Recent Posts
- Americans and ICANNers avoid Kigali in droves
- RDRS stats improve a little in June
- Unstoppable Domains goes down after domain hijack
- Four more gTLDs in emergency measures
- New gTLDs and ccTLDs drive domain universe growth
- Eight interesting recent dot-brand registrations
- .me premium sales down
- Pride fails to reverse gay domains decline
- Unstoppable announces another new gTLD bid
- Blockchain naming firm gets ICANN accreditation
- ICANN takes over gTLD after Whois failures
- Verisign: would-be .com contract killers are “wrong”
- Five gTLDs at risk as registry goes AWOL
- Groups make flawed case that .com is a cartel
- RDRS usage hits all-time low
- A dot-brand so unloved they killed it twice
- PorkBun hits two million domain milestone
- Crawford returns to industry to head up Com Laude
- ICANN financial data dump a damp squib?
- Unstoppable plotting manga-themed gTLDs
- Governments call for new gTLD auctions ban
- ICANN names new CEO, and it isn’t Costerton
- ICANN: We will NOT police content
- More sticker shock as new gTLD fees could top $300,000
- ICANN slashes staff and domain prices could rise
- Secret new gTLD application revealed
- WhatsApp now linkifying new gTLDs, but…
- Outrage over ICANN’s new gTLD fees
- Barrett gets second term on ICANN board
- DotMusic delays gTLD launch again
- .tm prices to skyrocket next week
- Bitcoin gTLD gets launch dates
- First metaverse gTLD is announced
- Alibaba off the naughty step
- ICANN to kill auction fund bylaws change
- The people have spoken on RDRS and they said “Meh”
- ICANN restarts work on controversial Whois privacy rules
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
GAC threat looms over ICANN Beijing
How the Governmental Advisory Committee handles its advice on new gTLD applications seems to be a big worry at the ICANN public meeting in Beijing this week.
During a session yesterday, new gTLD program vice president Christine Willett was peppered with questions about the approval process going forward, many of which related to the GAC.
There’s also a lot of gossiping about which applications the GAC is thinking about delivering the kiss of death to, and what its advice will mean to the overall program timetable.
DI is not attending the Beijing meeting in person, but here’s what I’ve learned from remote participation and talking to attendees:
Confusion over the GAC Advice standard
Judging by interactions during Willett’s session, there may be a little bit of confusion about whether GAC Advice needs to be “consensus” GAC Advice in order to halt a new gTLD application.
I think the confusion is mainly due to the way some people (Willett and myself included) use phrases such as “non-consensus GAC Advice” as shorthand for a particular paragraph of the Applicant Guidebook.
Here’s the way I understand it:
All GAC Advice — including Advice sent on issues completely unrelated to the new gTLD program — is consensus GAC Advice.
If the GAC sends written Advice to the ICANN board, it means the GAC has reached consensus to send that Advice, even if the Advice itself reflects a lack of consensus on the specifics.
Confusion in the community is arising now because the Applicant Guidebook also talks about three types of “GAC Advice on New gTLDs”, the first of which is:
The GAC advises ICANN that it is the consensus of the GAC that a particular application should not proceed. This will create a strong presumption for the ICANN Board that the application should not be approved.
That’s describing a situation where the GAC has reached a consensus that an application should be rejected. It’s going to sound the death knell for several applications, without doubt.
The second type of GAC Advice on New gTLDs in the Guidebook is:
The GAC advises ICANN that there are concerns about a particular application “dot-example.” The ICANN Board is expected to enter into dialogue with the GAC to understand the scope of concerns. The ICANN Board is also expected to provide a rationale for its decision.
The language was written by the GAC, using its consensus model, which is why it’s so badly worded.
What it means is that the GAC could not find consensus to kill off an application — some governments want it killed off, some don’t — but that the GAC as a whole reached consensus to tell ICANN that some governments do want it killed off.
So when people talk about “non-consensus” Advice, we’re referring to this second form of GAC Advice on New gTLDs, where the GAC could reached consensus to alert ICANN about “concerns” but could not reach consensus that the application should be taken outside and shot.
Which applications are going to get Advice?
The GAC stated last week that 20 applications had been put forward for specific review at the Beijing meeting.
From what I’ve been able to piece together from the GAC’s public hints, its Early Warnings, and sources in Beijing, I think I’ve identified many of these applications.
I’m pretty certain that DotConnectAfrica’s application for .africa is going to get killer Advice.
