Recent Posts
- Salesforce to apply for a dot-brand
- Team Internet looking to break up
- Noss to leave Tucows corner office
- Rubens Kühl has died
- Sinha angry with Chapman’s firing as ICANN vice chair
- Glitch redux: ICANN screws up new gTLD security again
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
US and EU call for Whois to stay alive
Government officials from both sides of the Atlantic have this week called on ICANN to preserve Whois as it currently is, in the face of incoming EU privacy law, at least for a select few users.
The European Commission wrote to ICANN to ask for a “pragmatic and workable solution” to the apparent conflict between the General Data Protection Regulation and the desire of some folks to continue to access Whois as usual.
Three commissioners said in a letter (pdf) that special consideration should be given to “public interests” including “ensuring cybersecurity and the stability of the internet, preventing and fighting crime, protecting intellectual property and copyright, or enforcing consumer protection measures”.
David Redl, the new head of the US National Telecommunications and Information Administration, echoed these concerns in a speech at the State of the Net conference in Washington DC on Monday.
Redl said that the “preservation of the Whois service” is one of NTIA’s top two priorities at the moment. The other priority is pressing for US interests in the International Telecommunications Union, he said.
Calling Whois “a cornerstone of trust and accountability for the Internet”, Redl said the service “can, and should, retain its essential character while complying with national privacy laws, including the GDPR.”
“It is in the interests of all Internet stakeholders that it does,” he said. “And for anyone here in the US who may be persuaded by arguments calling for drastic change, please know that the US government expects this information to continue to be made easily available through the Whois service.”
He directly referred to the ability of regular internet users to access Whois for consumer protection purposes in his speech.
The European Commission appears to be looking at a more restrictive approach, but it did offer some concrete suggestions as to how GDPR compliance might be achieved.
For example, the commissioners’ letter appears to give tacit approval to the idea of “gated” access to Whois, but called for access by law enforcement to be streamlined and centralized.
It also suggests throttling as a mechanism to reduce abuse of Whois data, and makes it clear that registrants should always be clearly informed how their personal data will be used.
The deadline for GDPR compliance is May this year. That’s when the ability of EU countries to start to levy fines against non-compliant companies, which could run into millions of euros, kicks in.
While ICANN has been criticized by registries and registrars for moving too slowly to give them clarity on how to be GDPR-compliant while also sticking to the Whois provisions of their contracts, its pace has been picking up recently.
Two weeks ago it called for comments on three possible Whois models that could be used from May.
That comment period ended on Monday, and ICANN is expected to publish the model upon which further discussions will be based today.
Is the Trump administration really trying to reverse the IANA transition?
Questions have been raised about the US government’s commitment to an independent ICANN, following the release of letters sent by two top Trump appointees.
In the letters, new NTIA head David Redl and Secretary of Commerce Wilbur Ross expressed an interest in looking at ways to “unwind” the IANA transition, which in 2016 severed the formal ties between ICANN and the US in DNS root zone management.
Responding to questions from senators during his lengthy confirmation process, now National Telecommunications and Information Administration assistant secretary Redl wrote:
I am not aware of any specific proposals to reverse the IANA transition, but I am interested in exploring ways to achieve this goal. To that end, if I am confirmed I will recommend to Secretary Ross that we begin the process by convening a panel of experts to investigate options for unwinding the transition.
The letters were first obtained by Politico under the Freedom of Information Act. We’re publishing them here (pdf).
They were sent last August, when Redl’s confirmation to the NTIA role was being held up by Senator Ted Cruz, who vehemently opposed the transition because he said he thought it would give more power over online speech to the likes of Russia and China.
He was confirmed in November.
The question is whether Redl was serious about unwinding the transition, or whether he was just bullshitting Cruz in order to remove a roadblock to his confirmation.
Technically, he only promised to “recommend” convening a panel of experts to his boss, Ross.
NTIA declined to comment last week when DI asked whether the department still supports the IANA transition, whether any efforts are underway to unwind it, and whether the panel of experts has already been convened.
