Latest news of the domain name industry

Recent Posts

Greek .eu domains to be deleted

Kevin Murphy, February 15, 2022, Domain Registries

EURid has started warning registrants that their Greek-script .eu domains will be deleted this year.

The names will no longer work after November 14, the company said yesterday.

It’s part of the registry’s three-year plan to phase out mixed-script internationalized domain names, which are considered poor security practice.

The affected domains are Greek-script IDN.eu names, not IDN.IDN names using the Greek-script .ευ.

.ευ was introduced in 2019, after an amusingly Kafkaesque, yet typically ICANN, decade-long effort to crowbar the ccTLD through its IDN Fast Track rules.

Because EURid had been accepting Greek-script second-level names under its base Latin .eu domain for some time, it grandfathered existing registrants by “cloning” their .eu names into .ευ, albeit with only a three-year lifespan.

There were only 2,694 .ευ domains registered at the end of 2021, so one must assume that the number of domains on the deleting list must be smaller.

Comment Tagged: , , , , ,

UDRP cases soar at WIPO in 2021

Kevin Murphy, February 15, 2022, Domain Policy

The World Intellectual Property Organization has released statistics for cybersquatting cases in 2021, showing one of the biggest growth spurts in UDRP’s 22-year history.

Trademark owners filed 5,128 UDRP complaints last year, WIPO said, a 22% increase on 2020.

There have been almost 56,000 cases since 1999, covering over 100,000 domains names, it said.

The number of annual cases has been growing every year since 2013, its numbers show.

WIPO took a punt that the increase last year might be related to the ongoing coronavirus pandemic, but didn’t really attempt to back up that claim, saying in a release:

The accelerating growth in cybersquatting cases filed with the WIPO Center can be largely attributed to trademark owners reinforcing their online presence to offer authentic content and trusted sales outlets, with a greater number of people spending more time online, especially during the COVID-19 pandemic.

The number of domains hit by UDRP that include strings such as “covid” or “corona” or “vaccine” are pretty small, amounting to just a few dozen domains across all providers, searches show.

The growth does not necessarily mean the total number of UDRP cases has increased by a commensurate amount — some of it might be accounted for by WIPO winning market share from the five other ICANN-approved UDRP providers.

It also does not indicate an increase in cybersquatting. WIPO did not release stats on the number of cases that resulted in a domain name being transferred to the complaining trademark owner.

2 Comments Tagged: ,

CentralNic buys a gTLD and a search engine for peanuts

Kevin Murphy, February 14, 2022, Domain Registries

CentralNic is on the acquisition trail again, picking up a new gTLD and an ancient search engine site for knock-down prices.

The company said today it has acquired .ruhr, as well as a German search site called Fireball, for a total of €600,000 ($678,000).

.ruhr is a geographic gTLD, currently restricted to German residents, covering the Ruhr valley region, a sprawling metropolitan area in the west of the country with multiple major cities including Dortmund and Essen.

The gTLD has about 10,000 registrations and serves about five million Ruhr inhabitants, CentralNic said.

The registry is currently Essen-based regiodot, which almost certainly spent more applying for the string, what with ICANN fees and consultants, than CentralNic is now paying for it.

While the string is geographic, it did not count as a geographic name under ICANN’s new gTLD rules and does not have a government sponsor. The deal will probably require ICANN approval, however.

CentralNic said operations of .ruhr will be brought in-house. It already runs the back-end for the similar geo .saarland.

German readers of a certain age may remember Fireball. It was quite popular there in the 1990s, but was one of the first wave of search engines to fade away with the rise of Google. It was once owned by Lycos, which gives you an idea of its vintage.

Nowadays, it’s a bare-bones site that uses Bing for its search results and appears to use Google for its advertising.

CentralNic said combined revenue for the two companies was €200,000 with EBITDA of €100,000, and that the deals will immediately boost its own results.

It said it expects its 2022 financial performance to come in ahead of what analysts currently expect and expects to provide an update at the end of the month when it reports its 2021 numbers.

1 Comment Tagged: ,

“It’s not our fault!” — ICANN blames community for widespread delays

Kevin Murphy, February 14, 2022, Domain Policy

ICANN may be years behind schedule when it comes to getting things done on multiple fronts, but it’s the community’s fault for making up rubbish policies, bickering endlessly, and attempting to hack the policy-making process.

