Recent Posts
- Salesforce to apply for a dot-brand
- Team Internet looking to break up
- Noss to leave Tucows corner office
- Rubens Kühl has died
- Sinha angry with Chapman’s firing as ICANN vice chair
- Glitch redux: ICANN screws up new gTLD security again
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
Portugal joins the million-domain club
Portuguese ccTLD .pt passed one million registrations for the first time earlier this month, DNS.pt said this week.
The millionth name was meckos.pt, registered by a local textile machinery company of that name, the registry said.
The ccTLD ended 2017 with 976,370 names under management and as of today stands at 1,001,552 names, according to statistics published on the DNS.pt web site.
The company says it is currently growing fast, taking 10,693 new registrations in January, up 30% compared to the same month last year.
Austria to stop publishing most Whois data
Austrian ccTLD operator nic.at will no longer publish any Whois information for individual registrants, in order to comply with incoming EU privacy law.
“Natural persons’ data will no longer be published from mid-May 2018,” the company said today.
Data concerning legal entities such as companies will continue to be published, it added.
The move is of course an effort to become compliant with the General Data Protection Regulation, which currently has the industry scrambling around in the dark looking for ways avoid avoid millions of euros of potential fines.
nic.at will continue to collect the private data of individual registrants, but it will only publish technical information such as the name of the registrar and name servers in response to public Whois queries.
Companies will have their names and addresses published, but will have the option to have their email address and phone number hidden.
nic.at said it will disclose records to “law enforcement agencies, lawyers or people who contact nic.at following domain disputes and can prove that their rights have been infringed”.
People will be able to opt-in to having their information published
It’s arguably a more Draconian implementation of GDPR than the one proposed by ICANN for gTLDs, but it appears to be in line with plans already announced by Nominet for .uk and DENIC for .de.
Data leak security glitch screws up ICANN 61 for thousands
A security vulnerability forced ICANN to take down its Adobe Connect conferencing service halfway through its ICANN 61 meeting in Puerto Rico.
The “potentially serious security issue” could “could possibly lead to the disclosure of the information shared in an ICANN Adobe Connect room”, ICANN said in a pair of statements.
Taking down the service for the remainder of the meeting, which ends today, meant that potentially thousands of remote participants were left to cobble together a less streamlined replacement experience from a combination of live streams, transcription and email.
At the last ICANN meeting, over 4,000 unique participants logged into Adobe Connect. With only 1,900 or so people on-site, we’re probably looking at over 2,000 remote participants relying on AC to take part.
At this point, it’s not clear whether ICANN has discovered a previously undisclosed vulnerability in the Adobe service, or whether it simply buggered up its implementation with sloppy configuration settings.
It’s also not clear whether the glitch has been actively exploited to expose private data, though ICANN said it was first reported by a member of the Security and Stability Advisory Committee.
ICANN said in the second of two statements issued yesterday:
The issue is one that could possibly lead to the disclosure of the information shared in an ICANN Adobe Connect room. We are still investigating the root cause of the issue. We have formulated different scenarios based on authentication, encryption, and software versions, which we are testing in a controlled fashion in attempt to replicate and understand the root cause of the issue.
We are working directly with Adobe and with our cloud service provider to learn more.
Adobe Connect is a web conferencing tool that, at least when ICANN uses it for public meetings, combines live video and transcription, PowerPoint presentation sharing, and public and private chat rooms.
I also understand that there’s also a whiteboarding feature that allows participants to collaboratively work on documents in closed sessions.
Given that everything shared in the public sessions (outside of the private chat function) is by definition public, it might be reasonable to assume that ICANN’s primary concern here is how the software is used in closed sessions.
I hear ICANN uses Adobe Connect internally among its own staff and board, where one might imagine private data is sometimes shared. Other relatively secretive groups, such as the Governmental Advisory Committee and Nominating Committee, are also believed to sometimes use it behind closed doors.
While Adobe is infamous for producing buggy, insecure software, and ICANN uses a version of it hosted by a third-party cloud services provider, that doesn’t necessarily mean this wasn’t another ICANN screw-up.
In a similar incident uncovered in 2015, it was discovered that new gTLD applicants could read attachments on the confidential portions of their competitors’ applications, after ICANN accidentally had a single privacy configuration toggle set to “On” instead of “Off” in the hosted Salesforce.com software it was using to manage the program.
