Recent Posts
- Americans and ICANNers avoid Kigali in droves
- RDRS stats improve a little in June
- Unstoppable Domains goes down after domain hijack
- Four more gTLDs in emergency measures
- New gTLDs and ccTLDs drive domain universe growth
- Eight interesting recent dot-brand registrations
- .me premium sales down
- Pride fails to reverse gay domains decline
- Unstoppable announces another new gTLD bid
- Blockchain naming firm gets ICANN accreditation
- ICANN takes over gTLD after Whois failures
- Verisign: would-be .com contract killers are “wrong”
- Five gTLDs at risk as registry goes AWOL
- Groups make flawed case that .com is a cartel
- RDRS usage hits all-time low
- A dot-brand so unloved they killed it twice
- PorkBun hits two million domain milestone
- Crawford returns to industry to head up Com Laude
- ICANN financial data dump a damp squib?
- Unstoppable plotting manga-themed gTLDs
- Governments call for new gTLD auctions ban
- ICANN names new CEO, and it isn’t Costerton
- ICANN: We will NOT police content
- More sticker shock as new gTLD fees could top $300,000
- ICANN slashes staff and domain prices could rise
- Secret new gTLD application revealed
- WhatsApp now linkifying new gTLDs, but…
- Outrage over ICANN’s new gTLD fees
- Barrett gets second term on ICANN board
- DotMusic delays gTLD launch again
- .tm prices to skyrocket next week
- Bitcoin gTLD gets launch dates
- First metaverse gTLD is announced
- Alibaba off the naughty step
- ICANN to kill auction fund bylaws change
- The people have spoken on RDRS and they said “Meh”
- ICANN restarts work on controversial Whois privacy rules
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
Is the Defending Internet Freedom Act pro-crime?
The Defending Internet Freedom Act of 2015, introduced to the US Congress last month, contains a provision that could be interpreted as pro-pron, pro-piracy or even just pro-crime.
The act is designed to prevent the US giving up its oversight of ICANN/IANA unless certain quite strict conditions are met.
It’s a revised version of a bill that was introduced last year but didn’t make it through the legislative process.
Like the 2014 version, it says that the US cannot sever ties with ICANN until its bylaws have been amended in various ways, including:
ICANN is prohibited from engaging in activities unrelated to ICANN’s core mission or entering into an agreement or modifying an existing agreement to impose on a registrar or registry with which ICANN conducts business any condition (such as a condition relating to the regulation of content) that is unrelated to ICANN’s core mission.
It’s the “regulation of content” bit that caught my eye.
Presumably written as a fluffy, non-controversial protection against censorship, it ignores where the real content regulation conversations are happening within the ICANN community.
It’s a constant mantra of ICANN that is “doesn’t regulate content”, but the veracity of that assertion has been chipped away relentlessly over the last several years by law enforcement, governments and intellectual property interests.
Today, ICANN’s contracts are resplendent with examples of what could be argued is content regulation.
Take .sucks, for a timely example. Its Registry Agreement with ICANN contains provisions banning pornography, cyber-bulling and parked pages.
That’s three specific types of content that must not be allowed in any web site using a .sucks domain.
It’s one of the Public Interest Commitments that were voluntarily put forward by .sucks registry Vox Populi, but they’re still enforceable contract provisions.
Using a dispute resolution process (PICDRP), ICANN would be able to levy fines against Vox Pop, or terminate its contract entirely, if it repeatedly allows porn in .sucks web sites.
This sounds quite a lot like content regulation to me.
It’s not just .sucks, of course. Other registries have PICs that regulate the content of their gTLDs.
And every contracted new gTLD registry operator has to agree to this PIC:
Registry Operator will include a provision in its Registry-Registrar Agreement that requires Registrars to include in their Registration Agreements a provision prohibiting Registered Name Holders from distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law, and providing (consistent with applicable law and any related procedures) consequences for such activities including suspension of the domain name.
It’s convoluted, but it basically indirectly forces (via registrars) new gTLD domain registrants to, for example, agree to not infringe copyright.