That’s me paraphrasing a letter sent last week by chair Maarten Botterman to the Registries Stakeholder Group, in which he complained about the community providing “ambiguous, incomplete, or unclear policy recommendations”.

RySG chair Samantha Demetriou had written to Botterman (pdf) in December to lament the Org and board’s lack of timely progress on many initiatives, some of which have been in limbo for many years.

Policies and projects related to Whois, new gTLDs and the Independent Review Process have been held up for a long time, in the latter case since 2013, she wrote, leading to community volunteers feeling “disempowered or discouraged”.

As I recently reported, ICANN has not implemented a GNSO policy since 2016.

The lack of board action on community work also risks ICANN’s legitimacy and credibility, Demetriou wrote.

But Botterman’s response (pdf), sent Thursday, deflects blame back at the community, denying that the delays are “simply because of failure at the level of the organization and Board.”

He wrote:

we need to continue to find our way forward together to address the challenges that affect the efficiency of our current decision-making processes, including, for example, ambiguous, incomplete, or unclear policy recommendations, the relitigation of policy issues during implementation, and the use of the review process to create recommendations that should properly be addressed by policy development

In other words, the community is providing badly thought-out policy recommendations, continuing to argue about policy after the implementation stage is underway, and using community reviews, rather than the Policy Development Process, to create policy.

The RySG, along with their registrar counterparts, put their concerns to the board at ICANN 72 in October, warning of “volunteer burnout” and a “chilling effect” on community morale due to board and Org inaction.

At that meeting, director Avri Doria presented staff-compiled stats showing that across five recent bylaws-mandated community reviews (not PDPs), the board had received 241 recommendations.

She said that 69% had been approved, 7% had been rejected, 18% were placed in a pending status, and 6% were “still being worked on”.

CEO Göran Marby provided a laundry list of excuses for the delays, including: reconciling differing community viewpoints, the large number of recommendations being considered, the potential for some recommendations to break ICANN bylaws, sensitivity to the bottom-up nature of the multi-stakeholder process, lack of staff, and the extra time it takes to be transparent about decision-making.

Just this week, ICANN has posted eight job listings, mostly in policy support.

In his letter last week, Botterman pointed to a “Prioritization Framework”, which is currently being piloted, along with further community conversations at ICANN 73 next month and a “thought paper” on “evolving consensus policies”.

Because why fix something when you can instead create another layer of bureaucracy and indulge in more navel-gazing?

Comment Tagged: , , , , , , ,

PIR to offer industry FREE domain abuse clearinghouse

Kevin Murphy, February 11, 2022, Domain Registries

The DNS Abuse Institute will soon launch a free service designed to make it easier to report abuse and for registries and registrars to act upon it.

The Institute, which is funded by .org manager Public Interest Registry, is working on a system provisionally called CART, for Centralized Abuse Reporting Tool, an ambitious project that would act as a clearinghouse for abuse reports across the industry.

The plan is to offer the service for free to reporters and registrars alike, with a beta being offered to registrars late next month and a public launch hopefully before ICANN 74 in June.

DNSAI director Graeme Bunton said that CART is meant to solve the “mess” of current abuse reporting systems.

For abuse reporters, the idea is to give them a one-stop shop for their reports, across all gTLDs and registrars. CART would take their complaints, normalize them, furnish them with additional information from sources such as Whois records and domain block-lists, and shunt them off to the registrar of record.

“Registrars get boatloads of abuse reports every day,” Bunton said. “Hundreds to thousands. They’re often duplicative, often unevidenced — almost always. There’s no standardization. So they’re having to spend a lot of time reading and parsing these abuse reports.”

“They’re spending a huge amount of time triaging tickets that don’t make the internet any better,” he said. “It felt like trying to solve this problem across every individual registry and registrar was not going to work, and that a centralizing function that sits in the middle and absorbs a lot of the complexity would make a real difference, and we’ve been working towards that.”

CART reporters would be authenticated, and their reports would be filed through forms that normalized the data to make them easier for registrars to understand. There will be “evidence requirements” to submit a report.

