Recent Posts
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
Microsoft seizes “Russian election hacking” domains
Microsoft has taken control of six domains associated with a hacker group believed to be a part of Russian military intelligence, according to the company.
Company president Brad Smith blogged yesterday that Microsoft obtained a court order allowing it to seize the names, which it believes were to be used to attack institutions including the US Senate.
The domains in question look like they could be used in spear-phishing attacks. The are: my-iri.org, hudsonorg-my-sharepoint.com, senate.group, adfs-senate.services, adfs-senate.email and office365-onedrive.com.
Historical Whois records archived by DomainTools show they were registered last year behind WhoisGuard, the Panama-based privacy service. Now, of course, the Whois records are all redacted due to GDPR.
Smith said that Microsoft believes intended targets besides the Senate also include the International Republican Institute and the Hudson Institute, two conservative think-tanks.
The company believes, though it did not show evidence, that the domains were created by the group it calls “Strontium”.
Strontium is also known as “Fancy Bear”, among other names. It’s believed to be backed by the GRU, Russia’s intelligence agency.
It’s the same group alleged members of which Special Counsel Robert Mueller recently indicted as part of his investigation into Russian meddling in the 2016 US presidential election.
“We have now used this approach 12 times in two years to shut down 84 fake websites associated with this group,” Smith said in his blog post.
He added that Microsoft does not know whether the domains have been used in an attack yet.
New gTLDs rebound in Q2
New gTLD registration volumes reversed a long trend of decline in the second quarter, according to Verisign’s latest Domain Name Industry Brief.
The DNIB (pdf), published late last week, shows new gTLD domains up by 1.6 million sequentially to 21.8 million at the end of June, a 7.8% increase.
That’s the first time Verisign’s numbers have shown quarterly growth for new gTLDs since December 2016, five quarters of shrinkage ago.
[table id=51 /]
The best-performing new gTLD across Q2 was .top according to my zone file records, adding about 600,000 names.
.top plays almost exclusively into the sub-$1 Chinese market and is regularly singled out as a spam-friendly zone. SpamHaus currently ranks it as almost 45% “bad”.
Overall, the domain universe saw growth of six million names, or 1.8%, finishing the quarter at 339.8 million names, according to Verisign.
Verisign’s own .com ended Q2 with 135.6 million domains, up from 133.9 million at the end of March.
That’s a sequential increase of 1.7 millions, only 100,000 more than the total net increase from the new gTLD industry.
.net is still suffering, however, flat in the period with 14.1 million names.
ccTLDs saw an increase of 3.5 million names, up 2.4%, to end June at 149.7 million, the DNIB states.
But that’s mainly as a result of free TLD .tk, which never deletes names. Stripping its growth out (Verisign and partner ZookNic evidently have access to .tk data now) total ccTLD growth would only have been 1.9 million names.
.CLUB revenue reportedly $7.2 million
.CLUB Domains had $7.2 million of revenue in 2017.
That’s according to Inc magazine, which ranked the company at 1164th in its 2018 Inc 5000 list of the fastest-growing US-based companies.
Growth over three years for .CLUB, which is listed as having 17 employees, was 419%, according to the profile.
.club is one of the best-performing new gTLDs in terms of volume, with over 1.3 million domains under management, according to the company.
While it has generally steered away from deep discounting, it has in recent weeks benefited from a huge increase in sales — adding over 100,000 names to its zone file in just a few days earlier this month — as a result of a sale at the Chinese registrar Alibaba, which sold .club names for the RNB equivalent of $0.44.
That had the effect of diverting .club from a decline that looked like it would shortly have seen it dip below one million zone names for the first time in over a year.
How a single Whois complaint got this registrar shitcanned
A British registrar has had its ICANN contract terminated after a lengthy, unprecedented fight instigated by a single complaint about the accuracy of a single domain’s Whois.
Astutium, based in London and with about 5,000 gTLD domains under management, finally lost its right to sell gTLD domains last week, after an angry battle with ICANN Compliance, the Ombudsman, and the board of directors.
While the company is small, it does not appear to be of the shady, fly-by-night type sometimes terminated by ICANN. Director Rob Golding has been an active face at ICANN for many years and Astutium has, with ICANN approval, taken over portfolios from other de-accredited registrars in the past.
Nevertheless, its Registrar Accreditation Agreement has been torn up, as a result of a complaint about the Whois for the domain name tomzink.com last December.
