Recent Posts
- Four registrars get terminated
- ICANN director and African internet pioneer Barrett dies
- Government to put the squeeze on .me registry partners
- More cheap new gTLD applications approved
- Nominet outsources cybersquatting disputes to WIPO
- Whois about to get even more useless
- Agentic AI has ICANN in a pickle
- .pay sunrise going gangbusters
- Nominet dodges millions in member refunds
- Identity Digital takes over 25-year-old TLD
- Ask.com hits the market as Jeeves breathes his last
- ICANN throws a bone to its most stubborn new gTLD applicant
- Cops get special Whois access rights
- Identity Digital acquires another dormant gTLD
- Verisign to delete .name 3LDs and email addresses
- Four more deadbeat registrars face firing squad
- ICANN punts on Oman meeting decision
- DNSSEC claims another registry victim
- .music has competition as .mu repositions
- Over 100 new gTLD bids have already been announced
- 2026 new gTLD round has actually opened
- Nominet wants to fight shrinkage without self-abuse
- Verisign cranks up guidance as .com swells
- More Verisign bitchiness as .com price rise revealed
- Is a .tree gTLD very cool or very silly?
- The internet just got its first new TLD since 2022
- Kid-friendly domains could be reborn
- Shrinking .us TLD is up for grabs
- Namecheap saw 116,000 phishing attacks last year
- .io safe for now as Trump puts Chagos deal on ice
- Amazon sells three gTLDs to Identity Digital
- .radio’s new owners might have a fight on their hands
- WIPO doubles the speed of UDRP cases
- Amazon joining GlobalBlock
- Unstoppable buys 10 new registrars
- ICANN cleaning house, cans four more registrars
- ICANN to throw millions more at cheapo gTLDs
- Introducing Stringtel, my new free new gTLD tool
- GlobalBlock signs the two best deals it will ever get
- Seven registrars get terminated
- GoDaddy launches DomainMaxxing to optimize your domains
- .latino gTLD to launch soon
- Amazon readies .pay gTLD
- Nominet reveals first DNS tech funding recipients
- ICANN hit with tinfoil-hat lawsuit
- .pn relaunches — you’ll never guess what they say it means
- Unstoppable focuses on proper domains, admits crypto was “craze”
- ICANN boss: no plans to scrap Oman meeting
- China domains dip in 2026
- ICANN maps out new gTLD timeline
- War disrupts ICANN 85
- Namecheap abandons fight for .org price caps
- Identity Digital acquires another gTLD
- Seven dead registrars on the out
- Sav.com owner takes over .radio gTLD
- .com zone tops 160 million domains
- ai.com, the most-expensive domain sale ever
- .ai hits seven figures, raises prices
- Typosquatter gets two years in jail
- Epstein low-balled registrants to get his exact-match domain
- Epstein bought “mother” domains for Fergie while serving time
- Two former ICANN directors want back in
- Former ICANN director could lose control of ccTLD
- UK launches “police.ai”, but does it own the domain?
- Team Internet still in talks to sell off domains unit
- NamesCon returning to Miami in November
- “Mad Dog” politician registers nazis.us, redirects to Trump admin site
- “Lowest Price Guaranteed!” $48 .com registrar canned
- No RDAP? No accreditation
- Fifth-largest gTLD not dead after all
- Half of registrar’s domains are abusive, ICANN says
- Burr joins PIR after leaving ICANN board
- Refunds galore as gTLD losers finally bow out
- .goo terminated as search engine closes down
- GoDaddy to offer domain blocking to people who don’t have trademarks
- Happy new year expected for domain industry, says ICANN
- Salesforce to apply for a dot-brand
- Team Internet looking to break up
- Noss to leave Tucows corner office
- Rubens Kühl has died
- Sinha angry with Chapman’s firing as ICANN vice chair
- Glitch redux: ICANN screws up new gTLD security again
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
Blue Coat explains .zip screw-up
Security vendor Blue Coat apparently doesn’t check whether domains are actually domains before it advises customers to block them.
The company yesterday published a blog post that sought to explain why it denounced Google’s unlaunched .zip gTLD as “100% shady” even though the only .zip domain in existence leads to google.com.