“It’s a common lament that the abuse@ email that registrars have to publish are filled with garbage,” Bunton said. “This is intended to clean that up, as well as make it easier for reporters.”

Registrars will be able to white-label these forms on their own sites, replacing or adding to existing reporting mechanisms, which will hopefully drive adoption of the tool, Bunton said.

Registrars will be able to use an API to pull the abuse feed into their existing ticketing workflows, or simply receive the reports via email.

The plan is to send these enhanced reports to registrars’ publicly listed abuse@ addresses, whether they opt into the CART system or not, Bunton said.

One feature idea — possibly in a version 2 release — is to have a reputation-scoring function in which registrars can flag reporters as reliable, facilitating on-the-fly “trusted notifier” relationships.

While the DNSAI is focusing to the industry definition of “DNS abuse” — phishing, pharming, malware, botnets and a subset of spam — the plan is to not limit reporters to just those categories.

Copyright infringement claims, for example, would be acceptable forms of abuse report, if the registrar enables that option when they embed the CART forms on their own sites.

CART will most likely be renamed to something with “better mass-market appeal” before it launches, Bunton said, but there will be no charge to reporters or registrars.

“This is all free, with no plans to do cost-recovery or anything like that,” he said.

While Bunton didn’t want to comment, I think it’s unlikely that these projects would be going ahead, at least not for free, had PIR been turned into a for-profit company under its proposed acquisition by Ethos Capital, which was blocked by ICANN a couple of years ago.

A second project DNSAI is working on is called Intelligence.

This will be somewhat similar to ICANN’s own Domain Abuse Activity Reporting (DAAR) system, but with greater granularity, such as giving the ability to see abuse trends by registry or registrar.

The current plan is to have a preview of Intelligence available in June, with a launch in July.

1 Comment Tagged: , , , , , , ,

GoDaddy now making over $1 billion a quarter

Kevin Murphy, February 11, 2022, Domain Registrars

It doesn’t seem like five minutes ago that GoDaddy became the first domain registrar to top $1 billion in annual revenue. It was actually 2013. Now, it’s doing that in a quarter.

The company last night reported fourth-quarter revenue of $1.02 billion, almost half of which was from domains, up from $873.9 million a year earlier.

Domains revenue was up a whopping 23.6% at $497.3 million, but this was mainly due to aftermarket sales and the registry business.

The company does not report its domains under management, growth or renewal rates in its quarterly earnings announcements.

CFO Mark McCaffrey told analysts that up to two thirds of the growth could be attributed to the aftermarket, where domains sell at premium prices, and GoDaddy “saw an uptick in both volume and average deal size”.

He also highlighted GoDaddy Registry as a key growth contributor, due to the launch in Q4 of a “reputation protection solution” that I can only assume refers to the AdultBlock service that blocks trademarks in the company’s four porn gTLDs.

GoDaddy sent out renewal notices for AdultBlock, valued at as much as $30 million, in December.

It’s not currently possible to measure the success of AdultBlock from public data sources. GoDaddy expunged the roughly 80,000 blocked .xxx domains from its zone file on December 1. Whereas they previously resolved to a registry placeholder, now they do not resolve at all.

Domains revenue for the full year was $1.81 billion, up 19.5%. Including non-domains businesses, annual revenue was $3.81 billion, up 15%.

The company had 2021 net income of $242.8 million, reversing a loss of $494.1 million in 2020.

2 Comments Tagged: , , , ,

Post-lockdown blues hit Tucows’ growth

Kevin Murphy, February 11, 2022, Domain Registrars

Tucows’ domain business was pretty much flat in the fourth quarter and full-year 2021, as the company hit the trough following the spike of the pandemic lockdown bump.

The registrar said last night that its Domain Services business saw new registrations down or flat in both wholesale and retail channels, even when compared to pre-pandemic levels.

The company said (pdf) it ended the year with 25.2 million domains under management, down from 25.4 million a year earlier. The total number of new, renewed or transferred-in domains was 17.4 million, down from 18.2 million.

For the fourth quarter, the total new, renewed or transferred-in domains was 4 million, compared to 4.3 million a year earlier.

