Recent Posts
- Salesforce to apply for a dot-brand
- Team Internet looking to break up
- Noss to leave Tucows corner office
- Rubens Kühl has died
- Sinha angry with Chapman’s firing as ICANN vice chair
- Glitch redux: ICANN screws up new gTLD security again
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
India’s biggest bank switches to dot-brand
State Bank of India has announced plans to migrate all of its web sites to its new dot-brand gTLD.
The company has been responsible for .sbi since it was delegated by ICANN last April, but bank.sbi is its first live domain name.
Currently, while bank.sbi is live and resolving, the old domain sbi.co.in appears to still be its primary address.
However, SBI said “all of the bank’s internet presence… shall soon be migrated to the .sbi gTLD”.
There will be a period of crossover while customers get used to the change, it said in a press release.
The bank said: “a gTLD site like .sbi conveys an assurance to the customer that the site is authorised, genuine and is not an inappropriate or phishing site”.
The move is perhaps significant given that SBI is state-owned, and one might expect some level of nationalism when it comes to domain choice.
But SBI, India’s largest bank with $490 billion in assets under management, is not the first bank to say it plans to use its dot-brand as its primary TLD.
BNP Paribas, the world’s biggest non-Chinese bank, uses .bnpparibas for almost everything, particularly in its native France. It has three domains in the Alexa top 100,000 most-visited web sites.
Others with dot-brands in use include Barclays and Citi.
Activist investor says eNom was sold too cheap
J Carlo Cannell, the activist investor who has been circling Rightside for the last year or so, was unimpressed with the company’s recent sale of eNom to Tucows.
In a letter published as a Securities and Exchange Commission filing last week, Cannell announced that he has started up a support group for fellow “concerned” investors.
In the distinctly loveless Valentine’s Day missive, Cannell called for Rightside to be acquired, go private or issue a big dividend to investors, and said he intends to campaign to have the board of directors replaced.
On the eNom sale, Cannell wrote that the $76.7 million deal “marks a step in the right direction” for the company, but that he was “not satisfied” with the price or the $4 million legal fees accrued. He wrote:
Conversations with management suggest that the Company took only two months to evaluate and close the transaction. Perhaps if they had been more patient and diligent, shareholders would have enjoyed more than the 0.5x 2016 revenues which they received in this “shotgun sale”.
This price was a fraction of Tucows’ own valuation of 2.6x 2016 estimated revenue. For the two trading sessions following the eNom transaction, NAME traded up 10% while TCX was up 32%, suggesting that investors believe it was a better deal for TCX shareholders than NAME shareholders.
The deal was described at the time by Tucows’ CEO Elliot Noss as an “individual opportunistic transaction”.
Noss later told analysts that the eNom business was floundering, “a flat, potentially even slightly negative-growth business”.
Cannell said last week he has formed Save NAME Group, named after Rightside’s ticker symbol, as a means to exert pressure on the board.
He said it is currently “difficult to justify” the company remaining publicly listed, and that the “sale of the entire company” or a “special and substantial dividend” could help appease shareholders.
He said Rightside agreed last August to let him name a new director, but has dragged its feet approving his suggestion, adding:
SNG intends to become more active and vocal in its efforts to force change at NAME. SNG has compiled a slate of qualified candidates. The names and identity of these candidates shall be disclosed periodically together with other neutral and reliable facts to support the contention of SNG that some or all of the board of NAME needs to be replaced.
Cannell, who owns about 9% of Rightside, first emerged as a critic of the company a year ago.
At that time, he called for the company to ditch its “garbage” new gTLD registries in favor of a focus on its higher-margin eNom business.
He was supported by Uniregistry CEO Frank Schilling, then also a Rightside investor in addition to a competitor.
Phishing in new gTLDs up 1,000% but .com still the worst
The .com domain is still the runaway leader TLD for phishing, with new gTLDs still being used for a tiny minority of attacks, according to new research.
.com domains accounted for 51% of all phishing in 2016, despite only having 48% of the domains in the “general population”, according to the 2017 Phishing Trends & Intelligence Report
from security outfit PhishLabs.