Golding told DI today that he considers the process that led to his de-accreditation broken and that he’s considering legal action.
The owner of tomzink.com and associated web site appears to be a Los Angeles-based music producer called Tom Zink. The web site seems legit and there’s no suggestion anywhere that Zink has done anything wrong, other than possibly filling out an incomplete Whois record.
The person who complained about the Whois accuracy, whose identity has been redacted from the public record and whose motives are still unclear, had claimed that the domain’s Whois record lacked a phone and fax number and that the registrant and admin contacts contained “made-up” names.
Historical Whois records archived by DomainTools show that in October last year the registrant name was “NA NA”.
The registrant organization was “Astutium Limited” and the registrant email was an @astutium.com address. The registrant mailing address was in Long Beach, California (the same as Zink). There were no phone/fax numbers in the record.
Golding told DI that some of these details were present when the domain was transferred in from another registrar. Others seem to have been added because the registrar was looking after the name on behalf of its client.
The admin and technical records both contained Astutium’s full contact information.
Following the December complaint, the record was cleaned up to remove all references to Astutium and replace them with Zink’s contact data. Judging by DomainTools’ records, this seems to have happened the same day as ICANN forwarded the complaint to Astutium, December 20.
So far, so normal. This kind of Whois cleanup happens many times across the industry every day.
But this is where relations between Astutium and ICANN began to break down, badly.
Even though the Whois record had been cleaned up already, Golding responded to Compliance, via the ICANN complaints ticketing system:
Please dont forward bigus/meaningless whois complaints which are clearly themselves totally inaccurate… No action is necessary or will be taken on bogus/incomplete/rubbish reports. [sic]
Golding agreed with me today that his tone was fairly belligerent from the outset, but noted that it was far from the first time he’d received a compliance complaint he considered bogus.
In the tomzink.com case, he took issue with the fact that the complainant had said that the admin/tech records contained no fax number. Not only was this not true (it was Astutium’s own fax number), but fax numbers are optional under ICANN’s Whois policy.
He today acknowledges that some parts of the complaint were not bogus, but notes that the Whois record had been quickly updated with the correct information.
But simply changing the Whois record is not sufficient for ICANN. It wants you to show evidence of how you resolved the problem in the form of copies of or evidence of communications with the registered name holder.
The Whois Accuracy Program Specification, which is part of the RAA, requires registrars to verify and validate changes to the registered name holder either automated by phone or email, or manually.
Golding told DI that in this case he had called the client to advise him to update his contact information, which he did, so the paper trail only comprises records of the client logging in and changing his contact information.
What he told ICANN in January was:
If ICANN compliance are unable to do the simple job they have been tasked with (to correctly vet and format the queries before sending them on, as they have repeatedly agreed they will do *on record* at meetings) then Registrars have zero obligations to even look at them. Any ‘lack of compliance’ is firmly at your end and not ours in this respect.
However in this specific case we chose to look, contacted the registrant, and had them update/correct/check the records, as can easily be checked by doing a whois
ICANN then explained that “NA NA” and the lack of a phone number were legitimate reasons that the complaint was not wholly bogus, and again asked Golding to provide evidence of Astutium’s correspondence with Zink.
After ignoring a further round or two of communication via the ticketing system, Golding responded: “No, we don’t provide details of private communications to 3rd parties”.
He reiterated this point a couple more times throughout February, eventually saying that nothing in WAPS requires Astutium to “demonstrate compliance” by providing such communications to ICANN, and threatening to escalate the grievance to the Ombudsman.
(That may be strictly true, but the RAA elsewhere does require registrars to keep records and allow ICANN to inspect them on demand.)
It was around the same time that Compliance started trying to get in touch with Golding via phone. While it was able to get through to the Astutium office landline, Compliance evidently had the wrong mobile phone number for Golding himself.
Golding told DI the number ICANN was trying to use (according to ICANN it’s the one listed in RADAR, the official little black book for registrars) had two digits transposed compared to his actual number, but he did not know why that was. Several other members of ICANN staff have his correct number and call him regularly, he said.
By February 27, Compliance had had enough, and issued Astutium with its first public breach notice (pdf)
Allowing a compliance proceeding to get to this stage is always bad news for a registrar — when ICANN hits the public breach notice phase, staff go out and actively search for other areas of potential non-compliance.
Golding reckons Compliance staff are financially incentivized, or “get paid by the bullet point”, at this stage, but I have no evidence that is the case.
