Recent Posts
- Americans and ICANNers avoid Kigali in droves
- RDRS stats improve a little in June
- Unstoppable Domains goes down after domain hijack
- Four more gTLDs in emergency measures
- New gTLDs and ccTLDs drive domain universe growth
- Eight interesting recent dot-brand registrations
- .me premium sales down
- Pride fails to reverse gay domains decline
- Unstoppable announces another new gTLD bid
- Blockchain naming firm gets ICANN accreditation
- ICANN takes over gTLD after Whois failures
- Verisign: would-be .com contract killers are “wrong”
- Five gTLDs at risk as registry goes AWOL
- Groups make flawed case that .com is a cartel
- RDRS usage hits all-time low
- A dot-brand so unloved they killed it twice
- PorkBun hits two million domain milestone
- Crawford returns to industry to head up Com Laude
- ICANN financial data dump a damp squib?
- Unstoppable plotting manga-themed gTLDs
- Governments call for new gTLD auctions ban
- ICANN names new CEO, and it isn’t Costerton
- ICANN: We will NOT police content
- More sticker shock as new gTLD fees could top $300,000
- ICANN slashes staff and domain prices could rise
- Secret new gTLD application revealed
- WhatsApp now linkifying new gTLDs, but…
- Outrage over ICANN’s new gTLD fees
- Barrett gets second term on ICANN board
- DotMusic delays gTLD launch again
- .tm prices to skyrocket next week
- Bitcoin gTLD gets launch dates
- First metaverse gTLD is announced
- Alibaba off the naughty step
- ICANN to kill auction fund bylaws change
- The people have spoken on RDRS and they said “Meh”
- ICANN restarts work on controversial Whois privacy rules
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
Nevett headhunts top execs from three rivals
Public Interest Registry has filled out its executive team by poaching senior staff from rivals Afilias, Donuts and Neustar.
Judy Song-Marshall of Neustar has joined as chief of staff, Joe Abley of Afilias is the new chief technology officer and Anand Vora has joined from Donuts as VP of business affairs.
They’re the first senior level appointments to be announced since Donuts co-founder Jon Nevett was appointed CEO three months ago.
PIR, the non-profit which runs .org and related gTLDs, has also let it be known that it’s looking for a chief financial officer. The job ad can be found here.
Internet to lose its .co.ck? Cook Islands mulls name change
The government of the Cook Islands is reportedly thinking about changing its name, putting a question mark over the long-term longevity of its .ck top-level domain.
The AFP is reporting that an exploratory committee has been set up to pick a new name for the country, which is currently named after British explorer James Cook.
The new name would be in the local language, Cook Islands Maori, but would also reflect the country’s Polynesian heritage and “strong Christian belief”, AFP reports.
The Cook Islands is in the Pacific Ocean, about 3,000km from New Zealand. It gained independence in 1965 but retains strong ties to NZ. It has about 12,000 citizens.
Telecom Cook Islands has been running its ccTLD, .ck, since 1995. Registrations, which are a few hundred bucks a year, are only possible at the third level, under .co.ck, .org.ck and so on.
It appears from reporting that any formal name change is still a long way off, but it seems possible that a change of name could well lead to a change of ISO 3166-1 string and therefore a change of ccTLD.
As I explained in my post about the possible loss of .io last week, any such change would take years to roll through the ICANN system. Nobody would lose their domains overnight.
But perhaps the most famous .ck domain appears to have already gone dormant.
Fictional mid-noughties hipster Nathan Barley, antihero of the Charlie Brooker sitcom of the same name, owned trashbat.co.ck, as the opening shot of the show established.
Sadly, that domain, which unlike clownpenis.fart actually existed and was used to promote the short-lived series, appears to stop resolving three or four years ago.
Donuts founder replaces Pitts as MMX’s premium guru
MMX has hired one of Donuts’ recently departed co-founders to market its premium domain name inventory, the company said today.
Dan Schindler, formerly Donuts’ executive VP, has been hired as a “special advisor”, tasked with “monetizing” premiums in the US and Europe.