I’m not picking on DCA (disclosure: DCA accused me of being part of a racist conspiracy) but it is the only remaining applicant to comprehensively ignore ICANN’s rules on geographic names.
It’s also well-known that Amazon’s application for .amazon (and translations), and Patagonia Inc’s application for .patagonia, both of which were not captured by ICANN’s rules on geography, are unloved by Latin American governments.
The Montevideo Declaration, signed by government ministers from the continent last week, specifically condemns any new gTLDs related to Amazonia and Patagonia.
It’s difficult to see how the GAC could ignore the strength of this position, but it’s always possible that some members may have been lobbied into submission by applicants, therefore spoiling consensus.
Other geographic strings that ICANN’s rules did not identify as geographic may also face Advice.
It’s known that .persiangulf, for example, is racially/culturally divisive because the same body of water is also known as the Arabian Gulf by Arab states in the region.
The Japanese government’s Early Warning against .date (issued because there are two cities in Japan that, when translated into Latin characters, are called Date) is also believed to have been put forward for formal GAC Advice.
Outside of geographic names, I hear that .basketball and .rugby are also on the GAC’s shortlist.
These are interesting cases because the governments with the beef (Greece and the UK) are not concerned about the strings themselves. Rather, they want to make sure their preferred applicant wins.
Both gTLDs are contested, and each contention set has one applicant backed by the official world authority for the sport concerned.
If the GAC issues Advice on either, it’s putting itself in the position of picking winners and losers, which could make for some frenetic lobbying in future application rounds.
The application for .uno is believed to be under discussion in the GAC because it clashes with the acronym of an intergovernmental organization.
It also seems pretty certain that Demand Media’s applications for .navy, .army and .airforce are going to get Advice in one form or another. The US, I gather, is adamant that these bids should be rejected at all costs.
How GAC Advice affects the timetable
Willett said yesterday that ICANN expects to receive the GAC’s Advice this week, which should come as some relief to applicants given that the timing has always been a bit vague.
But it’s still not clear what form the Advice will take.
Sure, there’s bound to be some bits of Advice that call out specific applications for death-by-board, but there may also be Advice that addresses certain “categories” of application.
If that happens, and the GAC does not explicitly state which applications fall into which category, there’s the potential for mass confusion following the Beijing meeting.
I raised this specter last week, and it cropped up again during Willett’s session in Beijing yesterday.
What I forgot about last week, and what Willett was quizzed about yesterday, is that the Guidebook gives applicants with GAC Advice 21 days to respond to it before the ICANN board acts.
“I’m concerned that whereby the GAC Advice is such that it is all-encompassing and non-exhaustive that therefore all applicants must respond and all applicants are waiting another 21 days,” ARI Registry Services CEO Adrian Kinderis asked. “No applicant can proceed, because they’re all impacted.”
“If that hypothetical situation occurs, I think that’s possible,” Willett responded.
I other words, if the GAC delivers broad advice this week that does not name specific applications, it’s possible that every applicant would have 21 days to tell ICANN’s board why they’re not affected.
That would completely balls up ICANN’s plan to sign its first registry agreements on April 23.
Six big reasons we won’t see any new gTLD launches until Q3
ICANN’s announcement of a big media bash in New York on April 23, to announce the launch of new gTLDs, has gotten many people thinking the first launches are imminent.
Wrong.
We’re not going to see any new gTLD domains on sale until the third quarter at the earliest, in my view, and here are a few good reasons why.
April 23 is just a PR thing
ICANN has said that April 23 is primarily about awareness-raising.
Not only does it hope to garner plenty of column inches talking about new gTLDs — helping the marketing efforts of their registries — it also hopes to ceremonially sign the first Registry Agreements.
I think CEO Fadi Chehade’s push to make the industry look more respectable will also play a part, with the promotion of the Registrant Rights and Responsibilities document.
But there’s never been any suggestion that any strings will be delegated at that time, much less go live.
The contracts are still hugely controversial
If ICANN wants to sign a Registry Agreement on April 23, it’s going to need a Registry Agreement to sign.
Right now, applicants are up in arms about ICANN’s demand for greater powers to amend the contract in future.
While ICANN has toned down its proposals, they may still be unacceptable to many registries and gTLD applicants.
Applicants have some impetus to reach agreement quickly — because they want to launch and start making money as soon as possible.
But ICANN wants the same powers added to the 2013 Registrar Accreditation Agreement, and registrars are generally less worried about the speedy approval of new gTLDs.
ICANN has tied the approval of the RA and the RAA together — only registrars on the new RAA will be able to sell domains in new gTLDs.
