Recent Posts
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
Junk drop cuts .xyz in half, .top claims volume crown
The .xyz gTLD has seen its zone file halve in size, as millions of free and cheap domains were not renewed.
The former volume leader among new gTLDs started this month with a tad over 5.2 million domains in its zone.
But its July 17 zone contained 2.5 million, much less than half as many, DI analysis shows.
The precipitous decline means that Chinese-run gTLD .top, increasingly notorious as a go-to TLD for spammers, is now literally at the top of the league table, when you measure new gTLDs by zone file volume, with 2.6 million names.
The primary reason for .xyz losing so many names is of course the expiration of most of the domains that were sold for just $0.01 — or given away for free — in the first few days of June 2016, and the aggressive promotional pricing on offer for the remainder of that month.
On May 30, 2016, there were just under 2.8 million names in the .xyz zone. By July 1, 2016, that number had topped 6.2 million, an increase of 3.4 million over a single month.
That was .xyz’s peak. The zone has been in gradual decline ever since.
Domains generally take 45 days to drop, so it’s entirely possible XYZ.com will see further losses over the next month or so.
There’s nothing unusual about seeing a so-called “junk drop” a year after a TLD launches or runs a free-domains promotion. It’s been well-understood for over a decade and has been anticipated for .xyz for over a year.
But compounding its problems, the .xyz registry appears to still be banned in China, where a substantial portion of its former customer base is located.
The company disclosed over two months ago that it had a “temporary” problem that had seen its license to sell domains via Chinese registrars suspended.
The ban was related to XYZ falling out with its original “real name verification” provider, ZDNS, which was tasked with verifying the identities of Chinese registrants per local government regulations.
I’ve never been able to confirm with either party the cause of this split, but everyone else involved in the Chinese market I’ve asked has told me it related to a dispute over money.
Regardless, two months later the major Chinese registrars I checked today still appear to not be carrying .xyz names.
XYZ has meanwhile signed up with alternative Chinese RNV provider Tele-info, and just three days ago submitted the necessary paperwork (pdf) with ICANN to have the move approved as a registry service under its contract.
In that request, XYZ said the new RNV service “will allow XYZ to reenter certain domain name markets”, suggesting that it has not yet regained Chinese government approval to operate there.
Over 750 domains hijacked in attack on Gandi
Gandi saw 751 domains belonging to its customers hijacked and redirected to malware delivery sites, the French registrar reported earlier this month.
The attack saw the perpetrators obtain Gandi’s password for a gateway provider, which it did not name, that acts as an intermediary to 34 ccTLD registries including .ch, .se and .es.
The registrar suspects that the password was obtained by the attacker exploiting the fact that the gateway provider does not enforce HTTPS on its login pages.
During the incident, the name servers for up up to 751 domains were altered such that they directed visitors to sites designed to compromise unpatched computers.
The redirects started at 0804 UTC July 7, and while Gandi’s geeks had reversed the changes by 1615 it was several more hours before the changes propagated throughout the DNS for all affected domains.
About the theft of its password, Gandi wrote:
These credentials were likewise not obtained by a breach of our systems and we strongly suspect they were obtained from an insecure connection to our technical partner’s web portal (the web platform in question allows access via http).
It’s not clear why a phishing attack, which would seem the more obvious way to obtain a password, was ruled out.
Gandi posted a detailed timeline here, while Swiss registry Switch also posted an incident report from its perspective here. An effected customer, which just happened to be a security researcher, posted his account here.
Gandi says it manages over 2.1 million domains across 730 TLDs.
ICANN chair paid $114,000 last year
ICANN chair Steve Crocker was paid $114,203.24 in the organization’s last tax year.
The number was released today (pdf) in response to a request by domain blogger John Poole of DomainMondo.com.
Poole had requested the figures because Crocker is paid via his company, Shinkuro, rather than directly, so his compensation does not show up on ICANN’s published tax returns.
It was already known that ICANN’s chair is eligible for $75,000 a year in salary, but today’s letter, from CFO Xavier Calvez, states that he also received $39,203.24 for office rent (about $3,250 per month) in the year ended June 30 2016.
This does not include his travel reimbursements and such, which came to well over $100,000 in the same fiscal year according to ICANN disclosures.
If Crocker were on ICANN staff, he would be the 18th most costly employee, even if you do include the extra reimbursements.
Other ICANN directors receive $45,000 per year.
Calvez said ICANN will update its disclosure process to make it clearer how much Crocker is paid via Shinkuro.
Could the next new gTLD round last 25 years? Or 70 years?
Will the next new gTLD round see 25,000 applications? If so, how long will it take for them all to go live?
