Recent Posts
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
Registrar suspended over dodgy transfers
ICANN has suspended a Los Angeles-based registrar after failing to get answers to its questions about a bunch of domain transfer.
World Biz Domains won’t be able to sell any gTLD domains, or accept transfers, from October 16 until January 13 next year. It will also have to post ICANN’s suspension notice on its home page.
Its crime? Failing to provide ICANN with records proving that the change of registrant requests for 15 potentially valuable domain names were legitimate.
ICANN has been badgering World Biz for these records since April, but says it was given the runaround.
The domains in question — 28.net, 68.net, 88.org, changi.com, tay.net, goh.net, koh.net, kuantan.com, yeong.com, merlion.org, og.net, raffles.net, sentosa.org, sg.org and shenton.com — all appear to have been registered to a Singaporean investor using the registrar DomainDiscover until about a year ago.
The non-numeric names all have significance to Singapore or neighboring Malaysia one way or the other. Some of them are arguably UDPR fodder.
Shenton is a busy street and hotel in the city, Merlion is Singapore’s lion mascot, Sentosa is a Singaporean island, and Raffles is of course the name of the famous hotel. Other domains on the list are common Chinese surnames used by Singaporeans.
It appears that about a year ago, according to DomainTools’ historical Whois records, they were transferred to World Biz and put under privacy protection.
There’s no specific claim in ICANN’s notice that any domain hijacking has taken place, but it’s easy to infer that the original registrant was for some reason not happy that the domains changed hands and therefore complained to ICANN.
Some of the domains in question have since been transferred to other registrars and may have been returned to the original registrant.
If ICANN’s track record of demanding records is any guide, this will not help World Biz come into compliance.
Should it be terminated, it looks like very few registrants will be affected.
While World Biz at one point had over 5,000 gTLD domains under management, it’s been shrinking consistently for the best part of a decade and in May had just 74 DUM.
September last year, when the domains in question moved to World Biz, was the company’s most-successful month in terms of inbound transfers — 17 domains — since I started tracking this kind of data nine years ago.
Mediocre .vote gTLD drops restrictions
The .vote and .voto gTLDs have had their registration restrictions removed in a bid to increase numbers.
Both domains were previously technically restricted to those who could show they had a legitimate connection to democratic proceedings, and were sometimes used by political campaigns.
But it appears those post-registration restrictions were lightly enforced, and now they’ve been dropped entirely.
Neither gTLD has been particularly successful — .vote has been wobbling around the 3,000-domain mark for a while, while .voto (the Spanish version) has about a tenth of that figure.
Both renew at retail for about $60 a year, but first-year regs can currently be obtained for about half that amount.
They’re both managed by Afilias.
The highest-profile .vote domain I’m aware of to date was used in the spectacularly successful Hollywood-backed campaign to keep Donald Trump out of the White House in 2016.
ICANN’s babysitting fund goes live
ICANN has started accepting applications for its childcare grants program.
As previously reported, ICANN plans to offer up to $750 per family to community members who have no choice but to show up to its meetings with their offspring in tow.
The money is designed to cover childcare costs while the parent attends sessions at ICANN’s thrice-yearly public meetings.
ICANN will not be providing any on-site childcare itself, nor will it approve any providers.
The program is in a pilot, covering the next three meetings.
The current application period, for ICANN 67 in Cancun, Mexico next March, runs until November 20. The application form wouldn’t open for me.
Full details can be found here.
Claims auDA boss quit after he was busted for “falsified” law degree
Former auDA CEO Cameron Boardman abruptly left the .au registry overseer after his chair claimed he had falsely claimed to have a law degree from a prestigious university, it has been reported.
Citing a letter from then-chair Chris Leptos to Boardman from earlier this year, The Australian reported last week that Leptos “alleged the then-CEO falsified his academic record by including a master of laws degree (LLM) from La Trobe University”.
The CEO had denied the claims, the paper indicated.
