Recent Posts
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
No more Americans as Holland wins ICANN board seat
ICANN’s country-code registries have picked their next representative for the ICANN board of directors.
Byron Holland, CEO of Canadian ccTLD registry CIRA won the seat, which was vacated last September with the abrupt resignation of incumbent Katrina Sataki, who had already been reelected for a second term.
I believe Holland will join the board, after the formality of approval by ccNSO and the ICANN Empowered Community, immediately as Sataki’s replacement, rather that waiting for this year’s AGM as would usually be the case.
Holland comfortably beat Nick Wenban-Smith, general counsel of .uk registry Nominet, by 73 votes to 30 in a two-horse race described by one candidate as a disappointing choice between “two kind of middle-aged white guys and native English speakers”.
The election of a Canadian to replace a European as ccNSO representative means the ICANN board has topped out its quota of North Americans, which could have an impact on other election/selection processes.
ICANN’s bylaws state that each of the five geographic regions can have no more than five voting directors.
Directors Tripti Sinha, Sarah Deutsch and Miriam Sapiro all hail from North America. Term-limited Becky Burr, also American, is to be replaced later this year, but the shortlist of her replacement options are both also Americans.
This seems to mean that the Nominating Committee, charged this year with replacing term-limited European Maarten Botterman and renewing or replacing Sajid Rahman and Chris Chapman, both from Asia-Pacific, has had its field of candidates limited somewhat.
The Address Supporting Organization is also in election mode for its board seat this year, but neither of the candidates are North American.
Registries have started shutting down Whois
Nominet seems to have become the first major registry services provider to start to retire Whois across its portfolio, already cutting off service for about 70 top-level domains.
Queries over port 43 to most of Nominet’s former Whois servers are no longer returning responses, and their URLs have been removed from the respective TLDs’ records on the IANA web site.
The move follows the expiration last month of ICANN’s contractual requirements to provide Whois in all gTLDs. Now, registries must use the successor protocol RDAP instead, with Whois optional.
A Nominet spokesperson tells us the shut-off, which affects large dot-brand clients including Amazon, happened after consultation with ICANN and clients on January 29.
TLDs Nominet was supporting under ICANN’s Emergency Back-End Registry Operator program are also affected.
The registry spokesperson said that the gTLDs .broadway, .cymru, .gop, .pharmacy, and .wales are still offering Whois, due to an interoperability issue:
“The sole reason for the retention of these gTLD WHOIS services is for interoperability with the Brand Safety Alliance (BSA) service integration, which does not yet support RDAP,” she said.
The BSA is the GoDaddy-backed project that offers the multi-TLD GlobalBlock trademark-blocking service.
Nominet’s flagship .uk is also still offering Whois, because Nominet discovered that some of its registrars were still using it, rather than EPP, to do domain availability checks.
The fact that a GoDaddy service and some .uk registrars still don’t support RDAP, even after a years-long ICANN transition plan, is perhaps revelatory.
I’ll admit the only reason I noticed Nominet’s Whois coverage was patchy was that I’d neglected to update one of my scripts and it started failing. Apparently I was not alone.
While RDAP can be fairly simple to implement (if I can do it…), actually finding each registry’s RDAP server is a bit more complicated than under the Whois regime.
All gTLD registries were obliged to offer Whois at whois.nic.[tld], and IANA would publish the URLs on its web site, but RDAP URLs are not standardized.
It’s not super obvious, but it seems instead you have to head over to IANA’s “Bootstrap Service” and download a JSON file containing a list of TLDs and their associated base RDAP URLs.
ICANN wins IRP because complainant literally doesn’t exist
An Independent Review Process panel has thrown out a case filed by a failed new gTLD applicant because the applicant was found to have not existed for almost seven years.
A Bahrain-based company called GCCIX had applied to run .gcc, for Gulf Cooperation Council, in 2012. Its bid was rejected by ICANN the following year on the advice of the Governmental Advisory Committee because it had no affiliation with the actual GCC, a political grouping of nations in the Middle East.
GCCIX has been challenging the rejection ever since, filing an IRP against ICANN in 2021.
But it turns out GCCIX, which apparently had only one employee, has not legally existed in Bahrain since 2018, when it lost its corporate registration for reasons that still seem a mystery even to the IRP panelist.