Chehade has also made it clear that agreement on the new RAA is a gating issue for new gTLD launches.
If registries, registrars and ICANN can’t settle these issues in Beijing, it’s hard to see how any contracts could be signed April 23. The first launch would be delayed accordingly.
GAC Advice might not be what we’re expecting
GAC Advice on New gTLDs is, in my view, the biggest gating issue applicants are facing right now.
GAC Advice is an integral part of the approval process outlined in the Applicant Guidebook and ICANN has said many times that it cannot and will not sign any contracts until the GAC has spoken.
But what does that mean from a process and timing point of view?
According to the Applicant Guidebook, if an application receives GAC Advice, it gets shunted from the main evaluation track to the ICANN board of directors for consideration.
It’s the only time the ICANN board has to get directly involved with the approval process, according to the Guidebook’s rather complex flow-charts.
GAC Advice is not an automatic death sentence, but any application the GAC is unanimously opposed to stands a very slim chance of getting approved by the board.
Given that ICANN is has said it will not sign contracts until it has received GAC Advice, and given that it has said it wants to sign the first contract April 23, it’s clearly expecting to know which applications are problematic and which are not during the next three weeks.
But I don’t think that’s necessarily going to happen. The GAC moves slowly and it has a track record of missing ICANN-imposed deadlines, which it often seems to regard as irksome.
Neither ICANN nor the GAC have ever said GAC Advice on New gTLDs will be issued during next week’s public meeting in Beijing. If a time is given it’s usually “after” or “following” Beijing.
And I don’t think the GAC, which decided against holding an inter-sessional meeting between Toronto and Beijing, is remotely close to providing a full list of specific applications of concern.
I do think a small number of slam-dunk bad applications – such as DotConnectAfrica’s .africa bid – will get Advised against during or after the Beijing meeting.
But I also think the GAC is likely to issue Advice that is much broader, and which may not provide the detail ICANN needs to carry the process forward for many applicants.
The GAC, in its most recent (delayed) update, is still talking about “categories” of concern – such as “consumer protection” and “geographical names” – some of which are very broad indeed.
Given the limited amount of time available to it in Beijing, I think it’s quite likely that the GAC is going to produce advice about categories as well as about individual applications.
And, crucially, I don’t think it’s necessarily going to give ICANN a comprehensive list of which specific applications fall into which categories.
If the GAC decides to issue Advice under the banner of “consumer protection”, for example, somebody is going to have to decide which applications are captured by that advice.
Is that just strings that relate to regulated industries such as pharmaceuticals or banking? Or is it any string that relates to selling stuff? What about .shop and .car? Shops and cars are “regulated” by consumer protection and safety laws in most countries.
Deciding which Advice covered which applications would not be an easy task, nor would it be a quick one. I don’t think the GAC has done this work yet, nor do I think it will in Beijing.
For the GAC to reach consensus advice against specific applications will in some cases require GAC representatives to return to their capitals for guidance, which would add delay.
There is, in my view, a very real possibility of more discussions being needed following Beijing, just in order to make sense of what the GAC comes up with.
The new gTLD approval process needs the GAC to provide a list of specific applications or strings with which it has concerns, and we may not see that before April 23.
ICANN may get a short list of applications that definitely do have Advice by then, but it won’t necessarily know which applications do not, which may complicate the contract-signing process.
The Trademark Clearinghouse still needs testing
The Trademark Clearinghouse is already, in one sense, open for business. Trademark owners have been able to submit their marks for validation for a couple of weeks now.
But the hard integration work has not been done yet, because the technical specifications the registries and registrars need to interface with IBM’s TMCH database have not all been finalized.
When the specs are done (it seems likely this will happen in the next few weeks), registries and registrars will need to finish writing their software and start production testing.
ICANN’s working timetable has the TMCH going live July 1, but companies that know much more than me about the technical issues at play here say it’s unlikely that they’ll be ready to go live with Sunrise and Trademark Claims services before August.
It’s in everyone’s interests to get all the bugs ironed out before launch.
For new gTLD registries, a failure of the centralized TMCH database could mean embarrassing bugs and downtime during their critical launch periods.
Trademark owners and domain registrants may also be concerned about the potential for loopholes.
For example, it’s still not clear to some how Trademark Claims – which notifies registrants when there’s a clash between a trademark and a domain they want – will interact with landrush periods.
Does the registrant only get a warning when they apply for the domain, which could be some weeks before a landrush auction? If so, what happens if a mark is submitted to the TMCH between the application and the auction and ultimate registration?