Unrepentant, Blue Coat continued to insist that businesses should consider blocking .zip domains, while acknowledging there aren’t any.
It said that its censorware treats anything entered into a browser’s address bar as a URL, so it has been treating file names that end in .zip — the common format for compressed archive files — as if they are .zip domain names. The blog states:
when one of those URLs shows up out on the public Internet, as a real Web request, we in turn treat it as a URL. Funny-looking URLs that don’t resolve tend to get treated as Suspicious — after all, we don’t see any counter-balancing legitimate traffic there.
Further, if a legal domain name gets enough shady-looking traffic — with no counter-evidence of legitimate Web traffic — it’s possible for one of our AI systems to conclude that the behavior isn’t changing, and that it deserves a Suspicious rating in the database. So it gets one.
In other words, Blue Coat has been categorizing Zip file names that somehow find their way into a browser address bar as .zip domain names.
That may sound like a software bug that Blue Coat needs to fix, but it’s still telling people to block Google’s gTLD anyway, writing:
In conclusion, none of the .zip “domains” we see in our traffic logs are requests to registered sites. Nevertheless, we recommend that people block these requests, until valid .zip domains start showing up.
That’s a slight change of position from its original “Businesses should consider blocking traffic that leads to the riskiest TLDs”, but it still strikes me as irresponsible.
The company has still not disclosed the real numbers behind any of the percentages in its report, so we still have no idea whether it was fair to label, for example, Famous Four’s .review as “100% shady”.
Concern over mystery TMCH outage
The Trademark Clearinghouse is investigating the causes and impact of an outage that is believed to have hit its primary database for 10 hours last Friday.
Some in the intellectual property community are concerned that the downtime may have allowed people to register domain names without receiving Trademark Claims notices.
The downtime was confirmed as unscheduled by the TMCH on a mailing list, but requests for more information sent its way today were deflected to ICANN.
An ICANN spokesperson said that the outage is being analyzed right now, which will take a couple of days.
The problem affected the IBM-administered Trademark Database, which registrars query to determine whether they need to serve up a Claims notice when a customer tries to register a domain that matches a trademark.
I gather that registries are supposed to reject registration attempts if they cannot get a definitive answer from the TMDB, but some are concerned that that may not have been the case during the downtime.
Over 145,000 Claims notices have been sent to trademark owners since the TMCH came online over a year ago.
(UPDATE: This story was edited May 21 to clarify that it is the TMCH conducting the investigation, rather than ICANN.)
Site names and shames shoddy TLD support
A self-professed geek from Australia is running a campaign to raise awareness of new gTLDs by naming and shaming big companies that don’t provide comprehensive TLD support on their web sites.
SupportTheNew.domains, run by university coder Stuart Ryan, has been around since last June and currently indexes support problems at dozens of web sites.
The likes of Facebook, Amazon, Adobe and Apple are among those whose sites are said to offer incomplete support for new gTLDs.
It’s the first attempt I’m aware of to list “universal acceptance” failures in any kind of structured way.
Ryan says on the site that he set up the campaign after running into problems signing up for services using his new .email email address.
The site relies on submissions from users and seems to be updated whenever named companies respond to support tickets.
Universal acceptance is a hot topic in the new gTLD space, with ICANN recently creating a steering group to promote blanket TLD support across the internet.
Often, sites rely on outdated lists of TLDs or regular expressions that think TLDs are limited to three characters when they attempt to verify domains in email addresses or URLs.
Google eliminating domains from search results
Google has made another move to make domain names less relevant to internet users.
The company will no longer display URLs in search results pages for any web site that adopts a certain technical standard.
Instead, the name of the web site will be given. So instead of a DI post showing up with “domainincite.com” in results, it would be “Domain Incite”.
Google explained the change in a blog post incorrectly titled “Better presentation of URLs in search results”.
Webmasters wishing to present a company name or brand instead of a domain name need to publish metadata on their home pages. It’s just a few lines of code.
Google will make a determination whether to make the change based on whether the name meets these criteria:
Be reasonbly [sic] similar to your domain name
Be a natural name used to refer to the site, such as “Google,” rather than “Google, Inc.”
Be unique to your site—not used by some other site
Not be a misleading description of your site
Code samples and the rules are published here.