This kinda scuppers the former company’s ability to do stuff like signing a contract to operate a top-level part of the internet’s infrastructure. Dismissing the case, the IRP panelist wrote:
The Tribunal determines that GCCIX’s status as company “deleted by law” precludes it from engaging in commercial activity under Bahrani law. Those commercial activities undoubtedly include entering into a Registry Agreement and providing the technical and other services required to operate a gTLD… GCCIX has not had the legal capacity to operate a gTLD since at least 2018 and has not revived its capacity despite having ample time to do so.
The question now is who has to pay for this debacle, which seems to involve somewhere between four and 12 years worth of legal fees and other costs. ICANN says it wants sanctions against GCCIX, too.
The panelist said that a decision on costs would have to be made by a full IRP panel, and it’s asked both parties to have a chat about whether they want one.
.com could return to growth this quarter
Verisign might have some better news for investors and analysts when it delivers its first-quarter financial results — it looks like .com might have turned a corner and returned to growth.
The TLD has added over 540,000 domains to its zone file between the start of the year and February 20, a little over halfway through the quarter, according to the numbers Verisign posts on its web site.
While Q1 has historically been seasonally strong, in the same period of 2024 .com was down by over 63,000 names. Over the whole of 2024, .com’s zone lost 3.7 million domains.
The company recently introduced some registrar marketing programs that CEO Jim Bidzos earlier this month said he was encouraged by. Several registrars have been spotted selling .com first-years for as much as 50% off the regular wholesale price.
Two big registrars — GoDaddy and Squarespace — kicked off expensive ongoing campaigns advertising their web site building services at the February 9 Super Bowl broadcast in the US.
Since the broadcast, .com is up by 186,000 names.
Verisign is currently predicting its domain name base across .com and .net will shrink by between 2.3% and 0.3% for the full year.
Could Musk’s DOGE kill off D3’s .doge?
The creation of the US Department of Government Efficiency raises the possibility of a government objection to .doge, a gTLD that D3 Global has announced it plans to apply for.
D3, a domain name consultancy that is promising to deliver gTLDs in next year’s application round that connect to identities currently only available on blockchains, has said it it working on a bid for .doge.
But that’s an exact match to DOGE, a not-quite “department” of the US government created by President Trump in the last few weeks and headed by megalomaniac billionaire troll Elon Musk.
DOGE is tasked with cutting government spending, waste and fraud, and the department’s devil-may-care modus operandi seems to spawn fresh controversy on an almost hourly basis.
In the D3 context, the word “doge” rather refers to a social media meme from well over a decade ago — a photo of a dog called Kabosu, now dead, used as the mascot of a cryptocurrency called Dogecoin.
D3’s partner on the bid is Own The Doge, a project of PleasrDAO that says it paid $4,240,000 in 2021 for the non-fungible token (NFT) of the original Kabosu photo.
Own The Doge then broke the NFT up into almost 17 billion pieces, which are traded like other digital assets. It also makes money selling Kabosu merch, licensing the image, and selling ownership of single pixels of the original image.
The silly governmental meaning and the silly crypto meaning are linked. Musk, a known fan of Dogecoin, seems to have first proposed DOGE as the name of the agency he proposed to lead as a kind of in-joke.
His first tweet on that topic came August 20 last year, a few weeks before the .doge bid was announced.
Given the timing, the exact-match spelling, and the crossover in the semantic Venn diagram, it seems a .doge gTLD application could present a pretty big target for a formal objection.
If the US decided to start throwing its weight around on ICANN’s Governmental Advisory Committee, which has substantial powers to scupper gTLD applications, it’s easy to see how it could horse-trade its way to getting a full consensus GAC objection.
But would a Musk-influenced Trump administration choose to object? Or could its mere existence actually prove beneficial to .doge’s future prospects?
We asked D3, and chief marketing officer Mark Trang told us:
While we’re not going to speculate on whether or not the Department of Government Efficiency will affect a future TLD like .doge, anything the current administration does to raise the visibility of domains, cryptocurrencies, and blockchains we view as a positive for our industry.
It almost certainly is far too early to speculate, but that’s never stopped me before.