Is that a loophole to bypass Trademark Claims? Could a registrant get hit by a Claim after they’ve just spent thousands to register a domain?
These are the kinds of things that will need to be ironed out before the TMCH goes fully live.
There’s a sunrise notice period
The sunrise period is the first stage of launch in which customers get to register domain names.
Lest we forget, ICANN recently decided to implement a mandatory 30-day notice period for every new gTLD sunrise period. This adds a month to every registry’s go-live runway.
Because gTLD sunrise periods from now on all have to use the TMCH, registries may have to wait until the Clearinghouse is operational before announcing their sunrise dates.
If the TMCH goes live in July, this would push the first launch dates out until August.
Super-eager registries may of course announce their sunrise period as soon as they are able, and then delay it as necessary to accommodate the TMCH, but this might carry public relations risks.
Verisign’s security scare
It’s still not clear how Verisign’s warning about the security risks of launching new gTLDs on the current timetable will be received in Beijing.
If the GAC reckons Verisign’s “concerns” are valid, particularly on the issue of root zone stability, ICANN will have to do a lot of reassuring to avoid being advised to delay its schedule.
Could ICANN offer to finish off its work of root zone automation, for example, before delegating new gTLDs? To do so would add months to the roll-out timetable.
ANA calls for new gTLDs delay, again
The Association of National Advertisers has seized upon Verisign’s recent report into the security risks of ICANN’s new gTLD timetable to call for delays to the program.
In a blog post yesterday, ANA vice president Dan Jaffe said ICANN’s dismissal of the surprising Verisign letter is “like the Captain of the Titanic before the crash saying that the dangers of icebergs had been discussed for years.”
The post highlights the lack of finalized Trademark Clearinghouse specs as “one of the greatest concerns”, saying “millions of customers are the ones who will face harm”.
That’s not strictly true, of course. New gTLD registries are contractually unable to launch until the TMCH is ready, so the risk of registrants being harmed by the lack of specs today is a non-starter.
The ANA also points to ongoing concerns about proposed TLDs such as .corp and .home, which run the risk of clashing with existing private TLDs used on internal corporate and ISP networks.
It’s on much firmer ground here. If a user tries to access a LAN resource on a .corp domain while roaming, what’s to stop them sending sensitive data to a third-party web site instead?
I’ve yet to see a compelling reason why this is not a problem, but it’s not yet known whether the many applications for .corp, .home and similar strings have passed their ICANN technical evaluations.
The ICANN application form asked applicants to disclose potential operational problems such as these, but some applicants that were very familiar with the problem decided not to do so.
But the ANA’s main concern is its belief that new gTLDs will increase cybersquatting and increase the cost of defensive registrations, of course.
“Adequate steps have not been taken to protect Internet users, and we are headed toward uncharted waters with major danger to consumers, brandholders, and the Internet itself,” Jaffe wrote.
“The only prudent action for ICANN now is to delay this arbitrary domain name roll-out until it has fixed these very serious problems.”
ICANN tones down power grab in new gTLD contract
ICANN has published a new version of its Registry Agreement for new gTLD operators that waters down the controversial unilateral right to amend provisions.
The revised RA, available for review here, makes it harder for ICANN to force new rules on registries without their consent, at least when compared to the version published in February.
The Special Amendment process is designed to allow ICANN to change the contract when it’s in the public interest.
DI outlined the changes to the process last week.
While most of the changes we described have in fact made it to the published RA, we were wrong on one count: despite what we reported, ICANN directors with conflicts of interest will not be able to vote.
That means representatives of registries and registrars won’t get a say when the board discusses their contracts.
A couple of other significant changes are apparent:
- Concessions to dot-brand registries. It would now be harder for ICANN to redelegate a dot-brand to another operator if the registry abandons its gTLD. ICANN has never had any intention of doing so, of course, but the relative lack of safeguards have been making dot-brand applicants nervous for years. Now, existing intellectual property rights would be taken into consideration during redelegation decisions.
- More secrecy. There’s a new section on “confidential information”, along with references to it sprinkled throughout, designed to protect trade secrets registries may disclose to ICANN.
ICANN CEO Fadi Chehade is expected to play hard-ball on these changes, according to recent reports.
Because registries get a perpetual right of renewal, and because it’s uncertain how the power balance will hang in policy-making, ICANN believes it would be irresponsible to sign an RA that does not give it the right to step in an protect the public interest in future.
