Recent Posts
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
Amsterdam accepts pre-registrations for city gTLD
The City of Amsterdam has confirmed that it has joined the ranks of major international cities applying to ICANN for a new generic top-level domain.
It has commissioned local publishing company HUB Uitgevers to manage .amsterdam, along with its technical partner SIDN, the .nl ccTLD registry.
Unusually, the project has also already started accepting pre-registrations at its official site.
The ICANN application fees are being covered by the local government, but a City of Amsterdam spokesperson said it expects to make the money back from annual royalty payments from HUB.
The famously liberal tourist destination has about 1.2 million inhabitants, according to Wikipedia.
ICANN expects up to 2,305 new gTLD applications
After months of speculation, ICANN has finally revealed how many new generic top-level domain applications it expects to receive.
The lowest amount appears to be 2,091.
That’s the number of applications in the TLD Application System when it was taken offline due to the data leakage bug on April 12, ICANN said.
Another 214 applications had been registered but not yet paid for.
That’s a potential total of 2,305 applications.
ICANN has $350 million in application fees in the bank as a result.
How many of the unpaid bids convert to full applications will be key in deciding how many evaluation batches the first gTLD round will have.
Closer to 2,091, and it’s likely to be four batches. Closer to 2,305, and we may see a fifth batch.
With Initial Evaluation expected to take five months per batch, with a possible 11 months after that for the final Extended Evaluations and string contention resolution, it could be June 2015 before the first new gTLD round is completely processed.
It remains to be seen how many unique strings have been applied for, and how many applications will be successful, but with ICANN only planning to delegate 200 to 300 new gTLDs per year, the first round is likely going to last a loooong time.
Is .xxx really that crappy?
It’s not a huge secret that the new .xxx gTLD isn’t doing as well, five months after launch, as ICM Registry would have hoped, but how does it shape up against other top-level domains?
Domain Name News earlier this week published an analysis of the top one million most-trafficked web sites, according to Alexa rankings, and found that .xxx had just 61 entries.
Per DNN reporter Mike Cohen:
We would not have thought that only 61 domains in total would be ranking inside the top 1,000,000 most visited sites in the world. That number was suppose to be exponentially higher by all accounts even a few month’s in, which we now are well into 2012, however reality says otherwise.
I’m not sure what “all accounts” DNN is referring to — possibly ICM’s marketing hype — but I thought the analysis was interesting so I thought I’d try to replicate it.
This morning I parsed today’s Alexa top million sites list and came up with the following (sortable) table.
[table id=7 /]
These are quick and dirty numbers, based on Alexa data, and my code might be wonky, so please don’t place too much faith in them.
I only looked at the “new” gTLDs introduced since 2001, as well as two mass-market ccTLDs (.co and .me) introduced over the same period.
The .co numbers do not include third-level domains under .com.co and the ccTLD’s other legacy extensions.
The “Months Active” column is the number of months since the TLD was delegated into the DNS root, measured by the date of the first registry report it filed with ICANN or the IANA (re)delegation date, not the date of general availability.
The fourth column is the number of domains divided by the number of months. It’s a fairly arbitrary measure, presented merely to give you an idea of the “success” of the TLD over time.
You could possibly, loosely, think of it as “how many domains a TLD can expect to get into the Alexa 1 Million per month”.
By that measure, .xxx isn’t doing too badly.
It’s even beating .jobs and .tel in absolute terms.
TAS bug hit over 100 new gTLD applicants
It just keeps getting worse.
ICANN’s TLD Application System security bug could have revealed file names belonging to 105 new gTLD applicants to 50 other applicants on 451 occasions, according to the organization.
With 1,268 applicants in the system, those numbers certainly fit with the “a minority of applicants” description previously given, but it still shows that the bug was widespread.
The supplied numbers are “approximate”, but ICANN said it is “continuing to review system logs and packet-level traffic to confirm how many viewings actually did occur.”
The latest news means, for example, that 50 new gTLD applicants may have had the ability to see information belonging to other applicants on average nine times each.