Redl’s statements on ICANN since his confirmation have been more or less consistent with his Obama-era predecessor, Larry Strickling, in terms of expressing support for multi-stakeholder models, but with perhaps some causes for concern.
During his first public speech, delivered at the CES show in Las Vegas earlier this month, Redl expressed support for multi-stakeholder internet governance amid pushes for more multi-lateral control within venues such as the International Telecommunications Union.
However, he added:
I’ll also focus on being a strong advocate for U.S. interests within ICANN. We need to ensure transparency and accountability in ICANN’s work. And in light of the implementation of the European General Data Privacy Regulation, or GDPR, we need to preserve lawful access to WHOIS data, which is a vital tool for the public.
In the coming weeks, I’ll be seeking out the views of stakeholders to understand how else NTIA can best serve American interests in these global Internet fora.
Could this be an allusion to the “panel of experts”? It’s unclear at this stage.
One of Redl’s first moves as NTIA chief was to slam ICANN for its lack of accountability concerning the shutdown of a review working group, but that was hardly a controversial point of view.
And in a letter to Senator Brian Schatz, the Democrat ranking member of the Senate Commerce Subcommittee on Communications, Technology, Innovation, and the Internet, sent earlier this month, Redl expressed support for the multi-stakeholder model and wrote:
NTIA will be a strong advocate for US interests with the Governmental Advisory Committee of the Internet Cooperation [sic] for Assigned Names and Numbers (ICANN) in the existing post-transition IANA phase. NTIA will also monitor the [IANA operator] Public Technical Identifiers (PTI) and take action as necessary to ensure the security and stability of the DNS root.
That certainly suggests NTIA is happy to work in the new paradigm, while the promise to “take action as necessary” against PTI may raise eyebrows.
While a lot of this may seem ambiguous, my hunch is that there’s not really much appetite to reverse the IANA transition. Apart from appeasing Cruz’s demons, what could possibly be gained?
Ross, quizzed by Cruz at his own confirmation hearing a year ago, seemed reluctant to commit to such a move.
MMX profitable as acquisition talks drag on
New gTLD registry Minds + Machines became profitable as an operating company for the first time in 2017, the company announced on Friday.
MMX saw billings of $10 million in the second half of the year, compared to $5.6 million in the first half, as domains under management grew 67% to 1.32 million.
Billings is a measure of sales, rather than the more formal measure of revenue for accounting purposes.
Renewals accounted for $5.6 million of billings in the year, which “for the first-time has exceeded fixed operating costs which have been reduced to below $5.5 million for 2017”.
The company’s bottom line will also boosted by $2.1 million due to MMX losing the .inc and .llc new gTLD auctions.
MMX also provided an update on its “strategic review”, a code word for the “acquisition by or sale/merger of the Company” that it announced last May.
The company said “the longevity of the discussions has been at times frustrating” but that it hopes to have something to announce by the time it reports its formal 2017 results in April.
MMX had originally hoped to have concluded these talks before last September.
Emojis coming to another ccTLD
dotFM is to make emoji domain names available in the .fm ccTLD it manages.
The company said today that it’s currently taking expressions of interest in ‘premium’ emoji inventory, and that such domains will be registerable at an unspecified point in future.
It’s published a list of single-emoji domains it plans to sell.
Emoji domains “will be available based on Unicode Consortium Emoji Version 5.0 standards using single code point; and allowing a mix of letters and emoji characters under the top-level .FM, as well as the dotRadio extensions, .RADIO.fm and .RADIO.am”, dotFM said.
Very few TLDs allow emojis to be registered today.
The most prominent is .ws, which is Western Samoa’s ccTLD, marketed as an abbreviation for “web site”.
.fm is the ccTLD for Micronesia, but dotFM markets it to radio stations.
As ccTLDs, they’re not subject to ICANN rules that essentially ban them contractually in gTLDs.