Governments expand gTLD objection shortlist
With the start of its meetings in Beijing just a couple of days away, ICANN’s Governmental Advisory Committee has handed out clues as to which new gTLDs it might object to.
The GAC says that 20 specific bids have already been put forward by one government as potential recipients of GAC Advice, but that there are nine broad categories of concern.
Some of the categories seem to obviously apply to certain narrow types of gTLD, while others are broad enough to catch almost any bid the GAC doesn’t like the look of.
Any application that receives adverse GAC Advice at the end of the Beijing meeting faces, at the very least, a prolonged approval process along the lines of what .xxx had to endure.
The worst-case scenario is rejection of the bid by the ICANN board of directors.
These are the GAC’s categories, along with some educated guesses about which strings they could apply to:
- “Consumer protection” — could apply to anything, depending on how well-lobbied the GAC has been by a particular interest group. Any gTLD that could implausibly be argued to increase the risk of counterfeiting may show up here. A liberal interpretation could well capture .music or sports-related strings.
- “Strings that are linked to regulated market sectors, such as the financial, health and charity sectors” — Dozens of applications, such as those for .lawyer, .doctor, .health .bank, and .charity — will fall into this category.
- “Competition issues” — This most likely applies to applications for category-killer dictionary words where the applicant is already a dominant player in the relevant market, such as Google’s bid for .search or Amazon’s for .book.
- “Strings that have broad or multiple uses or meanings, and where one entity is seeking exclusive use” — Again, this could apply to the many controversial “closed” gTLD applications.
- “Religious terms where the applicant has no, or limited, support from the relevant religious organisations or the religious community” — I suspect that the the Vatican’s application for .catholic is less at risk than a Turkish company’s bid for .islam. Any Islam-related domains are likely to fail the “support” test, given the lack of centralized control over the religion.
- “Minimising the need for defensive registrations” — A category that seems to have been specially created for .sucks.
- “Protection of geographic names” — Most probably will be used to kill off DotConnectAfrica’s application for .africa and Patagonia Inc’s application for .patagonia. But will Amazon’s dot-brand bid also fall foul?
- “Intellectual property rights particularly in relation to strings aimed at the distribution of music, video and other digital material” — If the GAC buys into the lobbying and believes that an unrestricted .music or .movie gTLD would increase piracy, expect objections to some of those bids. The GAC doesn’t have to provide a shred of evidence to support its Advice at first, remember, so this is not as ludicrous a possibility as it sounds.
- “Support for applications submitted by global authorities” — This is a newly added category. If the GAC is proposing to submit advice in support of one application in a contention set, there’s no mechanism ICANN can use to ensure that he supported applicant wins the set. The Advice may turn out to be useless. Certain sports-related applications are among those with “global authority” backing.
- “Corporate Identifier gTLDs” — Not, as this post originally speculated, dot-brands. Rather, this applies to the likes of .inc, .corp, .llc and so on.
- “Strings that represent inherent government functions and/or activities” — Expect military-themed gTLDs such as .army and .navy to feature prominently here. Could also cover education and healthcare, depending on the government.
The GAC also plans to consider at least 20 specific applications that have been put forward as problematic by one or more governments, as follows:
Community name where the applicant does not have support from the community or the government: 1
Consumer protection: 2
Name of an Intergovernmental Organisation (IGO): 1
Protection of geographic names: 9
Religious terms: 2
Strings applied for that represent inherent government functions and/or activities: 3
Support for applications submitted by global authorities: 2
ICANN plans to formally approve the first batch of new gTLDs, with much ceremony, at an event in New York on April 23, but has said it will not approve any until it has received the GAC’s Advice.
The GAC is on the clock, in other words.
While it’s been discussing the new gTLDs on private mailing lists since last year’s Toronto meeting, it’s already missed at least self-imposed deadline. The information released today was due to be published in February.
While the ICANN Beijing meeting does not officially begin until next Monday, and the rest of the community starts its pre-meeting sessions at the weekend, the GAC starts its closed-session meetings this Thursday.
Chehade says “no delay” as Verisign drops a security bomb on ICANN
Verisign today said that the new gTLD program presents risks to the security of the internet, but ICANN CEO Fadi Chehade told DI that he’s not expecting any new delays.
The .com behemoth tonight delivered a scathing review of the security and stability risks of launching new gTLDs on ICANN’s current timetable.
The new Verisign report catalogs the myriad ways in which ICANN is not ready to start approving new gTLDs, and the various security problems they could cause if launched without due care.
It strongly suggests that ICANN should delay the program until its concerns are addressed.