It strikes me that Google, by demanding naming uniqueness, is opening itself up for a world of hurt.
Could there be a landrush among non-unique brands? How will disputes be handled?
Right now the change has been made only to mobile search results and only in the US, but Google hinted that it could roll out elsewhere too.
More security issues prang ICANN site
ICANN has revealed details of a security problem on its web site that could have allowed new gTLD registries to view data belonging to their competitors.
The bug affected its Global Domains Division customer relationship management portal, which registries use to communicate with ICANN on issues related to delegation and launch.
ICANN took GDD down for three days, from when it was reported February 27 until last night, while it closed the hole.
The vulnerability would have enabled authenticated users to see information from other users’ accounts.
ICANN tells me the issue was caused because it had misconfigured some third-party software — I’m guessing the Salesforce.com platform upon which GDD runs.
A spokesperson said that the bug was reported by a user.
No third parties would have been able to exploit it, but ICANN has been coy about whether any it believes any registries used the bug to access their competitors’ accounts.
ICANN has ‘fessed up to about half a dozen crippling security problems in its systems since the launch of the new gTLD program.
Just in the last year, several systems have seen downtime due to vulnerabilities or attacks.
A similar kind of privilege escalation bug took down the Centralized Zone Data Service last April.
The RADAR service for registrars was offline for two weeks after being hacked last May.
A phishing attack against ICANN staff in December enabled hackers to view information not normally available to the public.
Why you can’t register emojis in gTLDs
The popular “emoji” smiley faces are banned as gTLD domain names for technical reasons, according to ICANN.
Emojis are a form of emoticon that originated on Japanese mobile networks but are now used by 12-year-old girls worldwide due to their support on Android and iPhone operating systems.
It emerged last week that Coca-Cola has registered a bunch of smiley-face domain names under .ws, the Samoan ccTLD, for use in an billboard advertising campaign in Puerto Rico.
.ws was selected because it’s one of only a few TLDs that allow emojis to be registered. Coke is spinning its choice of TLD as an abbreviation for “We Smile”.
This got me thinking: would emojis be something new gTLD registries could start to offer in order to differentiate themselves?
Coke’s emoji domains, it turns out, are just a form of internationalized domain name, like Chinese or Arabic or Greek.
Emoji symbols are in the Unicode standard and could therefore be converted to the ASCII-based, DNS-compatible Punycode under the hood in web browsers and other software.
One of Coke’s (smiley-face).ws domain names is represented as xn--h28h.ws in the DNS.
Unfortunately for gTLD registries, ICANN told DI last night that emojis are not permitted in gTLDs.
“Emoticons cannot be used as IDNs as these code points are DISALLOWED under IDNA2008 protocol,” ICANN said in a statement.
IDNA2008 is the latest version of the IETF standard used to define what Unicode characters can and cannot appear in IDNs.
RFC 5892 specifies what can be included in an IDNA2008 domain name, eliminating thousands of letters and symbols that were permissible under the old IDNA2003 standard.
These characters were ostensibly banned due to the possibility of IDN homograph attacks — when bad guys set up spoof web sites on IDNs that look almost indistinguishable from a domain used by, for example, a bank or e-commerce site.
But Unicode, citing Google data, reckons symbols could only ever be responsible for 0.000016% of such attacks. Most homograph attacks are much simpler, relying on for example the visual similarity of I and l.
Regardless, because IDNA2008 only allows Unicode characters that are actually used in spoken human languages, and because gTLD registries are contractually obliged to adhere to the IDNA2008 technical standards, emojis are not permitted in gTLDs.
All new gTLDs have to provide ICANN with a list of the Unicode code points they plan to support as IDNs when they undergo pre-delegation testing. Asking to support characters incompatible with IDNA2008 would result in a failed test, ICANN tells us.
ICANN does not regulate ccTLDs, of course, so the .ws registry is free to offer whatever domains it wants.
However, ICANN said that emoji domains are only currently supported by software that has not implemented the newer IDN protocol:
Emoticon domains only work in software that has not implemented the latest IDNA standard. Only the older, deprecated version of the IDNA standard allowed emoticons, more or less by accident. Over time, these domains will increasingly not work correctly as software vendors update their implementations.
So Coke, while winning brownie points for novelty, may have registered a bunch of damp squibs.