Ashwin Rangan, ICANN’s CIO and the guy also tasked with investigating the Salesforce issue, has now started a probe into the Adobe issue.
CentralNic and KeyDrive in merger talks
CentralNic and KeyDrive, two major European domain firms, are in merger talks, CentralNic confirmed this morning.
CentralNic said that the transaction, should it close, would be a “reverse takeover” of itself by KeyDrive.
That’s where a private company, in this case KeyDrive, reverses into a public one, in this case AIM-listed CentralNic.
Luxembourg-based KeyDrive is the holding company for brands including the registrars Key-Systems, Moniker and BrandShelter and the registries OpenRegistry and KSRegistry.
London-based CentralNic is a registry provider for the likes of .xyz, recent acquirer of Slovakian TLD .sk, and owner of registrars Internet.bs and Instra.
CentralNic said: “CentralNic and KeyDrive Group believe that the combination of the two businesses would have strong strategic logic and economies of scale, and would represent an opportunity to create a group with advanced technology platforms delivering significant recurring revenues for every major customer type within the industry.”
If a deal should be struck, it would happen in the second quarter, the company said.
The announcement was made today after news of the talks leaked.
Trading in CentralNic shares has been temporarily suspended.
After long fight, Donuts adds .charity to its gTLD stable
Snatching victory from the jaws of defeat, Donuts has prevailed in the two-horse race for the .charity gTLD.
The company appears to have privately resolved its contention set, paying off rival bidder Famous Four Media, judging by updates to ICANN’s web site today.
The gTLD had been scheduled for an ICANN “last resort” auction in April, but that’s now off.
Famous Four has also withdrawn its application, leaving Donuts the only remaining applicant.
I believe it will be Donuts’ 239th 240th gTLD.
But for a while it looked like Famous Four had a slam-dunk on its hands.
Back in 2014, the Independent Objector of the new gTLD program had filed an Community Objection against Donuts’ application, saying it was too risky to unleash a .charity domain onto the world without registration eligibility restrictions.
The fear was (and probably still is) that fraudsters could use the domains to lend an air of credibility to their online scams.
The IO prevailed, pretty much gifting Famous Four — which had proposed restrictions — the TLD.
But Donuts embarked upon an arduous set of appeals, including an Independent Review Process case, that culminated, last December, in a ruling (pdf) that reversed the original Community Objection decision.
That cleared the way for Donuts back into the application process and, now, the private auction it seems to have won.
Due to ICANN’s adoption of Governmental Advisory Committee advice on sensitive strings, Donuts will be obliged to put some Public Interest Commitments into its .charity contract, with the aim of reducing abuse.
Lawyer: GoDaddy Whois changes a “critical” contract breach
GoDaddy is in violation of its ICANN registrar contract by throttling access to its Whois database, according to a leading industry lawyer.
Brian Winterfeldt of the Winterfeldt IP Group has written to ICANN to demand its compliance team enforces what he calls a “very serious contractual breach”.
At issue is GoDaddy’s recent practice, introduced in January, of masking key fields of Whois when accessed in an automated fashion over port 43.
The company no longer shows the name, email address or phone number of its registrants over port 43. Web-based Whois, which has CAPTCHA protection, is unaffected.
It’s been presented as an anti-spam measure. In recent years, GoDaddy has been increasingly accused (wrongly) of selling customer details to spammers pitching web hosting and SEO services, whereas in fact those details have been obtained from public Whois.
But many in the industry are livid about the changes.
Back in January, DomainTools CEO Tim Chen told us that, even as a white-listed known quantity, its port 43 access was about 2% of its former levels.
And last week competing registrar Namecheap publicly complained that Whois throttling was hindering inbound transfers from GoDaddy.