While the new data may not strongly suggest that the bug was deliberately exploited by any applicant(s), it’s not inconsistent with that scenario.
It could mean that one applicant saw the details of 56 others (suggesting exploitation), but it could also mean that 50 applicants saw about two third-party file names each (suggesting accidental viewing).
Without further information, it’s impossible to know.
ICANN has not revealed, and is unlikely to reveal in the short term, whether any applicant was able to view the metadata of another applicant for the same gTLD.
The organization has however started to notify affected applicants whether they were affected as victim or beneficiary, according to the latest update from chief operating officer Akram Atallah.
Atallah also revealed that TAS had 95,000 file attachments in the system when it was taken down April 12.
At an average of 75 files per TAS account, this would support the idea that, on average, each TAS account was being used to file more than one application.
ICANN still plans to wrap up the notification process before next Tuesday, May 8, but there’s no word yet on when TAS will reopen for the final five days of the application window.
Beckstrom breaks TAS bug silence, says Big Reveal could be as late as Prague
ICANN may not reveal its list of new generic top-level domain applications until as late as the last week of June, according to CEO Rod Beckstrom.
In his first interview since ICANN took its TLD Application System offline due to a security bug, Beckstrom told DI that he “hopes” to host the Big Reveal before he steps down as ICANN’s CEO.
He said he expects to have the new gTLD program back on track before he hands the reins to the organization over to his successor at the end of the ICANN 44 meeting in Prague, June 29:
I’d like to see us obviously get the technical issues resolved, notify applicants, reopen the window and publish the strings before I pass the baton in Prague. That’s not a commitment at this point in time, it’s an indication as CEO that it’s absolutely my intention to push for a timely resolution of this issue… If we can get things done sooner, then the sooner the better.
That’s two months away, a full month later than anyone was expecting.
The Big Reveal was originally scheduled for today. However, the TAS delays made this impossible. Following an ICANN update on Friday, a late-May date for the Big Reveal was looking more probable.
But Beckstrom would not commit even to the Prague date. He said:
That’s my hope as a CEO, to get these issues resolved by that time-frame and have the string reveal in that time-frame. I haven’t committed the organization, I’m indicating to you volitionally my desire as CEO and the person who’s running the organization.
He framed the issue as a blip on a nine-year process (six years of policy development, one year of outreach and application filing, and up to two years of evaluation). He said:
In the context of nine-year program, a delay of between here and Prague of a few months is undesirable, it’s not what we want to have happen, but the quality of this program is more important to everyone involved than the specific date and time. We’re all focused on quality here and not just doing things in a hurry. This program is too important.
He said he is “sympathetic” to applicants that are burning through start-up funding waiting for ICANN to sort this out, but he noted that the same concerns have been raised over the years whenever the program has previously missed a launch deadline.
We know that some parties have been very patient and we know it’s got to be frustrating right now to see any delay in the program. At the same time, I’m sure that those parties are very concerned that this be done well and that the program be reopened and administered successfully.
Beckstrom reaffirmed ICANN’s promise to notify all applicants whether or not they were affected by the TAS bug – which revealed user names and file names to other TAS users – by May 8.
But TAS will not, it seems, reopen immediately after the notifications have been sent. As well as the log audit, ICANN is also working on performance upgrades.
While Beckstrom confirmed that the plan is to open TAS for five business days, to give applicants a chance to finish uploading their applications and confirm that their data has not been corrupted, he would not say when this window is due to open.
We’re going to share more precise dates when we have them. What I can tell you precisely right now is that the key thing we’re working on is combing through this large data set we have so that the parties that were affected are notified within the seven days. When we have clarity on the next milestone in the process we’ll communicate that openly.
…
We’re still doing system testing, we’re still looking at some of the performance issues. We have a whole set of things to do and feel comfortable that we’re ready and have full internal sign off. We’ll notify you and other parties when we have that clarity. Right now we have the clarity that we’re going to get the notification done in seven days – that’s the key dating item at this time.
…
We have very strong reason to believe we understand the bug and we’ve fixed the bug, but every day that we continue to test we gain a higher level of confidence in the system that this specific issue will not reappear.
