Recent Posts
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
Exclusive gang of 10 to work on making ICANN the Whois gatekeeper
Ten people have been picked to work on a system that would see ICANN act as the gatekeeper for private Whois data.
The organization today announced the composition of what it’s calling the Technical Study Group on Access to Non-Public Registration Data, or TSG-RD.
As the name suggests, the group is tasked with designing a system that would see ICANN act as a centralized access point for Whois data that, in the GDPR era, is otherwise redacted from public view.
ICANN said such a system:
would place ICANN in the position of determining whether a third-party’s query for non-public registration data ought to be approved to proceed. If approved, ICANN would ask the appropriate registry or registrar to provide the requested data to ICANN, which in turn would provide it to the third party. If ICANN does not approve the request, the query would be denied.
There’s no current ICANN policy saying that the organization should take on this role, but it’s one possible output of the current Expedited Policy Development Process on Whois, which is focusing on how to bring ICANN policy into compliance with GDPR.
The new group is not going to make the rules governing who can access private Whois data, it’s just to create the technical framework, using RDAP, that could be used to implement such rules.
The idea has been discussed for several months now, with varying degrees of support from contracted parties and the intellectual property community.
Registries and registrars have cautiously welcomed the notion of a central ICANN gateway for Whois data, because they think it might make ICANN the sole “data controller” under GDPR, reducing their own legal liability.
IP interests of course leap to support any idea that they think will give them access to data GDPR has denied them.
The new group, which is not a formal policy-making body in the usual ICANN framework, was hand-picked by Afilias CTO Ram Mohan, at the request of ICANN CEO Goran Marby.
As it’s a technical group, the IP crowd and other stakeholders don’t get a look-in. It’s geeks all the way down. Eight of the 10 are based in North America, the other two in the UK. All are male. A non-zero quantity of them have beards.
- Benedict Addis, Registrar Of Last Resort.
- Gavin Brown, CentralNic.
- Jorge Cano, NIC Mexico.
- Steve Crocker, former ICANN chair.
- Scott Hollenbeck, Verisign.
- Jody Kolker, GoDaddy.
- Murray Kucherawy, Facebook.
- Andy Newton, ARIN.
- Tomofumi Okubo, DigiCert.
While the group is not open to all-comers, it’s not going to be secretive either. Its mailing list is available for public perusal here, and its archived teleconferences, which are due to happen for an hour every Tuesday, can be found here. The first meeting happened this week.
Unlike regular ICANN work, the new group hopes to get its work wrapped up fairly quickly, perhaps even producing an initial spec at the ICANN 64 meeting in Kobe, Japan, next March.
For ICANN, that’s Ludicrous Speed.
Governments blast ICANN over Amazon gTLDs
ICANN seems to have found itself in the center of a diplomatic crisis, after eight South American governments strongly denied they approve of Amazon being given the .amazon gTLD.
The Amazon Cooperation Treaty Organization, along with the government of Brazil, blasted ICANN CEO Goran Marby for multiple alleged “untrue, misleading, unfortunate and biased statements”, in a December 7 letter (pdf) published yesterday.
ACTO claims that ICANN was “premature” and “ill-informed” when its board of directors un-rejected Amazon’s gTLD applications in an October resolution.
In bruising terms, the letter goes on to criticize Marby for failing to set up promised talks between ACTO and Amazon and then characterizing “informal” conversations with Brazil’s Governmental Advisory Committee rep as if they represented ACTO’s collective view.
It’s just about as harsh a critique of ICANN management by governments I’ve read.
Amazon, the retailer, has been trying to get .amazon, along with transliterations in Chinese and Japanese scripts, since 2012.
Its applications were rejected — technically, placed in “Will Not Proceed” status — after GAC advice in July 2013. The advice was full-consensus, the strongest type, after the lone holdout, the United States, at the time trying to win support for the IANA transition, bowed out.
The advice came because the ACTO countries believe “Amazon” is a geographic string that belongs to them.
But Amazon filed an Independent Review Process appeal with ICANN, which it won last year.
The IRP panel declared that the GAC advice was built on shaky, opaque foundations and that the committee should not have a blanket “veto” over new gTLD applications.
ICANN has ever since been trying to figure out a way to comply with the IRP ruling while at the same time appeasing the GAC and the ACTO countries.
The GAC gave it a little wriggle room a year ago when it issued advice that ICANN should “continue facilitating negotiations between the [ACTO] member states and the Amazon corporation”.
ICANN took this to mean that its earlier advice to reject the bids had been superseded, and set about trying to get Amazon and ACTO to come to an agreement.
Amazon, for its part, has offered ACTO nations a suite of cultural protections, an offer to support future applications for .amazonia or similar, and $5 million worth of products and services, including free Kindle devices.
