Recent Posts
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
Privacy risk under new domain transfer policy
ICANN’s new domain Transfer Policy, which comes into effect tomorrow, creates risks for users of privacy/proxy services, registrars and others haved warned.
The policy could lead to private registrants having their contact information published in the public Whois for 60 days, the GNSO Council expects to formally tell ICANN this week.
“This could threaten privacy for at-risk registrants without clear benefit,” the Council says in a draft letter to the ICANN board.
The revised Transfer Policy was designed to help prevent domain hijacking.
The main change is that whenever there’s a “change of registrant”, the gaining and losing registrants both have to respond to confirmation emails before the change is processed.
However, “change of registrant” is defined in such a way that the confirmation emails would be triggered even if the registrant has not changed.
For example, if you change your last name in your Whois records due to marriage or divorce, or if you change email addresses, that counts as a change of registrant.
It now turns out that ICANN considers turning a privacy service on or off as a change of registrant, even though that only affects the public Whois data and not the underlying customer data held by the registrar.
The GNSO Council’s draft letter states:
ICANN has advised that any change to the public whois records is considered a change of registrant that is subject to the process defined through IRTP-C. Thus, turning a P/P service on or off is, from ICANN’s view, a change of registrant. It requires the CoR [change of registrant] process to be followed and more importantly could result in a registrant exposing his/her information in the public whois for 60 days. This could threaten privacy for at-risk registrants without clear benefit.
My understanding is that the exposure risk outlined here would only be to registrants who attempt to turn on privacy at their registrar then for whatever reason ignore, do not see or do not understand the subsequent confirmation emails.
Depending on implementation, it could lead to customers paying for a privacy service and not actually receiving privacy.
On the other side of the coin, it’s possible that an actual change in registrant might not trigger the CoR process if both gaining and losing registrants both use the same privacy service and therefore have identical Whois records.
The Council letter also warns about a possible increase in spam due to the changes:
many P/P services regularly generate new email addresses for domains in an effort to reduce spam. This procedure would no longer be possible, and registrants may be subject to unwanted messaging. Implementing the CoR for email changes that some providers do as often as every 3-5 days is not feasible.
ICANN has been aware of these issues for months. Its suggested solution is for registrars to make themselves the “Designated Agent” — a middleman permitted to authorize transfers — for all of their customers.
As we reported earlier this week, many large registrars are already doing this.
But registrars and the GNSO Council want ICANN to consider reinterpreting the new policy to exclude privacy/proxy services until a more formal GNSO policy can be created.
While the Policy Development Process that created the revised transfer rules wound up earlier this year, a separate PDP devoted to creating rules of privacy/proxy services is still active.
The Council suggests that this working group, known as PPSAI, could assume the responsibility of clearing up the mess.
In the meantime, registrars are rather keen that they will not get hit with breach notices by ICANN Compliance for failing to properly implement to what seems to be a complex policy.
Transferring domains gets more complex this week
A new anti-hijacking domain name transfer policy comes into effect this week at all ICANN-accredited registrars, potentially complicating the process of not only selling domains but also updating your own Whois records.
But many registrars have already rewritten their terms of service to make the new rules as hassle-free as possible (and essentially pointless).
From December 1, the old ICANN Inter-Registrar Transfer Policy starts governing inter-registrant transfers too, becoming simply the Transfer Policy.
Now, when you make updates to your Whois records that appear to suggest new ownership, you’ll have to respond to one or two confirmation emails, text messages or phone calls.
The policy change is the latest output of the interminable IRTP work within ICANN’s GNSO, and is designed to help prevent domain hijacking.
But because the changes are likely to be poorly understood by registrants at the outset, it’s possible some friction could be added to domain transfers.
Under the new Transfer Policy, you will have to respond to confirmation emails if you make any of the following:
- A change to the Registered Name Holder’s name or organization that does not appear to be merely a typographical correction;
- Any change to the Registered Name Holder’s name or organization that is accompanied by a change of address or phone number;
- Any change to the Registered Name Holder’s email address.
While registrars have some leeway to define “typographical correction” in their implementation, the notes to the policy seem to envisage single-character transposition and omission errors.
Registrants changing their last names due to marriage or divorce would apparently trigger the confirmation emails, as would transfers between parent and subsidiary companies.
The policy requires both the gaining and losing registrant to verify the “transfer”, so if the registrant hasn’t actually changed they’ll have to respond to two emails to confirm the desired changes.
Making any of the three changes listed above will also cause the unpopular 60-day transfer lock mechanism — which stops people changing registrars — to trigger, unless the registrant has previously opted out.
