on strengthening Whois over the last few years.

Beckstrom’s letter to Strickling can be read here. His reply to FTC chairman Leibowitz – which also schools him in why new gTLDs probably won’t increase fraud – can be read here.

Fight brewing over thick .com Whois

Kevin Murphy, January 3, 2012, Domain Policy

This year is likely to see a new fight over whether Verisign should be forced to create a “thick” Whois database for .com and its other generic top-level domains.

While Verisign has taken a deliberately ambivalent position on whether ICANN policy talks should kick off, the community is otherwise split on whether a mandatory thick Whois is a good idea.

Currently, only .com, .net, .name and .jobs – which are all managed on Verisign’s registry back-end – use a thin Whois model, in which domain name registrars store their customers’ data.

Other gTLDs all store registrant data centrally. Some “sponsored” gTLD registries have an even closer relationship with Whois data — ICM Registry for example verifies .xxx registrants’ identities.

But in a Preliminary Issue Report published in November, ICANN asked whether it should kick off a formal Policy Development Process that could make thick Whois a requirement in all gTLDs.

In comments filed with ICANN last week, Verisign said:

As the only existing registry services provider impacted by any future PDP on Thick Whois, Verisign will neither advocate for nor against the initiation of a PDP.

Verisign believes the current Whois model for .com, .net, .name and .jobs is effective and that the proper repository of registrant data is with registrars — the entities with direct connection to their customers. However, if the community, including our customers, determines through a PDP that “going thick” is now the best approach, we will respect and implement the policy decision.

Thick Whois services make it easier to find out who owns domain names. Currently, a Whois look-up for a .com domain can require multiple queries at different web sites.

While Whois aggregation services such as DomainTools can simplify searches today, they still face the risk of being blocked by dominant registrars.

The thin Whois model can also make domain transfers trickier, as we witnessed just last week when NameCheap ran into problems processing inbound transfers from Go Daddy.

ICANN’s Intellectual Property Constituency supports the transition to a thick Whois. It said in its comments:

Simplifying access to this information through thick Whois will help prevent abuses of intellectual property, and will protect the public in many ways, including by reducing the level of consumer confusion and consumer fraud in the Internet marketplace. Thick Whois enables quicker response and resolution when domain names are used for illegal, fraudulent or malicious purposes.

However, Verisign noted that a thicker Whois does not mean a more accurate Whois database – registrars will still be responsible for collecting and filing customer contact records.

There are also concerns that a thick Whois could have implications for registrant privacy. Wendy Seltzer of the Non-Commercial Users Constituency told ICANN:

Moving all data to the registry could facilitate invasion of privacy and decrease the jurisdictional control registrants have through their choice of registrar. Individual registrants in particular may be concerned that the aggregation of data in a thick WHOIS makes it more attractive to data miners and harder to confirm compliance with their local privacy laws.

This concern was echoed to an extent by Verisign, which noted that transitioning to a thick Whois would mean the transfer of large amounts of data between legal jurisdictions.

European registrars, for example, could face a problem under EU data protection laws if they transfer their customer data in bulk to US-based Verisign.

Verisign also noted that a transition to a thick Whois would dilute the longstanding notion that registrars “own” their customer relationships. It said in its comments:

As recently as the June 2011 ICANN meeting in Singapore, Verisign heard from several registrars that they are still not comfortable with Verisign holding their customers’ data. Other registrars have noted no concern with such a transition

ICANN staff will now incorporate these and other comments into its final Issue Report, which will then be sent to the GNSO Council to decide whether a PDP is required.

If the Council votes in favor of a PDP, it would be many months, if at all, before a policy binding on Verisign was created.

Whois throttling returns to bite Go Daddy on the ass

Kevin Murphy, December 26, 2011, Domain Registrars

Go Daddy has been accused by a competitor of “thwarting” domain name transfers in violation of ICANN rules. (Note: story has been updated, see below).

The problem has reared its head due to the ongoing SOPA-related boycott of the company’s services, and appears to be related to Go Daddy’s decision earlier this year to throttle Whois queries.

NameCheap, one of the registrars that has been offering discounts to Go Daddy customers outraged by its recently recanted support of the controversial Stop Online Piracy Act, blogged today:

As many customers have recently complained of transfer issues, we suspect that this competitor [Go Daddy] is thwarting efforts to transfer domains away from them.

Specifically, GoDaddy appears to be returning incomplete WHOIS information to Namecheap, delaying the transfer process. This practice is against ICANN rules.

We at Namecheap believe that this action speaks volumes about the impact that informed customers are having on GoDaddy’s business.

It’s a shame that GoDaddy feels they have to block their (former) customers from voting with their dollars. We can only guess that at GoDaddy, desperate times call for desperate measures.

Part of transferring a domain from Go Daddy to NameCheap involves checking the identity of the registrant against Whois records.