Boardman and Leptos both quit shortly after the allegations arose.
Boardman resigned in July after a tumultuous three years in the job which saw him navigate governance and policy controversies and narrowly survive a member vote of confidence.
Leptos had quit just a couple of weeks earlier, reportedly after a disagreement with Boardman about unspecified governance issues.
No specific reasons were given by auDA for either resignation.
Questions about Boardman’s qualifications had been raised as early as April 2018 in a freedom of information request that was ultimately unsuccessful because the government was not in possession of the documents requested.
auDA is currently being chaired on an interim basis by director Suzanne Ewart, while other members of the executive team are looking after the CEO’s functions.
.bond domains could cost a grand each
Newish registry ShortDot has announced the release details for its recently acquired .bond gTLD, and they ain’t gonna be cheap.
The TLD is set to go to sunrise in a little under a month, October 17, for 33 days.
General availability begins November 19 with a seven day early access period during which the domains will be more expensive than usual but get cheaper each day.
The regular pricing is likely to see registrars sell .bond names for between $800 and $1,000 a pop, according to ShortDot COO Kevin Kopas.
There won’t be any more-expensive premium tiers, he said.
The gTLD was originally owned by Bond University in Australia, but it was acquired unused by ShortDot earlier this year.
The company hopes it will appeal to bail bondsmen, offerers of financial bonds and James Bond fans.
The business model with .bond is diametrically opposed to .icu, where names sell for under $2 a year (and renew for under $8, if indeed any of them renew).
That zone has inexplicably gone from 0 to 1.8 million names in the last 16 months, and ShortDot says it’s just crossed the two-million mark of registered names.
That second million appears to have been added in just the last three months.
PIR’s “new” .org domain is just temporary. Help it pick another new one!
Public Interest Registry unveiled a fancy new set of logos and a swanky new web site yesterday, but CEO Jon Nevett tells us that its new domain name is temporary.
The new site and logos are undeniably superior to those they replace, but what raised eyebrows was the fact that the non-profit company has replaced its old pir.org domain with thenew.org, and deprecated the PIR brand almost entirely on its site.
The old PIR domain now redirects to the new thenew one, but the older domain still ranks higher in search engines.
But Nevett tells us it’s not a permanent move.
“Think of it more as a marketing campaign,” Nevett said. “This is a limited campaign, then we’ll move to another name.”
The campaign is basically about PIR going back to its roots and repositioning itself as the .org guys.
It’s only been six years since PIR last rebranded. In September 2013, the company started calling itself “Your Public Interest Registry” in its logo, deliberately playing down the “.org”.
Then-CEO Brian Cute told us at the time that playing up .org “made a lot of sense when we were a single-product company” but that with the imminent launch of sister TLDs .ngo and .ong, the decision was made to lead with the PIR branding instead.
.ngo and .ong — for “non-governmental organization” in English and other languages — haven’t exactly flown off the shelves. Neither one has ever topped 5,000 domains under management, while .org, while declining for a few years, still sits comfortably at over 10 million domains.
“I wouldn’t say so,” Nevett said, when I asked him whether PIR is now essentially back to being a single-product company. “But .org is the flagship, and we’re going back to leading with .org as the key brand. It’s what we’re known for and to say otherwise would be silly.”
People outside the industry have no idea what PIR is, he said, but they all know what .org is.
Some suspect that the rebranding is a portent of PIR gearing up to raise prices, given its newly granted ability to up its registry fees beyond the 10% annual price increase cap that it has it has been to date contractually bound to.
But Nevett said the rebranding is “not at all related to a price increase”. He told me several times that PIR still has “no plans to raise prices”.
He said the rebranding was first put in motion over a year ago, after Cute’s departure but before Nevett’s hiring, during Jay Daley’s interim interregnum.