Emojis use the same encoding as internationalized domain names, but do not feature in the IDN standards because they’re not used in real spoken languages.
Emoji domains are usually considered not entirely practical due to the inconsistent ways they can be rendered by applications.
Donuts releases free TLD-neutral name-spinner
Donuts has announced the release of a free name-spinner tool for registrars and resellers.
Relevant Name Search, found at rns.domains, isn’t a destination site in itself, but will be free for registrars to integrate into their storefronts.
The company said it’s been in beta testing with eNom, Dreamhost, Dynadot and Name.com, with eNom using it for over a year.
The service recalls something similar released by Verisign.
However, unlike the Verisign NameStudio tool, Donuts said RNS is “registry-neutral”, meaning it’s not designed to plug its own portfolio of TLDs over those from other registries.
I subjected the service to a quick, non-scientific test today and found the results much more semantically relevant than the Verisign tool, which only returns .com, .net and .cc results.
When I used NameStudio in November to search for “vodka”, my best offering was dogvodka.com. With RNS, I was offered the likes of vodka.bar, vodka.rocks, vodka.party, vodka.social and vodka.trade (all of which appear to carry premium pricing).
While Verisign offered me funattorney.com on a search for “attorney”, Donuts offered up attorney.lawyer, attorney.lgbt and attorney.blog.
RNS does not ignore legacy gTLDs, however. Doing a search for something a little more niche will bring up .com and .net domains, appropriately (in my view) ranked.
Search for “birmingham taxi” and you’ll get three relevant .limo domains (yeah, .limo exists, apparently) before birminghamtaxi.net.
Similarly, if you want to open up a pizza place in Cardiff, search for “cardiff pizza” and you’ll get offered cardiff.pizza, cardiffpizza.menu, cardiffpizza.restaurant, cardiffpizza.cafe and cardiffpizza.delivery before you get to cardiffpizza.com.
Many domain investors would say that the .com is unarguably the superior domain (it’s also unregistered and non-premium), but even those people would have to admit that the five more prominent suggestions have more semantic relevance.
Donuts said that RNS is configurable to take into account TLD-specific promotions, geography and marketing campaigns, and that it can be integrated with a single API call.
New gTLD revenue cut by HALF in ICANN budget
The new gTLD industry is performing terribly when compared to ICANN’s predictions just six months ago.
ICANN budget documents published over the weekend show that by one measure new gTLDs are doing just 51% of the business ICANN thought they would.
The new budget (pdf) shows that for the fiscal year 2018, which ends June 30, ICANN currently expects to receive $4.6 million in registry transaction fees.
These are the fees registries must pay for each new registration, renewal or transfer, when the TLD has more than 50,000 domains under management.
In a draft budget (pdf) published March 2017, its “best estimate” for these fees in FY18 was $8.9 million, almost double its newest prediction.
That prediction lasted until the approved budget (pdf) published last August.
The budget published at the weekend expects this transaction revenue to increase 31.1% to $6 million by June 30, 2019, still a long way off last year’s estimate.
At the registrar level, where registrars pay a transaction fee regardless of the size of the customer’s chosen gTLD, ICANN expects new gTLD revenue to be $3.9 million in FY18.
That’s just 52% of its March/August 2017 estimate of $7.5 million.
Looking at all reportable transactions — including the non-billable ones — ICANN’s projection for FY18 is now 21.9 million, compared to its earlier estimate of 41.7 million.
ICANN even reckons the number of new, 2012-round gTLDs actually live on the internet is going to shrink.
Its latest budget assumes 1,228 delegated TLDs by the end of June this year, which appears to be a couple light on current levels (at least according to me) and down from the 1,240 it expected a year ago.
It expects there to be 1,231 by the end of June 2019, which is even lower than it expected have in June 2017.
I suspect this is related to dot-brands cancelling their contracts, rather than retail gTLDs going dark.
Revenue from fixed registry fees for FY18 is expected to be $30.6 million, $200,00 less than previous expectations. Those numbers are for all gTLDs, old and new.
