Recent Posts
- Americans and ICANNers avoid Kigali in droves
- RDRS stats improve a little in June
- Unstoppable Domains goes down after domain hijack
- Four more gTLDs in emergency measures
- New gTLDs and ccTLDs drive domain universe growth
- Eight interesting recent dot-brand registrations
- .me premium sales down
- Pride fails to reverse gay domains decline
- Unstoppable announces another new gTLD bid
- Blockchain naming firm gets ICANN accreditation
- ICANN takes over gTLD after Whois failures
- Verisign: would-be .com contract killers are “wrong”
- Five gTLDs at risk as registry goes AWOL
- Groups make flawed case that .com is a cartel
- RDRS usage hits all-time low
- A dot-brand so unloved they killed it twice
- PorkBun hits two million domain milestone
- Crawford returns to industry to head up Com Laude
- ICANN financial data dump a damp squib?
- Unstoppable plotting manga-themed gTLDs
- Governments call for new gTLD auctions ban
- ICANN names new CEO, and it isn’t Costerton
- ICANN: We will NOT police content
- More sticker shock as new gTLD fees could top $300,000
- ICANN slashes staff and domain prices could rise
- Secret new gTLD application revealed
- WhatsApp now linkifying new gTLDs, but…
- Outrage over ICANN’s new gTLD fees
- Barrett gets second term on ICANN board
- DotMusic delays gTLD launch again
- .tm prices to skyrocket next week
- Bitcoin gTLD gets launch dates
- First metaverse gTLD is announced
- Alibaba off the naughty step
- ICANN to kill auction fund bylaws change
- The people have spoken on RDRS and they said “Meh”
- ICANN restarts work on controversial Whois privacy rules
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
Registrars not happy with VeriSign abuse plans
VeriSign has been talking quietly to domain name registrars about its newly revealed anti-abuse policies for several months, but some are still not happy about its plans for .com malware scans.
The company yesterday revealed a two-pronged attack on domain name abuse, designed to counteract a perception that .com is not as secure a space as it should be.
One prong, dealing with law enforcement requests to seize domains, I covered yesterday. It’s already received criticism from the Electronic Frontier Foundation and American Civil Liberties Union.
The other is an attempt to introduce automatic malware scanning into the .com, .net and .name spaces, rather like ICM Registry has said it will do with all .xxx domains.
Unlike the daily ICM/McAfee service, VeriSign’s free scans will be quarterly, but the company intends to also offer a paid-for upgrade that would search domains for malware more frequently.
On the face of it, it doesn’t seem like a bad idea.
But some registrars are worried about the fading line between registrars, which today “own” the customer relationship, and the registries, which for the most part are hidden away in the cloud.
Go Daddy director of network abuse Ben Butler, asked about both of yesterday’s VeriSign proposals, said in a statement that they have “some merit”, but sounded several notes of caution:
This is going to make all registrars responsible for remediation efforts and negative customer-service clean up. The registrar at this point becomes the “middle man,” dealing with customers whose livelihood is being negatively impacted. As mentioned in their report, the majority of sites infected with malware were not created by the “bad guys.”
While there is an appeal process mentioned, it could take some time to get issues resolved, potentially leaving a customer’s website down for an extended period.
This could also create a dangerous situation, allowing registries to gain further control over registrars’ operations – as registrars have the relationship with the registrant, the registrar should be responsible for enforcing policies and facilitating remediation.
It has also emerged that VeriSign unilaterally introduced the malware scanning service as a mandatory feature of .cc and .tv domains – which are not regulated by ICANN – earlier this year.
The changes appear to have been introduced without fanfare, but are clearly reflected in today’s .tv registration policies, which are likely to form the basis of the .com policies.
Some registrars weren’t happy about that either.
Six European registrars wrote to VeriSign last month to complain that they were “extremely displeased” with the way the scanning service was introduced. They told VeriSign:
These changes mark the beginning of a substantive shift in the roles of registries regarding the monitoring and controlling of content and may lead to an increase of responsibility and liability of registries and registrars for content hosted elsewhere. As domain name registrars, we hold the position that the responsibilities for hosted content and the registration of a domain name are substantially different, and this view has been upheld in European court decisions numerous times. In this case, Verisign is assuming an up-front responsibility that surpasses even the responsibilities of a web hoster, and therefore opens the door to added responsibilities and legal liability for any form of abuse.