Winterfeldt wrote (pdf) that “nothing in their contract permits GoDaddy to mask data elements, and evidence of illegality must be obtained before GoDaddy is permitted to throttle or deny
port 43 Whois access to any particular IP address”, adding:
The GoDaddy whitelist program has created a dire situation where businesses dependent upon unmasked and robust port 43 Whois access are forced to negotiate wholly subjective terms for access, and are fearful of filing complaints with ICANN because they are reticent to publicize any disruption in service, or because they fear retaliation from GoDaddy…
This is a very serious contractual breach, which threatens to undermine the stability and security of the Internet, as well as embolden other registrars to make similar unilateral changes to their own port 43 Whois services. It has persisted for far too long, having been officially implemented on January 25, 2018. The tools our communities use to do our jobs are broken. Cybersecurity teams are flying blind without port 43 Whois data. And illegal activity will proliferate online, all ostensibly in order to protect GoDaddy customers from spam emails. That is completely disproportionate and unacceptable
He did not disclose which client, if any, he was writing on behalf of, presumably due to fear of reprisals.
He added that his initial outreaches to ICANN Compliance have not proved fruitful.
ICANN said last November that it would not prosecute registrar breaches of the Whois provisions of the Registrar Accreditation Agreements, subject to certain limits, as the industry focuses on becoming compliant with the General Data Protection Regulation.
But GoDaddy has told us that the port 43 throttling is unrelated to GDPR and to the compliance waiver.
Masking Whois data, whether over port 43 or not, is likely to soon become a fact of life anyway. ICANN’s current proposal for GDPR compliance would see public Whois records gutted, with only accredited users (such as law enforcement) getting access to full records.
Now South Africa looks to second-level domain sales
South Africa looks to be the next country to start letting people register domains directly at the second level of its ccTLD.
Local registry authority ZADNA this week opened a policy consultation on allowing registrants access to direct, second-level .za names.
Currently, if you want a .za you have to register at the third level under the likes of .co.za or .net.za.
But ZADNA says second-level names will help it continue to compete in a market now populated by hundreds of new gTLDs.
The company said it has been “inundated” by calls for such a move.
The policy shift would see South Africa follow the the path beaten in recent years by UK, New Zealand, Kenya and (probably) Australia, which have all changed policy to allow second-level names.
But these things are never without controversy.
Domain investors are typically resistant to such moves, fearing dilution and the possible devaluing of their portfolios.
There are often also intellectual property concerns, and concerns about priority “grandfathering” rights when matching .co.za and .org.za names, for example, have different owners.
ZADNA is floating the possibility of auctions to resolve these kinds of conflicts.
The proposal (pdf) is open for comment until April 16.
Next new gTLD round unlikely before 2022
ICANN is unlikely to accept any more new gTLD applications until a full decade has passed since the last round was open.
That’s the conclusion of some ICANN community members working on rules for the next round.
Speaking at ICANN 61 in Puerto Rico this weekend, Jeff Neuman, co-chair of the New gTLD Subsequent Procedures Working group, presented a “best case” timetable for the next round.
The timetable would see the next new gTLD application window opening in the first quarter of 2021, nine years after the 2012 round.
But Neuman acknowledged that the timeline would require all parts of the ICANN community — working groups, GNSO Council, board of directors, staff — to work at their most efficient.
With that in mind, 2021 seems optimistic.
“Even if we hit the 2021 date, that’s still a decade after the launch of the last round, which is crazy,” Neuman said.
The timetable assumes the GNSO wraps up its policy development a year from now, with the ICANN board approving the policy mid-2019.
It then gives the ICANN staff about six months to publish an updated Applicant Guidebook, and assumes whatever is produced is approved within about six months, after the first pass of public comments.
It’s worth noting that the 2012 round’s AGB hit its first draft in 2008 and went through half a dozen revisions over three years before it was finalized, though one imagines there would be less wheel-reinventing required next time around.
After the board gives the AGB the final nod, the timeline assumes ICANN staff about six months to “operationalize” the program.
But one unidentified ICANN staffer, who said she was “the person that will be ultimately responsible for the implementation” of whatever the GNSO comes up with, said during this weekend’s session that she doubted this was realistic.
She said ICANN the organization would need “at least 12 months” between the ICANN board approving the AGB and the application window opening. That would push the window to late 2021.
The Subsequent Procedures policy work is of course not the only gating factor to the next round.
There’s also a potential bottleneck in work being carried out to review rights protection mechanisms, where fears of filibustering have emerged in an already fractious working group.
All things considered, I wouldn’t place any bets on an application window opening as early as 2021.
Donuts scraps 200 companies, consolidates under Binky Moon
Donuts has consolidated all of its original portfolio of new gTLD contracts under a single LLC, scrapping almost 200 shell companies in the process.
