Recent Posts
- Salesforce to apply for a dot-brand
- Team Internet looking to break up
- Noss to leave Tucows corner office
- Rubens Kühl has died
- Sinha angry with Chapman’s firing as ICANN vice chair
- Glitch redux: ICANN screws up new gTLD security again
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
Neustar exec fingered in Trump’s Russian “collusion” probe
A senior former Neustar executive has been outed as a participant in 2016 research that sought to establish nefarious links between then US presidential candidate Donald Trump and the Russian government.
According to a US federal indictment last month, former Neustar senior VP and head of security Rodney Joffe and others used DNS query data collected by the company to help create a “narrative” that Trump’s people had been covertly communicating with Kremlin-connected Alfa Bank.
The indictment claims that they did so despite privately expressing skepticism that the data was conclusive in establishing such ties.
Joffe did this work while under the impression he would be offered a top cybersecurity job in Hilary Clinton’s administration, had she won the 2016 general election, the indictment claims.
Joffe has not been accused of any illegality or wrongdoing — he’s not even named in the indictment — and his lawyer has told the New York Times that the indictment gives an “incomplete and misleading” version of events.
The indictment was returned by a federal grand jury on September 16 against Washington DC lawyer Michael Sussmann, as a result of Special Counsel John Durham’s investigation into the origins of the Trump-Russia “collusion” probe, which ultimately found insufficient evidence of illegality by the former president.
Sussman is charged with lying to the FBI when, in September 2016, he showed up with a bunch of evidence suggesting a connection between Trump and Alfa Bank and claimed to not be working on behalf of any particular client.
In fact, the indictment alleges, he was working on behalf of the Clinton campaign and Joffe, both of whom had retained his services. Lying to the FBI is a crime in the US.
The indictment refers to Joffe as “Technology Executive 1”, but his identity has been confirmed by the NYT and others.
Sussman’s evidence in part comprised DNS data supplied by Joffe and analyzed by himself and other researchers, showing traffic between the domain mail1.trump-email.com and the Russian bank.
At the time, Neustar was a leading provider of domain registry services, but also a significant player in DNS resolution services, giving it access to huge amounts of data about domain queries.
“Tech Executive-1 [Joffe] used his access at multiple organizations to gather and mine public and non-public Internet data regarding Trump and his associates, with the goal of creating a ‘narrative’ regarding the candidate’s ties to Russia,” the indictment claims.
According to the indictment, Joffe had been offered a job in the Clinton administration. He allegedly wrote, shortly after the November 2016 election: “I was tentatively offered the top [cybersecurity] job by the Democrats when it looked like they’d win. I definitely would not take the job under Trump.”
The researchers — which also included employees of the Georgia Institute of Technology, Fusion GPS, and Zetalytics, according to the NYT — sought to create a case for a connection between Trump and the Russian government while privately expressing doubts that their conclusions would stand up to third-party scrutiny, the indictment claims.
The suspicions were briefed to the media by Sussman and the Clinton campaign, the indictment says, and widely reported prior to the election.
When the FBI investigated the alleged links, it concluded the suspicious traffic was benign and caused by the activities of a third-party marketing firm, according to reports.
As I said, it is not alleged that Joffe broke the law, and his people say the indictment is, as you might expect from an indictment, one-sided.
Still, it’s a very interesting, and possibly worrying, insight into how companies like Neustar and their employees are able to leverage DNS resolution data for their own private purposes.
The full indictment, which uses pseudonyms for most of the people said to be involved in the research, can be read here (pdf). The New York Times story, which reveals many of these identities, can be read here (paywall).
While Neustar’s registry business was acquired last year by GoDaddy, it appears that Joffe did not make the move and instead stayed with Neustar. His LinkedIn profile showed he “retired” at some point in the last few weeks, after 15 years with the company.
Donuts’ drop-catching service not anti-competitive, ICANN says
Donuts’ proposed DropZone service, which could see the registry start charging drop-catchers additional fees, is not anti-competitive, according to ICANN.
The service “does not raise any competition concerns”, ICANN VP Russ Weinstein said in a letter to registrar TurnCommerce, the company behind DropCatch.com.
He was responding to TurnCommerce’s concern that DropZone would allow Donuts to charge unlimited extra fees to register expiring names, while giving an advantage to its in-house registrars.