…
In the end, the registrar community will have to face the registrant backlash and criticism, waste countless hours of support time to explain this policy to the registrants and again every time they notice downtimes or loss of performance. These changes are entirely for the benefit of Verisign, but the costs are delegated to the registrants, the registrars and the hosting service providers.
The registrars were concerned that scanning could cause hosting performance hits, but VeriSign says the quarterly scan uses a virtual browser and is roughly equivalent to a single user visit.
They were also worried that the scans, which would presumably ignore robots.txt prohibitions on spidering, would be “intrusive” enough to potentially violate European Union data privacy laws.
VeriSign now plans to give all registrars an opt-out, which could enable them to avoid this problem.
It looks like VeriSign’s plans to amend the Registry-Registrar Agreement are heading for ICANN-overseen talks, so registrars may just be digging into a negotiating position, of course.
But it’s clear that there is some unease in the industry about the blurring of the lines between registries and registrars, which is only likely to increase as new gTLDs are introduced.
In the era of new gTLDs, and the liberalization of ICANN’s vertical integration prohibitions, we’re likely to see more registries having hands-on relationships with customers.
Domain Registry of America still slamming, still scamming
Domain name slamming is alive and well in the ICANN-accredited registrar community.
I’ve just received a letter in the mail offering me the chance to transfer and renew domainincite.com for the knock-down price of £25 ($38) a year.
It’s Domain Registry of America again, still slamming almost a decade after it was first sued for the completely unethical practice of conning people into transferring their domain names.
The letter looks like a renewal notice. Besides ostensibly coming from “Domain Renewal Group”, it also contains the prominent text “Domain Name Renewal Service”.
Domain Renewal Group and Domain Registry of America are one and the same – fronts for the ICANN-accredited registrar Brandon Gray Internet Services Inc, dba NameJuice.com.
The letter, as you can see from the scan, is a little less bogus than the ones DROA started sending out back in 2001. The text states now much more clearly that “this is not a bill”.
But domain slamming has always relied upon people not reading the letter properly and/or not understanding the intricacies of domain transfers, and this is no different.
DROA’s business depends upon its letters finding their way into the hands of gullible individual registrants or accounting departments that will blindly pay official-looking notices.
At the prices the company charges – pretty much the most expensive in the industry – very few people will have transferred their domains because they thought they were getting a good deal.
There have been numerous complaints and lawsuits against DROA over the last decade.
In November 2009, the UK Advertising Standards Agency found DROA in breach of truthfulness and honesty guidelines for a substantially similar mailshot and ruled:
The mailing must not appear again in its current form.
And last year, the .ca registry CIRA terminated Domain Registry of Canada, another Brandon Gray front, for slamming .ca registrants using the same methods.
So isn’t it about time ICANN shut these muppets down too?
Unfortunately, ICANN can only use contracts to enforce compliance, and I’m not sure there are any sticks in the 2001 Registrar Accreditation Agreement that it can use to beat them.
DROA has plainly breached Go Daddy’s Whois access policy by slamming me (the letter was sent to my Whois billing address, not my actual residence), but I don’t think there’s much Go Daddy can do about that short of suing.
As far as I can tell, Brandon Gray, which has about 130,000 domains under management, got its ICANN accreditation in about 2003. It was previously an eNom reseller.
So its accreditation is probably going to be up for renewal within the next couple of years.
Fortunately, ICANN has just this week introduced stricter new accreditation application rules that are specifically designed to weed out the scumbags.
Any company or individual with a track record of dishonesty is no longer welcome at ICANN.
So if there’s nothing that can be done before then, at the very least when Brandon Gray’s accreditation expires ICANN should not renew it.
What’s more, other registrars should lean on ICANN to make sure Brandon Gray is shown the door. It’s been bringing their industry into disrepute for the best part of a decade and it’s time for it to stop.
WordPress.com’s registrar service: Slow cookin’ makes good eatin’
WordPress.com provider Automattic has not abandoned its plans to start offering domain names directly to its users, according to its lead developer.
It’s been about 11 months since the company received its ICANN accreditation, but it is currently still acting as a Go Daddy reseller.
“Our registry product is still under development,” Automattic founder and chief barbecue taste tester (really) Matt Mullenweg said in an email. “Slow cookin’ makes good eatin’.”
WordPress.com announced last week that it would start offering .me domains, alongside .com, .org, and .net, saying it would give users a better chance to get a domain they liked.
The .me registry, Domen, is a joint venture whose partners include Go Daddy and Afilias.
