Recent Posts
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
Afilias finally admits it’s American
Afilias has changed its corporate structure and is now officially based in the United States.
A new holding company, Afilias Inc, has been created in Delaware. It now owns Afilias Plc, the Ireland-based company that has been until now the parent of the Afilias family.
Being “based” in Ireland and doing business primarily in the US was always partly a tax thing, and the company admitted in a press release yesterday that “recent favorable US tax changes” are one of the reasons it’s relocating to the States.
Trump’s tax changes last year reportedly saw corporation tax reduced from 35% to 21%, a steep cut but still a heck of a lot higher than Ireland’s aggressively business-friendly regime.
Other reasons for shift, CEO Hal Lubsen said in a press release, are: “More of the company’s shares are now owned by Americans, and our executive group is increasingly becoming American.”
The company also noted that its biggest partners — Public Interest Registry and GoDaddy — are American.
Afilias’s global HQ is now its office in Horsham, Pennsylvania. It also has offices in Canada, Australia, India and China.
The company told registrars that it does not expect the restructuring to have any impact on its operations.
Could a new US law make GDPR irrelevant?
Opponents of Whois privacy are pushing for legislation that would basically reverse the impact of GDPR for the vast majority of domain names.
Privacy advocate Milton Mueller of the Internet Governance Project today scooped the news that draft legislation to this effect is being circulated by “special interests” in Washington DC.
He’s even .
Mueller does not call out the authors of the bill by name — though he does heavily hint that DomainTools may be involved — saying instead that they are “the same folks who are always trying to regulate and control the Internet. Copyright maximalists, big pharma, and the like.”
I’d hazard a guess these guys may be involved.
The bill is currently called the Transparent, Open and Secure Internet Act of 2018, or TOSI for short. In my ongoing quest to coin a phrase and have it stick, I’m tempted to refer to its supporters as “tossers”.
TOSI would force registries and registrars to publish Whois records in full, as they were before May this year when ICANN’s “Temp Spec” Whois policy — a GDPR Band-aid — came into effect.
It would capture all domain companies based in US jurisdiction, as well as non-US companies that sell domains to US citizens or sell domains that are used to market goods or services to US citizens.
Essentially every company in the industry, in other words.
Even if only US-based companies fell under TOSI, that still includes Verisign and GoDaddy and therefore the majority of all extant domains.
The bill would also ban privacy services for registrants who collect data on their visitors or monetize the domains in any way (not just transactionally with a storefront — serving up an ad would count too).
Privacy services would have to terminate such services when informed that a registrant is monetizing their domains.
But the bill doesn’t stop there.
Failing to publish Whois records in full would be an “unfair or deceptive act or practice” and the Federal Trade Commission would be allowed to pursue damages against registries and registrars that break the law.
In short, it’s a wish-list for those who oppose the new regime of privacy brought in by ICANN’s response to the General Data Protection Regulation.
While it’s well-documented that the US executive branch, in the form of the National Telecommunications and Information Administration, is no fan of GDPR, whether there’s any interest in the US Congress to adopt such legislation is another matter.
Is this an IP lawyer’s pipe-dream, or the start of a trans-Atlantic war over privacy? Stay tuned!
No more free ride for ICANN Fellows?
Newcomers who get free travel to ICANN meetings will have to show they’re serious about participating in the community, under new rules.
ICANN is revamping its Fellowship program to ensure that it’s actually meetings its goals of increasing the pool of mugs knowledgeable volunteers that the community can draw on.
The program, designed to bring in people unable to afford their own in-person meeting attendance, had come in for criticism for not being sufficiently accountable, and perhaps a poor use of money in a time of budget pressure.
It’s not been easy to measure the ratio of valuable ICANN citizens it was creating versus freeloaders who abuse the system for a free busman’s holiday.
Among the key changes being introduced now are requirements for Fellows to attend a minimum number of session-hours per meeting, casually policed by seven “mentors” — selected from and appointed by each supporting organization and advisory committee.
The number of hours required doesn’t appear to be set in stone as yet, with ICANN saying it will work with mentors to arrive at a figure.
While ICANN admits it obviously can’t force Fellows to participate after their first meeting, it plans to make sure returning Fellows can provide documentary evidence that they have engaged on subsequent applications for the program.