But Weinstein wrote (pdf):
The information received in the Dropzone RSEP request was thoroughly evaluated pursuant to our process, which included consideration of the matters raised in your letter. ICANN org determined that the Dropzone service as submitted by Donuts Inc. on behalf of [Donuts subsidiaries] Binky Moon, LLC and Dog Beach, LLC does not raise any competition concerns requiring ICANN org to refer either RSEP to a relevant competition authority.
DropZone would see Donuts handle its dropping names on a parallel registry system that registrars would have to obtain separate access to. Its Registry Service Evaluation Process request raises the prospect of new fees for such access.
Almost no security researchers asking for Whois records – Tucows
Security researchers are not asking for private Whois records in anywhere near the numbers you might have been led to believe, according to data released this week by Tucows.
The registrar revealed that it received just one request from the security community between September 2020 and the end of August 2021. That’s not even 1% of the total.
Over the same period, the “commercial litigators” category, presumably including intellectual property interests going after suspected cybersquatters, were behind 87% of requests.
About 9% of requests came from law enforcement agencies, Tucows said.
The company said that it disclosed private registrant data in 74% of cases. It denied the requests in 9% of cases. Other requests were incomplete or abandoned.
Tucows has been offering a Tiered Access service for its Whois records since the General Data Protection Regulation came into effect in May 2018. It has received 4,478 requests since then.
Price of Whois lookups could rise as ICANN delays reform work
ICANN has delayed the conclusion of work on Whois reform, potentially increasing the cost of requesting domain registration data in future.
Back in March, its board of directors gave the Org six months to complete the Operational Design Phase of the so-called SSAD, or System for Standardized Access and Disclosure, but that deadline passed this week.
It appears that ICANN is not even close to concluding its ODP work. No new deadline has been announced, but ICANN intends to talk to the community at ICANN 72 next month.
SSAD is a proposal created by the community and approved — not without controversy — by the GNSO Council. It would essentially create a centralized clearinghouse for law enforcement and intellectual property interests to request private registrant data from registries and registrars.
The ODP is a new process, never before used, whereby ICANN clarifies the community’s intentions and attempts to translate policy recommendations into a roadmap that is feasible and cost-effective to implement.
It seems this process suffered some teething troubles, which are partially responsible for the delays.
But it also appears that ICANN is having a hard time finding potential service provider partners capable of building and operating SSAD all by themselves, raising the prospect of a more complex and expensive piecemeal solution.
It had 17 responses to a recent RFI, but no respondent said it could cover all the bases.
The key sticking point, described by some as a “chicken and egg” problem, is figuring out how many people are likely to use SSAD and how often. If the system is too expensive or fails to deliver results, it will be used less. If it works like a charm and is cost-effective, query volumes would go up.
So ICANN is challenged to gaze into its crystal ball and find a sweet spot, balancing cost, functionality and usage, if SSAD is to be a success. So far, its estimates for usage range from 25,000 users making 100,000 requests a year to 3 million users making 12 million requests.
That’s how far away from concluding its work ICANN is.
Confounding matters, the longer ICANN drags its feet on the ODP phase, the more expensive SSAD is likely to be for the end users who will ultimately wind up paying for it.
In a webinar last week, CEO Göran Marby said that the SSAD project is meant to recover its own costs. Whatever ICANN is spending on the ODP right now is expected to be recouped from access fees when SSAD goes live.
“This should not cost ICANN Org anything,” he said. “The costs should be carried by the user.”
ICANN is working on the assumption that SSAD will eventually happen, but if the ODP decides not to implement SSAD, ICANN will have to eat the costs, he indicated.
When the ICANN board approved this ODP, it did not specify how much money was being allocated to the project.
A second and separate ODP, looking at the next round of new gTLDs, was earlier this month given $9 million to conduct an anticipated 10-month project.
Cloudflare goes all-in with at-cost domains
Content delivery specialist Cloudflare has come out as a fully-fledged domain name registrar, promising to sell names in hundreds of TLDs with no markup on the registry wholesale price.
Since the company launched Cloudflare Registrar three years ago, it’s only been possible for customers to transfer in their domains from other registrars; no new regs were possible.
That’s now changed, with the company today announcing customers can buy their domains direct without having to faff about with transfers.
“It’s important to note that our registrar pricing is ‘at-cost.’ That means we charge our customers exactly what we pay the registry, plus any applicable ICANN transaction fees,” the company blogged.
A new .com costs $8.57, for example.
It appears that you need to be a Cloudflare CDN customer to use the registrar service, but it offers a free plan among its suite of offerings.
It’s not the only registrar to offer names at cost, but it’s certainly the one with the best brand recognition.