While the first report of the bug was received March 19, it was not until April 12 that ICANN managed to “connect the dots” and figure out that the problem was serious and recurring, Beckstrom said.
ICANN saw the bug show up again repeatedly on April 12, as many TAS users logged in to finish off their applications, which was why it chose to take the system down with just 12 hours to go before the filing deadline.
ICANN is currently analyzing a 500GB log containing a record of every data packet that went into and out of the TAS between January 12 and April 12, to reconstruct every user session and determine who could see what and when, Beckstrom said.
He refused to comment on whether this analysis has revealed any attempts by TAS users to deliberately exploit the bug for competitive intelligence on other applicants.
He also declined to comment on whether ICANN has discovered instances of data leakage between two applicants for the same gTLD string.
The full packet capture system was introduced following a third-party security audit of the system conducted late last year, he said.
That audit, of course, did not reveal the data leakage vulnerability that continues to delayed the program.
When I put it to him that this is precisely the kind of problem ICANN wanted to avoid, due to the confidentiality of the applications, Beckstrom played down the seriousness of the bug.
Let’s be clear here: some user names and file names were visible, not the contents of applications and not the contents of those files. I think that if that had occurred it would be an even more undesirable situation and we have no indication that that occurred.
I wouldn’t call this a security issue, I’d call this… every major software system we use has bugs in it or bugs that are discovered over time. Whether that’s our operating systems or desktop applications or specific applications, you conduct the best tests you can. You assemble a testing suite, you assemble testers, you take various methods, but there’s never a guarantee that software is bug-free. The issue is that if and when bugs are encountered you deal with them appropriately, and that’s what we’re doing right now.
But Beckstrom admitted that the problem is embarrassing for ICANN, adding that sorting out the mess is currently the top priority.
Obviously any time you have a software problem or technical problem with any program you come under enhanced scrutiny and criticism, and I think that’s understandable, that’s fair. What we’re focused on is resolving this successfully and I think ICANN has dealt with many challenges in its past successfully and we’re committed to resolve this issue professionally.
…
I should tell you that this is our top priority right now internally right now. The resolution of this issue is our number one priority, the number one issue for me as CEO, number one for most members of the executive management team and for a large part of the organization. We’re extremely focused on this.
ICANN plans to reveal how many applicants were affected by the bug at the same time as it notifies applicants, Beckstrom said. It will not publish information about who could see what, he said.
Unfortunately for applicants, it seems they will have to wait well into next week before they have any more clarity on the timetable for TAS coming back online and the application window finally closing.
With Prague now emerged as a potential deadline for the reveal, the delays could in fact be much worse than anyone was expecting.
DI PRO subscribers can read a full transcript of the 30-minute interview.
ICANN expects at least 1,268 new gTLD applications
ICANN is expecting at least 1,268 applications for new generic top-level domains, according to CEO Rod Beckstrom.
Speaking to DI at the weekend, Beckstrom said that the TLD Application System had 1,268 user accounts when registration closed March 29.
That represents a spike of over 50% from the 839 registered TAS accounts that ICANN had reported just four days earlier, March 25.
As before, there is not a one-to-one correlation between the number of TAS accounts and the number of applications. Each TAS account can be used to file up to 50 applications.
However, with each TAS slot costing $5,000, 1,268 now seems to be the minimum number of new gTLD applications we’re likely to see.
“It’s unlikely to be lower than that number,” Beckstrom said.
Read more of our interview with Beckstrom.
Verisign selected for 220 new gTLDs
Verisign is the appointed back-end registry operator for 220 new generic top-level domain applications, according to the company.
Verisign itself has applied to ICANN for 14 new gTLDs, 12 of which are transliterations — ie, internationalized domain names — of .com and .net.
During its first-quarter 2012 earnings conference call, ongoing right now, CEO Jim Bidzos disclosed the numbers, saying:
VeriSign applied directly for 14 new gTLDs. Twelve of these 14 are transliterations of .com and .net. Also, applicants for approximately 220 new gTLDs selected Verisign to provide back-end registry services.