It has also offered to bake a collection of Public Interest Commitments — these have never been published — into its registry contract, which would enable ACTO governments to bring compliance actions against the company in future.
That proposal was made in February, and ICANN has supposed to have been facilitating talks ever since.
According to a timeline provided by Marby, in a November letter (pdf) to ACTO secretary general Jacqueline Mendoza, ICANN has been working in this facilitation role since November 2017.
Problem is, at almost every step of the way it’s been dealing with Brazilian GAC rep Benedicto Filho, rather than with Mendoza herself, apparently on the assumption that when he made noises favorable to the Amazon proposal he was speaking for ACTO.
And that’s not the case, according to Mendoza and Filho, in the newly published letters.
Whatever input Filho had was in the context of “informal and general conversations in which it was repeatedly and clearly indicated that no country had any mandate to negotiate on behalf of the other members of ACTO”, Mendoza wrote.
Filho himself goes on to accuse Marby of several “gross misrepresentation[s]” and “flagrant inaccuracies”, in an increasingly strident set of three emails forward by Mendoza to Marby.
He claims that he informed Marby every step of the way that he was not authorized to speak on behalf of ACTO, and that the idea he was involved in “obscure and secret negotiations” is “offensive”.
It seems that either one or both men is bullshitting about the extent to which Filho represented himself as an ACTO rep, or there has been a genuine breakdown of communication. For want of any definitive evidence, it seems fair to give them both the benefit of the doubt for now.
The situation as it stands now is that ACTO has called off planned peace talks with Amazon, facilitated by Marby, and has filed a Request for Reconsideration in an attempt to overturn the ICANN board’s October resolution.
Mendoza says ACTO will not engage in talks concerning .amazon until this request has been processed.
So the fate of .amazon now lies with ICANN’s Board Accountability Mechanisms Committee, which is responsible for rejecting processing reconsideration requests. The test is usually whether the requester has brought new information to light that was not available when the board made its decision.
BAMC can either figure out a way to accept the request and put .amazon back in its “Will Not Proceed” status, smoothing out the path to negotiations (re)opening but placing Amazon back in indefinite limbo, or it can reject it and risk ACTO walking away completely.
It’s a tricky spot to be in, and no mistake.
No more free transfers in Denmark
The Danish ccTLD registry has announced that it is to introduce a charge for .dk transfers for the first time in January.
From the start of 2019, transfers between registrants will cost DKK 50 (about $7.50), DK Hostmaster said today.
Currently, transfers are free.
It appears that the new fee will be levied on the gaining registrant.
DK Hostmaster said that the fee is to cover “administrative costs”.
.dk has about 1.3 million domains under management.
ICANN outs two more deadbeat new gTLDs
ICANN has published breach notices it has sent to two more new gTLD registries, which it says have failed to pay their quarterly accreditation fees.
One is a dot-brand, the other is not.
The brand is the Arabic اتصالات . (.xn--mgbaakc7dvf), managed by Emirati telecommunications powerhouse Etisalat.
With about $14 billion of annual revenue, no domains other than its obligatory NIC site, and an allegedly non-functioning contact phone number, it appears the UAE-based company may simply have forgotten its dot-brand exists.
The other registry allegedly in breach is Desi Networks, the US-based company that targets .desi at people hailing from the Indian subcontinent.
While it’s been on the market for over four years, and has an addressable market of over a billion people, .desi has failed to claw together much more than 3,700 domains under management.
I thought it would have performed better. The ccTLD for India has over two million domains, and the country has a thriving domain market.
With a retail price in the region of $20 per year, it’s easy to see why the .desi may be having trouble scraping together the $6,250 quarterly flat fee ICANN registry contracts demand.
Desi Networks also commits on its web site to donate some portion of its reg fees to worthy causes in the South Asian region, which was probably optimistic with hindsight.
ICANN first sent notices of late payment to both registries in September, but did not receive the requested money.
Both have until the first week of January to pay up, or ICANN will initiate termination proceedings.
Uniregistry calls for domain Bill of Rights as Schilling says Gab.com was not booted
Uniregistry has called for a “Domain Bill of Rights” to protect free speech in a world were domain takedowns can be used to de-platform controversial speakers.
Meanwhile, CEO Frank Schilling has told DI that the company did not expel the right-wing social network Gab.com from Uniregistry’s platform, and would have allowed it to stay.
In a press release this week, Uniregistry COO Kanchan Mhatre said that while the company rejects “hatred and bigotry”, free speech is an “inalienable” human right.
The company called for the new agreement “to guarantee every domain name owner a formal ‘due process’ when being faced with accusations and demands for censorship”.