Overall, the view of new gTLDs is not pretty, when judged by what ICANN expected.
It shows that ICANN is to an extent captive to the whims of a fickle market that has in recent years been driven by penny deals and Chinese speculation.
By contrast, legacy gTLDs (.com, .info, etc) are running slightly ahead of earlier projections.
ICANN now expects legacy registry transaction fees of $48.6 million for FY18, which is $200,000 more than predicted last year.
It expects registrar transaction fees of $29.5 million, compared to its earlier forecast of $29.4 million.
This is not enough to recoup the missing new gTLD money, of course, which is why ICANN is slashing $5 million from its budget.
ICANN slashes millions from its budget
ICANN has cut $5 million from its annual budget, warning the community that difficult decisions have to be made amid a slowing domain name market.
Staff and community members will all be affected by the cuts, whether in the form of less generous pay raises or fewer travel opportunities.
Cuts have also been proposed to international outreach, tech support, contractual compliance and translation services.
The organization at the weekend published for comment its proposed budget for fiscal 2019. That’s the year that begins July 1, 2018.
It would see ICANN spend $138 million, $5 million less than it expects to spend in fiscal 2018.
Four of the five top-line areas ICANN reports expenses will be cut for a total of $12 million in savings, while one of them — personnel — is going up by $7.3 million.
This rounds out to a $5 million cut to the total FY19 ICANN budget. Here’s the breakdown:
- Personnel costs going up from $69.5 million to $76.8 million, up $7.3 million.
- Travel and meetings costs are to go down from $17.8 million to $15.6 million, a $2.2 million saving.
- Professional services costs will go down from $27.7 million to $23.4 million, a $4.3 million saving.
- Administration and capital costs will go down from $22.5 million to $17.8 million, a $4.7 million saving.
- The contingency budget is going down from $5.3 million to $4.5 million, a $800,000 saving.
Personnel costs are going up due to a combination of new hires and pay rises, but the average annual pay rise will be halved from 4% to 2%, saving $1.3 million, ICANN documentation states.
Headcount is expected to level out at about 425, up from the current 400, by the end of FY19.
The travel budget is going down due to a combination of cuts to services provided at the three annual meetings and the number of people ICANN reimburses for going to them.
The Fellows program — sometimes criticized for giving people what look like free vacations for little measurable return — is seeing the biggest headcount cut here. ICANN will only pay for 30 Fellows to go its meetings in FY19, half the level of FY18. The Next Gen program, a similar outreach program for yoof participants, goes down to 15 people from 20.
The Governmental Advisory Committee will get its number of funded seats reduced by 10 to 40. The ALAC and the ccNSO also each lose a few seats. Other constituencies are unaffected.
At the meetings themselves, translation is to be scaled back to be provided on an as-requested basis, rather than automatically translating everything into all six UN languages. Key sessions will continue to have live interpretation.
Outside of the three main meetings, ICANN is pulling back on plans to expand its irregular “capacity building” workshops in “under-served” areas of the world.
It’s also slashing the “additional budget request” budget by 50%.
In terms of compliance, a proposed Technical Compliance Monitoring system that was going to be built this year — a way to make sure gTLD registries and registrars are stable and secure — appears to be at risk of being deprioritized.
ICANN said it “will develop an implementation plan in due time, depending on the RFP results and, if needed, work with the Board to identify necessary resources and funds to support implementation of the project.”
The documents published today are now open for public comment until March 8.
The cuts I’ve reported here can be found from page 19 of this document (pdf).
The reason for the cutbacks is that ICANN’s revenue isn’t growing as fast as it once did, due to the slower than expected growth of the domain name industry in general. I’ll get to that a later article.
Research finds homograph attacks on big brands rife
Apparent domain name homograph attacks against major brands are a “significant” problem, according to research from Farsight Security.
The company said last week that it scanned for such attacks against 125 well-known brands over the three months to January 10 and found 116,113 domains — almost 1,000 per brand.