The three-meetings-only rule will remain.
The request for post-meeting reports from Fellows will be piloted at the Barcelona meeting in October.
More information of program revamps can be found here.
Afilias sues India to block $12 million Neustar back-end deal
Afilias has sued the Indian government to prevent it awarding the .in ccTLD back-end registry contract to fierce rival Neustar.
The news emerged in local reports over the weekend and appears to be corroborated by published court documents.
According to Moneycontrol, the National Internet Exchange of India plans to award the technical service provider contract to Neustar, after over a decade under Afilias, but Afilias wants the deal blocked.
The contract would also include some 15 current internationalized domain name ccTLDs, with another seven on the way, in addition to .in.
That’s something Afilias reckons Neustar is not technically capable of, according to reports.
Afilias’ lawsuit reportedly alleges that Neustar “has no experience or technical capability to manage and support IDNs in Indian languages and scripts and neither does it claim to have prior experience in Indian languages”.
Neustar runs plenty of IDN TLDs for its dot-brand customers, but none of them appear to be in Indian scripts.
NIXI’s February request for proposals (pdf) contains the requirement: “Support of IDN TLDs in all twenty two scheduled Indian languages and Indian scripts”.
I suppose it’s debatable what this means. Actual, hands-on, operational experience running Indian-script TLDs at scale would be a hell of a requirement to put in an RFP, essentially locking Afilias into the contract for years to come.
Only Verisign and Public Interest Registry currently run delegated gTLDs that use officially recognized Indian scripts, according to my database. And those TLDs — such as Verisign’s .कॉम (the Devanagari .com) — are basically unused.
Neither Neustar nor Afilias have responded to DI’s requests for comment today.
.in has over 2.2 million domains under management, according to NIXI.
Neustar’s Indian subsidiary undercut its rival with a $0.70 per-domain-year offer, $0.40 cheaper than Afilias’ $1.10, according to Moneycontrol.
That would make the deal worth north of $12 million over five years for Afilias and over $7.7 million for Neustar.
One can’t help but be reminded of the two companies’ battle over Australia’s .au, which Afilias sneaked out from under long-time incumbent Neustar late last year.
That handover, the largest in DNS history, was completed relatively smoothly a couple months ago.
More consolidation? Endurance said to be up for sale
Endurance International Group is reportedly up for sale, perhaps the next piece of consolidation or privatization in a rapidly changing domain name market.
Bloomberg, citing unnamed sources, reports today that EIG is “is considering strategic options, including a possible sale”.
EIG owns domain brands Domain.com, BigRock, BuyDomains and ResellerClub, along with a bunch of hosting properties such as HostGator.
Bloomberg’s sources stressed that no final decision has been made, and that the company could remain public.
It’s currently listed on Nasdaq where it has a market cap today of almost $1.38 billion .
The company would be far from the first to change ownership in the last couple of years.
Most recently, Web.com (Network Solutions et al) announced a plan to go private in a $2 billion deal.
A year ago, Neustar went private in a $2.9 billion deal.
In terms of industry consolidation, we’ve more recently seen KeyDrive reverse into CentralNic and MMX buy ICM Registry.
ICANN faces critical choice as security experts warn against key rollover
Members of ICANN’s top security body have advised the organization to further delay plans to change the domain name system’s top cryptographic key.
Five dissenting members of the influential, 22-member Security and Stability Advisory Committee said they believe “the risks of rolling in accordance with the current schedule are larger than the risks of postponing”.
Their comments relate to the so-called KSK rollover, which would see ICANN for the first time ever change the key-signing key that acts as the trust anchor for all DNSSEC queries on the internet.
ICANN is fairly certain rolling the key will cause DNS resolution problems for some — possibly as much as 0.05% of the internet or a couple million people — but it currently lacks the data to be absolutely certain of the scale of the impact.
What it does know — explained fairly succinctly in this newly published guide (pdf) — is that within 48 hours of the roll, a certain small percentage of internet users will start to see DNS resolution fail.
But there’s a prevailing school of thought that believes the longer the rollover is postponed, the bigger that number of affected users will become.
