Latest news of the domain name industry

Recent Posts

DNSAI to name most-abused registries, registrars

Kevin Murphy, May 31, 2022, Domain Services

The DNS Abuse Institute is to start publishing monthly reports that name the registries and TLDs with the highest level of abuse.

The organization’s Intelligence service is expected to land in September, a little later than was previously expected, according to a blog post from director of policy and programs Rowena Schoo.

DNSAI has partnered with Kor Labs, a project out of the Grenoble Institute of Technology, to supply the data, which will cover phishing and malware domains and differentiate between malicious registrations and compromised sites.

The Institute doesn’t consider spam DNS abuse unless it is used as a delivery mechanism for other types of abuse, in line with ICANN’s definition.

The decision to actually name (and in some cases, we should assume, shame) registries and registrars is an unusual one. Other, similar efforts tend to keep the data anonymous.

“We want to understand abuse persistence and whether it has been appropriately mitigated by registrars,” Schoo wrote.

DNSAI is a project primarily backed by .org manager Public Interest Registry.

Porn names to feature at NamesCon Global

Kevin Murphy, May 26, 2022, Domain Services

NamesCon, the domaining conference, has revealed that “adult” domain names will be the focus of one its sessions at its next event, hosted by a former dominatrix.

The conference has recruited Monte Cahn of RightOfTheDot (not the former dominatrix) and investor Krista Gable of Domain Domme to run a session on “Adult Domain Names”.

Organizers couldn’t resist a bit of cheeky innuendo in a mailshot this week, promising to help attendees “explore the ins and outs of buying, selling, developing, and monetizing in this unique and valuable namespace.”

Gable told DomainGang in an interview a few years ago that she’s particularly interested in domains at the intersection of sex and technology, and her portfolio today seems to be largely porn-adjacent rather than downright filthy.

Not much else is known about NamesCon’s agenda yet. We do know there’s going to be a literal sausage fest at the end of the week at a local beer garden, an auction, and a “Women In Domaining” session at the end of the third day.

The conference runs in Austin, Texas from August 31 and tickets currently start at $499 before increasing next week.

TMCH turning off some brand-blocking services

Kevin Murphy, April 13, 2022, Domain Services

The Trademark Clearinghouse is closing down two of its brand protection services after apparently failing to attract and retain registry partners.

The company announced recently that TREx, its Trademark Registry Exchange, will shut down after its customers’ existing subscriptions expire, saying:

The communication that we receive from our agents, resellers, clients and other registries that we have reached out to around improving the product shows that there is currently little appetite for such a service.

TMCH said it may revive the service after the new round of new gTLDs happens.

TREx was a service similar to Donuts’ Domain Protected Marks List and others, whereby trademark owners can block their brands across a multitude of TLDs for a substantial discount on the cost of defensive registrations.

But the TMCH offering was not restricted to one registry’s portfolio. Rather, it consolidated TLDs from multiple smaller operators, including at least one ccTLD — .de — into one service.

It seems to have peaked at 43 TLDs, but lost three when XYZ.com pulled out a couple years ago.

Its biggest partner was MMX, which sold its 22 gTLDs to GoDaddy Registry last year. I’d be very surprised if this consolidation was not a big factor in the decision to wind down TREx.

I’d also be surprised if we don’t see a DPML-like service from GoDaddy before long. It already operates AdultBlock on its four porn-themed gTLDs.

The news follows the announcement late last year that TMCH will also close down its BrandPulse service, which notified clients when domains similar to their brands were registered in any TLD, when its existing subscriptions expire.

Both services leveraged TMCH’s contractual relationship with ICANN, under which it provides functions supporting mandatory rights protection mechanisms under the new gTLD program rules, but neither are ICANN-mandated services.

DNS Abuse Institute names free tool NetBeacon, promises launch soon

Kevin Murphy, April 5, 2022, Domain Services

NetBeacon has been picked as the name for the DNS Abuse Institute’s forthcoming free abuse-reporting tool.

The tool is expected to launch in early June, after software was donated by CleanDNS accelerated the development cycle, according to Institute director Graeme Bunton.

The system was previously using the working title CART, for Centralized Abuse Reporting Tool, as I blogged in February.

CleanDNS CEO Jeff Bedser is also on the board of Public Interest Registry, which funds DNSAI. Bunton wrote that PIR approved the use of the CleanDNS software under its conflict of interest policy, with Bedser recusing himself.