Anyway, here are the new logos:
To the untrained eye, like both of mine, the new, primary .org logo may just look like two blue circles and the word “org”, but PIR’s press release tells us it’s communicating so much more:
The open “ORG” lettering on either side of the sphere signals that .ORG is an open domain for anyone; it serves as a powerful and inclusive global connector. The logo uses a deep royal blue, evoking feelings of trust, security, and reliability that reflect .ORG’s long-standing reputation.
Because I don’t want to alienate any of PIR’s utterly lovely public relations agency people (the same PR agency that came up with the new branding), I’m not going to pass any comment whatsoever on this piffle.
I think the new logos and web site are improvements. They’re also long-term investments, while the new domain name is not.
“For three to six months we’ll be leading with the marketing campaign of thenew.org, after that we’ll be using a new name as the lead,” Nevett said.
But it won’t be back to pir.org or thenew.org, he said.
Which begs the question: what domain will PIR switch to?
During the course of our conversation, Nevett made the mistake of asking me what I thought the next domain should be, and I made the mistake of saying that I should open the question up to my readers.
So… what should PIR’s next domain be?
Be nice.
MMX switches porn TLDs from Afilias to Uniregistry
Minds + Machines is moving its four porn-themed gTLDs to a new back-end provider.
MMX CEO Toby Hall confirmed to DI today that the company is ditching Afilias, which had been providing registry services for .xxx since 2011.
“We’re in the process of switching the back-ends from Afilias to Uni for the ICM portfolio,” he said.
This portfolio, which MMX acquired last year, also includes .porn, .adult and .sex. There are roughly 170,000 domains under management in total, but about half of these are sunrise-period blocks in .xxx, which could add a wrinkle to the transition.
It appears that Afilias is still providing DNS for the TLDs, but Uniregistry has been named the official tech contact.
It’s not currently clear when the handover will be complete. Hall was not immediately available for further comment.
It’s also not currently clear why Uniregistry was selected. All of MMX’s 27 other gTLDs — the likes of .vip, .work and .law — have been running on Nominet’s platform since MMX dropped its own self-hosted infrastructure a few years back.
During the same restructuring, Uniregistry took on MMX’s registrar business.
Uniregistry has also been working closely with MMX on its recently launched AdultBlock trademark blocking services, which could wind up accounting for a big chunk of MMX’s porn-related revenue.
These latest four gTLDs to switch providers are merely the latest in a game of musical chairs that has been playing out for the last several months, five years after the first new gTLDs started going live and registries shop around for better back-end deals.
Nominet picked up most of Amazon’s portfolio, replacing Neustar, earlier this year.
But Nominet has lost high-profile .blog to CentralNic, and Afilias lost a Brazilian dot-brand to Nic.br
Argentina will use a lottery to decide 2LD landrush
Argentina has become the latest country to allow its ccTLD registrants to register domains at the second level.
NIC Argentina announced last week that in addition to third-level domains such as example.com.ar and example.net.ar, you’ll be able to buy example.ar too.
While it’s following in the footsteps of the likes of .uk and .nz (and soon .au), Argentina is taking a slightly different approach to grandfathering and conflicts.
First, the priority registration period is pretty short, at least compared to the five years .uk registrants got.
If you already own a .ar 3LD, you only have until November 9 to get your application in for the matching 2LD.
In the event that more than one application is received from eligible registrants, the winner won’t be decided by auction, but by lottery.
The City of Buenos Aires Lottery will conduct the raffle, randomly assigning priority numbers to applicants to determine who gets first dibs on their domain of choice.
It’s the first time I’ve seen a domain contest settled by lottery since the process ICANN used to assign priorities to new gTLD applicants back in 2012.
From November 25 until January 23, the .ar process will enter a landrush phase, during which anyone can apply for any available 2LD they want by paying a non-refundable application fee.
The fee is ARS 200, the Argentine peso equivalent of $3.50, so the registry can hardly be accused of greed.