But new gTLDs accounted for just 2% of attacks, despite separate research showing they have about 8% of the market.
New gTLDs saw a 1,000% increase in attacks on 2015, the report states.
The statistics are based on PhishLabs’ analysis of nearly one million phishing sites discovered over the course of the year and include domains that have been compromised, rather than registered, by attackers.
The company said:
Although the .COM top-level domain (TLD) was associated with more than half of all phishing sites in 2016, new generic TLDs are becoming a more popular option for phishing because they are low cost and can be used to create convincing phishing domains.
…
There are a few reasons new gTLDs are gaining traction in the phishing ecosystem. For one, some new gTLDs are incredibly cheap to register and may be an inexpensive option for phishers who want to have more control over their infrastructure than they would with a compromised website. Secondly, phishers can use some of the newly developed gTLDs to create websites that appear to be more legitimate to potential victims.
Indeed, the cheapest new gTLDs are among the worst for phishing — .top, .xyz, .online, .club, .website, .link, .space, .site, .win and .support — according to the report.
But the numbers show that new gTLDs are significantly under-represented in phishing attacks.
According to separate research from CENTR, there were 309.4 million domains in existence at the end of 2016, of which about 25 million (8%) were new gTLDs.
Yet PhishLabs reports that new gTLD domains were used for only about 2% of attacks.
CENTR statistics have .com with a 40% share of the global domain market, with PhishLabs saying that .com is used in 51% of attacks.
The difference in the market share statistics between the two sets of research is likely due to the fact that CENTR excludes .tk from its numbers.
Again, because PhishLabs counts hacked sites — in fact it says the “vast majority” were hacked — we should probably exercise caution before attributing blame to registries.
But PhishLabs said in its report:
When we see a TLD that is over-represented among phishing sites compared to the general population, it may be an indication that it is more apt to being used by phishers to maliciously register domains for the purposes of hosting phishing content. Some TLDs that met these criteria in 2016 included .COM, .BR, .CL, .TK, .CF, .ML, and .VE.
By far the worst ccTLD for phishing was Brazil’s .br, with 6% of the total, according to the report.
Also notable were .uk, .ru, .au, .pl, and .in, each with about 2% of the total, PhishLabs said.
Belgium domains will be registered in Ireland after cloud move
DNS Belgium, operator of .be, has moved its shared registration systems to the cloud, the non-profit said last week.
The registry migrated from a self-hosted system to Amazon Web Services on February 11.
It’s an effort to cut costs, increase efficiency, and free up engineering time currently dedicated to non-core functions such as hardware maintenance, executives said.
“As AWS sees to the hardware, connectivity etc., DNS Belgium can focus on the layers above, such as the software,” general manager Philip Du Bois said in a press release.
Business development manager Lut Goedhuys said that while the system has been moved to the cloud, AWS allows customers to select the data centers where their applications will be stored.
DNS Belgium picked Ireland, she said.
GoDaddy sold over $1 billion of domains in 2016
GoDaddy’s domain sales topped $1 billion for the first time last year, CEO Blake Irving told analysts this week.
The milestone was revealed as the registrar reported its fourth-quarter and full-year 2016 earnings late Wednesday.
In the fourth quarter, the company had a net loss of $800,000, compared to a year-ago loss of $500,000, on revenue that was up 14.2% at $485.9 million.
For the year, its loss was $21.9 million, compared to $120.4 million in 2015, on revenue that was up 15% at $1.85 billion.
GoDaddy also breaks out its revenue by segment, showing that domains revenue was up 11.2% at $242.5 million for the fourth quarter and up 11% at $927.8 million for the year.
Domain “bookings” — a somewhat informal measure that gives an indication of cash sales from domain names (as opposed to revenue under GAAP accounting) — surpassed $1 billion for the first time, Irving said.
Blah blah ICANN blah .africa blah delegated blah blah…
Today blah blah ZA Central Registry blah blah .africa blah delegated blah.
ICANN blah blah root blah. Blah blah ZACR blah nic.africa.
Blah blah five years blah blah contention blah lawsuit blah blah DotConnectAfrica blah. Blah blah Bekele blah IRP blah.
