Recent Posts
- Salesforce to apply for a dot-brand
- Team Internet looking to break up
- Noss to leave Tucows corner office
- Rubens Kühl has died
- Sinha angry with Chapman’s firing as ICANN vice chair
- Glitch redux: ICANN screws up new gTLD security again
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
GoDaddy launches security service after Sucuri acquisition
GoDaddy has revealed the first fruits of its March acquisition of web security service provider Sucuri.
It’s GoDaddy Website Security, what appears to be a budget version of the services Sucuri already offers on a standalone basis.
For $6.99 per month ($83.88/year), the service monitors your web site for malware and removes it upon request. It also keeps tabs on major blacklists to make sure you’re not being blocked by Google, Norton or McAfee.
This low-end offering gets you a 12-hour response time for the cleanup component. You can up that to 30 minutes by taking out the $299.99 per year plan.
The more expensive plan also includes DDoS protection, a malware firewall and integration with a content delivery network for performance.
There’s also an intermediate, $19.99-per-month ($239.88/year) plan that includes the extra features but keeps the response time at 12 hours.
An SSL certificate is included in the two more-expensive packages.
The pricing and feature set looks to compare reasonably well with Sucuri’s standalone products, which start at $16.66 a month and offer response times as fast as four hours.
As somebody who has suffered from three major security problems on GoDaddy over the last decade or so, and found GoDaddy’s response abysmal on all three occasions (despite my generally positive views of its customer service), the new service is a somewhat tempting proposition.
Zero registrars pass ICANN audit
Some of the biggest names in the registrar game were among a bewildering 100% that failed an ICANN first-pass audit in the latest round of random compliance checks.
Of the 55 registrars picked to participate in the audit, a resounding 0 passed the initial audit, according to data released today.
Among them were recognizable names including Tucows, Register.com, 1&1, Google and Xin Net.
ICANN found 86% of the registrars had three or more “deficiencies” in their compliance with the 2013 Registrar Accreditation Agreement.
By far the most problematic area was compliance with sections 3.7.7.1 to 3.7.7.12 of the RAA, which specifies what terms registrars must put in their registration agreements and how they verify the contact details of their customers.
A full three quarters of audited registrars failed on that count, according to ICANN’s report (pdf).
More than half of tested registrars failed to live up to their commitments to respond to reports of abuse, where they’re obliged among other things to have a 24/7 contact number available.
There was one breach notice to a registrar as a result of the audit, but none of the failures were serious enough for ICANN to terminate the deficient registrar’s contract. Two registrars self-terminated during the process.
ICANN’s audit program is ongoing and operates in rounds.
In the current round, registrars were selected from those which either hadn’t had an audit in a couple of years, were found lacking in previous rounds, or had veered dangerously close to formal breach notices.
The round kicked off last September with requests for documents. The initial audit, which all registrars failed, was followed by a remediation phase from January to May.
Over the remediation phase, only one third of the registrars successfully resolved all the issues highlight by the audit. The remainder issued remediation plans and will be followed up on in future rounds.
The 0% pass rate is not unprecedented. It’s the same as the immediately prior audit (pdf), which ran from May to October 2016.
Zone file access is crap, security panel confirms
ICANN’s Centralized Zone Data Service has some serious shortcomings and needs an overhaul, according to the Security and Stability Advisory Committee.
The panel of DNS security experts has confirmed what CZDS subscribers, including your humble correspondent, have known since 2014 — the system had a major design flaw baked in from day one for no readily apparent reason.
CZDS is the centralized repository of gTLD zone files. It’s hosted by ICANN and aggregates zones from all 2012-round, and some older, gTLDs on a daily basis.
Signing up for it is fairly simple. You simply fill out your contact information, agree to the terms of service, select which zones you want and hit “submit”.
The purpose of the service is to allow researchers to receive zone files without having to enter into separate agreements with each of the 1,200+ gTLDs currently online.
The major problem, as subscribers know and SSAC has confirmed, is that the default subscription period is 90 days.
Unless the gTLD registry extends the period at its end and in its own discretion, each subscription ends after three months — cutting off access — and the subscriber must reapply.
Many of the larger registries exercise this option, but many — particularly dot-brands — do not.