Whatever the reason, Compliance in February added on claims:
- that Astutium was failing to output Whois records in the tightly specified format called for by the RAA (Golding blames typos and missed memos for this and says the errors have been corrected),
- that Astutium’s registration agreement failed to include renewal and post-renewal fees (Golding said every single page of the Astution web site, including the registration agreement page, carries a link to its price list. While he admitted the text of the agreement does not include these prices, he claimed the same could be said of some of the biggest registrars),
- that the registration agreement does not specify how expiration notices are delivered (according to Golding, the web site explains that it’s delivered via email)
- that the address published on the Astutium web site does not match the one provided via the Registrar Information Specification, another way ICANN internally tracks contact info for its registrars (Golding said that his company’s address is published on every single page of its site)
A final bullet point asked the company to implement corrective measures to ensure it “will respond to ICANN compliance matters timely, completely and in line with ICANN’s Expected Standards of Behavior”.
The reference to the Expected Standards of Behavior — ICANN’s code of politeness for the community — is a curious one, not typically seen in breach notices. Unless I’m reading too much into it, it suggests that somebody at ICANN wasn’t happy with Golding’s confrontational, sometimes arguably condescending, attitude.
Golding claims that some of ICANN’s allegations in this breach notice are “provably false”.
He told us he still hasn’t ruled out legal action for defamation against ICANN or its staff as a result of the publication of the notice.
“I’ll be in California, serving the paperwork myself,” he said.
Astutium did not respond to the breach notice, according to ICANN documents, and it was escalated to full-blown termination March 21.
On March 30, the registrar filed a Request for Reconsideration (pdf) with ICANN. That’s one of the “unprecedented” things I referred to at the top of this article — I don’t believe a registrar termination has been challenged through the RfR process before.
The second unprecedented thing was that the RfR was referred to Ombudsman Herb Waye, under ICANN’s relatively new, post-transition, October 2016 bylaws.
Waye’s evaluation of the RfR (pdf), concluded that Astutium was treated fairly. He noted multiple times that the company had apparently made no effort to come into compliance between the breach notice and the termination notice.
Golding was not impressed with the Ombudsman’s report.
“The Ombudsman is totally useless,” he said.
“The entire system of the Ombudsman is designed to make sure nobody has to look into anything,” he said. “He’s not allowed to talk to experts, he’s not actually allowed to talk to the person who made the complaint [Astutium], his only job is to ask ICANN if they did the right thing… That’s their accountability process.”
The Board Accountability Mechanisms Committee, which handles reconsideration requests, in June found against Astutium, based partly on the Ombudsman’s evaluation.
BAMC then gave Golding a chance to respond to its decision, before it was sent to the ICANN board, something I believe may be another first.
He did, with a distinctly more conciliatory tone, writing in an email (pdf):
Ultimately my aim has always been to have the ‘final decision’ questioned as completely disproportionate to the issue raised… and the process that led to the decisions looked into so that improvements can be made, and should there still be unresolved issues, opportunity to work in a collaborative method to solve them, without the need to involve courts, lawyers, further complaints/challenge processes and so on.
And then the ICANN board voted to terminate the company, in line with BAMC’s recommendation.
That vote happened almost a month ago, but Astutium did not lose its IANA number until a week ago.
According to Golding, the company is still managing almost all of its gTLD domains as usual.
One registry, CentralNic, turned it off almost immediately, so Astutium customers are not currently able to manage domains in TLDs such as .host, he said. The other registries still recognize it, he said. (CentralNic says only new registrations and transfers are affected, existing registrants can manage their domains.)
After a registrar termination, ICANN usually transfers the affected domains to another accredited registrar, but this has not happened yet in Astutium’s case.
Golding said that he has a deal with fellow UK registrar Netistrar to have the domains moved to its care, on the understanding that they can be transferred back should Astutium become re-accredited.
He added that he’s looking into acquiring three other registrar accreditations, which he may merge.
So, what is to be learned from all this?
It seems to me that we may be looking at a case of a nose being cut off to spite a face, somebody talking themselves into a termination. This is a compliance issue that probably could have been resolved fairly quickly and quietly many months ago.
Another takeaway might be that, if the simple act of making a phone call to a registrar presents difficulties, ICANN’s Compliance procedures may need a bit of work.
A third takeaway might be that ICANN Compliance is very capable of disrupting registrars’ businesses if they fail to meet the letter of the law, so doing what you’re told is probably the safest way to go.