He appears to be functionally replacing Victor Pitts, who was hired as director of premium sales two years ago. Pitts appears to have left the company in January.
MMX, which counts .vip, .law and .luxe among its stable of 32 gTLDs, expects to report premium sales for 2018 of around $2.3 million.
The company has also hired domain consultant Christa Taylor, founder and CEO of dottba, as its new chief marketing officer, a newly created position.
News of the appointments was released as MMX published another preliminary trading update ahead of its final 2018 financial results next month.
Here are some more nuggets from the announcement:
- Total domain registrations so far in 2019 up 38% to 1.84 million compared to a year ago.
- Billings up 129% year-on-year due to contributions from ICM Registry and a 40% increase in sales of .vip and .luxe domains in China.
- ICM’s porn-themed domains are renewing at 91%.
- Integration of .luxe into two more blockchain platforms — NameCoin and XAYA — is underway.
MMX expects to announce its full-year results April 3.
Phishing still on the decline, despite Whois privacy
The number of detected phishing attacks almost halved last year, despite the fact that new Whois privacy rules have made it cheaper for attackers to hide their identities.
There were 138,328 attacks in the fourth quarter of 2018, according to the Anti-Phishing Working Group, down from 151,014 in Q3, 233,040 in Q2, and 263,538 in Q1.
That’s a huge decline from the start of the year, which does not seem to have been slowed up by the introduction in May of the General Data Protection Regulation and ICANN’s Temp Spec, which together force the redaction of most personal data from public Whois records.
The findings could be used by privacy advocates to demonstrate that Whois redaction has not lead to an increase in cybercrime, as their opponents had predicted.
But the data may be slightly misleading.
APWG notes that it can only count the attacks it can find, and that phishers are becoming increasingly sophisticated in how they attempt to avoid detection. The group said in a press release:
There is growing concern that the decline may be due to under-detection. The detection and documentation of some phishing URLs has been complicated by phishers obfuscating phishing URLs with techniques such as Web-spider deflection schemes – and by employing multiple redirects in spam-based phishing campaigns, which take users (and automated detectors) from an email lure through multiple URLs on multiple domains before depositing the potential victim at the actual phishing site.
It also speculates that criminals once involved in phishing may have moved on to “more specialized and lucrative forms of e-crime”.
The Q4 report (pdf) also breaks down phishing attacks by TLD, though comparisons here are difficult because APWG doesn’t always release this data.
The group found .com to still have the most phishing domains — 2,098 of the 4,485 unique domains used in attacks, or about 47%. According to Verisign’s own data, .com only has 40% market share of total registered domains.
But new, 2012-round gTLDs had phishing levels below their market share — 4.95% of phishing on a 6.83% share. This is actually up compared to the 3% recorded by APWG in Q3 2017, the most recent available data I could find.
Only two of the top 20 most-abused TLDs were new gTLDs — .xyz and .online, which had just 70 attack domains between them. That’s good news for .xyz, which in its early days saw 10 times as much phishing abuse.
After .com, the most-abused TLD was .pw, the ccTLD for Palau run by Radix as an unrestricted pseudo-gTLD. It had 374 attack domains in Q4, APWG said.
Other ccTLDs with relatively high numbers included several African zones run as freebies by Freenom, as well as the United Kingdom’s .uk and Brazil’s .br.
Phishing is only one form of cybercrime, of course, and ICANN’s own data shows that when you take into account spam, new gTLDs are actually hugely over-represented.
According to ICANN’s inaugural Domain Abuse Activity Reporting report (pdf), which covers January, over half of cybercrime domains are in the new gTLDs.
That’s almost entirely due to spam. One in 10 of the threats ICANN analyzed were spam, as identified by the likes of SpamHaus and SURBL. DAAR does not include ccTLD data.
The takeaway here appears to be that spammers love new gTLDs, but phishers are far less keen.
ICANN did not break down which gTLDs were the biggest offenders, but it did say that 52% of threats found in new gTLDs were found in just 10 new gTLDs.
This reluctance to name and shame the worst offenders prompted one APWG director, former ICANN senior security technologist Dave Piscitello, to harshly criticize his former employer in a personal blog post last month.
