Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
Thick .com Whois policy delayed
ICANN’s GNSO Council has deferred a decision on whether Verisign should have to thicken up the Whois database for .com and its other gTLDs.
A motion to begin an official Policy Development Process on thick Whois was kicked down the road by councilors this afternoon at the request of the Non-Commercial Users Constituency.
It will now be discussed at the Council’s face-to-face meeting in Costa Rica in March. But there were also calls from registries to delay a decision for up to a year, calling the PDP a “distraction”.
Verisign’s .com registry contract and the standard Registrar Accreditation Agreement are currently being renegotiated by ICANN, both of which could address Whois in some way.
Today, all contracted gTLD registries have to operate a thick Whois, except Verisign with its .com, .net, .jobs, etc, where the registrars manage the bulk of the Whois data.
ICANN tells Congressmen to chillax
ICANN senior vice president Kurt Pritz has replied in writing to great big list of questions posed by US Congressmen following the two hearings into new gTLDs last month.
The answers do what the format of the Congressional hearings made impossible – provide a detailed explanation, with links, of why ICANN is doing what it’s doing.
The 27-page letter (pdf), which addresses questions posed by Reps. Waxman, Eshoo and Dingell, goes over some ground you may find very familiar, if you’ve been paying attention.
These are some of the questions and answers I found particularly interesting.
Why are you doing this?
Pritz gives an overview of the convoluted ICANN process responsible for conceiving, creating and honing the new gTLD program over the last few years.
It explains, for example, that the original GNSO Council vote, which set the wheels in motion back in late 2007, was 19-1 in favor of introducing new gTLDs.
The “lone dissenting vote”, Pritz notes, was cast by a Non-Commercial Users Constituency member – it was Robin Gross of IP Justice – who felt the program had too many restrictions.
The letter does not mention that three Council members – one from the Intellectual Property Constituency and two more from the NCUC – abstained from the vote.
Why aren’t the trademark protection mechanisms finished yet?
The main concern here is the Trademark Clearinghouse.
New gTLD applicants will not find out how the Clearinghouse will operate until March at the earliest, which is cutting it fine considering the deadline for registering as an applicant is March 29.
Pritz, however, tells the Congressmen that applicants have known all they need to know about the Clearinghouse since ICANN approved the program’s launch last June.
The Clearinghouse is a detail that ideally should have been sorted out before the program launched, but I don’t believe it’s the foremost concern for most applicants or trademark owners.
The unresolved detail nobody seems to be asking about is the cost of a Uniform Rapid Suspension complaint, the mechanism to quickly take down infringing second-level domain names.
ICANN has said that it expects the price of URS – which involves paying an intellectual property lawyer to preside over the case – to be $300 to $500, but I don’t know anyone who believes that this will be possible.
Indeed, one of the questions asked by Rep. Waxman starts with the premise “Leading providers under Uniform Dispute Resolution Policy (UDRP) have complained that current fees collected are inadequate to cover the costs of retaining qualified trademark attorneys.”
UDRP fees usually start at around $1,000, double what ICANN expects the URS – which I don’t think is going to be a heck of a lot simpler for arbitration panels to process – to cost trademark owners.
Why isn’t the Trademark Claims service permanent?
The Trademark Claims service is a mandatory trademark protection mechanism. One of its functions is to alert trademark holders when somebody tries to register their mark in a new gTLD.
It’s only mandatory for the first 60 days following the launch of a new gTLD, but I’m in agreement with the IP community here – in an ideal world, it would be permanent.
However, commercial services already exist that do pretty much the same thing, and ICANN doesn’t want to anoint a monopoly provider to start competing with its stakeholders. As Pritz put it:
“IP Watch” services are already provided by private firms, and it was not necessary for the rights protection mechanisms specific to the New gTLD Program to compete with those ongoing watch services already available.
In other words, brands are going to have to carry on paying if they want the ongoing benefits of an infringement notification service in new gTLDs.
When’s the second round?
Nothing new here. Pritz explains why the date for the second round has not been named yet.
Essentially, it’s a combination of not knowing how big the first round is going to be and not knowing how long it will take to conduct the two (or three) post-first-round reviews that ICANN has promised to the Governmental Advisory Committee.
I tackle the issue of second-round timing in considerable detail on DomainIncite PRO. My feeling is 2015.
On Whois verification
Pritz reiterates what ICANN CEO Rod Beckstrom told the Department of Commerce last week: ICANN expects that many registrars will start to verify their customers’ Whois data this year.