Again, competing bids will be settled by the same lottery process, with the winner having to pay the standard ARS 340 registration fee (the equivalent of $6) to claim their domain.
After February 23, it’s open season, with every domain in general availability.
.ar currently has just shy of half a million domains under management, and hasn’t seen any significant growth in a couple of years.
It will be interesting to see how popular the 2LD offer is, and what impact it has on domain growth in the industry overall.
Argentina allows .ar registrations from non-residents, but it does not appear to be a simple process.
Sixty gTLD registries not monitoring security threats
Roughly 5% of gTLD registry operators have been doing no abuse monitoring, despite contractual requirements to do so, a recent ICANN audit has found.
ICANN checked with 1,207 registries — basically all gTLDs — between November 2018 and June, and found about 60 of them “were not performing any security threat monitoring, despite having domains registered in their gTLDs”.
A further 180 (15%) were not doing security checks, but had no registered domains, usually because they were unused dot-brands. ICANN told these companies that they had to do the checks anyway, to remain in compliance.
In all cases, ICANN said, the registries remediated their oversights during the audit to bring their gTLDs back into compliance.
ICANN does not name the non-compliant registries in the summary of the audit’s results, published yesterday (pdf).
Registries under the 2012 new gTLD base registry agreement all have to agree to this:
Registry Operator will periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. Registry Operator will maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operator will maintain these reports for the term of the Agreement unless a shorter period is required by law or approved by ICANN, and will provide them to ICANN upon request.
It’s possible to keep tabs on abuse by monitoring domain blocklists such as SpamHaus, SURBL and PhishTank. Some such lists are freely available, others carry hefty licensing fees.
ICANN itself monitors these lists through its Domain Abuse Activity Reporting project, so it’s able to work out the differences between the levels of abuse registries report and what the empirical data suggests.
Registries typically either use these lists via in-house tools or license products provided by vendors such as Neustar, RegistryOffice, Knipp, CSC, DOTZON, Afnic, AusCERT, Shadowserver, Telefonica, Secure Domain Foundation and Netcraft, ICANN said.
Perhaps unsurprisingly, there’s a bit of disagreement between ICANN and some registries about how the somewhat vague obligations quote above are be interpreted.
ICANN thinks registries should have to provide information about specific domains that were identified as abusive and what remediation actions were taken, but some registries think they only have to provide aggregate statistical data (which would be my read of the language).
The contracts also don’t specify how frequently registries much carry out security reviews.
Of the 80% (965) of registries already in compliance, 80% (772) were doing daily abuse monitoring. Others were doing it weekly, monthly, or even quarterly, ICANN found, all of which appear to be in line with contractual requirements.
ICANN must do more to fight internet security threats [Guest Post]
ICANN and its contracted parties need to do more to tackle security threats, write Dave Piscitello and Lyman Chapin of Interisle Consulting.
The ICANN Registry and Registrar constituencies insist that ICANN’s role with respect to DNS abuse is limited by its Mission “to ensure the stable and secure operation of the internet’s unique identifier systems”, therefore limiting ICANN’s remit to abuse of the identifier systems themselves, and specifically excluding from the remit any harms that arise from the content to which the identifiers point.
In their view, if the harm arises not from the identifier, but from the thing identified, it is outside of ICANN’s remit.
This convenient formulation relieves ICANN and its constituencies of responsibility for the way in which identifiers are used to inflict harm on internet users. However convenient it may be, it is fundamentally wrong.
ICANN’s obligation to operate “for the benefit of the Internet community as a whole” (see Bylaws, “Commitments”) demands that its remit extend broadly to how a domain name (or other Internet identifier) is misused to point to or lure a user or application to content that is harmful, or to host content that is harmful.
Harmful content itself is not ICANN’s concern; the way in which internet identifiers are used to weaponize harmful content most certainly is.