Cloudflare currently offers over 250 TLDs, and plans to launch 40 more next month. It just added .uk, and plans to add more ccTLDs, as well as premium-priced domains, in future.
The company had about 325,000 domains under management at the last count in May, having transferred a net of 118,000 names during the previous 12 months.
Make no mistake, Cloudflare will be losing money on this venture, despite what it said in September 2018, when it made out running a registrar was cost-free.
Hold on to your stats! ShortDot gets two gTLDs approved in China
ShortDot, which makes a business repurposing unwanted gTLDs for the budget end of the market, said today it has had two more horses in its stable approved for use in China.
The company said that .bond and .cyou have been given the necessary nods by Chinese authorities.
What this could mean, if history is any guide, is a sharp increase in sales for the two extensions, possibly to the extent that they materially affect overall domain industry volume stats for the next few years.
ShortDot seems to think so, saying in a press release: “Given the massive success of .icu in China, it is quite clear that .bond and .cyou will follow suit to become largely successful.”
.icu currently has about 600,000 names under management, more than half of which are registered via Chinese registrars. Its numbers are on their way down.
At its peak 18 months ago it had more than 10 times as many, about 6.6 million, due to its low pricing and popularity among Chinese speculators.
The sudden rise and wholly predictable precipitous fall of .icu has been messing with overall new gTLD industry stats for the last couple of years. No volume analysis is complete without a .icu-related asterisk.
It’s by no means assured that the same will be true of .cyou and .bond of course.
.cyou, which was originally a dot-brand matching the ticker symbol of a Chinese company, had 118,000 names under management at the end of May and 136,000 in its zone file yesterday.
Names in .cyou can be had for $2 at Namecheap and NameSilo, its top two registrars, which together hold over 70% of the market.
.bond, originally an Australian university’s dot-brand, has fewer than 5,000 names at the last count and retails for about $55 retail at the low end.
CentralNic spends $6.5 million on traffic network
CentralNic this morning said it has paid $6.5 million to acquire “a publishing network of revenue generating websites”.
The company, which is seeing an increasingly large chunk of its revenue coming from domain monetization, said the network generates $2 million in annual revenue and $1.5 million in earnings.
The seller is White & Case, a 120-year-old international law firm, not exactly the kind of company you’d expect to own a bunch of random monetized domains.
Neither the size of the network nor the means of monetization were disclosed.
CentralNic said the network was already a customer for roughly half of its sites, so the acquisition will add about $1 million to revenue and $1.5 million to earnings, reducing annual cost of revenue by about $500,000.
While the company is best know for selling domain names, following recent acquisitions revenue from its fast-growing “online marketing” segment outpaced its traditional revenue sources, bringing in $96.4 million in the first half compared to $78.3 million in it two domain-related segments.
Nothing but losses ahead for MMX
Former new gTLD registry MMX has delivered its latest set of financial results and warned that, without any operating business, it will be loss-making for the foreseeable future.
The company today reported a first-half loss of $783,000, compared to a loss of $1.25 million in the year-ago period.
That’s calculated from its ongoing operations, which since the $120 million sale of its registry business to GoDaddy comprises no revenue-generating activities but substantial costs keeping the company running and maintaining its listing on the AIM stock market.
Profit from discontinued operations was $3.38 million, compared to $2.68 million.
It still has small “RSP” business, providing non-technical back-office management services to a few former gTLD partners, but this will be wound down or sold off.
CEO Tony Farrow said in a statement:
We are now in the process of delivering the transition services agreed with GoDaddy Registry and disposing of, or otherwise winding down, our RSP Business. Whilst the transition services are being provided on a cost recovery basis, the Company’s ongoing administrative and other public company costs will result in operating losses for the Group going forward.
When the winding down of existing businesses is done, MMX will look for acquisition opportunities or act as a vessel for a reverse takeover.
It’s currently returning $80 million of its GoDaddy cash to investors with a buyback, but this is not enough to clear all of its shares.
Afilias appeals .web ruling, Verisign responds with “rigging” claims
Afilias has filed an unusual and unprecedented appeal against the May ruling that found ICANN broke its bylaws by awarding the .web gTLD to a Verisign affiliate.
The company is arguing that the Independent Review Process panel that decided the .web case shirked its duties, by not actually resolving the major disputes placed before it.
Verisign, in response, has accused Afilias of asking for a “do-over”, which it said is against the rules, and published information it said showed the company had tried to “rig” the .web auction.