Or, as Golding put it today: “The lesson to be learned is: if you don’t want them fucking with your business, bend over, grab your ankles, and get ready.”
38th dot-brand bows out after acquisition
Telecity Group, which used to be a major London-based internet collocation facilities operator, has told ICANN it no longer wishes to run its dot-brand gTLD.
.telecity will become the 38th dot-brand gTLD to terminate its registry agreement.
The company, which had close to £350 million ($445 million) revenue in 2014, was acquired by US-based rival Equinix for £2.35 billion ($3 billion) in early 2016.
Equinix has since started to transition away from the Telecity brand. Its old .com home page now instructs visitors to visit the Equinix site instead.
Like most of the other dead dot-brands, .telecity was never used.
ICANN CTO: no reason to delay KSK rollover
ICANN’s board of directors will be advised to go ahead with a key security change at the DNS root — “the so-called KSK rollover” — this October, according to the organization’s CTO.
“We don’t see any reason to postpone again,” David Conrad told DI on Monday.
If it does go ahead as planned, the rollover will see ICANN change the key-signing key that acts as the trust anchor for the whole DNSSEC-using internet, for the first time since DNSSEC came online in 2010.
It’s been delayed since last October after it emerged that misconfigurations elsewhere in the DNS cloud could see potentially millions of internet users see glitches when the key is rolled.
Ever since then, ICANN and others have been trying to figure out how many people could be adversely affected by the change, and to reduce that number to the greatest extent possible.
The impact has been tricky to estimate due to patchy data.
While it’s been possible to determine a number of resolvers — about 8,000 — that definitely are poorly configured, that only represents a subset of the total number. It’s also been hard to map that to endpoints due to “resolvers behind resolvers behind resolvers”, Conrad said.
“The problem here is that it’s sort of a subjective evaluation,” he said. “We can’t rely on the data were seeing. We’re seeing the resolvers but we’re not seeing the users behind the resolvers.”
Some say that the roll is still too risky to carry out without better visibility into the potential impact, but others say that more delays would lead to more networks and devices becoming DNSSEC-compatible, potentially leading to even greater problems after the eventual rollover.
ICANN knows of about 8,000 resolver IP addresses that are likely to stop working properly after the rollover, because they only support the current KSK, but that’s only counting resolvers that automatically report their status to the root using a relatively new internet standard. There’s a blind spot concerning resolvers that do not have that feature turned on.
ICANN has also had difficulty reaching out to the network operators behind these resolvers, with good contact information apparently only available for about a quarter of the affected IP addresses, Conrad said.
Right now, the best data available suggests that 0.05% of the internet’s population could see access issues after the October 11 rollover, according to Conrad.
That’s about two million people, but it’s 10 times fewer people than the 0.5% acceptable collateral damage threshold outlined in ICANN’s rollover plan.
The 0.05% number comes from research by APNIC, which used Google’s advertising system to place “zero-pixel ads” to check whether individual user endpoints were using compatible resolvers or not.
If problems do emerge October 11 the temporary solution is apparently quite quick to implement — network operators can simply turn off DNSSEC, assuming they know that’s what they’re supposed to do.
But still, if a million or two internet users could have their day ruined by the rollover, why do it at all?
It’s not as if the KSK is in any danger of being cracked any time soon. Conrad explained that a successful brute-force attack on the 2048-bit RSA key would take longer than the lifetime of the universe using current technology.
Rather, the practice of rolling the key every five years is to get network operators and developers accustomed to the idea that the KSK is not a permanent fixture that can be hard-coded into their systems, Conrad said.
It’s a problem comparable to new gTLD name collisions or the Y2K problem, instances where developers respectively hard-coded assumptions about valid TLDs or the century into their software.
ICANN has already been reaching out to the managers of open-source projects on repositories such as Github that have been seen to hard-code the current KSK into their software, Conrad said.
Separately, Wes Hardaker at the University of Southern California Information Sciences Institute discovered that a popular VPN client was misconfigured. Outreach to the developer saw the problem fixed, reducing the number of users who will be affected by the roll.
“What we’re trying to avoid is having these keys hardwired into firmware, so that that it would never be changeable,” he said. “The idea is if you exercise the infrastructure frequently enough, people will know the that the key is not permanent configuration, it’s not something embedded in concrete.”
One change that ICANN may want to make in future is to change the algorithm used to generate the KSK.
