Recent Posts
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
GoDaddy and DomainTools scrap over Whois access
GoDaddy has seriously limited DomainTools’ access to its customers’ Whois records, pissing off DomainTools.
DomainTools CEO Tim Chen this week complained to DI that its access to Whois has been throttled back significantly in recent months, making it very difficult to keep its massive database of domain information up to date.
Chen said that DomainTools is currently only able to access GoDaddy’s Whois over port 43 at about 2% of the rate it had previously.
He said that this has been going on for about six months and that the market-leading registrar has been unresponsive to its requests to have previous levels restored.
“By throttling access to the data by 98% they’re defeating the ability of security practitioners to get data on GoDaddy domains,” Chen said. “It’s particularly troublesome because they [GoDaddy] are such a big part of DNS.”
“We have customers who say the quality of GoDaddy data is just degrading across the board, either through direct look-ups or in some of the DomainTools products themselves,” he said.
DomainTools customers include security professionals trying to hunt down the source of attacks and intellectual property interests trying to locate pirates and cybersquatters.
GoDaddy today confirmed to DI that it has been throttling DomainTools’ Whois access, and said that it’s part of ongoing anti-spam measures.
In recent years there’s been an increase in the amount of spam — usually related to web design, hosting, and SEO — sent to recent domain registrants using email addresses harvested from new Whois records.
GoDaddy, as the market-share leader in retail domain sales, takes a tonne of flak from customers who, unaware of standard Whois practice, think the company is selling their personal information to spammers.
This kind of Twitter exchange is fairly common on GoDaddy’s feed:
Being bombarded by web developers after purchasing domain frm @GoDaddy
I paid for that domain and u selling my personal info like anything.gotta switch frm godaddy.— Vikas Rawat (@VikasRa87555925) January 12, 2018
While GoDaddy is not saying that DomainTools is directly responsible for this kind of activity, throttling its port 43 traffic is one way the company is trying to counter the problem, VP of policy James Bladel told DI tonight.
“Companies like [DomainTools] present a challenge,” he said. “While we may know these folks, we don’t know who their customers are.”
But that’s just a part of the issue. GoDaddy was also concerned about the amount of resources DomainTools was consuming, and its own future legal responsibilities under the European Union’s forthcoming General Data Protection Regulation.
“When [Chen] says they’re down to a fraction or a percentage of what they had previously, well what they had previously was they were updating and archiving Whois almost in real time,” Bladel said. “And that’s not going to fly.”
“That is not only, we feel, not congruent with our responsibilities to our customers’ data, but it’s also, later on down the road, exactly the kind of thing that GDPR and other regulations are designed to stop,” he said.
GDPR is the EU law that, when it fully kicks in in May, gives European citizens much more rights over the sharing and processing of their private data.
Bladel added that DomainTools is still getting more Whois access than other parties using port 43.
“They have a level of access that is much, much higher than what they would normally have as a registrar,” he said, “but much lower than I think they want, because they want to effectively download and keep current the entirety of the Whois database.”
I’m not getting a sense from GoDaddy that it’s likely to backtrack on its changes.
Indeed, the company also today announced that it from January 25 it will start to “mask” key elements of Whois records when queried over port 43.
GoDaddy told high-value customers such as domainers today that port 43 queries will no longer return the registrant’s first name, last name, email address or phone number.
Bulk Whois users such as registrars (and, I assume, DomainTools) that have been white-listed via the “GoDaddy Port43 Process” will continue to receive full records.
Its web-based Whois, which includes a CAPTCHA gateway to prevent scraping, will continue to function as normal.
Bladel said that these changes are NOT related to GDPR, nor to the fact that ICANN said a couple months back that it would not enforce compliance with Whois provisions of the Registrar Accreditation Agreement, subject to certain conditions.
Big changes at DomainTools as privacy law looms
Regular users of DomainTools should expect significant changes to their service, possibly unwelcome, as the impact of incoming European Union privacy law begins to be felt.
Professional users such as domain investors are most likely to be impacted by the changes.
The company hopes to announce how its services will be rejiggered to comply with the General Data Protection Regulation in the next few weeks, probably in February, but CEO Tim Chen spoke to DI yesterday in general terms about the law’s possible impact.
“There will be changes to the levels of service we offer currently, especially to any users of DomainTools that are not enterprises,” Chen said.
GDPR governs how personal data on EU citizens is captured, shared and processed. It deals with issues such as customer consent, the length of time such data may be stored, and the purposes for which it may be processed.
Given that DomainTools’ entire business model is based on capturing domain registrants’ contact information without their explicit consent, then storing, processing and sharing that data indefinitely, it doesn’t take a genius to work out that the new law represents a possibly existential threat.
But while Chen says he’s “very concerned” about GDPR, he expects the use cases of his enterprise customers to be protected.