The rollover is currently penciled in for October 11, but the ultimate decision on whether to go ahead rests with the ICANN board of directors.
David Conrad, the organization’s CTO, told us last week that his office has already decided to recommend that the roll should proceed as planned. At the time, he noted that SSAC was a few days late in delivering its own verdict.
Now, after some apparently divisive discussions, that verdict is in (pdf).
SSAC’s majority consensus is that it “has not identified any reason within the SSAC’s scope why the rollover should not proceed as currently planned.”
That’s in line with what Conrad, and the Root Server System Advisory Committee have said. But SSAC noted:
The assessment of risk in this particular area has some uncertainty and therefore includes a component of subjective judgement. Individuals (including some members of the SSAC) have different assessments of the overall balance of risk of the resumption of this plan.
It added that it’s up to the ICANN board (comprised largely of non-security people) to make the final call on what the acceptable level of risk is.
The minority, dissenting opinion gets into slightly more detail:
The decision to proceed with the keyroll is a complex tradeoff of technical and non-technical risks. While there is risk in proceeding with the currently planned roll, we understand that there is also risk in further delay, including loss of confidence in DNSSEC operational planning, potential for more at-risk users as more DNSSEC validation is deployed, etc.
While evaluating these risks, the consensus within the SSAC is that proceeding is preferable to delay. We personally evaluate the tradeoffs differently, and we believe that the risks of rolling in accordance with the current schedule are larger than the risks of postponing and focusing heavily on additional research and outreach, and in particular leveraging newly developed techniques that provide better signal and fidelity into potentially impacted parties.
We would like to reiterate that we understand our colleagues’ position, but evaluate the risks and associated mitigation prospects differently. We believe that the ultimate decision lies with the ICANN Board, and do not envy them with this decision.
SSAC members are no slouches when it comes to security expertise, and the dissenting members are no exception. They are:
- Lyman Chapin, co-owner of Interisle Consulting, a regular ICANN contractor perhaps best-known to DI readers for carrying out a study into new gTLD name collisions five years ago.
- Kimberly “kc claffy” Claffy, head of the Center for Applied Internet Data Analysis at the University of California in San Diego. CAIDA does nothing but map and measure the internet.
- Jay Daley, a registry executive with a technical background whose career includes senior stints at .uk and .nz. He’s currently keeping the CEO’s chair warm at .org manager Public Interest Registry.
- Warren Kumari, a senior network security engineer at Google, which is probably the largest early adopter of DNSSEC on the resolution side.
- Danny McPherson, Verisign’s chief security officer. As well as .com, Verisign runs the two of the 13 root servers, including the master A-root. It’s running the boxes that sit at the top of the DNSSEC hierarchy.
It may be the first time SSAC has failed to reach a full-consensus opinion on a security matter. If it has ever published a dissenting opinion before, I certainly cannot recall it.
The big decision about whether to proceed or delay is expected to be made by the ICANN board during its retreat in Brussels, a three-day meeting that starts September 14.
Given that ICANN’s primary mission is “to ensure the stable and secure operation of the Internet’s unique identifier systems”, it could turn out to be one of ICANN’s biggest decisions to date.
.CLUB revenue not all that
.CLUB Domains may be one of the 5000 fastest-growing companies in the US, according to Inc magazine, but it’s returning the majority of its revenue back to its registrars.
CEO Colin Campbell revealed this week that the company returns almost 70% of its gross revenue in the form of rebates.
The revelation came in an interview with Domain Name Wire on its latest podcast.
Campbell told Andrew Allemann that in 2017 .CLUB had $9.3 million in what he called “cash flow” or “gross revenue”.
But “net cash” or “net revenue”, after rebates was just $2.8 million, meaning $6.5 million was returned to registrars via promotions.
The interview came a few days after Inc named the company 1164th in its 2018 list of fastest-growing US companies.
Inc had .CLUB’s revenue at $7.2 million, but that appears to have been calculated using the usual accounting standards of deferring revenue into future periods over the lifetime of the domain subscription.
.club has something like 1.4 million names under management.
Campbell said that the company is “adding about a million dollars of net revenue per year” and he predicted 2018 gross cash to come in at $10.5 million and net to come in at $3.7 million.