In prepared remarks (pdf), CEO Elliot Noss said that wholesale-segment registrations were down 6% to 3.7 million in Q4 and new registrations were down 27% from 2020’s pandemic-related “outsized volumes”.

In retail, total new, renewed and transferred registrations for the quarter were just over 310,000, down 16%, he said. New registrations were down 21% year over year.

The domains business reported revenue of $61.4 million in the fourth quarter, down from $61.8 million in the year-earlier period.

Domain revenue from wholesale was down to $47.1 million from $47.5 million. Retail was down to $8.7 million from $9.2 million. EBITDA across both channels was $11.6 million, down from $12.1 million.

The renewal rates for wholesale and retail were a more-than-respectable 80% and 85% respectively.

Some of the declines can be attributed to the pandemic-related bump Tucows and other registrars experienced in 2020.

Margins had been impacted a bit by the acquisition of UNR’s back-end registry business, the integration of which Noss said has now been fully completed.

For the full company, including non-domain businesses such as mobile and fiber, revenue for the year was down 2.2% at $304.3 million and net income was down 41.7% at $3.4 million.

The company also announced it has renewed its $40 million share buyback program.

1 Comment Tagged: , , ,

Surprising nobody, Verisign to raise .com prices again

Kevin Murphy, February 11, 2022, Domain Registries

Verisign has announced its second consecutive annual price increase for .com domain names.

The wholesale registry fee for .com names will rise from $8.39 to $8.97 on September 1 this year, an extra $0.58 for every new or renewing domain, of which there are currently over 160 million.

Verisign announced the move, which was expected, as it announced a 2021 profit of $785 million and a 65.3% operating margin.

CEO Jim Bidzos, speaking to analysts, played down the impact of the increases on .com registrants, pointing out that .com prices were frozen under the Obama administration and have only gone up once before, last year, since 2012.

“This is the second wholesale price increase for COM since January of 2012,” he said. “So, if you look back over the last 10 years, that translates into a cost increase of only 1.3% CAGR over the last ten and a half years actually.”

The current .com contract, signed off by the Trump administration and ICANN, allows for two more 7% annual price increases, excluding the just-announced one, but Bidzos would not say whether Verisign plans to exercise those options.

If it does (and it almost certainly will) it would raise the price to $10.26, where it would stay until at least October 2026, he said.

“We believe .com continues to be positioned competitively,” he said.

It’s still basically free money for Verisign, which saw strong fourth-quarter and full-year 2021 results.

The company yesterday reported revenue of $1.33 billion for 2021, up 4.9%, with net income of $785 million, down from $815 million. The operating margin was 65.3%, compared to 65.2%.

For the fourth quarter, revenue was up 6.3% to $340 million, with net income of $330 million compared to $157 million. Operating margin was 65.3%, compared to 63.9%.

For 2022, the company is guiding for revenue of between $1.42 billion and $1.44 billion, based on the price increases and predicted unit growth of between 2.5% and 4.5%. The operating margin is expected to be between 64.5% and 65.5%.

Bidzos also addressed the controversial .web gTLD, which it won at auction but has been unable to launch due to legal action pursued by rival bidder Afilias/Altanovo.

An Independent Review Process panel recently threw a decision about .web back at ICANN, which is now considering Afilias’ allegations of wrongdoing at the board level.

“ICANN looks to be moving forward with making the decision on the delegation of .web, and we will be monitoring their process,” Bidzos said. He said that Verisign has not budgeted for any revenue or costs from .web in 2022.

That’s probably wise. Afilias recently told us that it has not stopped fighting against Verisign’s .web win.

1 Comment Tagged: , , , , , , , , ,

Verisign and PIR join new DNS abuse group

Kevin Murphy, February 9, 2022, Domain Policy

The domain name industry has just got its fourth (by my count) DNS abuse initiative, with plans for work on “trusted notifier” programs and Public Interest Registry and Verisign as members.

topDNS, which announced itself this week, is a project out of eco, the German internet industry association. It said its goals are:

the exchange of best practices, the standardisation of abuse reports, the development of a trusted notifier framework, and awareness campaigns towards policy makers, decision-makers and expert groups

eco’s Thomas Rickert told DI that members inside and outside the industry had asked for such an initiative to combat “the narrative that industry is not doing enough against an ever-increasing problem”.