The 25,000 figure is one that I’ve heard touted a few times, most recently during public sessions at ICANN’s meeting in Johannesburg last month.
The problem is that, judging by ICANN’s previous performance, such a huge number of applications would take anywhere from 25 to 70 years to process.
It’s unclear to me where the 25,000 application estimate comes from originally, but it does not strike me as laughably implausible.
There were just shy of 1,930 applications for 1,408 unique strings in the most recent round.
There could have been so many more.
ICANN’s outreach campaign is generally considered to have been a bit lackluster, particularly in developing markets, so many potential applicants were not aware of the opportunity.
In addition, some major portfolio applicants chose to rein in their ambitions.
Larry Page, then-CEO of Google, is known to have wanted to apply for many, many more than the 101 Google wound up applying for, but was talked down by staff.
There’s talk of pent-up demand for dot-brands among those companies that missed the 2012 window, but it’s impossible to know the scale of that demand with any precision.
Despite the fact that a handful of dot-brands with ICANN registry agreements and delegations have since cancelled their contracts, there’s no reason they could not reapply for defensive purposes again in subsequent rounds.
There are also thousands of towns and cities with populations comparable to cities that applied in 2012 that could apply next time around.
And there’s a possibility that the cost of applying — set at $185,000 on a highly redundant “cost recovery” basis — may come down in the next round.
Lots of other factors will play a role in how many applications we see, but in general it doesn’t seem impossible that there could be as many as 25,000.
Assuming for a moment that there are 25,000, how long will that take to process?
In the 2012 round, ICANN said it would delegate TLDs at a rate of no more than 1,000 per year. So that’s at least 25 years for a 25,000-app round.
That rate was set somewhat arbitrarily during discussions about root zone scaling before anyone knew how many gTLDs would be applied for and estimates were around the 500 mark.
Essentially, the 1,000-per-year number was floated as a sort of straw man (or “straw person” as some ICANNers have it nowadays) so the technical folk had a basis to figure out whether the root system could withstand such an influx.
Of course, this limit will have to be revised significantly if ICANN has any hope of processing 25,000 applications in under a generation.
Discussions at the time indicated that the rate of change, not the size of the root zone, was what represented the stability threat.
In reality, the rate of delegation has been significantly slower than 1,000 per year.
It took until May 2016 for the 1,000th new gTLD to go live, 945 days after the first batch were delegated in late October 2013.
That means that during the relative “rush-hour” of new gTLD delegations, there was still only a little over one per day on average.
And that’s counting from the date of the first delegation, which was actually 18 months after the application window was closed.
If that pattern held in subsequent rounds, we would be looking at about 70 years for a batch of 25,000 to make their way through the system.
You could apply for a vanity gTLD matching your family name and leave the delegation as a gift to your great-grandchildren, long after your death.
Clearly, with 25,000 applications some significant process efficiencies — including, I fancy, much more automation — would be in order.
Currently, IANA’s process for making changes to root zone records (including delegations) is somewhat complex and has multiple manual steps. And that’s before Verisign makes the actual change to the master root zone file.
But the act of delegation is only the final stage of processing a gTLD application.
First, applications that typically run into tens of thousands of words have to undergo Initial Evaluation by several teams of knowledgeable consultants.
From Reveal Day in 2012 to the final IE being published in 2014 took a little over two years, or an average of 2.5 applications per day.
Again, we’re looking at over a quarter of a century just to conduct IE on 25,000 applications.
Then there’s contracting — ICANN’s lawyers would have to sign off on about a dozen Registry Agreements per day if it wanted to process 25,000 delegations in just five years.
Not to mention there’s also pre-delegation testing, contention resolution, auctions, change requests, objections…
There’s a limited window to file objections and there were many complaints, largely from governments, that this period was far too short to read through just 1,930 applications.
A 25,000-string round could take forever, and ICANN’s policies and processes would have to be significantly revised to handle them in a reasonable timeframe.
Then again, potential applicants might view the 2012 round as a bust and the next round could be hugely under-subscribed.
There’s no way of knowing for sure, unfortunately.
auDA explains secretive new regime in bid to save chair
auDA has explained why it has refused to put controversial new policies to a vote, as it recommended that members vote to save the job of chairman Stuart Benjamin.
In a letter to members published this week, the .au ccTLD administrator said it was not legally obliged to allow members to vote on its directors’ decisions to stop publishing their meeting minutes and to gag members from bad-mouthing auDA in the press.
As we reported earlier in the week, a group of domainers and others had signed a petition calling for four resolutions to be put to a vote of auDA’s members (largely domainers and registrars), but auDA only accepted one of them.
That resolution was to fire Benjamin. Members will vote July 31.