But Chehade, in an exclusive interview with DI tonight, rebutted the already-emerging conspiracy theories and said: “There’s nothing new here that would cause me to predict a new delay.”
What does the Verisign report say?
It’s a 21-page document, and it covers a lot of ground.
The gist of it is that ICANN is rushing to launch new gTLDs without paying enough attention to the potential security and stability risks that a vast influx of new gTLDs could cause.
It covers about a dozen main points, but here are the highlights:
- Certificate authorities and browser makers are not ready. CAs have long issued certificates for use on organizations’ internal networks. In many cases, these certs will use TLDs that only exist on that internal network. A company might have a private .mail TLD, for example, and use certs to secure those domains for its users. The CA/Browser Forum, which coordinates CAs and browser makers, has decided (pdf) to deprecate these certs, but not until October 2016. This, Verisign says, creates a “vulnerability window” of three years during which attackers could exploit clashes between certs on internal TLDs and new gTLDs.
- Root server operators are not ready. The organizations that run the 13 DNS root servers do not currently coordinate their performance metrics, Verisign said. This makes it difficult to see what impact new gTLDs will have on root server stability. “The current inability to view the root server system’s performance as a whole presents a risk when combined with the impending delegation of the multitude of new gTLDs,” Verisign said.
- Root zone automation isn’t done yet. ICANN, Verisign and the US Department of Commerce are responsible for adding new gTLDs to the root zone, and work on automating the “TLD add” process is not yet complete. Verisign reckons this could cause “data integrity” problems at the root.
- The Trademark Clearinghouse is not ready. Delays in finalizing the TMCH technical specs mean registries haven’t had sufficient time to build their interfaces and test them, and the TMCH itself is a potential single point of failure with an unknown attack profile.
- Universal acceptance of new TLDs. Verisign points out that new gTLDs won’t be immediately available to users when they go live due to lack of software support. It points specifically to the ill-maintained Public Suffix List, used by browsers to set cookie boundaries, as a potential risk factor.
- A bunch of other stuff. The report highlights issues such as zone file access, data escrow, Whois and pre-delegation testing where Verisign reckons ICANN has not given registries enough time to prepare.
Basically, Verisign has thrown pretty much every risk factor it can think of into the document.
Some of the issues of concern have been well-discussed in the ICANN community at large, others not so much.
Yeah, yeah, but what did Fadi say?
Chehade told DI this evening that he was surprised by the report. He said he’s been briefed on its contents today and that there’s “nothing new” in it. The program is “on track”, he said.
“What is most surprising here is that there is nothing new,” he said. “I’m trying to get my finger on what is new here and I can’t find it.”
“It was very surprising to see this cornucopia of things put together,” he said. “I’m struggling to see how the Trademark Clearinghouse has a security impact, for example.”
He added that some of Verisign’s other concerns, such as the fact that the Emergency Back-End Registry Operator is not yet up and running, are confusing given that existing TLDs don’t have EBEROs.
The report could be divided into two buckets, he said: those things related to ICANN’s operational readiness and those things related to the DNS root.
“Are these operational issues really security and stability risks, and given that we can only launch TLDs when these things are done… what’s the issue there?” he said.
On the DNS root issues, he pointed to a November 2012 report, signed by Verisign, that said the root is ready to take 1,000 new gTLDs a year or 100 a week.
So the Conspiracy Theory is wrong?
When ICANN held a webinar for new gTLD applicants earlier this week, Chehade spent an inordinate amount of time banging home the point that security and stability concerns underpin every stage of the new gTLD program’s timetable.
As this slide from his presentation (click to enlarge) illustrates, security, stability and resiliency or “SSR” is the foundation of every timing assumption.
He said during the webinar:
Nothing will trump the gTLD process, nothing, but the SSR layer. The SSR layer is paramount. It is our number one responsibility to the internet community. Nothing will be done that jeopardizes the security and stability of the internet, period.
At any time if we as a community do not believe that all relevant security and stability matters have been addressed, if we do not believe that’s the case, the program freezes, period.
There is too much riding on the DNS. Hundreds of billions of dollars of commerce. Some may say livelihoods. We will not jeopardize it, not on my watch, not during my administration.
During the webinar, I was lurking on an unofficial chat room of registries, registrars and others, where the mood at that point could be encapsulated by: “Shit, what does Chehade know that he’s not telling us?”
Most people listening to the webinar were immediately suspicious that Chehade was expecting to receive some last-minute security and stability advice and that he was preparing the ground for delay.