ICANN is currently talking to registrars about a new Registrar Accreditation Agreement that would mandate some unspecified degree of Whois verification.
This issue is at the top of the law enforcement wish list, and it was taken up with gusto by the Governmental Advisory Committee at the Dakar meeting in October.
Pritz wrote:
ICANN is currently in negotiations with its accredited registrars over amendments to the Registrar Accreditation Agreement. ICANN is negotiating amendments regarding to the verification of Whois data, and expects its accredited registrars to take action to meet the rising call for verification of data. ICANN expects that the RAA will incorporate – for the first time – Registrar commitments to verify Whois data.
He said ICANN expects to post the amendments for comment before the Costa Rica meeting in mid-March, and the measures would be in place before the first new gTLDs launch in 2013.
I’ve heard from a few registrars with knowledge of these talks that Whois verification mandates may be far from a dead-cert in the new RAA.
But by publicly stating to government, twice now, that Whois verification is expected, the registrars are under increased pressure to make it happen.
IF Whois verification is not among the RAA amendments, expect the registrars to get another dressing down from the GAC at the Costa Rica meeting this March.
On the other hand, ICANN has arguably handed them some negotiating leverage when it comes to extracting concessions, such as reduced fees.
The registrars were prodded into these talks with the GAC stick, the big question now is what kind of carrots they will be offered to adopt an RAA that will certainly raise their costs.
ICANN expects to post the proposed RAA changes for public comment by February 20.
Whois verification rules coming this year
No more Donald Duck in the Whois?
Registrars could be obliged to verify their customers’ identities when they sell domain names under new rules proposed for later this year, according to ICANN president Rod Beckstrom.
He told National Telecommunications and Information Administration boss Larry Strickling today that the new provisions could make it into the new Registrar Accreditation Agreement by March.
Beckstrom wrote:
ICANN expects that the RAA will incorporate – for the first time – Registrar commitments to verify WHOIS data. ICANN is actively considering incentives for Registrars to adopt the anticipated amendments to the RAA prior to the rollout of the first TLD in 2013.
The RAA is currently being renegotiated by ICANN and the registrar community, following governmental outrage about the RAA at its meeting in Dakar last October.
If new Whois rules are added to the RAA, it will be up to registrars to decide whether to implement them immediately or wait until their existing ICANN contracts expire — hence the need for “incentives”.
Documents ICANN has been posting following its RAA meetings have been less than illuminating, so the letter to Strickling today is the first public insight into what the new contract may contain.
Whois verification, which is often found at the top of the wish-lists of intellectual property and law enforcement communities, is of course hugely controversial.
Civil rights advocates believe that checking registrant identities will infringe on rights to privacy and free speech, while not helping to prevent crime. Actual criminals will of course not hand over their true identities when registering domain names.
The process of verifying Whois data may also wind up making domain names more expensive, due to the costs registrars will incur implementing or subscribing to automated verification systems.
Nevertheless, the anti-new-gTLDs campaign in Washington DC led by the Association of National Advertisers recently led to Whois – a separate issue – being placed firmly on the new gTLDs agenda.
The chairman of the Federal Trade Commission, as well as Strickling, both wrote to ICANN to express concern about the lack of progress on strengthening Whois over the last few years.
Beckstrom’s letter to Strickling can be read here. His reply to FTC chairman Leibowitz – which also schools him in why new gTLDs probably won’t increase fraud – can be read here.
Fight brewing over thick .com Whois
This year is likely to see a new fight over whether Verisign should be forced to create a “thick” Whois database for .com and its other generic top-level domains.
While Verisign has taken a deliberately ambivalent position on whether ICANN policy talks should kick off, the community is otherwise split on whether a mandatory thick Whois is a good idea.
Currently, only .com, .net, .name and .jobs – which are all managed on Verisign’s registry back-end – use a thin Whois model, in which domain name registrars store their customers’ data.
Other gTLDs all store registrant data centrally. Some “sponsored” gTLD registries have an even closer relationship with Whois data — ICM Registry for example verifies .xxx registrants’ identities.
But in a Preliminary Issue Report published in November, ICANN asked whether it should kick off a formal Policy Development Process that could make thick Whois a requirement in all gTLDs.
In comments filed with ICANN last week, Verisign said:
As the only existing registry services provider impacted by any future PDP on Thick Whois, Verisign will neither advocate for nor against the initiation of a PDP.