Quite apart from the .doge issue, the Trump administration has yet to show its hand on how it will interact with internet governance in general and ICANN and the domain name industry in particular.
It looks today, over a year before the next new gTLD application window is scheduled to open, that this kind of thing is pretty far down the Trump administration’s priority list, if it’s even on the radar at all.
The relatively small National Telecommunications and Information Administration, which supplies the US with its civil service GAC representatives, doesn’t even have its politically appointed leadership yet.
The Heritage Foundation’s Project 2025, seen by some as Trump’s playbook for government reform, says nothing about ICANN or domain names in its NTIA section (pdf), and even gets the meaning of the A in the name wrong, calling it the “Agency”.
As for Musk, he’s known to be well across domain names as a concept, though he may be a .com fanboy. When he reacquired x.com from PayPal, before subsequently renaming Twitter around the domain, he said it was for sentimental reasons.
While it was pretty much an open secret that the pre-Musk Twitter planned to apply for a .twitter gTLD, the renaming to X of course means that it cannot be a dot-brand under ICANN rules banning single-character Latin TLDs.
But rules don’t seem to matter too much at this moment in history, when the US seems more than ready to dispose of decades-old conventions and use raw financial power to achieve its goals.
So, yeah, it’s pretty much too early to speculate about what .doge and the domain name universe looks like under the Trump/Musk administration, but it’s probably not too early to be worried, or maybe even a little afraid.
$2 million Christmas bonus for ICANN
The domain industry performed better than expected in the back half of last year — well, better at least than ICANN had predicted.
The Org today said it took in $2 million more in revenue than it expected in the second half of 2024 — ICANN’s fiscal first half — because the gTLD registries and registrars that primarily fund it processed more transactions than it had planned for.
Registry and registrar transaction fees — paid on registrations, renewals and transfers — were both a million bucks ahead of budget at $29 million and $20 million respectively
Its FY25 takings to the end of December totaled $74 million, ahead of its $72 million estimate but flat on its FY24 budget.
Operating costs were in-line with expectations and down on FY24 numbers due to fewer people having their flights and hotels paid for at ICANN 82 in Istanbul last October.
Another VW car dot-brand crashes out
Volkswagen’s patchy commitment to dot-brand gTLDs is in evidence again this week, as the company has told ICANN it no longer wishes to operate .bentley.
Bentley is one of VW’s luxury car brands, based in the UK. It’s exercised its option to unilaterally terminate its gTLD registry agreement, with no explanation given.
The gTLD had a single resolving domain, which redirected to a .com.
It’s the first dot-brand to terminate this year, thought the notice seems to have been filed with ICANN in December.
VW’s attitude to its original portfolio of dot-brands has been all over the place.
Its .volkswagen, which one might expect to be the flagship, was terminated four years ago, along with its Chinese version, but .seat and .audi each have thousands of active registrations.
Largest back-end switch EVER as GoDaddy loses deal
It’s going to be the largest ever migration of a single TLD between back-end registry service providers, but it was announced without fanfare late last week.
On page four of Tucows CEO Elliot Noss’s prepared fourth-quarter remarks to analysts last week, he revealed the company has beaten GoDaddy to take over the contract to run India’s .in ccTLD:
Tucows Domains was recently selected to be the technical services provider for the .IN country code domain, operated by the National Internet Exchange of India. Our teams are closely collaborating and we are establishing a dedicated team in India to support this initiative
Noss said that the migration involves “approximately 4 million domains” and will take place “later this year”.
While NIXI does not publish its registration numbers, Verisign’s Domain Name industry Brief put .in at 4.1 million names at the end of 2024.
Even accounting for upwards rounding by Noss, 4 million names would make the migration the largest in the history of the DNS.
The current record was set in 2018, when Afilias (now Identity Digital) took over Australia’s .au from Neustar (now GoDaddy. There were 3.1 million names in .au at that time.
When Neustar/GoDaddy took over .in from Afilias/Identity Digital in 2019, it was reportedly because it had bid $0.70 per domain, undercutting the incumbent’s offer of $1.10
But, while the deal is surely worth many millions (maybe $10 million over five years if we guess at a $0.50 bid) to Tucows’ top line, it may not be especially profitable.