Schilling said that Uniregistry’s idea for a Domain Bill of Rights is still in the early stages. It has sketched out 10 draft bullet points but is not ready to publish them yet.
The press release was issued to coincide with Tim Berners-Lee’s proposal for a “Contract for the Web”, a set of broad principles governing rights and responsibilities online.
But it also coincided with the ongoing controversy over Gab.com, the microblogging platform favored by right-wing voices, including many white supremacists, that have been kicked off Twitter.
The guy who murdered 11 people at a Synagogue in Pittsburgh last month used Gab, a back-breaking straw which prompted GoDaddy to inform the network it intended to suspend its domain unless it was immediately moved to another registrar.
It’s not the first time GoDaddy has shut down the far right for breaching its terms of service. Last year, it took the same action against a neo-Nazi site.
The Gab.com domain briefly wound up at Uniregistry, before Epik CEO Rob Monster stated publicly that he would offer Gab a home. Gab took him up on his offer, and transferred away from Uniregistry.
Uniregistry’s Schilling confirmed that “We did not ask gab.com to leave our platform… they were welcome to stay subject to law”.
Monster said in a blog post largely praising Gab and founder Andrew Torba that “De-Platforming is Digital Censorship”. He noted that for Gab, “there is a duty to monitor and lightly curate, keeping content within the bounds of the law”.
This is how AppDetex works
A small brand-protection registrar with a big friend caused quite a stir at ICANN 63 here in Barcelona this week, after accusing registrars for the second time of shirking their duties to disclose private Whois data to trademark owners.
AppDetex, which has close ties to Facebook, has sent something like 9,000 Whois requests to registrars over the last several months, then complained to ICANN last week that it only got a 3% response rate.
Registrars cried foul, saying that the company’s requests are too vague to action and sometimes seem farcical, suggesting an indiscriminate, automated system almost designed to be overly burdensome to them.
In chats with DI this week, AppDetex CEO Faisal Shah, general counsel Ben Milam and consultant Susan Kawaguchi claimed that the system is nowhere near as spammy as registrars think, then showed me a demo of their Whois Requester product that certainly seemed to support that claim.
First off, Whois Requester appears to be only partially automated.
Tucows had noted in a letter to ICANN that it had received requests related to domains including lincolnstainedglass.com and grifflnstafford.com, which contain strings that look a bit like the “Insta” trademark but are clearly not cybersquatting.
“That no human reviewed these domains was obvious, as the above examples are not isolated,” Tucows CEO Elliot Noss wrote.
“It is abundantly clear to us that the requests we received were generated by an automated system,” Blacknight CEO Michele Neylon, who said he had received similarly odd requests, wrote in his own letter.
But, according to AppDetex, these assumptions are not correct.
Only part of its service is automated, they said. Humans — either customers or AppDetex in-house “brand analysts” — were involved in sending out all the Whois requests generated via its system.
AppDetex itself does not generate the lists of domains of concern for its clients, they said. That’s done separately, using unrelated tools, by the clients themselves.
It’s possible these could be generated from zone files, watch services, abuse reports or something else. The usage of the domain, not just its similarity to the trademark in question, would also play a role.
Facebook, for example, could generate its own list of domains that contain strings matching, partially matching, or homographically similar to its trademarks, then manually input those domains into the AppDetex tool.
The product features the ability to upload lists of domains in bulk in a CSV file, but Kawaguchi told me this feature has never been used.
Once a domain has been input to main Whois Requester web form, a port 43 Whois lookup is automatically carried out in the background and the form is populated with data such as registrar name, Whois server, IANA number and abuse email address.
At this point, human intervention appears to be required to visually confirm whether the Whois result has been redacted or not. This might require also going to the registrar’s web-based Whois, as some registrars return different results over port 43 compared to their web sites.
If a redacted record is returned, users can then select the trademark at issue from a drop-down (Whois Requestor stores its’ customers trademark information) and select a “purpose” from a different drop-down.
The “purposes” could include things like “trademark investigation” or “phishing investigation”. Each generates a different piece of pre-written text to be used in the template Whois request.
Users can then choose to generate, manually approve, and send off the Whois request to the relevant registrar abuse address. The request may have a “form of authorization” attached — a legal statement that AppDetex is authorized to ask for the data on behalf of its client.
Replies from registrars are sent to an AppDetex email address and fed into a workflow tool that looks a bit like an email inbox.
As the demo I saw was on the live Whois Requester site with a dummy account, I did not get a view into what happens after the initial request has been sent.
Registrars have complained that AppDetex does not reply to their responses to these initial requests, which is a key reason they believe them frivolous.
Shah and Milam told me that over the last several months, if a registrar reply has included a request for additional information, the Whois Requester system has been updated with a new template for that registrar, and the request resent.