“GoDaddy is a valued partner and we continue to use many of their services as part of our business,” Mullenweg added.
Domain names are WordPress.com’s best-selling add-on product. According to DomainTools, over 226,000 domains are hosted on the same servers as WordPress.com.
NBT agrees to $236m buy-out
Following in the footsteps of larger rival Go Daddy, the UK-based registrar Group NBT has agreed to be bought out by private investors for £153 million ($236m).
NBT owns registrars including NetNames, Ascio and Indom.
The all-cash offer comes from investors led by HgCapital and represents a 22.5% premium on the company’s closing share price yesterday.
At 550p a share, the offer stands to make a profit for anybody who has bought NBT shares in the last ten years, according to the company.
The news came as NBT reported an annual profit, excluding certain items, up organically 9% at £8.9 million ($13.8m) on revenue that was up 4% at £45.7 million ($70.6m).
Including the results from French registrar Indom, which the company acquired last December, profit was up 18% at £9.6 million ($14.8m) on revenue up 13% to £49.5 million ($76.5m)
The NBT deal is merely the latest in a series of buyouts and mergers to hit the registrar market this year.
As well as Go Daddy’s $2 billion+ change of control, Network Solutions recently sold out to Web.com for $561 million in cash and stock, and Tucows acquired EPAG Domainservices for $2.5 million.
At least one city analyst thinks the buyout timing relates to ICANN’s forthcoming new generic top-level domains program, and is bullish on Top Level Domain Holdings shares as a result.
Will the wave of consolidation continue? Who’s next?
Bob Parsons worth $1.5bn, ranked 293 on Forbes 400
Go Daddy executive chairman Bob Parsons is the 293rd wealthiest person in America, with a self-made fortune of $1.5 billion, according to the latest Forbes 400 rich list.
In its annual league table, published yesterday, Forbes ranks Parsons tied with tech investors such as LinkedIn co-founder Reid Hoffman and Groupon co-founder Evan Lefkofsky.
Parsons, Go Daddy’s founder and erstwhile CEO, is a debutant on the list following his sale of a majority stake in the company to a group of institutional investors.
KKR, Silver Lake and Technology Crossover Ventures collectively bought out more than half of Go Daddy in a deal announced in July, reportedly worth north of $2 billion.
Melbourne IT makes three senior hires
Aussie domain registrar Melbourne IT has recruited three senior executives from elsewhere in the industry to bulk up its Digital Brand Services business.
SSL evangelist Tim Callan, formerly with VeriSign, has been appointed chief marketing officer. He moved to Symantec after the VeriSign security business changed hands, but left in May.
Lena Carlsson, Melbourne’s new VP of domain strategy, is a former Swedish civil servant and former vice-chair of ICANN’s Governmental Advisory Committee.
Rob Holmes has also been recruited from brand management rival Corporation Services Company as the new global director of brand protection services.
The hires all appear to have been made over the last few months and were announced in a press release today.
Go Daddy’s 60-day domain lockdown loophole
Perhaps the most common complaint of the many leveled at Go Daddy over the years is that it refuses to allow customers to transfer domains to another registrar for 60 days after an ownership change.
The latest person to fire this criticism at the company is tech blogger Scott Raymond, who published a lengthy tirade against Go Daddy and its policy on ZDNet today.
Raymond points out that Go Daddy seems to be in violation of ICANN’s Inter-Registrar Transfer Policy, which explicitly prohibits the rejection of a transfer request due to a recent Whois change.
He’s not alone. Even Andrew Allemann of Domain Name Wire, hardly Go Daddy’s fiercest critic, said as recently as May that he thinks the company is in violation of the IRTP.
With good reason – this April 2008 ICANN advisory seemed to be specifically written with a ban on Go Daddy’s 60-day policy in mind.
But is the company non-compliant? ICANN doesn’t seem to think so.
I’ve tracked down this November 2009 email from David Giza, then ICANN’s head of compliance, in which he describes what seems to amount to a loophole Go Daddy and other registrars exploit.
Giza explains that the 2008 advisory “only addresses mandatory updates to Whois contact information, not a transfer or assignment to a new registrant”.
Registrants are obliged to keep their Whois data up-to-date; that’s what he means by “mandatory”.
Giza’s email adds:
the transfer policy does not prohibit registrars from requiring registrants to agree to the blocking of transfer requests as a condition for registrar facilitation of optional services such as the transfer of a registration to a new registrant.