…
Verisign believes the current Whois model for .com, .net, .name and .jobs is effective and that the proper repository of registrant data is with registrars — the entities with direct connection to their customers. However, if the community, including our customers, determines through a PDP that “going thick” is now the best approach, we will respect and implement the policy decision.
Thick Whois services make it easier to find out who owns domain names. Currently, a Whois look-up for a .com domain can require multiple queries at different web sites.
While Whois aggregation services such as DomainTools can simplify searches today, they still face the risk of being blocked by dominant registrars.
The thin Whois model can also make domain transfers trickier, as we witnessed just last week when NameCheap ran into problems processing inbound transfers from Go Daddy.
ICANN’s Intellectual Property Constituency supports the transition to a thick Whois. It said in its comments:
Simplifying access to this information through thick Whois will help prevent abuses of intellectual property, and will protect the public in many ways, including by reducing the level of consumer confusion and consumer fraud in the Internet marketplace. Thick Whois enables quicker response and resolution when domain names are used for illegal, fraudulent or malicious purposes.
However, Verisign noted that a thicker Whois does not mean a more accurate Whois database – registrars will still be responsible for collecting and filing customer contact records.
There are also concerns that a thick Whois could have implications for registrant privacy. Wendy Seltzer of the Non-Commercial Users Constituency told ICANN:
Moving all data to the registry could facilitate invasion of privacy and decrease the jurisdictional control registrants have through their choice of registrar. Individual registrants in particular may be concerned that the aggregation of data in a thick WHOIS makes it more attractive to data miners and harder to confirm compliance with their local privacy laws.
This concern was echoed to an extent by Verisign, which noted that transitioning to a thick Whois would mean the transfer of large amounts of data between legal jurisdictions.
European registrars, for example, could face a problem under EU data protection laws if they transfer their customer data in bulk to US-based Verisign.
Verisign also noted that a transition to a thick Whois would dilute the longstanding notion that registrars “own” their customer relationships. It said in its comments:
As recently as the June 2011 ICANN meeting in Singapore, Verisign heard from several registrars that they are still not comfortable with Verisign holding their customers’ data. Other registrars have noted no concern with such a transition
ICANN staff will now incorporate these and other comments into its final Issue Report, which will then be sent to the GNSO Council to decide whether a PDP is required.
If the Council votes in favor of a PDP, it would be many months, if at all, before a policy binding on Verisign was created.
Whois throttling returns to bite Go Daddy on the ass
Go Daddy has been accused by a competitor of “thwarting” domain name transfers in violation of ICANN rules. (Note: story has been updated, see below).
The problem has reared its head due to the ongoing SOPA-related boycott of the company’s services, and appears to be related to Go Daddy’s decision earlier this year to throttle Whois queries.
NameCheap, one of the registrars that has been offering discounts to Go Daddy customers outraged by its recently recanted support of the controversial Stop Online Piracy Act, blogged today:
As many customers have recently complained of transfer issues, we suspect that this competitor [Go Daddy] is thwarting efforts to transfer domains away from them.
Specifically, GoDaddy appears to be returning incomplete WHOIS information to Namecheap, delaying the transfer process. This practice is against ICANN rules.
We at Namecheap believe that this action speaks volumes about the impact that informed customers are having on GoDaddy’s business.
It’s a shame that GoDaddy feels they have to block their (former) customers from voting with their dollars. We can only guess that at GoDaddy, desperate times call for desperate measures.
Part of transferring a domain from Go Daddy to NameCheap involves checking the identity of the registrant against Whois records.
Judging by a number of complaints made by Reddit readers today, it appears that NameCheap and other registrars are attempting to automatically query Go Daddy’s Whois database on port 43 at sufficient volume to trigger whatever throttling algorithm Go Daddy has in place to prevent the “harvesting” of contact data.
Go Daddy caused a similar ruckus earlier this year when it started blocking DomainTools and other Whois aggregation services from collecting full Whois records.
The registrar giant claimed then that it was trying to protect its customers by preventing the inappropriate use of their contact data.
However, while blocking a third-party information tool is merely annoying and disturbing, interfering with legitimate inter-registrar transfers could get Go Daddy into hot water, even if it is inadvertent.
NameCheap says it is doing the required Whois look-ups manually for now, and that it will honor each transfer request.
Giving Go Daddy the benefit of the doubt, I assume that this problem is ongoing largely due to the Christmas holiday, and that it will be rectified as soon as the appropriate people become aware of it.
