Recent Posts
- Americans and ICANNers avoid Kigali in droves
- RDRS stats improve a little in June
- Unstoppable Domains goes down after domain hijack
- Four more gTLDs in emergency measures
- New gTLDs and ccTLDs drive domain universe growth
- Eight interesting recent dot-brand registrations
- .me premium sales down
- Pride fails to reverse gay domains decline
- Unstoppable announces another new gTLD bid
- Blockchain naming firm gets ICANN accreditation
- ICANN takes over gTLD after Whois failures
- Verisign: would-be .com contract killers are “wrong”
- Five gTLDs at risk as registry goes AWOL
- Groups make flawed case that .com is a cartel
- RDRS usage hits all-time low
- A dot-brand so unloved they killed it twice
- PorkBun hits two million domain milestone
- Crawford returns to industry to head up Com Laude
- ICANN financial data dump a damp squib?
- Unstoppable plotting manga-themed gTLDs
- Governments call for new gTLD auctions ban
- ICANN names new CEO, and it isn’t Costerton
- ICANN: We will NOT police content
- More sticker shock as new gTLD fees could top $300,000
- ICANN slashes staff and domain prices could rise
- Secret new gTLD application revealed
- WhatsApp now linkifying new gTLDs, but…
- Outrage over ICANN’s new gTLD fees
- Barrett gets second term on ICANN board
- DotMusic delays gTLD launch again
- .tm prices to skyrocket next week
- Bitcoin gTLD gets launch dates
- First metaverse gTLD is announced
- Alibaba off the naughty step
- ICANN to kill auction fund bylaws change
- The people have spoken on RDRS and they said “Meh”
- ICANN restarts work on controversial Whois privacy rules
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
Want to be one of the internet’s SEVEN SECRET KEY-HOLDERS? Apply now!
ICANN has put out a call for volunteers, looking for people to become what are sometimes referred to as “the internet’s seven secret key holders”.
Specifically, it needs Trusted Community Representatives, people of standing in the internet community who don’t mind carrying around a small key and getting a free trip to Los Angeles or Virginia once or twice a year.
The TCRs are used in the paranoia-inducing cryptographic key-signing ceremonies that provide DNSSEC at the root of the domain name system.
The ceremonies take place at ICANN data centers four times a year. The ceremonies themselves take hours, involve multiple layers of physical and data security, and the volunteers are expected to hang around for a day or two before and after each.
There’s no compensation involved, but the TCRs are allowed to apply to ICANN for travel reimbursements.
ICANN expects TCRs to stick around for about five years, but the large majority of the 28 people who act as TCRs (yeah, it’s not seven, it’s 28) have been in the role since 2010 and ICANN is probably planning a cull.
Other than knowing what the DNS is and how it works, the primary requirements are “integrity, objectivity, and intelligence, with reputations for sound judgment and open minds”.
If you think you tick those boxes, head here to apply.
Richemont kills off two more dot-brands
Luxury goods maker Richemont has decided to ditch two more of its dot-brand gTLDs.
The company has asked ICANN to terminate its registry contracts for .chloe and .montblanc, according to documents published by ICANN late last week.
Chloe is a fashion brand; Mont Blanc sells pens, jewelery and such.
No reason was given for either termination. Registries are allowed to self-terminate their Registry Agreements for any reason, given 180 days notice.
In both cases, ICANN has already agreed not to transfer the gTLD to a new operator. That’s a special privilege dot-brands get in their RAs.
Neither gTLD ever progressed beyond a single nic.brand placeholder page
Four additional Richemont dot-brands — .piaget, .iwc, .cartier, .panerai — have also been live for two years or more but are in identical states of disuse.
Richemont also runs .watches, .手表 and .珠宝 (Chinese for “watches” and “jewelry” respectively) which have been in the DNS for over 18 months but do not yet have any published launch plans.
The company was a somewhat enthusiastic early adopter of the new gTLD concept, providing speakers to industry events well before the application window opened back in 2012.
It applied for 14 strings in total, 10 of which eventually went live. It dumped two of its dot-brands before contract-signing and lost two auctions for generic strings.
Both .chloe and .montblanc are expected to be removed from the DNS in October.
There are now 22 new gTLDs that have voluntarily terminated their RAs.
Iran reported to Ombudsman after new gTLD conspiracy theory
ICANN’s Ombudsman has stepped in to resolve a complaint from the Iranian government that it was being “excluded” from discussions about the next phase of the new gTLD program.
Kavouss Arasteh, Iran’s Governmental Advisory Committee representative, earlier this month accused the leadership of the New gTLD Subsequent Procedures Working Group of deliberately scheduling teleconferences to make them difficult for him to attend.
He said the 0300 UTC timing of a meeting made it “painful” for European volunteers to participate (though it’s 0730 in Tehran).