Registrars given six months to deploy Whois killer
ICANN has started the clock ticking on the mandatory industry-wide deployment of RDAP.
gTLD registries and registrars have until August 26 this year to roll out RDAP services, which will one day replace the age-old Whois spec, ICANN said this week.
Registration Data Access Protocol fulfills the same function as Whois, but it’s got better support for internationalization and, importantly given imminent work on Whois privacy, tiered access to data.
ICANN’s RDAP profile was created in conjunction with contracted parties and public comments. The registries and registrars knew it was coming and told ICANN this week that they’re happy for the 180-day implementation deadline to come into effect.
The profile basically specs out what registrars and registries have to show in their responses to Whois (or RDAP, if you’re being pedantic) queries.
It’s based on the current Temporary Specification for Whois, and will presumably have to be updated around May this year, when it is expected that the Temp Spec will be replaced by the spec created by the Whois EPDP.
Neustar completes .in migration
The transfer of India’s suite of ccTLDs from Afilias to Neustar is done.
NIXI, the .in registry, announced today: “The transition of .IN to its new Neustar-backed Registry platform is now complete.”
With 2.2 million names, not counting names in NIXI’s plethora of localized transliterations, .in is the third-largest TLD migration, behind the 3.1 million .au names that made the reverse journey from Neustar to Afilias last year and the 2.7 million .org names that went from Verisign to Afilias in 2003.
The .in migration started yesterday. NIXI had expected up to 48 hours downtime at the registry EPP level, with obviously no DNS downtime.
The name servers for .in and its IDN equivalents currently all simultaneously include Afilias-owned and Neustar-owned servers.
An Afilias lawsuit against the Indian government, which claimed Neustar lacked experience with Indian scripts and attempted to block the transition, appears to have been dropped last week.
Neustar is reportedly charging NIXI $0.70 per transaction, $0.40 less than Afilias had bid to renew its contract. It won the contract after an open bidding process last August.
Scottish registry dumps the pound over Brexit fears
The .scot gTLD registry has decided to dump the British pound as its currency of choice, due to fears over Brexit.
DotScot’s back-end, CORE, told registrars this week that it will start billing in euros from March 29.
The switch is being made due to “the expected volatility in currency exchange rates between GBP and other main currencies post-Brexit”.
March 29 is currently enshrined in UK law as the date we will formally leave the European Union, though the interminable political machinations at Westminster are making it appear decreasingly unlikely that this date could be extended.
CORE said that the prices for .scot registrations, renewals and transfers will be set at €1.14 for each £1 it currently charges. That’s the average exchange rate over the last 12 months, registrars were told.
.scot is a geographic gTLD, rather than a ccTLD, which was approved in ICANN’s 2012 application round. It has about 11,000 domains under management.
Its largest registrar, 1&1 Ionos (part of Germany’s United Internet), charges £40 a year.
Only 38% of Scots voted in favor of Brexit back in 2016, the lowest of any of the UK’s four nations, with no region of Scotland voting “Leave”.
Naturally, a great many Scots believe they’re being dragged out of the EU kicking and screaming by their ignorant, English-bastard neighbors. Which strikes me as a fair point.
ICANN pushes IANA under Conrad
ICANN chief technology officer David Conrad is now “overseeing” the IANA part of the organization, ICANN has announced.
It doesn’t appear to be a promotion or change of job titles as much as a reporting structure adjustment made in the wake of a change of management at the Global Domains Division.
Kim Davies is still vice president of IANA, and president of Public Technical Identifiers, as IANA is often referred to nowadays.
Previously, Davies reported to the president of GDD, now he’s reporting to Conrad.
After Akram Atallah left GDD to run Donuts, Conrad and Atallah’s eventual permanent replacement, Cyrus Namazi, split his duties on an interim basis.
It appears that the announcement of Conrad’s new duties merely formalizes that arrangement.
It makes a lot more sense to have the largely technical IANA functions under the jurisdiction of the CTO, rather than the gTLD-centric Global Domains Division, if you ask me.