Add this to your list of reasons .com and .net need a thick Whois.
UPDATE: All registrars have access to an ICANN service called RADAR, which enables them to specify the IP addresses they use to query competitors’ Whois databases.
Whitelisting IP addresses in this way could prevent a registrar’s queries being throttled, but not all registrars use the service.
According to this screenshot, NameCheap has not whitelisted any IP addresses in RADAR, which may be the reason it is having problems transferring Go Daddy customers’ domains to itself.
Go Daddy bans DNS harvesting
Go Daddy is blocking companies from harvesting its DNS records, the company has confirmed.
CTO Dave Koopman denied that Go Daddy has a “DNS Blackouts” policy, but confirmed that it has banned certain IP addresses from doing DNS queries for its customers’ domains. He wrote:
The rumor about “DNS Blackouts” was started by someone using Go Daddy servers to cache all Go Daddy DNS records on his personal servers for financial gain.
Back to our previous example of 100 queries a day. Instead of one person accessing 100 domain names, this individual was attempting to download tens of millions of Go Daddy DNS records – twice daily. While his behavior did not cause any system issues, we felt it best to revoke access to the offending IPs.
If Go Daddy finds unwanted activity in our network, Go Daddy takes actions to stop it.
That appears to be a reference to a blog post from DNSstuff.com founder R Scott Perry, who complained in early September about what he called a “Selective DNS Blackouts” policy.
Perry suggested that Go Daddy was trying to drum up interest in its Premium DNS service by providing poor DNS service to regular customers.
Blocking DNS queries from selected IP addresses draws to mind Go Daddy’s policy of banning DomainTools and other companies from harvesting Whois records in bulk.
In January, the company confirmed, that it was blocking commercial Whois aggregators including DomainTools. The ban appears to still be in affect for non-paying DomainTools users.
Like DomainTools, DNSstuff.com offers DNS monitoring and alerts for premium fees.
Should .com get a thick Whois?
The ICANN community has taken another baby step towards pushing VeriSign into implementing a “thick” Whois database for .com and .net domain names.
The GNSO Council yesterday voted to ask ICANN to prepare an Issue Report exploring whether to require “all incumbent gTLDs” to operate a thick Whois. Basically, that means VeriSign.
The .com and .net registries currently run on a “thin” model, whereby each accredited registrar manages their own Whois databases.
Most other gTLDs today run thick registries, as will all registries approved by ICANN under its forthcoming new gTLDs program.
The thinness of .com can cause problems during inter-registrar transfers, when gaining and losing registrars have no central authoritative database of registrant contact details to rely upon.
In fact, yesterday’s GNSO vote followed the recommendations of a working group that decided after much deliberation that a thick .com registry may help reduce bogus or contested transfers.
Trusting registrars to manage their own Whois is also a frequent source of frustration for law enforcement, trademark interests and anti-spam firms.
Failure to maintain a functional web-based or port 43 Whois interface is an often-cited problem when ICANN’s compliance department terminates rogue registrars.
Now that an Issue Report has been requested by the GNSO, the idea of a thick .com moves closer to a possible Policy Development Process, which in turn can create binding ICANN consensus policies.
There’s already a clause in VeriSign’s .com registry agreement that gives ICANN the right to demand that it creates a centralized Whois database.
Switching to a thick model would presumably not only transfer responsibility to VeriSign, but also cost and liability, which is presumably why the company seems to be resisting the move.
Don’t expect the changes to come any time soon.
Writing the Issue Report is not expected to be a priority for ICANN staff, due to their ongoing chronic resource problems, and any subsequent PDP could take years.
The alternative – for ICANN and VeriSign to come to a bilateral agreement when the .com contract comes up for renewal next year – seems unlikely given that ICANN did not make a similar requirement when .net was renegotiated earlier this year.
Hot topics for ICANN Singapore
ICANN’s 41st public meeting kicks off in Singapore on Monday, and as usual there are a whole array of controversial topics set to be debated.
As is becoming customary, the US government has filed its eleventh-hour saber-rattling surprises, undermining ICANN’s authority before its delegates’ feet have even touched the tarmac.
Here’s a high-level overview of what’s going down.
The new gTLD program
ICANN and the Governmental Advisory Committee are meeting on Sunday to see if they can reach some kind of agreement on the stickiest parts of the Applicant Guidebook.
They will fail to do so, and ICANN’s board will be forced into discussing an unfinished Guidebook, which does not have full GAC backing, during its Monday-morning special meeting.