When WG co-chair Avri Doria said that the time had been selected to avoid clashes with other working groups and declined his request, Arasteh said in an email: “If you insist, I interpret that this is an effort to EXCLUDE GAC TO ATTEND THE PDP.”
In other words, he was accusing the WG leaders of trying to exclude governments from helping to develop the rules of the new gTLD program.
Doria responded that she took the tone of the remarks as “abusive”, adding:
since my motives have been attacked and since I have been accused of trying to prevent GAC participation, I have no choice other than to turn this issue over to the Ombudsman.
The only other alternative I can think of is to accept the fact that I am incapable of co-chairing this group and step down.
Fellow co-chair Jeff Neuman chipped in with a detailed explanation of how, in the global ICANN community, there usually isn’t a time of day that is not inconvenient to at least some volunteers.
(It’s sometimes possible to hear snoring on these calls, but that’s not always due to the time of day.)
Today, Ombudsman Herb Weye responded to Doria’s complaint, saying that it has been “resolved” between the two parties. He wrote:
Without going into detail I am pleased to advise the working group that this complaint has been resolved and that I can bear witness to a unanimous demonstration of support for the leadership of the working group.
I would like to highlight the professional, “human” approach taken by all involved and their willingness to communicate in a clear, respectful and objective manner. This cooperative atmosphere allowed for a timely discussion and quick resolution.
Aratesh has for some time been one of the most vocal and combative GAC reps, noticeably unafraid to raise his voice when he needs to make his point.
He recently publicly threatened to take his concerns about ICANN’s policy on two-character domains to the International Telecommunications Union if his demands were not met.
Key-Systems buys reseller EDC
Key-Systems has acquired one of its resellers, European Domain Centre.
The acquiring registrar did not disclose the terms of the deal, but said EDC will help boost its own BrandShelter corporate registrar business.
EDC says it has clients including AirBnB, Campari, Lycamobile, iStockPhoto and BusinessWire.
The company was founded in 2003 by Nikolaj Borge and Christopher Hofman Laursen and is based in Copenhagen, Denmark.
Its selling point has been its willingness to offer offer its customers the broadest range of gTLD and ccTLD options.
It’s been a customer of RRPproxy, Key-Systems’ reseller network, since 2008.
As it’s been using the Key-Systems IANA number all this time, it’s not possible to get an accurate figure for its domains under management from ICANN reports.
Let’s all have a nosey at how much ICANN staff get paid
It’s that time of year again when ICANN publishes its US tax returns and we all get to have a good old nosey at how much its top brass get paid.
Figures for fiscal 2016 — so, basically a year out of date — came out this week and they show some senior executives got big pay boosts.
Overall, the return shows that the 17 highest-paid ICANN staffers received a total of $7.3 million in a combination of salary and bonuses, or about $429,000 on average, in the year.
That’s an increase of $603,000 on fiscal 2015 or $488,000 if you don’t count the bonuses.
I’m only counting the 17 named executives who appear in both the FY15 and FY16 returns, and I’m not counting non-executive directors.
Three of these executives received pay rises, not including bonuses, in excess of $100,000. While most top staff saw pay increases below 5%, raises of 21%, 34%, 44% and even 58% were recorded.
Four of them received bonuses of $125,000 or more.
One of the 17 saw his compensation go down. I’m guessing that might be an exchange rate fluctuation.
CEO Fadi Chehade, who left three quarters of the way through the fiscal year, still took home $854,000 in salary and bonuses, up from $737,000 in FY15. His successor’s compensation does not figure into the FY16 numbers.
ICANN has 155 staff members making over $100,000 a year, the return shows, up from 132 the previous year. That means more than half of ICANN’s total staff is in six-figure territory.
ICANN’s pay policy is to set compensation at the 50th to 75th percentile of the “relevant market”, which I assume is the technology sector rather than the not-for-profit sector, in order to stay competitive when hiring.
Its FY16 tax return can be downloaded here (pdf) and the FY15 one is here (pdf).
Massive ransomware attack hits 150 countries, brought down by a domain reg
A massive outbreak of malware on Friday hit thousands of organizations in an estimated 150 countries and had a big impact on the UK National Health Service before being temporarily thwarted by a single domain name registration.
WannaCry, as the malware has been called, targets Windows boxes that have not installed a March security patch. It encrypts files on the hosts it infects and demands money for the decryption key.
The attack is Big News for several reasons.
First, it spread ransomware over the network using a remotely exploitable vulnerability that required no user error or social engineering to install itself.
Second, it hit an estimated quarter-million machines, including thousands at big organizations such as Telefonica, the NHS, Deutsche Bahn and FedEx.
Third, it posed a real risk to human life. A reported 70,000 NHS machines, including medical devices, were said to be infected. Reportedly, some non-critical patients had to be turned away from UK hospitals and operations were cancelled due to the inability of doctors to access medical records.