The PIC is paired with a provision (3.18) of the 2013 Registrar Accreditation Agreement that requires all registrars to investigate and “take necessary and appropriate actions” in response to abuse reports within 24 hours of receipt.
Section 3.18 is essentially the RAA mechanism through which ICANN can enforce the PIC from the RA.
This is currently one of the most divisive issues in the ICANN community, as we witnessed during the recent Congressional hearings into ICANN oversight.
On the one hand, big copyright owners and online pharmacy watchdogs want ICANN to act much more ruthlessly against registrars that fail to immediately take down sites that they have identified as abusive.
On the other hand, some registrars say that they should not have to engage in regulating what content their customers publish, at least without court orders, in areas that can sometimes be amorphously grey and fuzzy.
Steve Metalitz, from a trade group that represents the movie and music industies at ICANN, told the US Congress that registrars are dismissing piracy reports without investigating them, and that “unless registrars comply in good faith, and ICANN undertakes meaningful and substantive action against those who will not, these provisions will simply languish as empty words”.
John Horton from pharmacy watchdog used the same Congressional hearing to out several registrars he said were refusing to comply with 3.18.
One Canadian registrar named in Horton’s testimony told DI that every complaint it has received from LegitScript has been about a web site that is perfectly legal in Canada.
In at least some cases, it seems that those pushing for ICANN to more stringently regulate content may have “internet freedom” as the least of their concerns.
If the Defending Internet Freedom Act becomes law in the US, perhaps it could prove a boon to registries and registrars upset with constant meddling from rights owners and others.
On the other hand, perhaps it could also prove a boon for those operating outside the law.
Group uses FOI to demand entire .nyc Whois database
Former .nyc hopeful Connecting.nyc has requested a dump of the entire .nyc Whois database using freedom of information legislation.
According to a blog post, the group has filed a request under the New York Freedom of Information Law for all 75,000 Whois records.
Connecting.nyc says it wants the data in order to plot every .nyc registrant on a map of the city to see “if the name purchasers were spread evenly over the city or concentrated in a particular neighborhood or borough. And if they were from a particular social or economic strata.”
It says it has spent 10 weeks asking for the data via email but has been rebuffed.
Under ICANN Registry Agreements, registries are under no obligation to offer bulk Whois access. Registrars are supposed to allow it under their accreditation agreements, but are allowed to charge huge sums.
The .nyc space does not allow private registrations. Its Whois data is all publicly accessible and could conceivably be mined via sequential queries.
The new gTLD is managed by Neustar but assigned to the City of New York, making it essentially government-owned.
It will be interesting to see whether Whois access falls under FOI law. Many other geographic gTLDs have government links and may fall under their own respective FOI legislation.
Connecting.nyc once intended to apply for .nyc itself, but is now a sort of self-appointed community watchdog for the gTLD. It’s an At-Large structure within ICANN.
ICANN’s new gTLD survey gives new gTLD awareness numbers
ICANN has released the results of a huge survey focusing on awareness and trust in gTLDs new and old.
The headline number is 46% — that’s the how many of the 6,144 international survey respondents said they were aware of new gTLDs.
The respondents were asked this question:
As you may or may not know, new domain name extensions are becoming available all the time. These new extensions are called new gTLDs.
Which of the following new gTLDs, if any, have you heard of? Please select all that apply.
They were presented with a list comprising .email, .photography, .link, .guru, .realtor, .club and .xyz. These were the biggest seven Latin-script new gTLDs when the survey was developed in January.
Tellingly, .email and .link stole the show, with 28% and 24% awareness respectively. The other five options ranged from 13% for .club to 5% for .xyz.
I think the numbers were influenced by some respondents not quite understanding the question. People are familiar with email and with links as internet concepts, which may have swayed the results.
Akram Atallah, president of ICANN’s Global Domains Division, acknowledged this potential problem in ICANN’s announcement last night, saying:
The survey found that domains with an implied purpose and functional associations, such as .EMAIL, were most often recalled by Internet users. While some of the drivers may be linked to familiarity and general association versus awareness of the extension, we believe it’s a signal that people are receptive to the names.