The constant need to reapply and re-approve creates a recurring arse-ache for subscribers and, registry staff have told me, the registries themselves.
The approval process itself is highly unpredictable. Some of the major registries process requests within 24 hours — I’ve found Afilias is the fastest — but I’ve been waiting for approval for Valuetainment’s .voting since September 2016.
Some dot-brands even attempt to insert extra terms of service into the deal before approving requests, which defeats the entire purpose of having a centralized service in the first place.
Usually, a polite email to the person handling the requests can produce results. Other times, it’s necessary to report them to ICANN Compliance.
The SSAC has evidently interviewed many people who share my concerns, as well as looking at data from Compliance (where CZDS reliably generates the most complaints, wasting the time of Compliance staff).
This situation makes zone file access unreliable and subject to unnecessary interruptions. The missing data introduces “blind spots” in security coverage and research projects, and the reliability of software – such as security and analytics applications – that relies upon zone files is reduced. Lastly, the introduced inefficiency creates additional work for both registry operators and subscribers.
The SSAC has no idea why the need to reapply every 90 days was introduced, figuring it must have happened during implementation.
But it recommends that access agreements should automatically renew once they expire, eliminating the busywork of reapplying and closing the holes in researchers’ data sets.
As I’m not objective on this issue, I agree with that recommendation wholeheartedly.
I’m less keen on the SSAC’s recommendation that registries should be able to opt out of the auto-renewals on a per-subscriber basis. This will certainly be abused by the precious snowflake dot-brands that have already shown their reluctance to abide by their contractual obligations.
The SSAC report can be read here (pdf).
Ombudsman steps in after harassment claims in Whois group
ICANN Ombudsman Herb Waye has started monitoring an ICANN mailing list after multiple complaints of disrespectful behavior.
Waye this week told participants in the Registration Data Services working group that he is to trawl through their list archives and proactively monitor the group following “multiple complaints regarding behavior that contravenes the ICANN Expected Standards of Behavior and possibly the Community Anti-Harassment Policy”.
The RDS working group is exploring the possibility of replacing the current Whois system, in which all data is completely open, with something “gated”, restricting access to authenticated individuals based on their role.
Law enforcement agencies, for example, may be able to get a greater level of access to personal contact information than schmucks like me and you.
Privacy advocates are in favor of giving registrants more control over their data, while anti-abuse researchers hate anything that will limit their ability to stop spam, phishing and the like.
It’s controversial stuff, and arguments on the RDS WG list have been been very heated recently, sometimes spilling over into ad hominem attacks.
The Expected Standards of Behavior requires all ICANN community members to treat each other with civility.
I haven’t seen anything especially egregious, but apparently the disrespect on display has been sufficiently upsetting that the Ombudsman has had to step in.
It’s the first time, that I’m aware of, that the ICANN Ombudsman has proactively monitored a list rather than simply responding to complaints.
Waye said that he plans to deliver his verdict before ICANN 59, which kicks off in a little over a week.
US “threatens” Costa Rica over Pirate Bay domains
The US government has been threatening to “close down” Costa Rica’s .cr registry over its refusal to take down a Pirate Bay domain name, according to the registry.
Representatives of the US embassy in Costa Rica have been badgering NIC.cr to take down thepiratebay.cr since 2015, according to a letter from Pedro León Azofeifa, president of Academia Nacional de Ciencias, which runs the registry.
The letter claims:
These interactions with the United States Embassy have escalated with time and include great pressure since 2016 that is exemplified by several phone calls, emails and meetings urging our ccTLD to take down the domain, even though this would go against our domain name policies
According to the letter, a US official “has mentioned threats to close our registry, with repeated harassment regarding our practices and operation policies and even personal negative comments directed to our Executive Director”.
The letter was sent to the chair of ICANN’s Governmental Advisory Committee 10 days ago, CC’d to senior ICANN, Costa Rican and US governmental figures, and has been circulated this week in the Latin American domain name community.
The form of the alleged threats to close the registry is not clear, but it should be noted that prior to October 1 last year the US Department of Commerce, via its now-relinquished oversight of ICANN, played a key role in the administration of the DNS root zone.