He said there’s a “worrying trend” of the domain industry being increasingly seen as an easy bottleneck to get unwelcome content taken down, rather than going after the content or hosting provider.

“There is not an agreed-upon definition of what constitutes DNS abuse,” he said.

“There are groups interested in defining DNS abuse very broadly, because it’s more convenient for them I guess to go to a registrar or registry and ask for a domain takedown rather than trying to get content taken down with a hosting company,” he said.

topDNS has no plans to change the definition of “DNS abuse” that has already been broadly agreed upon by the legit end of the industry.

The DNS Abuse Framework, which was signed by 11 major registries and registrars (now, it’s up to 48 companies) in 2019 defines it as “malware, botnets, phishing, pharming, and spam (when it serves as a delivery mechanism for the other forms of DNS Abuse)”.

This is pretty much in line with their ICANN contractual obligations; ICANN itself shudders away from being seen as a content regulator.

The big asterisk next to “spam” perhaps delineates “domains” from “content”, but the Framework also recommends that registries and registrars should act against content when it comprises child sexual abuse material, illegal opioid sales, human trafficking, and “specific and credible” incitements to violence.

Rickert said the plan with topDNS is to help “operationalize” these definitions, providing the domain industry with things like best practice documents.

Of particular interest, and perhaps a point of friction with other parties in the ecosystem in future, is the plan to work on “the development of a trusted notifier framework”.

Trusted notifier systems are in place at a handful of gTLD and ccTLD registries already. They allow organizations — typically law enforcement or Big Content — a streamlined, structured path to get domains taken down when the content they lead to appears to be illegal.

The notifiers get a more reliable outcome, while the registries get some assurances that the notifiers won’t take the piss with overly broad or spammy takedown requests.

topDNS will work on templates for such arrangements, not on the arrangements themselves, Rickert said. Don’t expect the project to start endorsing certain notifiers.

Critics such as the Electronic Frontier Foundation find such programs bordering on censorship and therefore dangerous to free speech.

While the topDNS initiative only has six named members right now, it does have Verisign (.com and .net) and PIR (.org), which together look after about half of all extant domains across all TLDs. It also has CentralNic, a major registrar group and provider of back-end services for some of the largest new gTLDs.

“Verisign is pleased to support the new topDNS initiative, which will help bring together stakeholders with an interest in combating and mitigating DNS security threats,” a company spokesperson said.

Unlike CentralNic and PIR, Verisign is not currently one of the 48 signatories of the DNS Abuse Framework, but the spokesperson said topDNS is “largely consistent” with that effort.

Verisign has also expressed support for early-stage trusted notifier framework discussions being undertaken by ICANN’s registry and registrar stakeholder groups.

PIR also has its own separate project, the DNS Abuse Institute, which is working on similar stuff, along with some tools to support the paperwork.

DNSAI director Graeme Bunton said: “I see these efforts as complementary, not competing, and we are happy to support and participate in each of them.” He’s going to be on topDNS’s inaugural Advisory Council, he and Rickert said.

Rickert and Bunton both pointed out that topDNS is not going to be limited to DNS abuse issues alone — that’s simply the most pressing current matter.

Rickert said issues such as DNS over HTTP and blockchain naming systems could be of future interest.

2 Comments Tagged: , , , , , , , ,

auDA ramps up marketing for direct .au launch

Kevin Murphy, February 7, 2022, Domain Registries

Australian domain overseer auDA has started national advertising for its second-level .au registration launch next month.

The organization said today it has started running television, radio, outdoor and digital ads, and will continue to do so through to November.

Second-level .au domains become available March 24, on a first-come, first-served basis if there are not already matching third-level domains.

If there’s a matching .com.au or .net.au, registered before February 4, 2018, applications for the 2LDs will be handled via a priority allocation process that runs for six months.

auDA’s marketing campaign focuses on five keywords that have a general meaning in English and also a unique or somewhat distinctive meaning in Australian English: station, pavlova, gummy, stoked and stubby.

A “gummy” could mean a type of confectionery, but “gummy.au” could refer to a type of shark that stalks Aussie waters, for example.

Microsites have been launched for each keyword, but they’re not all resolving for me yet.

Comment Tagged: , , ,