Registrars are obliged to advise customers that if the change of registrant is a prelude to an inter-registrar transfer, they’d be better off transferring to the new registrar first.
The new policy is not universally popular even among registrars, where complexity can lead to mistakes and therefore support costs.
Fortunately for them, the Transfer Policy introduces the concept of “Designated Agents” — basically middlemen that can approve registrant changes on your behalf.
Some registrars are taking advantage of this exception to basically make the confirmation aspects of the new policy moot.
Calling the confirmation emails an “unnecessary burden”, EuroDNS said last week that it has unilaterally made itself every customer’s Designated Agent by modifying its terms of service.
Many other registrars, including Tucows/OpenSRS, NameCheap and Name.com appear to be doing exactly the same thing.
In other words, many registrants will not see any changes as a result of the new Transfer Policy.
The truism that there’s no domain name policy that cannot be circumvented with a middleman appears to be holding.
GoDaddy in talks to buy massive registrar Host Europe – report
GoDaddy is reportedly talking to Host Europe Group, one of Europe’s largest registrars, about an acquisition.
Reuters today reported that the deal, should it go ahead, could be worth as much as $1.8 billion.
GoDaddy has been favored over rival bids from United Internet (owner of United-Domains) and buyout firm Centerbridge, Reuters said.
HEG is the parent company for several registrar brands. Notably, it owns 123-reg and DomainMonster, two of the UK’s largest registrars.
123-reg had over 900,000 gTLD domains on its books at the last count. HEG overall says it manages over seven million domains.
The company was acquired by private equity group Cinven for £438 million ($545 million) in 2013.
It has 1.7 million customers and 1,300 employees spread across eight countries. It primarily operates in the UK and Germany.
HEG had 2015 revenue of €269.8 million ($286.3 million) and made a loss of €55.6 million ($59 million).
For GoDaddy, the acquisition is a chance to shift its revenue mix away from domains and more towards the more profitable hosting market, according to Reuters.
Guess which registrars sell the most gTLDs
MarkMonitor has become the first accredited registrar to carry over 500 gTLDs.
Inspired by a recent Dynadot press release outlining its passing of the 500-TLD mark, I thought I’d put together a league table of gTLD registrars, ordered by which carries the most.
It will come as little surprise to most that brand protection registrars dominate the top end of the list.
MarkMonitor tops the league, with 504 gTLDs in its stable as of the end of June, up from 499 in May.
It’s closely followed by Ascio and CSC. Indeed, brand-focused registrars occupy many of the top 30 registrars, as you can see from this table.
[table id=45 /]
There’s no real correlation between the number of gTLDs carried and the total domains under management for the registrar.
GoDaddy, with 53 million names, is way down in 28th position, for example.
The list was compiled from the latest gTLD registry reports, which show how many domains were registered to each accredited registrar at the end of June.
The data does not not include ccTLDs, nor does it account for situations where registrars may retail a TLD via a gateway or as a reseller of another registrar.
Registrar accused of pimping prescription penis pills
ICANN has implicated a Chinese domain name registrar in the online selling of medications, including Viagra and Cialis, without the required prescription.
The organization’s Compliance department filed a contract breach notice with Nanjing Imperiosus, which does business as DomainersChoice.com, today.
The move follows an allegation from pharmacy watchdog LegitScript in the US Congress that DomainersChoice is “rogue internet pharmacy operator”.
Because ICANN has no authority to police online pharmacies, it’s gone after the registrar based on an obscure part of the Registrar Accreditation Agreement.
Section 3.7.7 of the 2013 RAA says that domains must be registered to a third party, unless they’re used by the registrar in the course of providing its registrar services.
According to ICANN, DomainersChoice has refused to provide evidence that many of its domains are not in fact registered to itself and CEO Stefan Hansmann, in violation of this clause.
It cites 5mg-cialis20mg.com, acheterdutadalafil.com, viagra-100mgbestprice.net and 100mgviagralowestprice.net as examples of domains apparently registered to Hansmann and his company.
Historical Whois records show Hansmann and Nanjing Imperiosus as the registrant of these names until recently.
The domains all refer to erectile dysfunction medicines, which are usually only available in the US with a prescription.
A reverse Whois lookup reveals Hansmann’s name in the records for many more pharmaceuticals-related domains, some of which are for more serious medical conditions.
Several of the domains contain the words “without prescription” or similar, where the drug in question requires a prescription in the US.
Some of the domains do not currently resolve or no longer provide current Whois records and others have been recently transferred, but some resolve to apparently active e-commerce sites.
ICANN’s breach notice (pdf) doesn’t allege any illegal activity.