The Pirate Bay is of course a popular directory of BitTorrent links largely used to disseminate pirated copies of movies and music, much of it American-made.
The site has been TLD-hopping for years, as registries around the world shut down its domains for violations of their own local rules. It has been live on thepiratebay.cr since December 2014, when its Swedish operation was shut down by authorities.
The NIC.cr letter says that its own policies follow international “best practices” and allow it to take down domains when presented with a Costa Rican court order, but that “the pressure and harassment [from the US] to take down the domain name without its proper process and local court order persists”.
The US Department of Commerce even pressured its Costa Rican counterpart to investigate NIC.cr, but that probe concluded that the registry was acting within its procedures, according to the letter.
It’s not the first attempt to get rid of the Pirate Bay this year.
Public Interest Registry in February announced a “UDRP for copyright” proposal that would allow copyright holders to have piracy disputes heard by independent arbitrators. It looked like a way to get unloved thepiratebay.org domain taken down without PIR having to take unilateral action.
That proposal was shelved after an outcry from the industry and civil rights watchdogs.
In April, one of the Pirate Bay’s founders launched a piracy-friendly domain registration service.
Just this week, the European Court of Justice ruled, after seven years of legal fights, that the Pirate Bay infringes copyright, raising the possibility of the site being blocked in more European countries.
The NIC.cr letter is dated June 6. It has not yet been published by ICANN or the GAC.
Forget emojis, you can buy Egyptian hieroglyph .com domains
Call them the Emojis of the Ancient World.
Egyptian hieroglyphs were once the cutting edge of written communication, and it turns out Verisign lets you register .com domains using them.
Internationalized domain names expert Andre Schapp discovered a couple months ago that the Unicode code points for the ancient script have been approved in 16 Verisign gTLDs, and apparently no others.
This means that domains such as 
should resolve.
Unfortunately, DI’s database does not support these characters, so I’m having to use images.
But at least one domain investor seems have snapped up a few dozen single-pictograph Egyptian hieroglyph names about a month ago, and his page has clickable links.
Whether you see the hieroglyph or the Punycode, prefixed “xn--“, seems to depend on your browser configuration.
Ancient Egyptian is apparently not the only dead script that Verisign supports.
According to IANA, you can also get .com domains in Sumero-Akkadian cuneiform, which went out of fashion in the second century CE, as well Phoenician, the world’s oldest known script.
Then there’s Imperial Aramaic, Meitei, Kharosthi, ‘Phags-pa, Sylheti Nagari and goodness knows how many other extinct writing systems.
It seems .com has been approved for 237 IDN scripts, in total. Let it not be said that Verisign does not offer domainers ample opportunity to spunk their cash on gibberish.
No Klingon, though.
Donuts to pay $213 million for Rightside
Donuts is to acquire Rightside for $213 million, the companies have just announced.
The $10.60 per share cash offer represents a 12% premium over Rightside’s average closing share price over the last 30 days. Rightside’s 52-week high is over $12.
Just one year ago, Donuts offered $70 million for Rightside’s portfolio of gTLDs, but was shot down.
Rightside also turned down a $5 million offer for four gTLDs from XYZ.com in April 2016.
The $213 million offer is funded at least partly by Silicon Valley Bank, which is providing a credit facility to Donuts.
Assuming the deal closes — which will require the holders of more than half its shares to agree to the price — it will make Rightside a private company once more, as a wholly owned Donuts subsidiary.
The two gTLD registries are already partners, with Rightside providing domain registry services for Donuts’ roughly 200 new gTLDs.
There was talk of a split last year, with Donuts apparent endorsement of Google’s Nomulus platform, but the two companies reaffirmed their relationship earlier this year.
Rightside itself has a portfolio of 40 gTLDs, but it’s faced criticism from shareholders over the last year or so over their relatively poor performance.
Activist investor J Carlo Cannell, who owns almost 9% of Rightside, has been pressuring the company’s board to take radical action for the last 15 months.
Earlier this year, Rightside got out of the once-core wholesale registrar game by selling eNom to rival Tucows for $83.5 million.
Bladel quits as Council chair as GoDaddy ruled “ineligible” for election
GNSO Council Chair James Bladel has resigned, after it emerged that GoDaddy, his employer, is not eligible for office under registrar rules.