Right now it’s using RSA, but Conrad said it has downsides such as rather large signature size, which leads to heavier DNSSEC traffic. By switching to elliptical curve cryptography, signatures could be reduced by “orders of magnitude”, leading to a more efficient and slimline DNS infrastructure, Conrad said.
Last week, ICANN’s Root Server Stability Advisory Committee issued an advisory (pdf) that essentially gave ICANN the all-clear to go ahead with the roll.
The influential Security and Stability Advisory Committee has yet to issue its own advisory, however, despite being asked to do so by August 10.
Could SSAC be more cautious in its advice? We’ll have to wait and see, but perhaps not too long; the current plan is for the ICANN board to consider whether to go ahead with the roll during its three-day Brussels retreat, which starts September 14.
DomainTools tracks its one billionth domain
DomainTools now has records of over a billion domain names in its database, according to the company.
The billionth name was added last month, according to a blog post.
The company notes that there are only about 350 million domains in existence today, meaning that twice as many domains have been deleted and never re-registered as are currently online.
For .com, DomainTools knows of 434 million domains that no longer exist, compared to the over 130 million registered today.
Even DomainTools, which has been collecting data for 17 years, knows its records are incomplete, but it reckons its number is probably within 10% of the total number of domains ever registered.
For new gTLDs, the one with the most deleted names is .realty (97% deleted) and the best is .boston (0.3% deleted), the company said.
More data here.
ICANN closes GoDaddy Whois probe
ICANN has closed its investigation into GoDaddy’s Whois practices with no action taken.
Senior VP of compliance Jamie Hedlund yesterday wrote to David Redl, head of the US National Telecommunications and Information Administration, to provide an update on the probe, news of which first emerged in April.
The NTIA and members of the intellectual property community had complained that GoDaddy was throttling Whois access over port 43 and that it was masking certain fields in the output.
That was when GoDaddy and the rest of the ICANN-regulated industry was working under the old rules, before the new temporary Whois policy had been introduced to comply with the EU General Data Protection Regulation.
Hedlund told Redl in a letter (pdf):
Based on our review and testing (including outside of ICANN’s network), GoDaddy is not currently masking WHOIS data or otherwise limiting access to its WHOIS services. Consequently, the complaints related to GoDaddy’s masking of certain WHOIS fields, rate limiting, and whitelisting of IP addresses have been addressed and closed.
GoDaddy had said earlier this year that it was throttling access over port 43 in an attempt to reduce the availability of Whois data to the spammers that have been increasingly plaguing its customers with offers of web site development and search engine optimization services.
Allstate dumps a dot-brand
American insurance giant Allstate has dumped one of its two dot-brand gTLDs.
The company, which had $38.5 billion revenue in 2017, has told ICANN it no longer wishes to run .goodhands, which is a partial match to its long-time “Are you in good hands?” advertising slogan.
Allstate still owns the contract to run .allstate, where it has a handful of domains that redirect to its primary .com site.
The company had also applied for the gTLDs .carinsurance and .autoinsurance, but withdrew both applications after the “closed generics” controversy in 2013.
.goodhands is the ninth dot-brand to self-terminate this year and the 37th since .doosan became the first back in September 2015.
Hundreds of other dot-brand gTLDs are still live, many of them in active use.
I was wrong, Famous Four bosses WERE kicked out
Famous Four Media’s portfolio of gTLDs is under new management after an investor rebellion, contrary to what I speculated earlier this week.
FFM’s former stable, which includes the likes of .men and .science, is now being managed by a company calling itself GRS Domains, but this new company has absolutely nothing to do with FFM’s former management.
That’s according to Robert Maroney, founder of Connecticut-based Engineers Gate Investments, which is a shareholder of ultimate portfolio owner Domain Venture Partners.
Maroney got in touch with DI yesterday to explain some of what has recently happened to the ownership and management of the 16 high-volume new gTLDs.
Back in June I speculated based on the quite limited available information that FFM might be bankrupt.
On Tuesday, after GRS Domains announced a relaunch and a rejection of its previous volume-heavy, spam-friendly business plan, I speculated based on slightly more information that management had repurchased the TLD assets after investors forced it into administration.
I was wrong on both counts, according to Maroney. What actually happened is more akin to an investor takeover.
Maroney said he “engineered” the ouster of FFM and its two shareholders/managers, Iain Roache and Geir Rasmussen, after Roache attempted to close down DVP.
DVP is basically a collection of private and institutional investors (brought in by Roache and others) from around the world which, based on the available evidence, have little or no connection to the domain name industry.