Homographs are domains that look like other domains, often indistinguishable from the original. They’re usually used to phish for passwords to bank accounts, retailers, cryptocurrency exchanges, and so on.
They most often use internationalized domain names, mixing together ASCII and non-ASCII characters when displayed in browsers.
To the naked eye, they can look very similar to the original ASCII-only domains, but under the hood they’re actually encoded with Punycode with the xn-- prefix.
Examples highlighted by Farsight include baŋkofamerica.com, amazoṇ.com and fàcebook.com
Displayed as ASCII, those domains are actually xn--bakofamerica-qfc.com, xn--amazo-7l1b.com and xn--fcebook-8va.com.
Farsight gave examples including and excluding the www. subdomain in a blog post last week, but I’m not sure if it double-counted to get to its 116,113-domain total.
As you might imagine, almost all of this abuse is concentrated in .com and other TLDs that were around before 2012, judging by Farsight’s examples. That’s because the big brands are not using new gTLDs for their primary sites yet.
Farsight gave a caveat that it had not generally investigated the ownership of the homograph domains it found. It’s possible some of them are defensive registrations by brands that are already fully aware of the security risk they could present.
DomainTools scraps apps and APIs in war on spam
DomainTools is to scrap at least five of its services as it tries to crack down spam.
It’s getting rids of its mobile apps, its APIs, and is to stop showing registrants’ personal information to unauthenticated users.
CEO Tim Chen told us in an email at the weekend:
The Android app is no longer supported.
The iOS app will no longer be supported after February 20th.
The Developer API is no longer supported.
On February 20th, the Bulk Parsed Whois tool available to Personal Members will no longer be supported.
On February 20th, our production Whois API will no longer be available to individual membership levels, an Enterprise relationships will be required.
It’s all part of an effort to make sure DomainTools services are not being abused by spammers, which has lead to a dispute with GoDaddy over bulk access to its registrants’ Whois data.
The longstanding problem of new registrants getting spammed with calls and emails offering web hosting and such has escalated over the last few years. Domain Name Wire detailed the scale of the abuse registrants can experience in a post last week.
While to my knowledge nobody has directly accused DomainTools of facilitating such abuse, the scrapped services are the ones that would be most useful to these spammers.
The company is also going to scale back what guest users can see when they do a Whois lookup, and is to make automated scraping of Whois records more difficult for paying members.
In a blog post, Chen wrote last week:
As of today, unauthenticated users of the DomainTools Whois Lookup tool will not see personally identifiable information for the registrant parsed out in the results, and will be required to submit a CAPTCHA to see the full raw domain name Whois record. Phone numbers in the parsed results have been replaced with image files, much the same way emails have always been rendered
As well as hoping to ease relations with GoDaddy — the source of a very heavy chunk of DomainTools’ data — the moves are also part of the company’s strategy for dealing with the incoming General Data Protection Regulation.
This is the EU law that gives registrants more control over the privacy of their personal data.
Chen told us earlier this month that DomainTools is keen to ensure its enterprise-level suite of security products, which he said are vital for security and intellectual property investigations, continue to operatie under the new regime.
About 80% of DomainTools’ revenue comes from its enterprise-level customers, over 500 companies.
A new gTLD kills itself off for the second time
British pharmacy chain Boots has applied to ICANN to terminate its dot-brand contract for the second time.
The company asked for its .boots Registry Agreement, signed in 2015, to be ended in December and ICANN opened the request for public comment this week.
What’s weird about the request is that Boots had already asked for self-termination last April, but that request was subsequently withdrawn by the company.
Boots seems to have changed its mind, twice, in a year.
As I noted first time around, .boots was the first example of a dot-brand that also matches a generic class of goods to chose the easy way out.
It’s quite likely the two-year freeze on re-applying for the string, should anyone want to, will be over by the time the next new gTLD application window opens.
.boots only had the contractually mandated placeholder domain nic.boots live.
Recent Comments