It’s also notable that, almost 15 years after launch, .biz and .info only have 50% awareness, according to the survey. For .mobi. .pro, .tel and .asia, all released between 2004 and 2008, the awareness was at 37%.
It’s not impossible that new 2012 round — which has generated thousands of headlines — has raised more awareness of new gTLDs.
The survey found that 38% of internet users who were aware of new gTLDs have visited a .email web site in the last year. The number was 28% for .link.
The survey also found that 52% of respondents would consider using a new gTLD if they were setting up a web site in the next six months. The number ranged from 40% for .email to 22% for .xyz.
Among the plethora of other findings, the survey discovered that only 92% of internet users have heard of .com.
Go figure.
The entire survey, carried out by Nielsen, can be found here.
UPDATE: This article was substantially revised a few hours after publication to remove references to the numbers being “nonsense”. This was due to my misreading of the survey questionnaire. My apologies for the confusion.
Two more legacy gTLDs agree to use URS
The registries behind .pro and .cat have agreed to new ICANN contracts with changes that, among other things, would bring the Uniform Rapid Suspension policy to the two gTLDs.
Both gTLD Registry Agreements expire this year. Proposed replacement contracts, based heavily on the base New gTLD Registry Agreement, have been published by ICANN for public comment.
They’re the second and third pre-2012 gTLDs to agree to use URS, which gives trademark owners a simpler, cheaper way to have infringing domains yanked.
Two weeks ago, .travel agreed to the same changes, which drew criticisms from the organization that represents big domain investors.
Phil Corwin of the Internet Commerce Association is worried that ICANN is trying to make URS a de facto consensus policy and thereby bring it to .com, which is still where most domainers have most of their assets.
Following DI’s report about .travel, Corwin wrote last week:
this proposed Registry Agreement (RA) contains a provision through which staff is trying to preempt community discussion and decide a major policy issue through a contract with a private party. And that very big issue is whether Uniform Rapid Suspension (URS) should be a consensus policy applicable to all gTLDs, including incumbents like .Com and .Net.
…
ICANN needs to hear from the global Internet community, in significant volume, that imposing the URS on an incumbent gTLD is unacceptable because it would mean that ICANN staff, not the community, is determining that URS should be a consensus policy and thereby undermining the entire bottom-up policy process. Domain suspensions are serious business – in fact they were at the heart of the SOPA proposal that inspired millions of emails to the US Congress in opposition.
The concern about .com may be a bit over-stated.
Verisign’s current .com contract is presumptively renewed November 2018 provided that it adopts terms similar to those in place at the five next-largest gTLDs.
Given that .net is the second-largest gTLD, and that .net does not have URS, we’d have to either see .net’s volume plummet or at least five new gTLDs break through the 15 million domains mark in the next three years, both of which seem extraordinarily unlikely, for .com to be forced to adopt URS.
However, if URS has become an industry standard by then, political pressure could be brought to bear regardless.
Other changes to .pro and .cat contracts include a change in ICANN fees.
While .pro appears to have been on the standard new gTLD fee scheme since 2012, .cat is currently paying ICANN $1 per transaction.
Under the new contract, .cat would pay $0.25 per transaction instead, but its annual fixed fee would increase from $10,000 to $25,000.
.sucks extends controversial sunrise, delays GA
Vox Populi has extended the pricey .sucks sunrise period for three weeks, saying trademark owners need more time to participate.
Sunrise was due to end this week, with general availability kicking off today.
But Vox Pop has extended the period to June 19, with GA starting two days later.
In an email blast to fellow attendees of the INTA 2015 intellectual property conference, the registry said it has “discovered that far too many intellectual property lawyers and company executives were unaware of the registry or the availability of its names.”
Other brands were unaware of the Trademark Clearinghouse, the email said.
“Additionally, we have seen an influx of applications in the final days and hours of our TMCH Sunrise Period,” Vox Pop said.
“We are concerned about the extent of awareness and rush, and so have decided that the responsible move is to add a bit more time to the equation by extending the TMCH Sunrise period,” it said.