DomainTools no longer considers itself a Whois company, Chen said, it’s a security services company now. Only about 20% of its revenue now comes from the $99-a-month customers who pay to access services such as reverse Whois and historical Whois queries.
The rest comes from the 500-odd enterprise customers it has, which use the company’s data for purposes such as tracking down network abuse and intellectual property theft.
DomainTools is very much aligned here with the governments and IP lawyers that are pressing ICANN and European data protection authorities to come up with a way Whois data can still be made available for these “legitimate purposes”.
“We’re very focused on our most-important goal of making sure the cyber security and network security use cases for Whois data are represented in the final discussions on how this legislation is really going to land,” he said.
“There needs to be some level of access that is retained for uses that are very consistent with protecting the very constituents that this legislation is trying to protect from a privacy perspective,” he said.
The two big issues pressing on Chen’s mind from a GDPR perspective are the ability of the company to continue to aggregate Whois records from hundreds of TLDs and thousands of registrars, and its ability to continue to provide historical, archived Whois records — the company’s most-popular product after vanilla Whois..
These are both critical for customers responding to security issues or trying to hunt down serial cybersquatters and copyright infringers, Chen said.
“[Customers are] very concerned, because their ability to use this data as part of their incident response is critical, and the removal of the data from that process really does injure their ability to do their jobs,” he said.
How far these use cases will be protected under GDPR is still an open question, one largely to be determined by European DPAs, and DomainTools, like ICANN the rest of the domain industry, is still largely in discussion mode.
“Part of what we need to help DPAs understand is: how long is long enough?” Chen said. “Answering how long this data can be archived is very important.”
ICANN was recently advised by its lawyers to take its case for maintaining Whois in as recognizable form as possible to the DPAs and other European privacy bodies.
And governments, via the Governmental Advisory Committee, recently urged ICANN to continue to permit Whois access for “legitimate purposes”.
DomainTools is in a different position to most of the rest of the industry. In terms of its core service, it’s not a contracted party with ICANN, so perhaps will have to rely on hoping whatever the registries and registrars work out will also apply to its own offerings.
It’s also different in that it has no direct customer relationship with the registrants whose data it processes, nor does it have a contractual relationship with the companies that do have these customer relationships.
This could make the issue of consent — the right of registrant to have a say in how their data is processed and when it is deleted — tricky.
“We’re not in a position to get consent from domain owners to do what we do,” Chen said. “I think where we need to be more thoughtful is whether DomainTools needs to have a process where people can opt out of having their data processed.”
“When I think about consent, it’s not on the way in, because we just don’t have a way to do that, it’s allowing a way out… a mechanism where people can object to their data being processed,” he said.
How DomainTools’ non-enterprise customers and users will be affected should become clear when the company outlines its plans in the coming weeks.
But Chen suggested that most casual users should not see too much impact.
“The ability of anyone who has an interest in using Whois data, who needs it every now and then, for looking up a Whois record of a domain because they want to buy it as a domain investor for example, that should still be very possible after GDPR,” he said.
“I don’t think GDPR is aimed at individual, one-at-a-time use cases for data, I think it’s aimed at scalable abuse of the data for bad purposes,” he said.
“If you’re running a business in domain names and you need to get Whois at significant scale, and you need to evaluate that many domains for some reason, that’s where the impact may be,” he said.
Disclosure: I share a complimentary DomainTools account with several other domain industry bloggers.
Bezsonoff replaces Kaine at Neustar
.CO Internet alum Nicolai Bezsonoff has replaced Sean Kaine as head of Neustar’s domain name business.
Neustar today announced that Bezsonoff has been appointed VP and general manager of the Registry Solutions business.
That’s Kaine’s old job. I hear he’s leaving the company of his own volition, but I don’t know where he’s going.
Bezsonoff was in a similar role in the Security Solutions division.
He joined Neustar when it acquired Colombian ccTLD registry .CO, where he was COO and co-founder, for $109 million almost four years ago.
The announcement comes just a few weeks after it was announced that Afilias is to take over the running of Australia’s 3.1 million-name ccTLD .au, one of Neustar’s marquee tenants.
Active new gTLD domains drop below 20 million
The number of domain names recorded in new gTLD zone files has dipped below 20 million for the first time in 18 months.
The total crossed the milestone in the wrong direction January 1, according to DI’s records.
As of today, there are 19.8 million domains in zone files, down from a peak of 26 million in March 2017.
The count has gone down by about half a million names in the last 90 days, largely as a result of declines in .top, .xyz and .kiwi, which have each recorded six-figure losses.
It’s the first time that the zone files have showed the number of domains going below 20 million since the beginning of June 2016, when XYZ.com sold millions of .xyz domains for a penny each. Most of those names did not renew a year later.
Zone files do not record every domain that has been registered, just those with active name servers. Others may be registered but unused or on hold for various reasons.