Judging by a number of complaints made by Reddit readers today, it appears that NameCheap and other registrars are attempting to automatically query Go Daddy’s Whois database on port 43 at sufficient volume to trigger whatever throttling algorithm Go Daddy has in place to prevent the “harvesting” of contact data.

Go Daddy caused a similar ruckus earlier this year when it started blocking DomainTools and other Whois aggregation services from collecting full Whois records.

The registrar giant claimed then that it was trying to protect its customers by preventing the inappropriate use of their contact data.

However, while blocking a third-party information tool is merely annoying and disturbing, interfering with legitimate inter-registrar transfers could get Go Daddy into hot water, even if it is inadvertent.

NameCheap says it is doing the required Whois look-ups manually for now, and that it will honor each transfer request.

Giving Go Daddy the benefit of the doubt, I assume that this problem is ongoing largely due to the Christmas holiday, and that it will be rectified as soon as the appropriate people become aware of it.

Add this to your list of reasons .com and .net need a thick Whois.

UPDATE: All registrars have access to an ICANN service called RADAR, which enables them to specify the IP addresses they use to query competitors’ Whois databases.

Whitelisting IP addresses in this way could prevent a registrar’s queries being throttled, but not all registrars use the service.

According to this screenshot, NameCheap has not whitelisted any IP addresses in RADAR, which may be the reason it is having problems transferring Go Daddy customers’ domains to itself.

DomainIncite

Go Daddy bans DNS harvesting

Kevin Murphy, November 9, 2011, Domain Tech

Go Daddy is blocking companies from harvesting its DNS records, the company has confirmed.

CTO Dave Koopman denied that Go Daddy has a “DNS Blackouts” policy, but confirmed that it has banned certain IP addresses from doing DNS queries for its customers’ domains. He wrote:

The rumor about “DNS Blackouts” was started by someone using Go Daddy servers to cache all Go Daddy DNS records on his personal servers for financial gain.

Back to our previous example of 100 queries a day. Instead of one person accessing 100 domain names, this individual was attempting to download tens of millions of Go Daddy DNS records – twice daily. While his behavior did not cause any system issues, we felt it best to revoke access to the offending IPs.

If Go Daddy finds unwanted activity in our network, Go Daddy takes actions to stop it.

That appears to be a reference to a blog post from DNSstuff.com founder R Scott Perry, who complained in early September about what he called a “Selective DNS Blackouts” policy.

Perry suggested that Go Daddy was trying to drum up interest in its Premium DNS service by providing poor DNS service to regular customers.

Blocking DNS queries from selected IP addresses draws to mind Go Daddy’s policy of banning DomainTools and other companies from harvesting Whois records in bulk.

In January, the company confirmed, that it was blocking commercial Whois aggregators including DomainTools. The ban appears to still be in affect for non-paying DomainTools users.

Like DomainTools, DNSstuff.com offers DNS monitoring and alerts for premium fees.

Should .com get a thick Whois?

Kevin Murphy, September 23, 2011, Domain Registries

The ICANN community has taken another baby step towards pushing VeriSign into implementing a “thick” Whois database for .com and .net domain names.

The GNSO Council yesterday voted to ask ICANN to prepare an Issue Report exploring whether to require “all incumbent gTLDs” to operate a thick Whois. Basically, that means VeriSign.

The .com and .net registries currently run on a “thin” model, whereby each accredited registrar manages their own Whois databases.

Most other gTLDs today run thick registries, as will all registries approved by ICANN under its forthcoming new gTLDs program.

The thinness of .com can cause problems during inter-registrar transfers, when gaining and losing registrars have no central authoritative database of registrant contact details to rely upon.

In fact, yesterday’s GNSO vote followed the recommendations of a working group that decided after much deliberation that a thick .com registry may help reduce bogus or contested transfers.

Trusting registrars to manage their own Whois is also a frequent source of frustration for law enforcement, trademark interests and anti-spam firms.

Failure to maintain a functional web-based or port 43 Whois interface is an often-cited problem when ICANN’s compliance department terminates rogue registrars.

Now that an Issue Report has been requested by the GNSO, the idea of a thick .com moves closer to a possible Policy Development Process, which in turn can create binding ICANN consensus policies.

There’s already a clause in VeriSign’s .com registry agreement that gives ICANN the right to demand that it creates a centralized Whois database.

Switching to a thick model would presumably not only transfer responsibility to VeriSign, but also cost and liability, which is presumably why the company seems to be resisting the move.

Don’t expect the changes to come any time soon.

Writing the Issue Report is not expected to be a priority for ICANN staff, due to their ongoing chronic resource problems, and any subsequent PDP could take years.

The alternative – for ICANN and VeriSign to come to a bilateral agreement when the .com contract comes up for renewal next year – seems unlikely given that ICANN did not make a similar requirement when .net was renegotiated earlier this year.