The same cannot be said for LegitScript CEO John Horton, who lumped DomainersChoice in with a few other registrars he believes are operating “illegal online pharmacies”.
Horton testified (pdf) before Congress last month that the registrar was playing host to 2,300 such sites.
The testimony was filed September 14, the same day ICANN began its compliance investigation.
ICANN’s notice, which alleges a handful of other relatively trivial breaches, asks that Hansmann provide a full list of domains registered in his and his company’s name via DomainersChoice.
It also demands evidence that the domains were either used to provide registrar services or were registered to a third party.
It wants all that by November 2, after which it may start to terminate the company’s RAA.
NameCheap stops selling .xyz domains
NameCheap may have sold over a million .xyz domains, but apparently it will sell no more than that.
The registrar confirmed to DI this evening that it is no longer taking .xyz registrations. It declined to explain why.
It has also stopped selling .college and .rent domains — two other gTLDs owned by XYZ.com. Other new gTLDs are not affected.
It’s reportedly not accepting inbound transfers either, though existing domains can be renewed.
The switch-off happened at the end of last month, a NameCheap representative said.
That’s just one month after the registrar celebrated its one millionth .xyz registration, which XYZ.com commemorated with a blog post bigging up NameCheap’s user-customers.
The move is peculiar indeed. NameCheap is the third highest-volume .xyz registrar, behind West.cn and Uniregistry, responsible for about 15% of .xyz’s domains under management.
It’s also NameCheap’s biggest direct-selling gTLD by a considerable margin.
NameCheap is well-known as primarily an eNom reseller — it accounts for 28% of eNom’s domains under management and 18% of its revenue, largely from .com sales.
But with new gTLDs it has started selling domains on its own IANA ticker, meaning a direct connection to the registry and more gross profit for itself.
According to June’s registry reports, the million .xyz names accounted for roughly two thirds of NameCheap’s total DUM (not counting names sold via eNom).
The closet rival in its portfolio is .online, which provided the registrar with about 81,000 DUM.
The registrar added about 350,000 .xyz domains in June, a month in which it briefly offered them at $0.02 each.
At that time, the company reported technical issues that led to a 12-24 hour backlog of registrations to process, though its blog post announcing the problem appears to have since been deleted.
NameCheap has declined to comment on the reason for the surprise move, and XYZ did not immediately respond to a request for comment.
The fact that all of XYZ.com’s TLDs have been cut off suggests some kind of dispute between the two companies, but the fact that renewals can still be processed would suggest that NameCheap has not lost its .xyz accreditation.
More info if I get it…
GoDaddy spearheads Domain Connect spec
GoDaddy has published a new specification designed to make it easier for domain owners to quickly set up web sites using third-party site-building tools.
Its new Domain Connect Initiative is tailored for customers who do not know how to configure a DNS record and do not care to learn,according to Charles Beadnall, senior VP of domains.
While signing up for a participating site-building service, Shopify for example, customers currently have to either figure out how to manually reconfigure their DNS or get GoDaddy’s customer support to talk them through it.
GoDaddy currently receives tens of thousands of customer support calls every year related to these scenarios, Beadnall said.
But using Domain Connect, instead they will be able to simply enter their domain name with Shopify and, after authenticating with their registrar (via OAUTH), their domain’s DNS will be automatically configured to point to their new site.
This saves the customer’s time and GoDaddy’s money.
Under the hood, it works using a series of templates, authored by the service providers, which instruct the registrar or DNS provider in how to set up the domain to use the service, Beadnall said.
Due to the high risk of malicious exploitation, it’s not completely frictionless. Service provider templates must be manually pre-approved and white-listed by registrars, Beadnall said.
As the system does not involve domain registration or transfer it’s not really within ICANN’s policy wheelhouse, so the spec has instead been published via the IETF.
It has already been embraced by leading rival registrars eNom, Name.com and United Domains, as well as toolmakers including Microsoft, Shopify and Wix.
The announcement of Domain Connect was made a couple of weeks ago while I was off sick.
More information and documentation can be found on the Domain Connect web site.
Customers revolt as GoDaddy buys WordPress tools outfit
GoDaddy has acquired ManageWP, a provider of software for managing large numbers of WordPress sites, leading to hundreds of complaints from customers.
The two companies announced yesterday that the deal will see GoDaddy integrate ManageWP into its existing suite of WordPress services.
ManageWP said pricing will be unaffected by the move, and that its service will continue to be available to customers using other hosting providers.
Despite these assurances, a few hundred ManageWP customers have over the last 24 hours expressed their dismay in comments on the company’s site.