ICANN also told us that, regardless of what the technical standards say, you’d never be able to apply for an emoticon as a gTLD due to the “letters only” principle, which already bans numbers in top-level strings.
Group forms to stop new gTLDs breaking stuff
A little over a year into the live phase of the new gTLD program, a group of domain industry companies are getting together to make sure the expansion is supported across the whole internet.
A new Universal Acceptance Steering Group has formed, with the support of ICANN and the Domain Name Association, to help fix many of the compatibility problems facing new gTLD registrants today.
“The basic problem is that these new types of domains and email addresses just break stuff,” Google’s Brent London said during a UASG meeting at the ICANN meeting in Singapore last week.
“You try to use an internationalized domain or a long new gTLD, or even a short new gTLD, or certainly an internationalized email address and you’re likely to run into problems,” he said. “What we’re doing is going around asking developers to make their products work.”
Universal acceptance is a long-understood problem. Even 15 years after the approval of .info there are still web sites that validate email addresses by ensuring the TLD is no longer than three characters in length.
But the 2012 new gTLD round has brought the issue into sharper focus, particularly given the introduction of internationalized domain names, IDNs, which use non-Latin scripts.
Over the last year we’ve seen scattered examples of popular software — including browsers, instant messaging and social media apps — not recognizing new gTLD domains as domains. The problems I’ve seen are usually fixed quite quickly.
While I’ve not seen any deal-breakers that would prevent me registering a new gTLD domain, I gather that IDN email addresses are often basically unusable, due to the chain of dependencies involved in sending an email.
In my experience as a programmer, supporting all TLDs is not a particularly challenging problem when you’re coding something afresh.
However, when bad practices have been coded in to large, sprawling, interdependent systems over decades, it could be likened to the Y2K problem — the so-called Millennium Bug that caused developer headaches worldwide at the end of the last century.
There’s also a tonne of bad advice on the web, with coders telling other coders to validate domains in ways that do not support an expanding root.
UASG members think the problem is large-scale and that it’s a long-term project — 10 years or more — to fix it satisfactorily.
Members include Donuts, Google, Microsoft, Go Daddy and Afilias.
The DNA has started creating a repository of information for developers, with the aim of describing the problem in plain English and providing code samples. Along with other UASG members, there’s a plan to conduct outreach to make more people aware of the acceptance issue.
You can check out the repository in its unfinished state here.
ICANN is getting involved in a coordination role. After the UASG’s inaugural meeting in Washington DC a few weeks ago, ICANN hosted a session during ICANN 52.
It’s also hosting a mailing list and the group’s first conference call, which will take place tomorrow at 1600 UTC.
Comcast users report name collision bugs
US cable ISP Comcast has become the latest company to experience problems caused by name collisions with new gTLDs.
In this case the gTLD in question is .network, which Donuts had delegated at the end of August.
Users of Comcast’s Xfinity service have been complaining about various issues linked to collisions ever since.
It turns out some Xfinity hubs use the domain home.network on residential networks and that this default configuration choice was not corrected by Comcast before .network went live.
The collision doesn’t appear to be causing widespread internet access issues — Xfinity has close to 20 million users so we’d have heard about it if the problems were ubiquitous — some things appear to be failing.
I’ve seen multiple reports of users unable to access storage devices on their local networks, of being unable to run the popular TeamSpeak conferencing software used by gamers, problems with installing RubyGems, and errors when attempting to use remote desktop tools.
Judging by logs published by affected users, Donuts has been returning the domain “your-dns-needs-immediate-attention.network” and the IP address 127.0.53.53.
Anyone Googling for 127.0.53.53 — the IP address selected to ICANN’s “controlled interruption” name collision management plan — will currently find this ad:
Cyrus Namazi, vice president of DNS industry engagement at ICANN, confirmed to DI that ICANN has received multiple reports of issues on Comcast residential networks and that ICANN has been in touch with the ISP.
Comcast is working on a permanent fix, he said.
Namazi said that ICANN has not received any complaints from users of other ISPs. Most collision-related complaints have been filed by residential users rather than companies, he said.
Verisign plans TLD standards group
Verisign is trying to form a new industry standards-setting association for domain name registries and registrars.