Many of these are dot-brands, Bidzos said.
Neustar, which also reported earnings yesterday, did not disclose how many applications it is involved in, other than to say that it has not applied for any as a front-end operator.
OpenRegistry behind 20 new gTLD apps
OpenRegistry will provide the back-end technical infrastructure for 20 new generic top-level domain applications filed by 15 clients, according to a report.
Dutch telco KPN, consultancy Deloitte and financial management firm LPL Financial are among its dot-brand clients, according to Knack.be, quoting executives.
Presumably, we’re looking at bids for .kpn and .lpl as well as .deloitte, which Deloitte confirmed earlier this month.
Its portfolio of applications also includes two cities – one is .gent for Ghent, the other is an American city – and two generic terms that have not yet been revealed.
(UPDATE: While OpenRegistry is not naming the American city, I hear through the grapevine that it might be Boston).
Its clients have a total market cap of $150 billion, according to the report.
That’s not a bad roster for the start-up, whose technical arm is known as Sensirius. The Benelux company was founded in late 2010 by former executives from EuroDNS and Belgian ccTLD manager DNS.be.
A year ago it won the contract to manage the back-end for .sx, the new ccTLD for Sint Maarten.
Rugby board tries for .rugby with TLDH
The International Rugby Board has applied to ICANN for the generic top-level domain .rugby with Top Level Domain Holdings, the IRB announced today.
It appears to be a defensive as well as offensive move, judging by the press release.
It’s about “protecting and promoting Rugby’s values and ethos” and ensuring .rugby “resides within the sport”, according to IRB chairman Bernard Lapasset.
The application will be filed in partnership with TLDH, as well as a new company called ROAR Domains, which appears to be a part of a Kiwi sports marketing agency.
If the bid is successful, TLDH subsidiary Minds + Machines will provide the registry back-end.
The IRB is the international body for rugby associations which organizes the Rugby World Cup.
There are already a few .sport bids, and the Australian Football League has applied for a .afl dot-brand, but I think .rugby may be the first sport-specific gTLD application to be announced.
TAS down for at least another week
If you’re just joining us, welcome to the ICANN community.
The TLD Application System will be offline for another week, possibly more, as ICANN struggles to deal with the fallout from its embarrassing data leakage bug.
ICANN had promised an update today on the timing of the reopening of TAS, which was taken offline April 12 just 12 hours before the new gTLD application filing deadline arrived.
But what applicants got instead was a promise to provide another timing update a week from now.
Chief operating officer Akram Atallah said in a statement:
identifying which applicants may have been affected by the technical glitch, and determining who may have been able to see someone else’s data, require extensive analysis of a very large data set. This is a time-consuming task, but it is essential to ensure that all potentially affected applicants are accurately identified and notified.
Until that process is complete, we are unable to provide a specific date for reopening the application system.
In order to give all applicants notice and an opportunity to review and complete their applications, upon reopening the system we will keep it open for at least five business days.
No later than 27 April 2012 we will provide an update on the reopening of the system and the publication of the applied-for new domain names.
So the best-case scenario, if these dates hold up, would see TAS coming back online Monday, April 30 and closing Friday, May 4.
The April 30 target date for the Big Reveal is clearly no longer possible.
ICANN has stated previously that it expects to take two weeks between the closing of the application window and the revelation of the list of gTLDs being applied for.
The Big Reveal could therefore be postponed until mid-May, almost a month from now.
Any applicant who has already booked flights and hotels in order to attend one of the various reveal events currently being planned by third parties may find themselves out of pocket.
Regular ICANN participants are of course accustomed to delay.
ICANN’s image problem now is rather with the hundreds of companies interfacing with the organization for the first time, applying for new gTLDs, which may be wondering whether this kind of thing is par for the course.
Well, yes, frankly, it is.
That said, the time to avoid this problem was during testing, before the application window opened in January.
Now that the bug has manifested, it’s probably in most people’s best interests for ICANN to fully understand went wrong and what impact it could have had on which applicants. This takes time.
Recent Comments