NetBeacon is expected to provide a way for authenticated abuse reporters to file complaints in a normalized fashion, potentially streamlining the workflow of registrars that subsequently have to deal with them.

Bunton has said that the service will be free at both ends, funded by non-for-profit PIR.

Now Sedo pulls the plug on Russians

Kevin Murphy, March 9, 2022, Domain Services

Secondary market player Sedo has become the latest domain name company to stop dealing with Russians and Russian domains.

The company sent an email to its customers today saying that it has “suspended trading and parking” for .ru domains and domains in Belarus’ .by ccTLD.

It said it can no longer serve customers in Russia or Belarus and has “temporarily deactivated” their accounts.

It’s not clear whether the move is motivated by Sedo taking a principled stance against the war in Ukraine, or necessitated by the company’s inability to process cross-border payments due to international sanctions.

“Sedo disapproves of any kind of hate and violence, as well as anything that radically contradicts our corporate values,” the company said. “Therefore, for the sake of the civilians involved, we hope for an early resolution of this conflict.”

Sedo is part of the United-Internet group. Its sister company, IONOS, announced it was working on kicking out Russian customers last week.

Whois rule changes that nobody likes get approved anyway

Kevin Murphy, November 3, 2021, Domain Services

ICANN’s Generic Names Supporting Organization Council has approved a handful of changes to Whois policy, despite the fact that pretty much nobody was fully on-board with the proposals and how they were made.

The new recommendations call for a new field in Whois records to flag up whether the registrant is a private individual, whose privacy is protected by law, or a legal entity like a company, which have no privacy rights.

But the field will be optional, with no obligation for registries or registrars to use it in their Whois services, which has angered intellectual property interests, governments and others.

The working group that came up with the recommendations also declined to find that Whois records should come with an anonymized registrant email address as standard. This absence of change was also adopted by the Council, causing more disappointment.

In short, nothing much is happening to Whois records for the foreseeable future as a result of these policy changes.

But the process to arrive at this conclusion has highlighted not just the deep divisions in the ICANN community but also, some argue, deficiencies in the ICANN process itself.

The Expedited Policy Development Process working group that has since 2018 been looking at the interaction between Whois and privacy protection law, primarily the European Union’s General Data Protection Regulation, had been asked two final questions earlier this year, to wrap up its long-running work.

First, should registrars and registries be forced to distinguish between legal and natural persons when deciding what data to publish in Whois?

Second, should there be a registrant-based or registration-based anonymized email published in Whois to help people contact domain owners and/or correlate ownership across records?

The answer on both counts was that it’s up to the registry or registrar to decide.

On legal versus natural, the EPDP decided that ICANN should work with the technical community to create a new field in the Whois standard (RDAP), but that there should be no obligation for the industry to use it.

On anonymized email addresses, the working group recommendations were even hand-wavier — they merely refer the industry to some legal advice on how to implement such a system in a GDPR-compliant way.

While this phase of the EPDP’s work was super-fast by ICANN standards (taking about nine months) and piss-weak with its output, it nevertheless attracted a whole lot of dissent.

While its tasks appeared straightforward to outsiders, it nevertheless appears to have inherited the simmering tensions and entrenched positions of earlier phases and turned out to be one of the most divisive and fractious working groups in the modern ICANN period.

Almost every group involved in the work submitted a minority statement expressing either their displeasure with the outcome, or with the process used to arrive at it, or both. Even some of the largely positive statements reek of sarcasm and resentment.

EPDP chair Keith Drazek went to the extent of saying that the minority statements should be read as part and parcel of the group’s Final Report, saying “some groups felt that the work did not go as far as needed, or did not include sufficient detail, while other groups felt that certain recommendations were not appropriate or necessary”.

This Final Report constitutes a compromise that is the maximum that could be achieved by the group at this time under our currently allocated time and scope, and it should not be read as delivering results that were fully satisfactory to everyone.

The appears to be an understatement.

The Intellectual Property Constituency and Business Constituency were both the angriest, as you might expect. They wanted to be able to get more data on legal persons, and to be able to reverse-engineer domain portfolios using anonymous registrant-baed email addresses, and they won’t be able to do either.

The Governmental Advisory Committee and Security and Stability Advisory Committee both expressed positions in line with the IPC/BC, dismayed that no enforceable contract language will emerge from this process.