He will continue to occupy the post on an interim basis until a new election is held.
Bladel was elected to represent the Registrars Stakeholder Group on the Council back in 2013 and was elected by the Council as chair in late 2015.
However, the RrSG has just discovered that he’s actually ineligible for elected office under its charter because GoDaddy is also a dot-brand registry.
The RrSG charter states that in order to avoid conflicts of interest, a registrar that also has a Specification 9 exemption from the registry Code of Conduct in an ICANN registry conduct may not hold office.
GoDaddy signed its .godaddy registry agreement, which includes the Spec 9 exemption, in July 2015. The gTLD is not currently being used.
GoDaddy is of course the largest registrar in the industry, but it appears its ability to wield power in ICANN’s policy-making bodies now appears to be hamstrung by its foray into new gTLDs.
Bladel’s resignation is not expected to have any significant impact on GNSO Council work.
He’s been reappointed by the RrSG executive committee on an interim basis until elections can be held for a replacement. His term is due to expire in November anyway.
Should ICANN get breastfeeding areas? Have your say!
ICANN has launched a survey of community members’ views on gender, apparently trying to figure out whether it has a sexism problem.
The short, anonymous quiz, published today, asks a bunch of reasonable questions about gender diversity at ICANN’s physical meetings and online interactions.
The organization wants to know if you think your gender has had any influence on your participation at ICANN, and whether you think it could in your future in the community.
It wants to know if you think ICANN is too male-dominated, whether gender is a barrier to progression, and whether you feel represented by current leadership.
The survey also throws up a few questions I found a little surprising.
Should ICANN be holding “educational” sessions on gender diversity? Should it have “mandatory” diversity “quotas”? Should its meetings have breastfeeding areas? Would people who don’t identify as either gender have difficulty ascending to leadership positions?
Founded in 1998, ICANN is the organization tasked with coordinating certain of the internet’s unique technical identifiers.
Domain President? Dicker fallout continues as Schwartz unleashes tweetstorm
“Domain King” domain investor Rick Schwartz has twunleashed a twirade of Twitter twabuse about deleted podcasts that would put Donald Trump to shame.
Starting late Sunday night and apparently still ongoing at time of publication, Schwartz has been haranguing Michael Cyger, publisher of the DomainSherpa and DNAcademy investor sites, about dozens of deleted DomainSherpa podcasts.
So far, he’s hit send on scores of tweets. A very small sample:
Mike, I think you should stop ignoring Mike Berkens @thedomains & myself before this gets out of control and spills over all over the place.
— Rick Schwartz (@DomainKing) June 11, 2017
Exactly right! So @DomainSherpa should stop being a COWARD and clean this MESS up that HE ALONE CREATED. NOW!!!! SELF-DESTRUCTION! #Domains
— Rick Schwartz (@DomainKing) June 11, 2017
No idea why @DomainSherpa jumped on the thread other day & opened up this GIANT CAN OF WORMS?? Then ignored everything. BAD MOVE! #Domains
— Rick Schwartz (@DomainKing) June 11, 2017
Cyger was the host of the DomainSherpa video podcast, which regularly featured Schwartz and TheDomains publisher Mike Berkens as guests.
Also a regular guest was industry pariah Adam Dicker, who many domainers believe has used shady business practices in his dealings with others in the community.
After stories began to emerge of Dicker’s alleged wrongdoings, Cyger decided to stop using him as a guest. He subsequently removed all previous shows featuring Dicker from the DomainSherpa web site.
Now, Schwartz and Berkens are pissed that the hundreds of hours they volunteered into appearing on the show were wasted, and that hundreds of social media links they used to promote the shows are useless.
The three parties chatted by phone back in March, all seem to agree, about how to resolve this issue.
Cyger says it was agreed that the deleted shows would be replaced by an explanation that the show had been removed.
But Berkens and Schwartz claim that Cyger has in fact been ignoring their requests to reinstate the shows — hence the tweetstorm over the last 24 hours. Cyger denies that claim, and says he believes he did the right thing by removing the shows.
I, for the record, have no opinion on the matter.
Recent Comments