The new letter (pdf) seeks to explain why the other three resolutions were rejected.
The campaigners, organized by domainer/blogger Ned O’Meara at Grumpy.com.au, had demanded that auDA reverse its new policy of not publishing the minutes of its board meetings.
In response, auDA stated that it is under no legal obligation under Aussie corporation law or its own constitution to publish minutes and therefore under no obligation to put this policy to a member vote.
It did, however, agree to reinstate previously published and deleted minutes of meetings up to February 2017.
The Grumpy gang also wanted auDA to put is new member code of conduct, apparently unilaterally imposed by its board this May, to a member vote.
The code of conduct contains some innocuous policies about having a zero tolerance for members who abuse and harass auDA staff, but it also prevents members from saying bad things about the organization in public.
Members must agree:
In any forum, including in the media, where acting as an auDA member or identifiable as an auDA member, I will conduct myself in a manner that will not bring the organisation, Directors or staff, into disrepute.
This basically would prevent any member from criticizing auDA when talking to a journalist, under pain of having their membership suspended or revoked. Clearly uncool.
In auDA’s new letter, CEO Cameron Boardman explains that the ability of the board to suspend memberships has been removed from the policy, in response to feedback. Memberships can still be revoked by the board, however.
This U-turn appears to be a legal technicality designed to ensure that the policy does not change the organization’s constitution — which allows the board to revoke but not suspend memberships — and therefore does not need to be put to a member vote.
Finally, the Grumpy coalition had asked for auDa’s decision to create its own in-house registry — and to stop outsourcing its back-end to Neustar — to be put to a vote.
Boardman’s letter says that this decision was “a matter of management exclusively vested in the directors” and therefore legally not something it has to put out for member approval.
O’Meara and company were given the chance to recant on their fourth resolution — that Benjamin be fired — and apparently had indicated initially that they wished to do so.
However, they were so appalled by Boardman’s letter than they decided to go ahead with it anyway.
auDA’s recommendation that Benjamin keeps his job can be read in full here.
Second-level .ke domains go on sale this month
Kenya has become the latest ccTLD to jump on the second-level domain bandwagon.
From this month, registrants will be able to purchase example.ke, rather than having to select from third-level domains such as example.co.ke or example.or.ke, according to the registry.
We have introduced Second Level .Ke Domain name space, Roll out date 23 rd July 2017. Secure yours early enough .Be part of #dotke #sldKe pic.twitter.com/6rFZrXIc2K
— KeNIC (@KenicTLD) June 29, 2017
KeNIC becomes the latest ccTLD registry to give customers the SLD option after the UK, New Zealand and Australia, which all backpedaled historic 3LD-only policies in order to remain relevant in an increasingly crowded TLD market.
Unlike previous launches, existing 3LD .ke registrants do not appear to have first right of refusal for the matching SLD, judging by the new policy (pdf).
The launch will begin July 23 with a 30-day sunrise period for trademark owners. This will be followed by a landrush period of 30 days.
Currently, pricing for co.ke domains in Kenyan shillings is in the same ballpark as the US dollar cost of a .com domain.
There are reportedly around 62,000 .ke domains currently registered.
Billionaire Elon Musk reacquired x.com
Billionaire entrepreneur and PayPal founder Elon Musk has reacquired the domain name x.com for an undisclosed sum.
X.com was the domain he acquired in 1999 and originally used for PayPal, before its 2001 rebrand.
Musk, who currently runs private space travel trailblazer SpaceX, confirmed the purchase in a tweet today:
Thanks PayPal for allowing me to buy back https://t.co/bOUOejO16Y! No plans right now, but it has great sentimental value to me.
— Elon Musk (@elonmusk) July 11, 2017
The deal was first spotted by domainer/blogger Elliot Silver, who noticed the Whois change.
Musk also seemed to say in a subsequent tweet that he had originally bought x.com back from its original owner in 1999 for stock in the nascent company, which 18 years later would presumably be worth an absolute fortune.
It was a tough negotiation, but they seemed like good guys. I hope they kept the stock. Would be worth a lot today.
— Elon Musk (@elonmusk) July 11, 2017
While the price of the 2017 purchase was not disclosed, one has to assume it would be worth millions; pocket change to a man reportedly worth over $15 billion today.
Domainers want the head of auDA’s chair
Disgruntled domainers have managed to arrange for a vote on whether auDA chair Stuart Benjamin should be fired.
auDA, the .au ccTLD administrator, has been under fire for many months from registrants who believe the organization is being managed in an increasingly erratic and secretive manner.