.web closer to reality as antitrust probe ends
Verisign has been given the all-clear by the US government to go ahead and run the new gTLD .web, despite competition concerns.
The Department of Justice told the company yesterday that the antitrust investigation it launched almost exactly a year ago is now “closed”.
Verisign’s secret proxy in the 2016 auction, the original .web applicant Nu Dot Co, now plans to try to execute its Registry Agreement with ICANN.
That contract would then be assigned to Verisign through the normal ICANN process.
The .com registry operator today filed this statement with the US Securities and Exchange Commission:
As the Company previously disclosed, on January 18, 2017, the Company received a Civil Investigative Demand from the Antitrust Division of the United States Department of Justice (“DOJ”) requesting certain material related to the Company becoming the registry operator for the .web gTLD. On January 9, 2018, the DOJ notified the Company that this investigation was closed. Verisign previously announced on August 1, 2016, that it had provided funds for Nu Dot Co’s successful bid for the .web gTLD and the Company anticipates that Nu Dot Co will now seek to execute the .web Registry Agreement with ICANN and thereafter assign it to Verisign upon consent from ICANN.
This basically means that Justice disagrees with anyone who thinks Verisign plans to operate .web in a way that just props up its .com market dominance, such as by burying it without a trace.
People clamoring to register .web domains may still have some time to wait, however.
Rival applicant Donuts, via subsidiary Ruby Glen, still has a pending lawsuit against ICANN in California.
Donuts had originally sued to prevent the .web auction going ahead in mid-2016, trying to force Nu Dot Co to reveal who was really pulling its strings.
After the auction, in which Verisign committed to pay ICANN a record-setting $125 million, Donuts sued to have the result overturned.
But in November 2016, a judge ruled that the no-suing covenant that all new gTLD applicants had to sign was valid, throwing out Donuts’ case.
Donuts is now appealing that ruling, however, filing its most-recent brief just a few weeks ago.
Whether that will stop ICANN from signing the .web contract and delegating it to Verisign is an open question. It managed to delegate .africa to ZA Central Registry despite the existence of an ongoing lawsuit by a competing applicant.
If history is any guide, we may see a rival applicant apply for a temporary restraining order against .web’s delegation before long.
Afilias takes over back-end for Puerto Rico
Afilias has won the back-end contract for Puerto Rico’s ccTLD, .pr.
The registry services provider took over DNS for the zone last month and the final handover of the registration system happened at the weekend.
.pr is a small TLD, under 10,000 names, run by local firm Gauss Research Laboratories. It also tries to market itself as a destination for public relations companies overseas.
It now lists about 30 registrars on its web site, most of which are either corporate-focused or reseller networks.
The deal brings the number of ccTLDs managed by Afilias well into double figures. Afilias also runs the back-end for the likes of .vc, .bz, .lc, and .ag, as well as larger zones including .me and .in.
It recently was selected to run .au for Australia, replacing long-time rival Neustar, from this coming July.
Puerto Rico is the destination of this March’s ICANN 61 public meeting, which may give Afilias some publicity opportunities.
CentralNic spends $3.3 million on .com portfolios
CentralNic has splashed out £2.5 million ($3.3 million) to bolster its portfolio of domain names for the secondary market.
The company said in a brief statement today that it acquired an unspecified number of domains across “a number of portfolios”. The sellers were not disclosed.
The names were all in .com.
CEO Ben Crawford said the names were acquired “at an attractive discount to current market rates”.
The deals mean London-listed CentralNic might be able to continue to prop up its recurring revenue (registry/registrar) numbers through the sale of premium names, something it still needs to do if it wants to show investors a pleasing growth curve.
That’s assuming it can sell the names at a profit, of course.
Some call this the premium domain “hamster wheel”.
SpamHaus ranks most-botted TLDs and registrars
Namecheap and Uniregistry have emerged as two of the most-abused domain name companies, using statistics on botnet command and control centers released by SpamHaus this week.
SpamHaus data shows that over a quarter of all botnet C&Cs found during the year were using NameCheap as their registrar.
It also shows that almost 1% of domains registered in Uniregistry’s .click are used as C&Cs.
The spam-fighting outfit said it discovered “almost 50,000” domains in 2017 that were registered for the purpose of controlling botnets.
Comparable data for 2016 was not published a year ago, but if you go back a few years, SpamHaus reported that there were just 3,793 such domains in 2014.
Neither number includes compromised domains or free subdomains.
The TLD with the most botnet abuse was of course .com, with 14,218 domains used as C&C servers. It was followed by Directi’s .pw (8,587) and Afilias’ .info (3,707).
When taking into account the relative size of the TLDs, SpamHaus fingered Russian ccTLD .ru as the “most heavily abused” TLD, but its numbers don’t ring true to me.