Hot topics for ICANN Singapore

Kevin Murphy, June 17, 2011, Domain Policy

ICANN’s 41st public meeting kicks off in Singapore on Monday, and as usual there are a whole array of controversial topics set to be debated.

As is becoming customary, the US government has filed its eleventh-hour saber-rattling surprises, undermining ICANN’s authority before its delegates’ feet have even touched the tarmac.

Here’s a high-level overview of what’s going down.

The new gTLD program

ICANN and the Governmental Advisory Committee are meeting on Sunday to see if they can reach some kind of agreement on the stickiest parts of the Applicant Guidebook.

They will fail to do so, and ICANN’s board will be forced into discussing an unfinished Guidebook, which does not have full GAC backing, during its Monday-morning special meeting.

It’s Peter Dengate Thrush’s final meeting as chairman, and many observers believe he will push through some kind of new gTLDs resolution to act as his “legacy”, as well as to fulfill the promise he made in San Francisco of a big party in Singapore.

My guess is that the resolution will approve the program in general, lay down some kind of timetable for its launch, and acknowledge that the Guidebook needs more work before it is rubber-stamped.

I think it’s likely that the days of seemingly endless cycles of redrafting and comment are over for good, however, which will come as a relief to many.

Developing nations

A big sticking point for the GAC is the price that new gTLD applicants from developing nations will have to pay – it wants eligible, needy applicants to get a 76% discount, from $185,000 to $44,000.

The GAC has called this issue something that needs sorting out “as a matter of urgency”, but ICANN’s policy is currently a flimsy draft in desperate need of work.

The so-called JAS working group, tasked with creating the policy, currently wants governmental entities excluded from the support program, which has made the GAC, predictably, unhappy.

The JAS has proven controversial in other quarters too, particularly the GNSO Council.

Most recently, ICANN director Katim Touray, who’s from Gambia, said the Council had been “rather slow” to approve the JAS’s latest milestone report, which, he said:

might well be construed by many as an effort by the GNSO to scuttle the entire process of seeking ways and means to provide support to needy new gTLD applicants

This irked Council chair Stephane Van Gelder, who rattled off a response pointing out that the GNSO had painstakingly followed its procedures as required under the ICANN bylaws.

Watch out for friction there.

Simply, there’s no way this matter can be put to bed in Singapore, but it will be the topic of intense discussions because the new gTLD program cannot sensibly launch without it.

The IANA contract

The US National Telecommunications and Information Administration wants to beef up the IANA contract to make ICANN more accountable to the NTIA and, implicitly, the GAC.

Basically, IANA is being leveraged as a way to make sure that .porn and .gay (and any other TLD not acceptable to the world’s most miserable regimes) never make it onto the internet.

If at least one person does not stand up during the public forum on Thursday to complain that ICANN is nothing more than a lackey of the United States, I’d be surprised. My money’s on Khaled Fattal.

Vertical integration

The eleventh hour surprise I referred to earlier.

The US Department of Justice, Antitrust Division, informed ICANN this week that its plan to allow gTLD registries such as VeriSign, Neustar and Afilias to own affiliated registrars was “misguided”.

I found the letter (pdf) utterly baffling. It seems to say that the DoJ would not be able to advise ICANN on competition matters, despite the fact that the letter itself contains a whole bunch of such advice.

The letter has basically scuppered VeriSign’s chances of ever buying a registrar, but I don’t think anybody thought that would happen anyway.

Neustar is likely to be the most publicly annoyed by this, given how vocally it has pursued its vertical integration plans, but I expect Afilias and others will be bugged by this development too.

The DoJ’s position is likely to be backed up by Europe, now that the NTIA’s Larry Strickling and European Commissioner Neelie Kroes are BFFs.

Cybercrime

Cybercrime is huge at the moment, what with governments arming themselves with legions of hackers and groups such as LulzSec and Anonymous knocking down sites like dominoes.

The DNS abuse forum during ICANN meetings, slated for Monday, is usually populated by pissed-off cops demanding stricter enforcement of Whois accuracy.

They’ve been getting louder during recent meetings, a trend I expect to continue until somebody listens.

This is known as “engaging”.

Geek stuff

IPv6, DNSSEC and Internationalized Domain Names, in other words. There are sessions on all three of these important topics, but they rarely gather much attention from the policy wonks.

With IPv6 and DNSSEC, we’re basically looking at problems of adoption. With IDNs, there’s impenetrably technical stuff to discuss relating to code tables and variant strings.

The DNSSEC session is usually worth a listen if you’re into that kind of thing.

The board meeting

Unusually, the board’s discussion of the Guidebook has been bounced to Monday, leading to a Friday board meeting with not very much to excite.

VeriSign will get its .net contract renewed, no doubt.

The report from the GAC-board joint working group, which may reveal how the two can work together less painfully in future, also could be interesting.

Anyway…

Enough of this blather, I’ve got a plane to catch.