To be called the Registration Operations AssociationTM (yes, according to its web site it is apparently already trademarked), Verisign wants potential members of the group to meet in October to figure out whether such an association is needed and what its remit would be.
But the Domain Name Association apparently has other ideas, suggesting in a recent blog post that the DNA would be the best place for these kinds of technical discussions to take place.
In the second of a series of three blog posts revealing the ROA plan, Verisign senior director Scott Hollenbeck said:
The primary purpose of an association would be to facilitate communication and technical coordination among implementers and operators of the EPP protocol and its current extensions to address interoperability and efficiency obstacles.
EPP is the Extensible Provisioning Protocol used by registrars to transact with all gTLD and many ccTLD registries. It’s an IETF standard written by Hollenbeck over a decade ago.
One of the problems with it is that it is “extensible” by design, so every time a registry extends it to deal with a peculiarity of a particular TLD, partner registrars have to code new connectors.
In a world of hundreds of new gTLDs, that becomes burdensome, Hollenbeck explained in his posts.
An industry association such as the formative ROA could help registries with common requirements standardize on a single EPP extension, streamlining interoperability.
That would be good for new gTLDs.
It’s no secret that many registrars are struggling to keep up with new gTLD launches while providing a good customer experience, as Andrew Allemann pointed out last week.
The need for cooperation seems plain; the question now is what is the correct forum.
While Verisign is pushing for a new group, the DNA reckons the task could be best-performed under its own umbrella.
Executive director Kurt Pritz blogged:
Given its multi-functional and global diversity, the DNA will be an effective place to coordinate discussion of these issues and to involve broader domain name industry involvement.
Verisign isn’t a DNA member. In fact, it appears to be the only significant back-end registry provider in the western world not to have purchased a membership.
But Pritz said in his post that technical discussions would not be limited to DNA members only — anyone would be able to participate without coughing up the $5,000 to $50,000 a year the group charges:
Recognizing that industry-wide issues are… well … industry wide, the DNA Board determined that this work must include those inside and outside the DNA, welcoming all domain name industry members. Scott and others from Verisign and other firms are invited regardless of whether they join the DNA.
So is the industry going to have to deal with two rival standards-setting groups?
In the many years I was a general Silicon Valley tech reporter, I must have written scores of articles about new technologies spurring the creation of competing “standards” organizations.
Usually, this involved pitting an incumbent monopolist such as Microsoft against a coalition of smaller rivals.
It makes for great headlines, but I’m not sure the domain name industry is big enough to support or require multiple groups tackling the same problems.
With resource-strapped registries and registrars already struggling to make new gTLDs work in any meaningful way, I doubt their geeks would appreciate duplicating their efforts.
I don’t know whether the DNA or ROA would be the best venue for the work, but I strongly suspect the work itself, which almost certainly needs to be done, only needs to be done once.
Verisign wants interested parties to meet in Los Angeles on October 16, just as the ICANN meeting there concludes. The meeting may also be webcast for those unable to attend in person.
Twitter starts supporting (some) new gTLDs
Twitter has started recognizing new gTLDs on its web page and on Tweetdeck.
As of some point in the last 48 hours, you can type something like “nic.berlin” or “fire.plumbing” in a tweet and Twitter will automatically turn it into a clickable link.
The switcheroo seems to have happened in the last two days, as this conversation may illustrate.
But there seems to be some delay — about a month, by my reckoning — in the support.
Domains such as nic.sexy, which is in a TLD delegated November 14, become clickable, but domains in more recent delegations such as .okinawa, which hit the root on Wednesday, are not.
Going back through the DI PRO Calendar, it seems that any TLD delegated on February 5 or earlier gets clickable links in Twitter and those delegated over the last four weeks do not.
I’m not sure why TLDs delegated in the last month are not supported, but I imagine it could be an annoyance during registries’ pre-launch marketing.
It’s difficult to overestimate how important application support is for the new gTLD program.
If new gTLDs don’t look like web addresses, there’s going to be a big barrier to adoption. A .link domain that isn’t clickable isn’t much use and nobody wants to have to copy-paste URLs.
Support for new gTLDs for Twitter’s 232 million active users is a big step along the road to universal acceptance of all TLDs, which ICANN has identified as a problem.
Recent Comments