ICANN blah blah Governmental Advisory Committee blah blah blah African Union blah blah blah.
Blah blah Geographic Names Panel blah blah controversy blah blah blah blah lawsuit blah blah blah leg to stand on.
Registry Africa celebrates delegation of .africa#ForAfricansByAfricans #WeAreLive pic.twitter.com/UXZX6yKSPV
— dotAfrica (@africandomain) February 15, 2017
Blah racist blah blah conspiracy blah blah blah… nutty. Blah.
Blah reporting blah damned blah story blah forever blah blah bored blah blah blah blah.
Blah blah blah.
Nigger.com returned to NAACP after expiration prompts $10,000 auction
US civil rights group the National Association for the Advancement of Colored People has reclaimed the domain name nigger.com after it expired and went to auction.
The names nigger.org and nigger.net were also affected, but according to Whois records the NAACP restored all three yesterday.
The names had been in pending renewal/delete status for three weeks, during which time the registrant was listed as Perfect Privacy, Web.com’s proxy/privacy provider.
While expired, the .com had been placed (presumably automatically) in a NameJet auction, as first reported by Raymond Hackney at The Domains.
At time of writing, the auction had attracted 72 bids and a high offer of $10,000.
It was a “Wish List Auction”, indicating that the domain’s prior registrant had not yet exhausted all options to have the name restored.
As Hackney noted, if these domains fell into the wrong hands it could have a negative impact on race relations in the US.
But the NAACP, which first got hold of the domains almost 20 years ago, seems to have had a remarkably lackadaisical attitude to them over the last few years.
Not only did it accidentally allow the names to expire, but DomainTools and Archive.org captures show that the associated web sites had been compromised repeatedly since late 2014.
Every capture since late 2014 shows taunting, racist messages from the hackers, at least one of which associated himself with troll group the “Gay Nigger Association of America”.
Five more new gTLDs, one in English, get the nod from China
Top Level Design’s .ink has become the sixth new gTLD in the Latin alphabet to be approved for sale in China.
It was one of four new gTLDs given regulatory approval to begin operating properly in the country late last week. The others were all in Chinese script.
From Finnish-founded TLD Registry, .中文网 (“Chinese web site”) and .在线 (“Chinese online”) gained approval.
From local outfit Guangzhou Yuwei Information Technology Co, .集团 (“group”) and .我爱你 (“I love you”) were given the nod.
It’s the third batch of new gTLDs to get Chinese government approval since .vip, .club and .xyz in December. In January, .site and .shop joined their ranks.
Under China’s Draconian domain name regulations, only domains registered via local registries and registrars may be used.
Registries from outside the country have had to set up a local corporate presence and agree to China’s censorship policies in order to be compliant.
Angry reactions to “UDRP for copyright”
The Electronic Frontier Foundation and Internet Commerce Association are among those expressing initial concern about the introduction of a new “UDRP for copyright” mechanism by the Domain Name Association.
The EFF said the DNA’s new proposals want registries to become “private arbiters of online speech”, while the ICA expressed concern that the proposals could circumvent the usual ICANN policy-making process.
As we reported earlier in the week, the DNA has set out a set of four “healthy practices” (the term “best practices” was deliberately avoided, I’m told) for registries and registrars, under the banner of its Healthy Domains Initiative.
The first three sets of recommendations cover malware, child abuse material and fake pharmacies and are relatively non-controversial.
However, the surprising fourth proposal seeks to give copyright holders a means to suspend or seize control of domain names where they have “clear and convincing evidence” of “pervasive and systemic copyright infringement”.
While the details have yet to be finalized, it appears to be targeted at sites such as The Pirate Bay, which are used for pretty much nothing but copyright infringement.
“This is a terrible proposal,” the EFF’s Jeremy Malcolm and Mitch Stoltz wrote yesterday:
The content that happens to be posted within [a] website or service has nothing to do with the domain name registrar, and frankly, is none of its business. If a website is hosting unlawful content, then it is the website host, not the domain registrar, who needs to take responsibility for that
They added:
it seems too likely that any voluntary, private dispute resolution system paid for by the complaining parties will be captured by copyright holders and become a privatized version of the failed Internet censorship bills SOPA and PIPA
Those are references to two proposed US laws, the Stop Online Piracy Act and Protect IP Act, that attracted lots of criticism and never saw the light of day.