At least 196 contracts, each of which were originally allocated to a unique LLC, have been assigned now to Binky Moon LLC.
This seems to have happened back in late November, but ICANN only added the transfers to its published list of reassignments last week.
When Donuts applied for over 300 gTLDs back in 2012, each application belonged to a different shell company. Apparently randomly generated names — such as New Sky LLC, Sand Shadow LLC and Bitter Fields LLC — were chosen for each.
This was for “tax and other purposes” that made sense when Donuts was a new company, I’m told.
Now, with Donuts by one measure the fastest-growing tech company in the world, it made more sense to “retire” the old LLCs and realize the “operational efficiencies” of consolidation, a spokesperson said.
Not all of Donuts’ contracts belong to Binky Moon. When the company acquired 2003-round .travel last month it assigned the Registry Agreement to Dog Beach LLC.
ICANNWiki fans protest funding cut
ICANN should continue to fund the independent ICANNWiki project, according to high-profile industry supporters.
As I first reported back in December, ICANN plans to stop giving a $100,000 annual grant to ICANNWiki, a repository of about 6,000 community-sourced articles on the people and organizations involved in the ICANN community.
While ICANNWiki does not merit an explicit mention in ICANN’s latest proposed budget, both organizations have confirmed to DI that the funding is for the chop, as ICANN attempts to rein in spending in the face of depressed revenue.
About a quarter of the 41 comments filed on the budget express support for the wiki.
Consultant Kurt Pritz, a 10-year veteran of ICANN and one of the key architects of its new gTLD program, wrote that the wiki “has been an essential part of the ICANN culture for many years… often saving ICANN meetings from terminal ennui.”
Roland LaPlante, chief marketing officer of Afilias (one of about 15 sponsors listed on ICANNWiki’s front page), wrote:
The complete withdrawal of funding from ICANN so abruptly not only threatens the viability of the project, but rather disrespectfully junks the valuable time and resources that the community has invested over the years. Ultimately the loss of ICANNWiki would be a loss to our overall sense of community.
ICANN should continue to support ICANNWiki at a reasonable level in the next fiscal year. At a minimum, please consider giving the team time to find other sources of funding.
Sandeep Ramchandani, CEO of Radix, concurred, writing:
ICANNNWiki benefits the entire ICANN community. Cutting the funding entirely would effectively halt its operations and be a disservice to the community it serves. It is in ICANN and the community’s best interest to continue funding it in an amount that works for ICANN long-term, and provide ICANNWiki sufficient time to develop a more sustainable business plan.
Simon Cousins, CEO of Chinese market localization specialist Allegravita, said:
Before ICANNWiki, there was precious little information on industry fundamentals in China, and since Allegravita has supported the pro-bono translation of ICANNWiki content into Chinese, the vital platform that is ICANNWiki has been acknowledged hundreds of times.
We do not support the immediate and full withdrawal of funding for ICANNWiki. We guardedly support incremental, annual decreases to give ICANNWiki the time necessary to generate new sponsorship income to cover their costs.
Pablo Rodriguez of .pr ccTLD operator PRTLD, host of ICANN 61 and an ICANNWiki sponsor, wrote:
We believe that they should not be cut out from the ICANN’s Budget, instead, they should be supported and embraced to continue their engaging approach and work with ICANN’s Community and as well newcomers, veterans, special programming for beginners and others in order to deliver what is ICANN and what does the organization do and so forth.
Several other commentators on ICANN’s budget asked ICANN to maintain the funding and I was unable to find any comments supporting its withdrawal.
It’s worth noting that ICANN’s $100,000 is not ICANNWiki’s only financial support. It says it receives an additional $61,000 a year from corporate sponsorship, and as a wiki much of its output is produced by volunteers.
It has been in existence for a decade, but ICANN has only been giving it money for three years.
The costs associated with running it appear to be mostly centered not on maintaining the web site but on its outreach and promotional activities, such as attending meetings and the popular caricatures and card decks it distributes.
It could be argued that ICANNWiki is pretty good value for money when compared to cost of a dedicated outreach professional (the average cost of an ICANN staffer has been estimated at $175,000+ in the latest budget).
ICANNWiki will host an “Edit-A-Thon” during the current ICANN 61 public meeting in San Juan, Puerto Rico on Tuesday at 0900 local time.
Recent Comments