We understand GoDaddy.com’s 60-day lock is a voluntary opt-in process where registrants are made aware of and agree to the restriction that the domain name is not to be transferred for 60-days following the completion of transfer. As such, this practice is not prohibited by the transfer policy.
In other words, there are “Whois Changes” and there are “Registrant Changes”, and registrars are only allowed to trigger a lock-down in the latter case, according to Giza.
And according to DNW’s reporting on the subject, that’s exactly what Go Daddy continues to do — locking the domain if certain fields in the registrant record are changed.
So the 60-day lock appears to be kosher, at least in the opinion of ICANN’s erstwhile compliance chief. Whether that could change under the department’s new management is unknown.
As it happens, the subject was raised by a recent working group that was looking into revising the IRTP, but it was so contentious that consensus could not be found.
The problem has been bounced down the road. The most recent mention came in this ICANN issue report (pdf, page 14-15).
Anyway, if I lost you several paragraphs ago, the net result of all this seems to be that Go Daddy probably isn’t breaking the rules, but that nobody can agree whether that’s a good thing or not.
The fact that one has to do this much digging into ICANN esoterica just to figure out whether Go Daddy is screwing its customers over isn’t very reassuring, is it?
Another registrar on the ICANN naughty step
ICANN has threatened to terminate the accreditation of Samjung Data Service, a South Korean domain name registrar.
The threat, the 13th ICANN’s compliance department has issued to a registrar this year, is notable because it’s a rare example where money does not appear to be an issue.
Samjung’s failing, according to ICANN’s termination letter, is its inability to escrow registrant data with Iron Mountain on the agreed schedule and in the required format.
The tiny registrar has also failed to make the technical contacts in its customers’ Whois records available online, and has been apparently ignoring ICANN’s calls and emails.
What ICANN does not do is accuse Samjung of not paying its accreditation fees, which in the past has been a notable feature of compliance actions.
Delinquent payments tend to alert ICANN that there may be other problems at a registrar, but this has led to criticisms that the organization is only concerned about its revenue.
Could the Samjung case be another example of the newly staffed-up ICANN compliance department taking the more proactive stance that was promised?
MelbourneIT talks to 270 .brand applicants
The Australian domain registrar MelbourneIT said it has talked to 270 companies and signed contracts with 17 that want to apply for “.brand” top-level domains.
The news came in the company’s “disappointing” first-half financial results announcement yesterday.
According to its official report (pdf), MelbourneIT has received 230 expressions of interest and has inked deals with 14, but managing director Theo Hnarkis reportedly told analysts the higher numbers.
The company is charging clients between AUD 45,000 ($47,000) and AUD 75,000 ($79,000) to handle the ICANN application process.
MelbourneIT’s preferred partner for back-end registry services is VeriSign, so the clients it signs are likely to become recurring revenue streams for VeriSign if their applications are successful.
Go Daddy confirms .xxx pricing, will host porn sites
Go Daddy has revealed its pricing scheme for .xxx domain names and confirmed that it will indeed host the porn sites that use them.
When .xxx goes into general availability in December, Go Daddy will charge $100 per name per year.
That’s surprisingly high – a $40 markup on the $60 ICM Registry fee – for a registrar generally known for its reasonable prices.
I know of at least two registrars planning to sell .xxx more cheaply – the UK’s DomainMonster ($75 if bought in bulk) and Spain’s DinaHosting ($67). There may be others I haven’t come across yet.
Sunrise period pricing at Go Daddy is $210 for applications from the adult entertainment industry and $200 for trademark holders from outside the industry. Landrush prices will be $200 too.
Those fees represent some of the better deals I’ve seen for .xxx’s pre-launch phases.
The prices have not yet been published on the Go Daddy web site, but a company spokesperson confirmed that some of its larger customers have been privately notified.
That apparently includes Mike Berkens, who broke the news last week.
Go Daddy also confirmed that it will host .xxx porn sites, though only on its paid-for hosting accounts.
I’ve always been a little confused by Go Daddy’s hosting terms of service. By my reading, porn was outright banned. Apparently I was dead wrong.
The company’s general counsel, Christine Jones, said in a statement:
Go Daddy’s Web hosting agreement does not currently prohibit pornography, except in the case of ad-supported hosting. Those terms will continue for all TLDs, including .xxx, unless otherwise prohibited by our agreements with the various registry operators.
I know I’m not the only person out there who was confused by the ToS, but I can’t think of a better person to clarify the situation than the company’s top lawyer.
Recent Comments