Fourth, WannaCry appears to have been based on code developed by the US National Security Agency and leaked last month.
All in all, it was an attack the scale of which we have not seen for many years.
But it seems to have been “accidentally” prevented from propagating further on Friday, at least temporarily, with the simple act of registering a domain name.
A young British security researcher who goes by the online handle MalwareTech said he was poring over the WannaCry code on Friday afternoon when he came across an unregistered domain name.
On the assumption that the malware author perhaps planned to use the domain as a command and control center, MalwareTech spent the ten bucks to register it.
MalwareTech discovered that after the domain was registered, the malware stopped encrypting the hard drives it infected.
He first thought it was a fail-safe or kill-switch, but he later came to the conclusion that the author had included the domain lookup as a way to thwart security researchers such as himself, who run malware code in protected sandbox environments.
MalwareTech wrote:
In certain sandbox environments traffic is intercepted by replying to all URL lookups with an IP address belonging to the sandbox rather than the real IP address the URL points to, a side effect of this is if an unregistered domain is queried it will respond as [if] it were registered
Once the domain was registered, WannaCry iterations on newly infected machines assume they were running in sandboxes and turned themselves off before causing additional damage.
MalwareTech was naturally enough proclaimed the hero of the day by many news outlets, but it appears that versions of the malware without the DNS query kill-switch already started circulating over the weekend.
Many are warning that the start of the work week today may see a new rash of infections.
The researcher’s account of the incident can be read in full here.
ICANN’s origin story is well worth a watch
The story of how ICANN was born is being told through an ongoing series of video interviews.
The ICANN History Project went live late last week with an initial batch of eight videos on the theme of ICANN’s relationship with the US government, from before ICANN’s inception in 1998 to more recent developments such as the IANA transition.
There are several hours of interviews to watch so far, covering many of the key figures in ICANN over the last 20 years.
We have the likes of “Father of the Internet” Vint Cerf, “Father of ICANN” Ira Magaziner, “Godmother of ICANN” Becky Burr and “Second Cousin of Usenet” Fadi Chehade (sorry).
Three of ICANN’s four chairs to date are interviewed, along with two of its six CEOs.
From the USG side, recently departed assistant secretary at the National Telecommunications and Information Administration Larry Strickling gets half an hour in the warm seat.
It’s fronted by Brad White, ICANN’s head of comms for North America, who says he’s trying to approach the project from a journalistic perspective.
Before he fell to the Dark Side, he was a TV reporter for many years, as will become quickly apparent.
I must admit I’ve only managed to watch half of the videos so far, but from what I’ve seen they’re pretty damn good. Don’t expect PR fluff or self-congratulatory circle-jerky.
The interviewees all seem to talk pretty frankly about what was going on around the time of ICANN’s formation in the quagmire of bloodthirsty partisan hackery over the Clinton-Lewinsky scandal, a stirring from the International Telecommunications Union, and Jon Postel’s hacking of the entire DNS.
All worth a listen, if you’re an ICANN nerd.
Subtitled versions of each are available in each of the UN languages.
It’s slightly disappointing that ICANN’s original CEO Mike Roberts and chair Esther Dyson aren’t among the first batch of interviews (Dyson, particularly, has emerged as a critic of ICANN since her departure in 2000) but I gather the project is ongoing and more content will be posted as it’s completed.
The videos are supplemented by documentation that speaks to the same topics as the interviews. As far as I can tell, it’s all public info already, but it’s nice to see it collected in one place.
The project can be found here.
Neustar’s .au deal in peril as Aussies look in-house
Australian ccTLD registry auDA is looking at bringing its back-end infrastructure in house, to the possible detriment of Neustar.
In a surprise move, auDA said late last month that several months of talks with AusRegistry, aimed at possibly extending its current back-end contract beyond 2018, had failed.
AusRegistry has operated .au for auDA since 2002, during which time the ccTLD has grown to 3.1 million domains.
The company was acquired by Neustar in 2015 as part of its $87 million acquisition of Bombora Technologies, parent to AusRegistry and ARI.
auDA said it has now launched an invitation-only “restricted tender exercise” to find advisers to help it build its own registry back-end.
AusRegistry will be among those invited to participate, auDA confirmed.
This week, the registry also announced that it has hired Bruce Tonkin, formerly of Melbourne IT and the ICANN board of directors, to be its “Registry Transformation Project Lead”.
It will also form an “Industry-led Advisory Panel” to give .au registrars a say in how the new registry is designed and built.
.gay, .music and others in limbo as ICANN probes itself
Several new gTLD applicants have slammed ICANN for conducting an investigation into its own controversial practices that seems to be as opaque as the practices themselves.