The ICA, in a separate post on its own site, expressed concerns that private initiatives such as the HDI could give trademark holders another way to route around ICANN policies they do not like.
Noting that trademark protection mechanisms are already under review in a ICANN working group, ICA counsel Phil Corwin wrote:
What if the final consensus decision of that WG is that the URS remedy should remain domain suspension and not transfer, or that the UDRP standard of “bad faith registration and use” should remain as is? Are TM owners then free to develop their own “best practices” that include domain transfer via URS, or a bad faith registration or use standard? What’s the point of going through a multi-year exercise if those dissatisfied with the result can seek stiffer private policies? Just how many bites at the apple should trademark holders get
Both ICA and EFF expressed concern that the new DNA proposals seemed to have been developed without the broad input of members.
Stoltz and Malcolm wrote:
In any purported effort to develop a set of community-based principles, a failure to proactively reach out to affected stakeholders, especially if they have already expressed interest, exposes the effort as a sham.
Corwin wrote:
ICA had no advance knowledge of the details of HDI and no opportunity to provide substantive input. So our fingerprints are nowhere on it.
The Copyright ADRP proposal appears to be the brainchild of Public Interest Registry, the .org registry.
PIR general counsel Liz Finberg told DI earlier this week that PIR is working with arbitration provider Forum to finalize the rules of the process and hopes to implement it in .org before the end of the first quarter.
No other registry has publicly stated similar plans to my knowledge.
The HDI recommendations are completely voluntary and registries/ars are free to adopt them wholly, partially or not at all. They are not ICANN policies.
.africa to finally go live after judge denies injunction
A Los Angeles court has rejected a demand for a preliminary injunction preventing ICANN delegating .africa, meaning the new gTLD can go live soon.
Judge Howard Halm ruled February 3, in documents published last night, that the “covenant not to sue” signed by every new gTLD applicant is enforceable and that Africans are being harmed as long as .africa is stuck in legal limbo.
The ruling comes two and a half years after ZA Central Registry, the successful of the two .africa applicants, signed its Registry Agreement with ICANN.
Rival applicant DotConnectAfrica, rejected because it has no African government support, is suing ICANN for fraud, alleging that it failed to follow its own rules and unfairly favored ZACR from the outset.
Unfortunately, the ruling does not address the merits of these claims. It merely says that DCA is unlikely to win its suit due to the covenant it signed.
Halm based his decision on the precedent in Ruby Glen v ICANN, the Donuts lawsuit that seeks to stop ICANN awarding .web to Verisign. The judge in that case ruled last November that Donuts signed away its right to sue.
An earlier judge in the DCA v ICANN case had ruled — based at least in part on a misunderstanding of the facts — that the covenant was unenforceable, but that decision now seems to have been brushed aside.
Halm was not convinced that DCA would suffer irreparable harm if ZACR got given .africa, writing:
The .Africa gTLD can be re-delegated to DCA in the event DCA prevails in this litigation… Further, it appears that any interim harm to DCA can be remedied by monetary damages
He balanced this against the harm of NOT delegating .africa:
The public interest also weighs in favor of denying the injunction because the delay in the delegation of the .Africa gTLD is depriving the people of Africa of having their own unique gTLD.
So what now?
ICANN said in a statement: “In accordance with the terms of its Registry Agreement with ZACR for .AFRICA, ICANN will now follow its normal processes towards delegation.”
As of this morning, ZACR’s .africa bid is officially still marked as “On Hold” by ICANN, though this is likely to change shortly.
Assuming ZACR has already completed pre-delegation testing, delegation itself could be less than a week away.
If DCA’s record is anything to go by, it seems unlikely that this latest setback will be enough to get it to abandon its cause.
Its usual MO whenever it receives an adverse decision or criticism is to double down and start screaming about conspiracies.
While the injunction was denied, the lawsuit itself has not been thrown out, so there’s still plenty of time for more of that.
You can read Halm’s ruling here (pdf).
Recent Comments