“This is like my very best friend announcing they’re marrying the arsehole in the office,” wrote one commenter.
ManageWP customers are generally web developers who manage WordPress sites for multiple clients.
The service gives them the ability, for free, to manage these sites from a single console, rather than having to log in to each one individually.
For an extra couple of bucks per site per month, features such as daily backups and white-label client reports are available.
ManageWP said its product development roadmap will remain unchanged, and that GoDaddy may offer some currently premium features to its hosting customers for free.
About 8% of ManageWP sites run on GoDaddy, the company said in a blog post.
Despite the positive spin, a great many customers appear to be deeply unhappy that the six-year-old company is joining the Arizona behemoth.
At time of writing, there are already over 300 comments on the ManageWP post announcing the deal, almost all negative.
The bulk of the comments center on GoDaddy’s allegedly poor customer support and its reputation for constantly trying to up-sell products and services.
Here’s a small sample of comments:
I cancelled my account immediately upon reading this news.
I have never dealt with a worse company in my professional life than GoDaddy, and will never do so again. One of my requirements for taking on a new client is moving them off GoDaddy completely.
…
My main concern from a business perspective is that you are giving away premium features free to GoDaddy hosting customers. That is a direct conflict with the people that offer ManageWP as a service to their clients. The services we provide now seem like they are worth less to our clients who host at GoDaddy.
…
Bummed about this. The minute I see an up-sell notification slammed in my face trying to get me to join the GoDaddy hosting plan, I’m outta here.
Some of the comments appear to be rooted in experiences during the Bob Parsons era at GoDaddy, which came to an end over five years ago.
Commenters cited “sexist” advertising (largely a thing of the past under current CEO Blake Irving), support for the controversial SOPA legislation (spearheaded by a long-gone general counsel) and that time Parsons shot an elephant.
Many commenters said they will stick around post-acquisition, such is the goodwill ManageWP has earned.
Several ManageWP employees engaged directly with their customers comments. In one response, head of growth Nemanja Aleksic wrote:
the feedback here is something that GoDaddy will definitely need to consider. I’ve been asked by several people why I don’t lock the comments or moderate heavily. This is why. Every single bad and good comment is a ManageWP user whose livelihood could be affected by the acquisition. And every single one of the deserves to be heard.
Personally, as somebody who manages multiple WordPress sites on GoDaddy, but has never used ManageWP, I’m rather looking forward to seeing what the company comes up with.
West.cn targets Engrish domainers with new .xyz site
West.cn, the Chinese registrar that has quickly become the highest-volume seller of new gTLD domains, has turned its attention to the English-speaking market.
The company has launched a new site at West.xyz, offering domains at some of the cheapest prices available, in English.
A .com can be obtained for the equivalent of $8.25 a year, while a .xyz costs about $1.20, according to the site. In .top, names are on sale for about $0.60.
West.xyz is still pricing its names in CNY, which may be off-putting to buyers in English-speaking markets.
The quality of the translation is currently quite poor also, verging on what razy lacists know as “Engrish”.
“Wish you a good luck in deals!” the front page offers.
“We hope to let all customers invest breezily and contribute to the domain industry with unremitting efforts,” the About page reads.
“In future, west.xyz will devote itself to the healthy and sustainable domain industry development and serve all customers wholeheartedly.”
The choice of .xyz as the domain for the new site is perhaps not surprising.
West.cn is XYZ.com’s biggest-volume channel partner, and recently put $1.5 million into subsidizing .xyz renewal fees.
Registrar CEO faces terrorism charges
The CEO of Turkey’s largest registrar is facing terrorism charges in the wake of last month’s coup attempt in the country, according to reports.
Abdullah Büyük of Istanbul-based FBS was deported from Bulgaria last Wednesday, according to local reports, having overstayed his visa.
Büyük went to Bulgaria last year and Turkey had unsuccessfully tried to get him extradited earlier this year.
Turkey’s Erdogan government, which has arrested thousands of people since the July 15 attempted coup, claims Büyük is a supporter of US-based exiled cleric Fethullah Gülen.
Turkey claims that Gulen is behind a terrorist group called FETÖ, which it believes carried out the attack.
Buyuk is reportedly an open supporter of Gulen, but it’s not entirely clear from English-language reports out there what he’s accused of doing.
I suspect it’s probably unrelated to domain names.
The decision to hand over Buyuk to Turkish authorities has proved controversial in Bulgaria, where some suspect it was a political gesture related to Europe’s migrant crisis.
FBS is believed to be Turkey’s largest registrar, with just shy of 600,000 domain names under management.
Recent Comments