Rather than confront these obligations, however, ICANN is conducting a distracting debate about the kinds of events that should be described as “DNS abuse”. This is tedious and pointless; the persistent overloading of the term “abuse” has rendered it meaningless, ensuring that any attempt to reach consensus on a definition will fail.
ICANN should stop using the term “DNS abuse” and instead use the term “security threat”.
The ICANN Domain Abuse Activity Reporting project and the Governmental Advisory Committee (GAC) use this term, which is also a term of reference for new TLD program obligations (Spec 11) and related reporting activities. It is also widely used in the operational and cybersecurity communities.
Most importantly, the GAC and the DAAR project currently identify and seek to measure an initial set of security threats that are a subset of a larger set of threats that are recognized as criminal acts in jurisdictions in which a majority of domain names are registered.
ICANN should acknowledge the GAC’s reassertion in its Hyderabad Communique that the set of security threats identified in its Beijing correspondence to the ICANN Board were not an exhaustive list but merely examples. The GAC smartly recognized that the threat landscape is constantly evolving.
ICANN should not attempt to artificially narrow the scope of the term “security threat” by crafting its own definition.
It should instead make use of an existing internationally recognized criminal justice treaty. The Council of Europe’s Convention on Cybercrime is a criminal justice treaty that ICANN could use as a reference for identifying security threats that the Treaty recognizes as criminal acts.
The Convention is recognized by countries in which a sufficiently large percentage domain names are registered that it can serve the community and Internet users more effectively and fairly than any definition that ICANN might concoct.
ICANN should also acknowledge that the set of threats that fall within its remit must include all security events (“realized security threats”) in which a domain name is used during the execution of an attack for purposes of deception, for infringement on copyrights, for attacks that threaten democracies, or for operation of criminal infrastructures that are operated for the purpose of launching attacks or facilitating criminal (often felony) acts.
What is that remit?
ICANN policy and contracts must ensure that contracted parties (registrars and registries) collaborate with public and private sector authorities to disrupt or mitigate:
- illegal interception or computer-related forgery,
- attacks against computer systems or devices,
- illegal access, data interference, or system interference,
- infringement of intellectual property and related rights,
- violation of laws to ensure fair and free elections or undermine democracies, and
- child abuse and human trafficking.
We note that the Convention on Cybercrime identifies or provides Guidance Notes for these most prevalently executed attacks or criminal acts:
- Spam,
- Fraud. The forms of fraud that use domain names in criminal messaging include, business email compromise, advance fee fraud, phishing or other identity thefts.
- Botnet operation,
- DDoS Attacks: in particular, redirection and amplification attacks that exploit the DNS
- Identity theft and phishing in relation to fraud,
- Attacks against critical infrastructures,
- Malware,
- Terrorism, and,
- Election interference.
In all these cases, the misuse of internet identifiers to pursue the attack or criminal activity is squarely within ICANN’s remit.
Registries or registrars should be contractually obliged to take actions that are necessary to mitigate these misuses, including suspension of name resolution, termination of domain name registrations, “unfiltered and unmasked” reporting of security threat activity for both registries and registrars, and publication or disclosure of information that is relevant to mitigating misuses or disrupting cyberattacks.
No one is asking ICANN to be the Internet Police.
The “ask” is to create policy and contractual obligations to ensure that registries and registrars collaborate in a timely and uniform manner. Simply put, the “ask” is to oblige all of the parties to play on the same team and to adhere to the same rules.
This is unachievable in the current self-regulating environment, in which a relatively small number of outlier registries and registrars are the persistent loci of extraordinary percentages of domain names associated with cyberattacks or cybercrimes and the current contracts offer no provisions to suspend or terminate their operations.
This is a guest editorial written by Dave Piscitello and Lyman Chapin, of security consultancy Interisle Consulting Group. Interisle has been an occasional ICANN security contractor, and Piscitello until last year was employed as vice president of security and ICT coordination on ICANN staff. The views expressed in this piece do not necessary reflect DI’s own.
Recent Comments