With 1,370 botnet controllers and about five and a half million domains, .ru’s abused domains would be around 0.03%.
But if you look at .click, with 1,256 botnet C&Cs and 131,000 domains (as of September), that number is very close to 1%. When it comes to botnets, that’s a high number.
In fact, using SpamHaus numbers and September registry reports of total domains under management, it seems that .work, .space, .website, .top, .pro, .biz, .info, .xyz, .bid and .online all have higher levels of botnet abuse than .ru, though in absolute numbers some have fewer abused domains.
In terms of registrars, Namecheap was the runaway loser, with a whopping 11,878 domains used to control botnets. 
While SpamHaus acknowledges that the size of the registrar has a bearing on abuse levels, it’s worth noting that GoDaddy — by far the biggest registrar, but well-staffed with over-zealous abuse guys — does not even feature on the top 20 list here.
SpamHaus wrote:
While the total numbers of botnet domains at the registrar might appear large, the registrar does not necessarily support cybercriminals. Registrars simply can’t detect all fraudulent registrations or registrations of domains for criminal use before those domains go live. The “life span” of criminal domains on legitimate, well-run, registrars tends to be quite short.
However, other much smaller registrars that you might never have heard of (like Shinjiru or WebNic) appear on this same list. Several of these registrars have an extremely high proportion of cybercrime domains registered through them. Like ISPs with high numbers of botnet controllers, these registrars usually have no or limited abuse staff, poor abuse detection processes, and some either do not or cannot accept takedown requests except by a legal order from the local government or a local court.
The SpamHaus report, which you can read here, concludes with a call for registries and registrars to take more action to shut down repeat offenders, saying it is “embarrassing” that some registrars allow perpetrators to register domains for abuse over and over and over again.
Namecheap to bring millions of domains in-house next week
Namecheap is finally bringing its customer base over to its own ICANN accreditation.
The registrar will next week accept transfer of an estimated 3.2 million .com and .net domains from Enom, following a court ruling forcing Enom owner Tucows to let go of the names.
The migration will happen from January 8 to January 12, Namecheap said in a blog post today.
Namecheap is one of the largest registrars in the industry, but historically it mostly acted as an Enom reseller. Every domain it sold showed up in official reports as an Enom sale.
While it’s been using its own ICANN accreditation to sell gTLD names since around 2015 — and has around four million names on its own credentials — it still had a substantial portion of its customer base on the Enom ticker.
After the two companies’ arrangement came to an end, and Enom was acquired by Tucows, Namecheap decided to also consolidate its .com/.net names under its own accreditation.
After Tucows balked at a bulk transfer, Namecheap sued, and a court ruled in December that Tucows must consent to the transfer.
Now, Namecheap says all .com and .net names registered before January 2017 or transferred in before November 2017 will be migrated.
There may be some downtime as the transition goes through, the company warned.
Get a free ticket to NamesCon here
NamesCon, the annual domain name industry conference, runs in Las Vegas at the end of the month, and DI has five free tickets to give away to readers.
The catch: only people who have never been to NamesCon before are eligible. It’s a strictly n00bs-only giveaway.
NamesCon starts January 28 and runs for three days at the Tropicana Hotel in Las Vegas.
Kicking off the show, in surely one of life’s “together at last” moments, Andrew Allemann of Domain Name Wire will sit down for a live interview with David Ellefson, founder of the metal band Megadeth. It’s probably going to be one of those “you had to be there” experiences.
There’s a strong focus on blockchain and cryptocurrency this year, given the interest many domainers are showing in this area as a new investment opportunity.
But the agenda is made up of the usual mix of industry experts discussing themes such as domain investment, web site development, branding, intellectual property and the like.
There’s even a Women In Domaining Dinner, where women can discuss whether it’s worth investing in .makeup and .horse domains, and a Christian Domainers’ Breakfast, where followers of Our Lord can eat bacon in peace and prevaricate on why greed is definitely not as bad as the Bible unambiguously states it is.
It’s usually a pretty good show with a good turn-out. The networking opportunities alone make it worth a trip.
To claim one of the five complimentary conference passes, simply leave a comment on this blog post stating clearly that you want one, and complete this sentence in 10,000 words or fewer:
I want to spend three nights away from my partner in Las Vegas because…
Use a functioning email address or I won’t be able to send you the ticket details.
The first five people to leave a qualifying comment get a ticket each.
It should go without saying that this ticket only gets you into the conference itself. How you get to Vegas and where you sleep when you get there is your problem.
Again, and I can’t stress this enough, if you’ve been to NamesCon before you’re not eligible for this competition. That’s NamesCon’s rule, not mine, so no arguing.
In the unlikely event that all five tickets have gone by the time you read this post, you may want to check out some of my co-conspirators at other domain community blogs, several of which I gather also have tickets to give away today.
Recent Comments