It’s Peter Dengate Thrush’s final meeting as chairman, and many observers believe he will push through some kind of new gTLDs resolution to act as his “legacy”, as well as to fulfill the promise he made in San Francisco of a big party in Singapore.
My guess is that the resolution will approve the program in general, lay down some kind of timetable for its launch, and acknowledge that the Guidebook needs more work before it is rubber-stamped.
I think it’s likely that the days of seemingly endless cycles of redrafting and comment are over for good, however, which will come as a relief to many.
Developing nations
A big sticking point for the GAC is the price that new gTLD applicants from developing nations will have to pay – it wants eligible, needy applicants to get a 76% discount, from $185,000 to $44,000.
The GAC has called this issue something that needs sorting out “as a matter of urgency”, but ICANN’s policy is currently a flimsy draft in desperate need of work.
The so-called JAS working group, tasked with creating the policy, currently wants governmental entities excluded from the support program, which has made the GAC, predictably, unhappy.
The JAS has proven controversial in other quarters too, particularly the GNSO Council.
Most recently, ICANN director Katim Touray, who’s from Gambia, said the Council had been “rather slow” to approve the JAS’s latest milestone report, which, he said:
might well be construed by many as an effort by the GNSO to scuttle the entire process of seeking ways and means to provide support to needy new gTLD applicants
This irked Council chair Stephane Van Gelder, who rattled off a response pointing out that the GNSO had painstakingly followed its procedures as required under the ICANN bylaws.
Watch out for friction there.
Simply, there’s no way this matter can be put to bed in Singapore, but it will be the topic of intense discussions because the new gTLD program cannot sensibly launch without it.
The IANA contract
The US National Telecommunications and Information Administration wants to beef up the IANA contract to make ICANN more accountable to the NTIA and, implicitly, the GAC.
Basically, IANA is being leveraged as a way to make sure that .porn and .gay (and any other TLD not acceptable to the world’s most miserable regimes) never make it onto the internet.
If at least one person does not stand up during the public forum on Thursday to complain that ICANN is nothing more than a lackey of the United States, I’d be surprised. My money’s on Khaled Fattal.
Vertical integration
The eleventh hour surprise I referred to earlier.
The US Department of Justice, Antitrust Division, informed ICANN this week that its plan to allow gTLD registries such as VeriSign, Neustar and Afilias to own affiliated registrars was “misguided”.
I found the letter (pdf) utterly baffling. It seems to say that the DoJ would not be able to advise ICANN on competition matters, despite the fact that the letter itself contains a whole bunch of such advice.
The letter has basically scuppered VeriSign’s chances of ever buying a registrar, but I don’t think anybody thought that would happen anyway.
Neustar is likely to be the most publicly annoyed by this, given how vocally it has pursued its vertical integration plans, but I expect Afilias and others will be bugged by this development too.
The DoJ’s position is likely to be backed up by Europe, now that the NTIA’s Larry Strickling and European Commissioner Neelie Kroes are BFFs.
Cybercrime
Cybercrime is huge at the moment, what with governments arming themselves with legions of hackers and groups such as LulzSec and Anonymous knocking down sites like dominoes.
The DNS abuse forum during ICANN meetings, slated for Monday, is usually populated by pissed-off cops demanding stricter enforcement of Whois accuracy.
They’ve been getting louder during recent meetings, a trend I expect to continue until somebody listens.
This is known as “engaging”.
Geek stuff
IPv6, DNSSEC and Internationalized Domain Names, in other words. There are sessions on all three of these important topics, but they rarely gather much attention from the policy wonks.
With IPv6 and DNSSEC, we’re basically looking at problems of adoption. With IDNs, there’s impenetrably technical stuff to discuss relating to code tables and variant strings.
The DNSSEC session is usually worth a listen if you’re into that kind of thing.
The board meeting
Unusually, the board’s discussion of the Guidebook has been bounced to Monday, leading to a Friday board meeting with not very much to excite.
VeriSign will get its .net contract renewed, no doubt.
The report from the GAC-board joint working group, which may reveal how the two can work together less painfully in future, also could be interesting.
Anyway…
Enough of this blather, I’ve got a plane to catch.
Does Obama endorse Whois privacy?
The US government today released its latest International Strategy For Cyberspace, and it seems to acknowledge privacy rights in domain name registration.
The 30-page document (pdf) envisions a future of the internet that is “open, interoperable, secure, and reliable” and “supports international trade and commerce, strengthens international security, and fosters free expression and innovation”.