Seven proposed new gTLDs, including the much-anticipated .music and .gay, are currently trapped in ICANN red tape hell as the organization conducts a secretive probe into how its own staff handled Community Priority Evaluations.
The now broad-ranging investigation seems have been going on for over six months but does not appear to have a set deadline for completion.
Applicants affected by the delays don’t know who is conducting the probe, and say they have not been contacted by anyone for their input.
At issue is the CPE process, designed to give genuine “community” gTLD applicants a way to avoid a costly auction in the event that their choice of string was contested.
The results of the roughly 25 CPE decisions, all conducted by the independent Economist Intelligence Unit, were sometimes divergent from each other or just baffling.
Many of the losers complained via ICANN’s in-house Requests for Reconsideration and then Independent Review Process mechanisms.
One such IRP complaint — related to Dot Registry’s .inc, .llc, .llp applications — led to two of the three-person IRP panel deciding last July that ICANN had serious questions to answer about how the CPE process was carried out.
While no evidence was found that ICANN had coached the EIU on scoring, it did emerge that ICANN staff had supplied margin notes to the supposedly independent EIU that had subsequently been incorporated into its final decision.
The IRP panel majority wrote that the EIU “did not act on its own in performing the CPEs” and “ICANN staff was intimately involved in the process”.
A month or so later, the ICANN board of directors passed a resolution calling for the CEO to “undertake an independent review of the process by which ICANN staff interacted with the CPE provider”.
Another month later, in October, the Board Governance Committee broadened the scope of the investigation and asked the EIU to supply it with documents it used to reach its decisions in multiple controversial CPE cases.
A couple of weeks ago, BGC chair Chris Disspain explained all this (pdf) to the applicants for .music, .gay, hotel, .cpa, .llc, .inc, .llp and .merck, all of which are affected by the delay caused by the investigation.
He said that the investigation would be completed “as soon as practicable”.
But in response, Dot Registry and lawyers for fellow failed CPE applicant DotMusic have fired off more letters of complaint to ICANN.
(UPDATE: Dot Registry CEO Shaul Jolles got in touch to say his letter was actually sent before Disspain’s, despite the dates on the letters as published by ICANN suggesting the opposite).
Both applicants note that they have no idea who the independent party investigating the CPEs is. That’s because ICANN hasn’t identified them publicly or privately, and the evaluator has not contacted the applicants for their side of the story.
DotMusic’s lawyer wrote (pdf):
DotMusic’s rights are thus being decided by a process about which it: (1) possesses minimal information; (2) carried out by an individual or organization whose identity ICANN is shielding; (3) whose mandate is secret; (4) whose methods are unknown; and (5) whose report may never be made public by ICANN’s Board.
He added, pointedly:
The exclusion of directly affected parties from participation eerily reproduces the shortcomings of the EIU evaluations that are under scrutiny in the first place.
Dot Registry CEO Shaul Jolles, in his letter (pdf), quoted Disspain saying at a public forum in Copenhagen this March that a blog post addressing the concerns had been drafted and would be published “shortly”, but wasn’t.
He suggested the investigation is “smoke and mirrors” and, along with DotMusic, demanded more information about the investigator’s identity and methods.
It does strike me as a looking a bit like history repeating itself: ICANN comes under fire for non-transparently influencing a supposedly independent review and addresses those criticisms by launching another non-transparent supposedly independent review.
No matter what I feel about the merits of the “community” claims of some of these applicants, it has been over five years now since they submitted their applications and the courtesy of transparency — if closure itself its not yet possible — doesn’t seem like a great deal to ask.
XYZ acquires .storage, its 10th gTLD
XYZ.com said today that it has acquired the half-launched new gTLD .storage from its original owner.
The terms of the deal were not disclosed, but CEO Daniel Negari said in a blog post that it has been funded using some of the “excess of cash flow” from sales of .xyz domains.
The original .storage registry was Extra Space Storage, which rents out physical storage units in the US.
It started its protracted launch period a little over a year ago but had not planned to go to general availability until July this year.
Having apparently passed through its sunrise period and a special landrush for the storage industry, which ended in January, it has fewer than 800 domains in its zone file.
It looks like XYZ will be essentially relaunching the gTLD from scratch, with a new sunrise period penciled in for November and an early access period and GA slated for December.
Pre-launch pricing is around the $80 mark at the few registrars I checked today, and it looks like that will remain under the new management.
That’s despite XYZ talking today about .storage as a “premium” vertically-focused TLD along the lines of its $3,000 .cars or $750 .theatre.
The company said that it will not hold back reserved names at higher, premium pricing. Even nice-looking domains such as cloud.storage will be available at the base fee, it said.
The new acquisition becomes the 10th that XYZ has a hand in running, if you count the three car-related gTLDs it manages in a joint venture with Uniregistry. The others are .security, .rent, .protection, .theatre, and .college.
Recent Comments