Councilor Marie Pattullo of the BC said during the GNSO Council vote last Wednesday that the work “exceeds what is necessary to protect registrant data” and that the EPDP failed to “preserve the WHOIS database to the greatest extent possible”.

The “optional differentiation between legal and natural persons is inadequate”, she said, resulting in “a significant number of records being needlessly redacted or otherwise being made unavailable”. The approved policies contain “no real policy and places no enforceable obligations on contracted parties”, she said.

IPC councilor John McElwaine called the EPDP “unfinished work” because the working group failed to reach a consensus on the legal/natural question. The IPC minority statement had said:

Requiring ICANN to coordinate the technical community in the creation of a data element which contracted parties are free to ignore altogether falls far short of “resolving” the legal vs. natural issue. And failing to require differentiation of personal and non-personal data fails to meet the overarching goal of the EPDP to “preserve the WHOIS database to the greatest extent possible” while complying with privacy law.

But McElwaine conceded that “a minority of IPC members did favor these outputs as being minor, incremental changes that are better than nothing”.

The BC and IPC both voted against the proposals, but that was not enough to kill them. They would have needed support from at least one councilor on the the other side of the GNSO’s Non-Contracted Parties House, the Non-Commercial Stakeholders Group, and that hand was not raised.

While the NCSG voted “aye”, and seemed generally fine with the outcome, it wasn’t happy with the process, and had some stern words for its opponents. It said in its minority statement:

The process for this EPDP has been unnecessarily long and painful, however, and does not reflect an appreciation for ICANN’s responsibility to comply with data protection law but rather the difficulty in getting many stakeholders to embrace the concept of respect for registrants’ rights…

With respect to the precise issues addressed in this report, we have stressed throughout this EPDP, and in a previous PDP on privacy proxy services, that the distinction between legal and natural is not a useful distinction to make, when deciding about the need to protect data in the RDS. It was, as we have reiterated many times, the wrong question to ask, because many workers employed by a legal person or company have privacy rights with respect to the disclosure of their personal information and contact data. The legal person does not have privacy rights, but people do.

While welcoming the result, the Registrars Stakeholder Group had similar concerns about the process, accusing its opponents of trying to impose additional legal risks on contracted parties. Its minority statement says:

it is disappointing that achieving this result was the product of significant struggle. Throughout the work on this Phase, the WG revisited issues repeatedly without adding anything substantially new to the discussion, and discussed topics which were out of scope. Perhaps most importantly, the WG was on many occasions uninterested in or unconcerned with the legal and financial risks that some proposed obligations would create for contracted parties in varying jurisdictions or of differing business models, or the risks to registrants themselves.

The Registries Stakeholder Group drilled down even more on the “out of scope” issue, saying the recommendation to create a new legal vs natural field in Whois went beyond what the working group had been tasked with.

They disagreed with, and indeed challenged, Drazek’s decision that the discussion was in-scope, but reluctantly went ahead and voted on the proposals in Council in order to finally draw a line under the whole issue.

The question of whether the legal vs natural question has been in fact been resolved seems to be an ongoing point of conflict, with the RySG, RrSG and NCSG saying it’s finally time to put the matter to bed and the IPC and BC insisting that consensus has not yet been reached.

The RySG wrote that it is “well past time to consider the issue closed” and that the EPDP had produced a “valuable and acceptable outcome”, adding:

The RySG is concerned that some have suggested this issue is not resolved. This question has been discussed in three separate phases of the EPDP and the result each time has been that Contracted Parties may differentiate but are not required to do so. This clearly demonstrates that this matter has been addressed appropriately and consistently. A perception that this work is somehow unresolved could be detrimental to the ICANN community and seen as undermining the effectiveness of the multistakeholder model.

Conversely, the BC said the report “represents an unfortunate failure of the multistakeholder process” adding that “we believe the record should state that consensus opinion did not and still does not exist”.

The IPC noted “a troubling trend in multistakeholder policy development”, saying in a clear swipe at the contracted parties that “little success is possible when some stakeholders are only willing to act exclusively in their own interests with little regard for compromise in the interest of the greater good.”

So, depending on who you believe, either the multistakeholder process is captured and controlled by intransigent contracted parties, or it’s unduly influenced by those who want to go ultra vires to interfere with the business of selling domains in order to violate registrant privacy.