That’s a net revenue figure, remember, not a profit or net income line. Campbell said he’s more interested in growing the business rather than paying taxes on profits.
The aggressive rebating seems to have a focus in China, where it has regular deals with the likes of Alibaba (which was .club’s biggest registrar with 20% of the market at the last count) and West.cn.
While .CLUB is private, Campbell has been frank about its performance in the past.
The DNW interview follows DI’s interview with Campbell on more or less the same topic last September, and DNW’s in 2016.
It’s a good podcast, you should have a listen.
Microsoft seizes “Russian election hacking” domains
Microsoft has taken control of six domains associated with a hacker group believed to be a part of Russian military intelligence, according to the company.
Company president Brad Smith blogged yesterday that Microsoft obtained a court order allowing it to seize the names, which it believes were to be used to attack institutions including the US Senate.
The domains in question look like they could be used in spear-phishing attacks. The are: my-iri.org, hudsonorg-my-sharepoint.com, senate.group, adfs-senate.services, adfs-senate.email and office365-onedrive.com.
Historical Whois records archived by DomainTools show they were registered last year behind WhoisGuard, the Panama-based privacy service. Now, of course, the Whois records are all redacted due to GDPR.
Smith said that Microsoft believes intended targets besides the Senate also include the International Republican Institute and the Hudson Institute, two conservative think-tanks.
The company believes, though it did not show evidence, that the domains were created by the group it calls “Strontium”.
Strontium is also known as “Fancy Bear”, among other names. It’s believed to be backed by the GRU, Russia’s intelligence agency.
It’s the same group alleged members of which Special Counsel Robert Mueller recently indicted as part of his investigation into Russian meddling in the 2016 US presidential election.
“We have now used this approach 12 times in two years to shut down 84 fake websites associated with this group,” Smith said in his blog post.
He added that Microsoft does not know whether the domains have been used in an attack yet.
New gTLDs rebound in Q2
New gTLD registration volumes reversed a long trend of decline in the second quarter, according to Verisign’s latest Domain Name Industry Brief.
The DNIB (pdf), published late last week, shows new gTLD domains up by 1.6 million sequentially to 21.8 million at the end of June, a 7.8% increase.
That’s the first time Verisign’s numbers have shown quarterly growth for new gTLDs since December 2016, five quarters of shrinkage ago.
[table id=51 /]
The best-performing new gTLD across Q2 was .top according to my zone file records, adding about 600,000 names.
.top plays almost exclusively into the sub-$1 Chinese market and is regularly singled out as a spam-friendly zone. SpamHaus currently ranks it as almost 45% “bad”.
Overall, the domain universe saw growth of six million names, or 1.8%, finishing the quarter at 339.8 million names, according to Verisign.
Verisign’s own .com ended Q2 with 135.6 million domains, up from 133.9 million at the end of March.
That’s a sequential increase of 1.7 millions, only 100,000 more than the total net increase from the new gTLD industry.
.net is still suffering, however, flat in the period with 14.1 million names.
ccTLDs saw an increase of 3.5 million names, up 2.4%, to end June at 149.7 million, the DNIB states.
But that’s mainly as a result of free TLD .tk, which never deletes names. Stripping its growth out (Verisign and partner ZookNic evidently have access to .tk data now) total ccTLD growth would only have been 1.9 million names.
.CLUB revenue reportedly $7.2 million
.CLUB Domains had $7.2 million of revenue in 2017.
That’s according to Inc magazine, which ranked the company at 1164th in its 2018 Inc 5000 list of the fastest-growing US-based companies.
Growth over three years for .CLUB, which is listed as having 17 employees, was 419%, according to the profile.
.club is one of the best-performing new gTLDs in terms of volume, with over 1.3 million domains under management, according to the company.
While it has generally steered away from deep discounting, it has in recent weeks benefited from a huge increase in sales — adding over 100,000 names to its zone file in just a few days earlier this month — as a result of a sale at the Chinese registrar Alibaba, which sold .club names for the RNB equivalent of $0.44.
That had the effect of diverting .club from a decline that looked like it would shortly have seen it dip below one million zone names for the first time in over a year.
Recent Comments