Now, a campaign and petition at Grumpy.com.au, run by Domainer.com.au publisher Ned O’Meara, has led to auDA calling a special meeting July 31 with a single resolution on the agenda:
That Stuart Benjamin be removed as a director of the Company with immediate effect.
Benjamin will therefore lose his job with simple majority votes of both classes of auDA members — “supply” class, meaning registrars, and “demand” class, meaning registrants.
O’Meara blogged yesterday that he believes there is “a slightly less than even chance” of the resolution being carried due to the possible lack of votes from supply class members.
But auDA rejected as legally “invalid” three additional resolutions that had been proposed.
Grumpy members had also wanted auDA to restore all of its board’s meeting minutes that were inexplicably deleted from the organization’s web site.
They’d wanted a recently instituted member code of conduct to be scrapped, rewritten, and then put to members for a vote.
The code of conduct bans “harassment” and “bullying” of auDA staff, but it also prevents members from talking to the media about auDA in disparaging terms.
Finally, they’d also wanted auDA to abandon its plan to build an in-house registry infrastructure (replacing current provider Neustar) without first putting the plan to a member vote.
But all of these resolutions have been taken off the table on the basis of unspecified “legal advice” provided to auDA.
According to O’Meara and others, dissatisfaction with the organization has been brewing for some time, ever since late 2015 when Benjamin was brought in as a “demand” class director and appointed chair, only to be quickly dismissed and immediately reinstated as an “independent” director and reappointed chair.
In March 2016, 16-year CEO Chris Disspain was fired and replaced by Cameron Boardman.
I’m told auDa has been hemorrhaging staff for months — 10 of its 13 employees have apparently left the organization this year.
ICANN expects to lose 750 registrars in the next year
ICANN is predicting that about 750 accredited registrars will close over the next 12 months due to the over-saturation of the drop-catching market.
ICANN VP Cyrus Namazi made the estimate while explaining ICANN’s fiscal 2018 budget, which is where the projection originated, at the organization’s public meeting in South Africa last week.
He said that ICANN ended its fiscal 2017 last week with 2,989 accredited registrars, but that ICANN expects to lose about 250 per quarter starting from October until this time next year.
These almost 3,000 registrars belong to about 400 registrar families, he said.
By my estimate, roughly two thirds of the registrars are shell accreditations under the ownership of just three companies — Web.com (Namejet and SnapNames), Pheenix, and TurnCommerce (DropCatch.com).
These companies lay out millions of dollars on accreditation fees in order to game ICANN rules and get more connections to registries — mainly Verisign’s .com.
More connections gives them a greater chance of quickly registering potentially valuable domains milliseconds after they are deleted. Drop-catching, in other words.
But Namazi indicated that ICANN’s cautious “best estimate” is that there’s not enough good stuff dropping to justify the number of accreditations these three companies own.
“With the model we have, I believe at the moment the total available market for these sought-after domains that these multifamily registrars are after is not able to withstand the thousands of accreditations that are there,” he said. “Each accreditation costs quite a bit of money.”
Having a registrar accreditation costs $4,000 a year, not including ICANN’s variable and transaction fees.
“We think the market has probably gone beyond what the available market is,” he said.
He cautioned that the situation was “fluid” and that ICANN was keeping an eye on it because these accreditations fees have become material to its budget in the last few years.
If the three drop-catchers do start dumping registrars, it would reveal an extremely short shelf life for their accreditations.
Pheenix upped its registrar count by 300 and DropCatch added 500 to its already huge stable as recently as December 2016.
.blog renewal prices will not go up, registry promises
Knock Knock Whois There, the .blog registry, has promised not to raise its wholesale fees on existing registrations.
The company, which is affiliated with WordPress, seems to have made the move in response to ongoing registrar discomfort following Uniregistry’s plan to significant raise the price of several of its new gTLDs (which has since been backpedaled).
The promise has been baked into the Registry-Registrar Agreement under which all of its registrars can sell .blog names.
The new RRA reads (with the new text in italics):
5.1.1. Registrar agrees to pay Registry Operator or its designee in accordance with the fee schedule set forth in Exhibit A for initial and renewal registrations and other services provided by Registry Operator to Registrar (collectively, “Fees”). Registry Operator reserves the right, from time to time, to modify the Fees in a manner consistent with ICANN policies and Registry Policies. However, once a domain is registered, Registry Operator will not modify the Renewal Fee of that domain.
This of course leaves the door open for KKWT to increase the price of a new registration, but it seems renewal prices are frozen.
I believe the current wholesale .blog fee starts at $16 per year.
The new RRA also adds ICANN-mandated language concerning the Uniform Rapid Suspension policy and a clarification about registrar legal indemnifications, KKWT said.
Recent Comments