The Verisign report was immediately taken as confirmation that their suspicions were correct.
It seemed quite likely that ICANN knew in advance that the report was coming down the pike and was not-so-subtly readying applicants for a serious SSR discussion in Beijing a little over a week from now.
When I asked Chehade a few times whether he knew the Verisign report was coming in advance, he declined to give a straight answer.
My feeling is he probably did, though he may not have known precisely what it was going to say. The question is perhaps less relevant given what he said about its contents.
But what Chehade thinks right now is probably not the biggest concern for new gTLD applicants.
The GAC’s reaction is now critical
The Verisign document could be seen as pure GAC fodder. How the Governmental Advisory Committee reacts to the report, which was CC’d to the US Department of Commerce, is now key.
The GAC has been banging on about root system stability for years and will, in my view, lap up anything that seems to prove that it was right all along.
The GAC will raise the Verisign report with ICANN in Beijing and, if it doesn’t like what it hears, it might advise delay. GAC advice is a lot harder for ICANN’s board to ignore than a self-serving Verisign report.
What’s Verisign playing at?
So why did Verisign issue the report now? I’ve been unable to get the company on the phone at this late hour, but I’ve asked some other industry folk for their responses.
Verisign’s super-lucrative .com contract is the obvious place to start theorizing.
Even though the company has over 200 new gTLD back-end contracts — largely with dot-brand applicants — .com is its cash cow and new gTLDs are a potential threat to that business.
The company has sounded a little more aggressive — talking about enforcing its patents and refusing to comply with ICANN’s audits — since the US Department of Commerce ordered a six-year .com price freeze last November.
But Chehade would not speculate too much about Verisign’s motives.
“I can’t read why this report and why now,” Chehade said. “Especially when there’s nothing new in it. That’s not for me to figure out. It’s for me to look at this report with a critical eye and understand if there’s something we’re not addressing. If there is, and we find it, we’ll address it.”
He pointed to a flurry of phone calls and emails to his desk after the Initial Evaluation results started getting published last week for a possible reason for the report’s timing.
“I think the real change that’s happened in the last few months is that the new gTLD program is now on track and for the first time people are seeing it coming,” he said.
Competitors were more blunt.
“It’s a bloody long report,” said ARI Registry Services CEO Adrian Kinderis. “Had they put the same amount of effort into working with ICANN, we’d be a lot better off on the particular issues.”
Loophole gives trademark owners unlimited Clearinghouse records
Trademark owners will be able to add potentially thousands of strings to the Trademark Clearinghouse due to a recently introduced loophole, it emerged last night.
ICANN recently said that it will allow mark holders to add up to 50 strings related to their trademarks to their TMCH records, if the strings have been abused in the past.
It was one of the controversial “strawman” proposals that ICANN decided to adopt earlier this month.
Companies would be able to get protection for “mark+keyword” strings, for example, if a UDRP decision or court ruling had previously found that the strings had been cybersquatted.
The 50-string cap appeared to have been picked rather arbitrarily, but it turns out it’s more-or-less irrelevant anyway.
ICANN confirmed on its webinar for new gTLD applicants last night that the limit is 50 additional strings per entry in the Clearinghouse, not 50 strings per trademarked string.
What this means is that a company that has registered its trademark in multiple jurisdictions will be able to get 50 extra strings for each of those marks it enters into the Clearinghouse.
If Apple had a registered mark for “Apple” in the US and a registered mark for “Apple” in Bolivia, it would be able to submit both to the Clearinghouse and get an additional 100 “apple+keyword” records.
If it had the mark registered in 100 countries, it could put up to 5,000 more strings in the Clearinghouse.
Each string could be used to generate Trademark Claims notices, but not to secure registrations during Sunrise periods.
The apparent loophole and its implications were raised by Reg Levy of Minds + Machines during last night’s ICANN call.
In practice, the number of additional strings mark holders would qualify for would be capped by the number of trademark jurisdictions in the world and/or the number of UDRP decisions they’d won.
Few companies have secured more than a few hundred domains at UDRP to date, meaning it won’t be too difficult for trademark owners to get Trademark Claims protection for basically any previously cybersquatted string.
ICANN: about 274 new gTLD objections filed
There have been roughly 274 formal objections against new gTLD applications, ICANN said last night.
During a webinar with applicants, new gTLD program manager Christine Willet broke down the numbers. There have been:
- 67 String Confusion Objections — these are of the “your TLD looks like my TLD” variety.