.film gTLD sees spike after dropping restrictions
The .film gTLD saw a small spike in registrations this week after dropping eligibility requirements.
The Australia-based registry, Motion Picture Domain Registry, went fully unrestricted February 22 and immediately saw at least 100 new names in its zone file.
It’s a small increase, but it meant .film, which sells for roughly $70 (101domain) to $120 (GoDaddy, its biggest channel) a year, topped 4,000 names for the first time.
It has not seen seen any additional growth since the weekend, however.
.film, from its 2015 launch, was restricted to registrants that could show a nexus to the film industry and was touted as an anti-piracy measure.
It does not appear to have been particularly well-policed, however. Its most popular domains (per Alexa rank) appear today to be piracy sites.
Despite the old restrictions, and despite being more than twice the price, .film has so far actually proved more popular than Donuts’ .movie gTLD, which has been wobbling around the 2,000 to 3,000 domain mark for the last couple of years.
I expect this is probably due to the fact that the word “film” means the same thing in many languages, whereas “movie” is a distinctly American English term.
UN ruling may put .io domains at risk
The future of .io domains may have been cast into doubt, following a ruling from the UN’s highest court.
The International Court of Justice this afternoon ruled (pdf) by a 13-1 majority that “the United Kingdom is under an obligation to bring to an end its administration of the Chagos Archipelago as rapidly as possible”.
The Chagos Archipelago is a cluster of islands that the UK calls the British Indian Ocean Territory.
It was originally part of Mauritius, but was retained by the UK shortly before Mauritius gained independence in 1968, so a strategic US military base could be built on Diego Garcia, one of the islands.
The native Chagossians were all forcibly relocated to Mauritius and the Seychelles over the next several years. Today, most everyone who lives there are British or American military.
But the ICJ ruled today, after decades of Mauritian outrage, that “the process of decolonization of Mauritius was not lawfully completed when that country acceded to independence in 1968, following the separation of the Chagos Archipelago”.
So BIOT, if the UK government follows the ruling, may cease to exist in the not-too-distant future.
BIOT’s ccTLD is .io, which has become popular with tech startups over the last few years and has over 270,000 domains.
It’s run by London-based Internet Computer Bureau Ltd, which Afilias bought for $70 million almost two years ago.
Could it soon become a ccTLD without a territory, leaving it open to retirement and removal from the DNS root?
It’s not impossible, but I’ll freely admit that I’m getting into heavy, early speculation here.
There are a lot of moving parts to consider, and at time of writing the UK government has not even stated how it will respond to the non-binding ICJ ruling.
Should the UK abide by the ruling and wind down BIOT, its IO reservation on the ISO 3166-1 alpha-2 list could then be removed by the International Standards Organisation.
That would mean .io no longer fits the ICANN criteria for being a ccTLD, leaving it subject to forced retirement.
Retired TLDs are removed from the DNS root, meaning all the second-level domains under them stop working, obviously.
It’s not entirely clear how this would happen. ICANN’s Country Code Names Supporting Organization has not finished work on its policy for the retirement of ccTLDs.
TLDs are certainly not retired overnight, without the chance of an orderly winding-down.
Judging by the current state of ccNSO discussions, it appears that ccTLDs could in future be retired with or without the consent of their registry, with a five-to-10-year clock starting from the string’s removal from the ISO 3166-1 list.
Under existing ICANN procedures, I’m aware of at least two ccTLDs that have been retired in recent years.
Timor-Leste was given .tl a few years after it rebranded from Portuguese Timor, and .tp was removed from the DNS a decade later. It took five years for .an to be retired after the Netherlands Antilles’ split into several distinct territories in 2010.
But there are also weird hangers-on, such as the Soviet Union’s .su, which has an “exceptional reservation” on the ISO list and is still active (and inexplicably popular) as a ccTLD.
As I say, I’m in heavy speculative territory when it comes to .io, but it strikes me that not many registrants will consider when buying their names that the territory their TLD represents may one day simple poof out of existence at the stroke of a pen.
Afilias declined to comment for this article.
Recent Comments