The IRP followed the 2015 ICANN last-resort auction, which saw Verisign secretly fund a shell applicant called Nu Dot Co to win with a $135 million bid, on the basis .web would later be transferred to its custody.
Afilias was the runner-up, and argued that ICANN should have voided the NDC bid because Verisign’s involvement was not disclosed.
But the IRP panel merely found that ICANN had breached its bylaws by failing to have the courage to actually rule on the legitimacy of Verisign’s tactics, and threw it back to ICANN to make a decision.
ICANN has yet to make that decision. Instead, Afilias has filed an appeal (pdf) with the in the form of an “application for an additional decision and interpretation”.
IRP cases are handled by the International Center for Dispute Resolution, and Afilias is invoking the ICDR Arbitration Rules that allow a claimant to request an “interpretation” or “additional award” from the original decision:
By failing to resolve all of the claims and issues Afilias presented to the Panel for decision, the Panel has not only failed to satisfy its mandate; it has also undermined the very Purposes of the IRP (as set out in Section 4.3(a) of the Bylaws)—especially, but not exclusively, by its decision to refer Afilias# claim arising from Nu Dot Co’s (“NDC”) violation of the New gTLD Program Rules back to the ICANN Board and Staff to “pronounce” upon “in the first instance.”
The lengthy request is, I believe, an unprecedented attempt at an appeal of an IRP ruling. It’s also heavy on the legal arguments and does not really shed much light on the facts of the case.
The gist of it is that Afilias wants the panel to rule that ICANN breached its bylaws, new gTLD program rules and international law by failing to disqualify NDC and awarding .web to Afilias instead.
Verisign, in response, said in a blog post that Afilas’ application is “not permitted by the arbitration rules – which expressly prohibit such requests for ‘do overs.'”
It also published a letter (pdf) from NDC to ICANN in which it argues that Afilias tried to engage in a “collusive scheme” to “rig” the .web auction.
The letter contains many pages of private correspondence — emails and phone text messages — in which rival .web applicants, before Verisign’s involvement had been confirmed, fruitlessly attempted to persuade NDC to join them in a private auction in which the winning bid would have been shared among the losers rather than all going to ICANN.
While this kind of private settlement was envisaged, and indeed encouraged, by new gTLD program rules, Verisign reckons its smoking gun is messages sent by Afilias during the so-called “blackout period” before the last-resort auction, during which communications between applicants were forbidden.
As far as I can tell, all or almost all of the documents provided by NDC to ICANN had already been submitted to the public record during the IRP.
Note — the “Afilias” referred to throughout this post is the portion of the company, now known as Altanovo Domains, left behind after most of its operating businesses were acquired by Donuts late last year.
ICANN won’t vote on new gTLDs for another year
Those of you champing at the bit for an opportunity to apply for some more new gTLDs have a longer wait ahead of you than you might have hoped, following a vote of the ICANN board of directors last week.
The board has asked ICANN staff to kick off the latest — but not last — stage of the long-running runway to the next application window, but it will take around 10 months and cost millions.
On September 12, the board gave CEO Göran Marby $9 million from the 2012 round’s war chest and told him to kick off the so-called Operational Design Phase of the New Generic Top-Level Domain Subsequent Procedures Policy Development Process (SubPro).
What this means is that ICANN will take the community-created policy recommendations approved by the GNSO Council in January and try to figure how they specifically could be implemented, before the board decides whether they should be implemented.
The ODP will “assess the potential risks, anticipated costs, resource requirements, timelines, and other matters related to implementation” the board resolution states.
For example, while the SubPro final report calls for an outreach campaign prior to opening the application window, the ODP scoping document (pdf) asks what materials would be needed to be produced and how much they would cost.
The scoping paper comprises dozens and dozens of questions like this, over 15 pages. I started counting them but got bored.
ICANN chair Maarten Botterman said the ODP will provide the board “with relevant materials to facilitate the Board’s determination whether the recommendations are in the best interest of the ICANN community or ICANN”.
While the resolution says the ODP should be completed “within 10 months”, that clock starts ticking when the Marby “initiates” the process, and that does not appear to have happened.
Given that, and ICANN’s habitual tardiness, I’d guess we’re looking at closer to a year before the Org has a document ready to put before the board for consideration.
With all the other stuff that needs to happen following the board’s approval, we’re probably talking about a 2024 application window. That would be 12 years after the last round and 11 years later than the next round was originally promised.
Recent Comments