Noss said in his remarks to analysts: “The pricing and margin contribution for this piece of business is typical of a large, high volume customer.”
But a demonstrable track record of handling large migrations often comes up in registry RFPs, so the .in deal puts Tucows in a strong position in future contract opportunities.
Yeah, we got phished, ICANN admits after crypto hack
ICANN has confirmed that a phishing attack was responsible for the hacking of its Twitter account last night.
The Org placed this statement, which suggested that the attack may have been more sophisticated than you might have thought, on its home page earlier this evening:
On 11 February 2025, ICANN became aware of a successful phishing attack on our ICANN X [Twitter] account. We are investigating the root cause of the issue and working to resolve it as soon as possible. ICANN uses multi-factor authentication on all social media platforms and has confirmed that none of our other accounts have been impacted.
The hack saw ICANN’s Twitter account tweet several messages promoting a newly created memecoin cryptocurrency called $DNS, presumably to scam would-be investors out of money.
The compromise, which seemed to be timed to close of business in ICANN’s home in California, did not last long and the tweets were swiftly deleted.
Now ICANN seems to have confirmed that one of its staffers was phished to obtain @ICANN’s login credentials, but the fact that the account was protected by multi-factor authentication creates an additional wrinkle.
Twitter offers three MFA methods — codes delivered via SMS, a mobile authenticator app, or a hardware token.
In each case, logging in requires the user to have a physical device in their hand to create the secondary login credential. The victim would have had to provide this time-limited one-time password to the attacker too.
I hope the staffer who got suckered, presumably a member of the comms team, isn’t getting too much of a bollocking today, as these kinds of attacks are increasingly sophisticated and managing online life increasingly complex.
Just a day earlier, the well-known BBC political journalist Nick Robinson, who presents the popular Today show on Radio 4, got phished in what one assumes was a very similar way and for an identical purpose.
This BBC article goes into some detail about the attack on Robinson, including screenshots of the phishing email he fell for, and goes a way to explain how even somebody trained to avoid this kind of stuff can have a moment of vulnerability.
While few of Robinson’s one million Twitter followers could have seriously believed that Today had launched a memecoin, it’s more plausible that somebody familiar with crypto and somewhat aware of ICANN could have believed that ICANN would. The two areas of tech increasingly intersect nowadays.
When the attack proved successful, the bad guy must have thought all of her Christmases had come at once.
ICANN says it is going to post more information to its cybersecurity incident log as its investigation progresses.
If it turns out the phish was successful because somebody didn’t check the domain name of the link they were clicking on, it could be fascinating reading.
ICANN hacked to promote crypto scam
ICANN’s Twitter account appeared to be hacked briefly last night, and was used to promote what looks like a pump-and-dump cryptocurrency scam.
A series of tweets from the official @ICANN account plugged a memecoin named $DNS from around 0200 UTC today, just when ICANN’s California crew would have been clocking off for the day.
“2025: The Internet Gets Its Own Currency. @icann is redefining digital ownership with $DNS – the first memecoin to merge domain governance & Web3 culture,” one of the tweets read, according to a screen capture from domain lawyer John Berryhill.
ICYMI pic.twitter.com/f8R3AzaLaO
— John Berryhill (@Berryhillj) February 12, 2025
The posts linked to dnscoin.org, which at the time was a live web site promoting “$DNS. Own the Internet Again. ICANN’s decentralized memecoin for domain governance”, according to what little remains visible in Google’s index.
The domain, which had been registered for years, has already been deleted entirely. Not suspended. It’s just gone.
ICANN seems to have restored control over its Twitter account fairly quickly, but Berryhill’s caps show the scam tweets were viewed by at least a couple thousand of @ICANN’s 104,000 followers.
The apparent scam appears to be either a modern-day pump-and-dump scheme, where investors hype up a crypto coin only to cash out when its value peaks, or what crypto investors call a “rug pull”, which is more akin to straightforward theft.
Either way, it seems possible that some people may have lost some money, and ICANN’s not-great reputation for security has certainly suffered another embarrassing setback.
It seems likely that @ICANN either had a weak password, or somebody with access to the account got their device compromised in some way.
ICANN, no doubt sifting through the evidence this morning, has yet to publish an official statement.
Recent Comments