It calls for the US and its international partners to set norms that value free speech, security, privacy, respect for intellectual property and (because this is America, remember) the right to self-defense.
Domain names get a mention, in a statement that could be read, without much of a stretch of the imagination, as support in principle for private Whois records:
In this future, individuals and businesses can quickly and easily obtain the tools necessary to set up their own presence online; domain names and addresses are available, secure, and properly maintained, without onerous licenses or unreasonable disclosures of personal information.
That’s open to interpretation, of course – you could debate for years about what is “unreasonable” – but I’m surprised Whois privacy merited even an oblique reference.
Most government and law enforcement statements on the topic tend to pull in the opposite direction.
The new strategy also seems to give ICANN – or at least the ICANN model – the Administration’s support, in a paragraph worth quoting in full:
Preserve global network security and stability, including the domain name system (DNS). Given the Internet’s importance to the world’s economy, it is essential that this network of networks and its underlying infrastructure, the DNS, remain stable and secure. To ensure this continued stability and security, it is imperative that we and the rest of the world continue to recognize the contributions of its full range of stakeholders, particularly those organizations and technical experts vital to the technical operation of the Internet. The United States recognizes that the effective coordination of these resources has facilitated the Internet’s success, and will continue to support those effective, multi-stakeholder processes.
.xxx introduces the 48-hour UDRP
The forthcoming .xxx top-level domain will have some of the strictest abuse policies yet, including a super-fast alternative to the UDRP for cybersquatting cases.
With ICM Registry likely to sign its registry contract with ICANN soon, I thought I’d take another look at some of its planned policies.
I’d almost forgotten how tight they were.
Don’t expect much privacy
ICM plans to verify your identity before you register a .xxx domain.
While the details of how this will be carried out have not yet been revealed, I expect the company to turn to third-party sources to verify that the details entered into the Whois match a real person.
Registrants will also have to verify their email addresses and have their IP addresses recorded.
Whois privacy/proxy services offered by registrars will have to be pre-approved by ICM, “limited to services that have demonstrated responsible and responsive business practices”.
Registrants using such services will still have their full verified details stored by the registry, in contrast to TLDs such as .com, where the true identity of a registrant is only known to the proxy service.
None of these measures are foolproof, of course, but they would raise barriers to cybersquatting not found in other TLDs.
Really rapid suspension
The .xxx domain will of course abide by the UDRP when it comes to cybersquatting complaints, but it is planning another, far more Draconian suspension policy called Rapid Takedown.
Noting that “the majority of UDRP cases involve obvious variants of well-known trademarks”, ICM says it “does not believe that the clearest cases of abusive domain registration require the expense and time involved in traditional UDRP filings.”
The Rapid Takedown policy is modeled on the Digital Millennium Copyright Act. Trademark holders will be able to make a cybersquatting complaint and have it heard within 48 hours.
Complaints will comprise a “simple statement of a claim involving a well-known or otherwise inherently distinctive mark and a domain name for which no conceivable good faith basis exists”.
A “response team” of UDRP panelists will decide on that basis whether to suspend the domain, although it does not appear that ownership will be transferred as a result.
X strikes and you’re out
ICM plans to disqualify repeat cybersquatters from holding any .xxx domains, whether all their domains infringe trademarks or not.
The policy is not fully fleshed out, so it’s not yet clear how many infringing domains you’d have to own before you lose your .xxx privileges.
High-volume domain investors would therefore be advised to make sure they have clean portfolios, or risk losing their whole investment.
Gaming restrictions
ICM plans to allow IP rights holders to buy long-term, deep-discount registrations for non-resolving .xxx domains. As I’ve written before, Disney doesn’t necessarily want disney.xxx to point anywhere.
That would obviously appeal to volume speculators who don’t fancy the $60-a-year registry fee, so the company plans to create a policy stating that non-resolving domains will not be able to convert to normal domains.
There’s also going to be something called the Charter Eligibility Dispute Resolution Process, which which “will be available to challenge any resolving registration to an entity that is not qualified to register a resolving name in the .xxx TLD”.
This seems to suggest that somebody (think: a well-funded church) who does not identify as a member of the porn industry would be at risk of losing their .xxx domains.
The CEDRP, like most of the abuse policies the registry is planning, has not yet been fully fleshed out.
I’m told ICM is working on that at the moment. In the meantime, its policy plans are outlined in this PDF.
Recent Comments