- 71 Legal Rights Objections — “Your TLD looks like my trademark”
- 23 Limited Public Interest Objections — “Your TLD infringes human rights”
- 113 Community Objections — “Your TLD screws over my community”
Willett stressed that the numbers are based on ICANN’s non-comprehensive insight and subject to a couple of caveats.
The number could be higher if ICANN was not copied in on some objections sent to arbitration panels, or lower if the panels throw some out for not passing baseline administrative checks.
Judging by the small number of objections to be revealed by the World Intellectual Property Organization — which is handling trademark disputes for ICANN — most LROs so far are applicant versus applicant.
The International Chamber of Commerce has not yet published any information about Community Objections or Limited Public Interest Objections.
The International Center for Dispute Resolution has only revealed one String Confusion Objection so far, which we reported on a couple weeks ago.
Chehade to play hard-ball over unilateral right to amend?
ICANN CEO Fadi Chehade has reportedly indicated that the unilateral right to amend powers ICANN wants to put in its registry and registrar contracts are non-negotiable.
Speaking at a meeting of the Association of National Advertisers last week, Chehade is reported to have said: “I’m not going to back off this one.”
He is understood to have been referring to the changes ICANN wants to impose on the base new gTLD Registry Agreement and the Registrar Accreditation Agreement.
Amy Bivins of Bloomberg BNA’s Electronic Commerce & Law Report caught the speech live and tweeted the following:
Chehade quotes on RAA: “I cannot live with a perpetual agreement,” and “I’m not going to back off this one.”
— Amy E. Bivins (@AmyEBivins) March 20, 2013
Bivins’ full report is available behind BNA’s paywall.
The unilateral right to amend is just about the most controversial thing ICANN has proposed in a while.
It would give ICANN’s board of directors the power to make changes to both agreements in situations where registrars or registries cannot agree among themselves to a “special amendment” but there’s agreement by other community members that the change is required.
Registries and registrars argue that a contract in which one party has the power to change the agreement without the consent of the other is not really a contract at all.
But ICANN says the powers are needed, partly to redress existing imbalances: the fact that the RAA and RA both last for 10 years and that the RA has a presumptive right of renewal.
Without the right to change the RA over the protests of the registries, it’s possible that in future proposed changes could be vetoed by registries whose interests are not aligned with the “public interest”, ICANN argues.
ICANN says that it’s impossible to know how consolidation, future new gTLD rounds and power shifts in the ICANN community will affect the balance of power, meaning it needs a way to resist a registry choke-hold should the situation arise.
I suspect the fact that it’s taken about three years to get close to adding the recommendations of law enforcement relating to registrar conduct to the RAA may also have something to do with it.
ICANN to adopt most of the new gTLD “strawman”
ICANN has given a boost to trademark owners by saying it will implement most of the controversial “strawman” solution to extend protections under the new gTLD program.
In a video just posted to ICANN’s web site, CEO Fadi Chehade said that Claims 2 and the Limited Preventative Registrations proposals have been thrown out for the moment as matters requiring policy work.
But many more aspects of the strawman have been classed as “implementation” and will go ahead.
This means:
- A mandatory 30-day notice period before sunrises begin.
- Trademark Claims extended from 60 to 90 days.
- Tradermark owners will be able to add up to 50 confusingly similar strings to each of their Trademark Clearinghouse records, provided the string had been part of a successful UDRP complaint.
Chehade said:
We are going to implement a 30 day notice period before each sunrise. We’re also going to extend the Trademark Claims period from 60 to 90 days. The Claims 2 period which was discussed frankly did not receive a lot of support from many of you so we’re going to let that go for now.
And then finally there was a lot of discussion about extending the Trademark Claims protection to abuse names and after much debate on whether this is a new program or an extension of what we’re doing we came to the conclusion it is an implementation extension and we will move forward with that.
In the video, Chehade also says that ICANN is on track to start publishing the first results of new gTLD initial evaluations this Friday, as expected.
But he warned that if applicants and registrars do not agree on the proposed Registry Agreement and Registrar Accreditation Agreement, ICANN might miss its April 23 deadline for approving the first gTLDs.
He said:
Let me be clear: if we do not come together towards an agreement on these things we might experience a delay in the program, which I have committed to you that we will be ready for on April 23rd. So from an ICANN staff standpoint and operations standpoint we remain ready to request new gTLDs for delegation on April 23rd. But without these agreements we might experience a delay.
He directly referenced the massive sticking point in these discussions: the fact that ICANN wants to introduce a unilateral right of amendment into both contracts.
Here’s the full video:
Recent Comments