This, they said, may account for duplicate requests registrars have been experiencing, though two registrars I put this to dispute whether it fits with what they’ve been seeing.
The fact that human review is required before requests are sent out “just makes it worse”, they also said.
DomainTools tracks its one billionth domain
DomainTools now has records of over a billion domain names in its database, according to the company.
The billionth name was added last month, according to a blog post.
The company notes that there are only about 350 million domains in existence today, meaning that twice as many domains have been deleted and never re-registered as are currently online.
For .com, DomainTools knows of 434 million domains that no longer exist, compared to the over 130 million registered today.
Even DomainTools, which has been collecting data for 17 years, knows its records are incomplete, but it reckons its number is probably within 10% of the total number of domains ever registered.
For new gTLDs, the one with the most deleted names is .realty (97% deleted) and the best is .boston (0.3% deleted), the company said.
More data here.
Can’t get enough GDPR? Come to my NamesCon panel
NamesCon Europe is being held in Valencia, Spain, this week, the first time the NamesCon branding has been applied to the old Domaining Europe show.
Starting Thursday, it’s a two-day conference — or three if you count the social events planned for Saturday — with a varied agenda focused on domain investors.
The keynote will be given by Akram Atallah, president of ICANN’s Global Domains Division, on a so-far unspecified topic.
There will be about 20 sessions in total, organized in a single track and covering topics such as valuation, monetization, drop-catching, web development and legal issues facing domainers.
Expect speakers from the likes of Donuts, Sedo, the new gTLDs .club and .global, and a bunch of companies I’ve never heard of (a fact I hope to rectify).
Staff from NamesCon owner GoDaddy also have a decent presence among the speakers.
Domaining Europe was sold to NamesCon earlier this year and there’s going to be a short “handover ceremony” at the end of the show, followed by a performance by a band whose lineup feature the conference’s new CEO.
I’ll be hosting a panel comprising Blacknight CEO Michele Neylon and German lawyer Thomas Rickert on the General Data Protection Regulation on Thursday just before lunch.
If you no longer wish me to tell you this, please click here. But if, as a domainer, you feel there are important GDPR issues that should be discussed at the session, feel free to leave a comment below or shoot me an email.
As usual with shows like this, a big part of the value is in the networking, and there’s plenty of opportunities for socializing scheduled, including a “Disco Party!” slated to end at 5am.
NamesCon Europe tickets are still available, priced now at €786.50 ($922).
Disclosure: I’m paying my own way to the show but have a complimentary press pass.
Sedo’s cunning GDPR workaround
With full Whois records set to disappear from public view for most domain names this Friday, auction house Sedo has had to resort to some technical trickery to enable its users to prove they own the domains they list for sale.
Until now, when listing a domain at Sedo, the company has checked whether the Whois record matches the data it has on file for the customer.
With that no longer possible in many cases, Sedo told users yesterday it instead wants them make updates to their DNS records, which will obviously remain public data post-GDPR.
Sedo will give each customer a personal identification number, which they will have to add to the all-purpose TXT field of their domain’s DNS record.
That’s a fairly straightforward process at most registrars, though volume domainers had better hope their registrar of choice allows DNS changes to be made in bulk.
Sedo’s calling the process “Owner Self-Verification”.
Customers who do not use the system will have to wait three business days before their names are verified. Sedo said it will manually spot-check domains and may ask for other forms of proof of ownership.
UPDATE: Many thanks to all the people on Twitter telling me this system has been in place for years. You’re all very clever. Your cookies/cigars are in the mail.
NamesCon dumps the Trop, eyeing beaches for 2020
GoDaddy-owned annual domain industry conference NamesCon has decided to ditch Las Vegas after its 2019 event.
The show is now looking for ideas for a new location close to a beach, according to a post on its web site.
The January event next year will be held at the Tropicana hotel on the Vegas strip, for the sixth year running, but NamesCon said:
if you have any city/venue suggestions you’d like to throw in the hat for NamesCon Global 2020, send them our way! Here’s a hint to steer you in the right direction: we’re looking to be leaving Las Vegas, and we’d love to sink our feet into a sandy beach somewhere…
The current industry thinking is either Florida or California.
The change comes following feedback from attendees at this year’s show, who seem to think the Trop is a little pokey (it is) with crappy food options (also true, particularly if you’re a picky eater like me).
On the other hand, the hotel is also cheap as chips, so NamesCon is looking for somewhere new that is just as affordable for 2020 and beyond.
NamesCon is promising to “send ourselves off in style” at the 2019 show, which runs January 27 to 30.
As a matter of disclosure, I’ve agreed to moderate a panel at sister event NamesCon Europe in Spain next month. I’m not being compensated beyond a complementary media pass.
Recent Comments