It’s a matter of public record that each gTLD contract is owned by a distinct Gibraltar-based shell company — dot Bid Limited owns the ICANN rights to run .bid for example — and that Domain Venture Partners owns these companies.
I’ve previously reported that Famous Four was also owned by DVP, but Maroney said that this was never the case. It was owned 80-20 by Roache and Rasmussen and contracted by DVP to manage the 16 gTLDs.
The affiliated registrar AlpNames, which has been responsible for a very large portion of registrations in the portfolio, had the same ownership structure as FFM and was never directly connected to DVP, Maroney said.
Following a court battle, GRS Domains has replaced FFM as the registry manager.
GRS is owned by PricewaterhouseCoopers, and is currently being managed by court-appointed administrator Edgar Lavarello, a Gibraltar-based accountant at PwC.
Maroney did not want to get into the detailed specifics about what caused the investor revolt, but did say that shareholders were unhappy with how FFM was managing the portfolio.
Its low-price, high-volume strategy had caused its TLDs to become the destinations of choice for spammers and other abusive registrants.
But the court case was brought after Roache attempted to break up DVP, restructure ownership of the 16 individual registries, and “escape the regulation of Gibraltar”, Maroney said.
“Roache wanted to shut down DVP in a way we considered to be unlawful,” he said.
He said DVP shareholders felt Roache’s moves were “inappropriate and unlawful”, which is what caused him to “engineer”, via fellow investor Christina Mattin, DVP being placed into administration.
I have seen no independent evidence that Roache acted or attempted to act unlawfully. The court document I’ve seen appointing Lavarello as administrator contains no finding of wrongdoing by anyone.
The upshot of all this is that the group of TLDs formerly known as Famous Four Media is now GRS Domains — Global Registry Services Ltd — and that Lavarello is currently in charge.
I imagine the company will want to find permanent management at some point, but Maroney did not want to talk about that.
In the meantime, GRS has already made moves to become more transparent and to engage more with the rest of the industry.
Maroney said, and I have independently confirmed, that he was at the ICANN meeting in Panama recently, meeting senior industry figures. Famous Four executives have not been known to attend ICANN meetings or industry events in the past.
GRS has told registrars it intends to have a formal presence at ICANN 63 in Barcelona also.
The company will shortly terminate all of its promotional pricing and introduce a flat $9.98 registry fee, which is very likely to affect its volumes and reduce spamming activity over the next year or so.
UPDATE July 30 2020: This article was edited to remove an erroneous link to the web site of Engineers Gate LP, which is not the same company as Engineer’s Gate Investments LLC.
UPDATE August 12 2020: This article was edited to correct GRS’s ownership status. It’s owned by PwC, not DVP. Roache’s job title at FFM was also corrected.
In addition, Roache recently wrote to DI, almost two years after the article was originally published, and made the following statements:
Famous Four Media (FFM) was placed in voluntary administration by myself and Mr Rasmussen as respective 80% and 20% shareholders, due to invoices that went unpad by PWC Gibraltar as administrator to DVP.
…
There was NO “court battle to replace FFM with GRS”. FFM withdrew services after promises to pay FFM its outstanding invoices by PWC turned out to be untruthful.
…
To say or repeat the allegation that it was “unlawful” to close the fund down is untrue… DVP was set up as a closed end fund with a maximum maturity of April 2018 on 12 April 2012 — i.e. a 5-year fund with a one-year extensions.
Against the recommendation of myself as Investment Director and largest creditor and investor, the support of the Board, the regulated Fund Administrator Juno, the Fund’s own regulated legal counsel Isolas and the approval of the Gibraltar Financial Services Commission — a number of investors pushed to place the Fund into administration. The actions of those few investors led by Ms Mattin, Mr Maroney and PWC have been hugely prejudcial to other investors in DVP and the seed investors, including myself. In April 2018 the valuation of the Fund’s assets was in excess of £30 million and of the total registry assets more than £100 million — today the value is close to zero if not insolvent under the disastrous management of PWC, Maroney and Mattin.
Mr Maroney’s statement that he “engineering the ousting of Mr Rasmussen and I” is also untrue — I made it clear to all investors in DVP in an emaill dated October 2017 that if the Fund was not redeemed in Specie with investors honouring their debts then the alternative choice would be a structured administration which ran the risk of losing their entire remaining assets in DVP.
Recent Comments