And in either case the multistakeholder model is at risk — either “agree to disagree” counts as a consensus position, or it’s an invitation for an infinite series of future policy debates.

Business as usual at the GNSO, in other words.

Toilet-maker’s dot-brand gets flushed

Kevin Murphy, September 1, 2021, Domain Services

A Japanese building materials company known for its smart toilets has become the latest multi-billion-dollar brand to decide it doesn’t need a gTLD of its own.

Lixil, which turned over roughly $12 billion in its last fiscal year, has told ICANN to tear up its .lixil registry agreement.

No specific reason was given, but it appears the gTLD was lightly used — just one domain was active, and it redirected to lixil.com.

As usual, ICANN has determined that, as a dot-brand, .lixil will not be redelegated and instead simply removed from the root.

It’s number 94 on the dot-brand dead list, the sixth this year.

GoDaddy rides another 21 gTLDs into its stable

Kevin Murphy, July 28, 2021, Domain Services

GoDaddy may have disavowed the domain registry business for much of the last decade, but it’s fast becoming one of the largest registry operators out there.

The company’s GoDaddy Registry unit this week took over the ICANN contracts for 21 more gTLDs, bringing the number of TLDs it either contracts for or technically manages close to the 200 milestone.

As well as taking on new gTLD success story .club, it’s also signed the Registry Agreements for 19 more strings formerly belonging to MMX, aka Minds + Machines, which plans to bow out of the industry after 10 years in business.

The MMX TLDs being moved are: .law, .abogado (“lawyer” in Spanish), .beer, .casa (“home” in Spanish), .cooking, .dds (“dentists” in American), .fashion, .fishing, .fit, .garden, .horse, .luxe, .rodeo, .surf, .vip, .vodka, .wedding, .work, and .yoga.

GoDaddy took over the back-end for .xxx, .porn, .adult and .sex, belonging to former MMX subsidiary .ICM Registry, last week.

The remaining string to enter the portfolio is .design, which GoDaddy acquired from Top Level Design, which is still a going concern with its small portfolio of gTLDs.

There are still a few MMX TLDs that have not moved over, all of which appear to be the geographic strings it operates in partnership with local government backers. These will need additional clearances before transfer.

While GoDaddy has taken over the registry contracts for the 19 MMX TLDs listed above, their back-ends are still Nominet, according to IANA records. Clearly, that will change in future.

The MMX deal was worth $120 million. The values of the .design and .club deals were not disclosed.

CentralNic expects H1 revenue of $174 million

Kevin Murphy, July 28, 2021, Domain Services

A decade ago, CentralNic was scraping by selling domain names at the third level, and now it’s now on track to clear $300 million top line this year.

The domain industry consolidator said yesterday that it expects revenue for the first half of 2021 to be in the region of $174 million, which earnings before interest, tax, depreciation and amortization of $20 million.

Third-quarter revenue is expected to be about $90 million, which works out to 63% growth or roughly 25% organic growth, excluding the impact of recent acquisitions.

Organic growth was 16% for the first quarter 2021 and 9% for the full year 2020.

The company also said cash is up and debt is down.

It’s pretty good going for a company that, when it listed on London’s AIM market in 2013 had H1 revenue of about $2 million, based on not much more than its dubious business of selling 3LDs under the likes of .gb.com and .uk.com and a couple of low-volume ccTLD back-end contracts.

Since then, its acquisition streak has seen it branch out into registrars (where it owns a bunch, wholesale and retail, of various sizes, all over the world) new gTLD back-end services (where it runs at least 90 TLDs) and, more recently, domain monetization.

Epik buys DNForum, explores member ownership options

Kevin Murphy, July 6, 2021, Domain Services

Controversial registrar Epik has acquired DNForum and says it is thinking about ways to make the site member-owned.

DNForum is a forum targeted mainly at domain investors. It competes with NamePros and has seen multiple sets of owners over the last few years.

Posting on DNForum, Epik CEO Rob Monster said he hopes to improve industry communication, interoperability and commercial opportunities — registrars will be welcome to pitch their promotions to users.

He said that Epik is “actively investigating a legally compliant way to turn DNForum into a member owned community based on crypto token”.

While popular with domainers, Epik has attracted controversy in recent years for soliciting and welcoming the business of domain names that have been “cancelled” elsewhere due to political extremism.

Whether this laissez-faire stance on free speech will extend to DNForum’s moderation practices in future remains to be seen.