The change in timings have been announced on the registry’s web site.
While it’s possible to read the move cynically — a way for Vox Pop to claw more cash from rights holders — it’s not particularly unusual.
It is not unheard of for launching TLDs to extend their sunrise periods in order to deal with late demand.
Anecdotally, trademark owners tend to delay sunrise purchasing decisions until towards the end of sunrise windows, creating the impression of growing demand and adding pressure to processing cycles.
The .sucks sunrise has come under fire for its pricing — a $1,999 registry fee that is being marked up by registrars by everything from $20 to many hundreds of dollars.
.berlin CEO prime suspect in ICANN data breach
dotBerlin CEO Dirk Krischenowski is suspected of using a bug in ICANN’s new gTLD portal to access hundreds of confidential documents, some containing sensitive financial planning data, belonging to competing gTLD applicants.
That’s according to ICANN documents sent by a source to DI today.
Krischenowski, who has through his lawyer “denied acting improperly or unlawfully”, seems to be the only person ICANN thinks abused its portal’s misconfigured search feature to deliberately access rivals’ secret data.
ICANN said last night that “over 60 searches, resulting in the unauthorized access of more than 200 records, were conducted using a limited set of user credentials”.
But ICANN, in private letters to victims, has been pinning all 60 searches and all 200 access incidents on Krischenowski’s user credentials.
Some of the incidents of unauthorized access were against applicants Krischenowski-run companies were competing against in new gTLD contention sets.
The search terms used to find the private documents included the name of the rival applicant on more than one occasion.
In more than once instance, the data accessed using his credentials was a confidential portion of a rival application explaining the applicant’s “worst case scenario” financial planning, the ICANN letters show.
I’ve reached out to Krischenowski for comment, but ICANN said in its letters to victims:
[Krischenowski] has responded through legal counsel and has denied acting improperly or unlawfully. The user has stated that he is unable to confirm whether he performed the searches or whether the user’s account was used by unauthorized person(s). The user stated that he did not record any information pertaining to other users and that he has not used and will not use the information for any purpose.
Krischenowski is a long-time proponent of the new gTLD program who founded dotBerlin in 2005, many years before it was possible to apply.
Since .berlin launched last year it has added 151,000 domains to its zone file, making it the seventh-largest new gTLD.
The bug in the ICANN portal was discovered in February.
The results on an audit completed last month showed that over the last two years, 19 users used the glitch to access data belonging to 96 applicants and 21 registry operators.
There were 330 incidents of unauthorized access in total, but ICANN seems to have dismissed the non-“Krischenowski” ones as inadvertent.
An ICANN spokesperson declined to confirm or deny Krischenowski is the prime suspect.
Its investigation continues…
FTC slams new gTLDs but waffles over .sucks legality
The US Federal Trade Commission has made some strong criticisms of the new gTLD program but has refused to answer the question of whether .sucks is behaving illegally.
In a letter to ICANN today (pdf), FTC chair Edith Ramirez took the opportunity to ask for a bunch of changes to the program.
But she declined to reply to ICANN’s original question, which was: are Vox Populi’s launch policies and pricing illegal?
Ramirez said she “cannot comment on the existence of any pending investigations” but said “the FTC will monitor the activities of registries and other actors in this arena” and “will take action in appropriate cases”.
She goes on to make three “recommendations” about new gTLDs in general.
She wants ICANN to “encourage the best practice” of all domain registrants to prominently identify themselves on their web sites, so that consumers are not confused.
This will never happen.
Ramirez then says rights protection mechanisms should be strengthened to prevent companies like Vox Pop violating the “spirit” of the RPMs by charging such high prices.
Finally, she echoes the advice of the Governmental Advisory Committee in asking for gTLDs representing regulated industries to have much more stringent registration requirements.
ICANN is of course under no obligation to take these recommendations as anything other than the comments of a single community member.
It’s good news for .sucks — without a determination of illegal behavior ICANN presumably has no reason to act against it.
It remains to be seen what the Canadian regulator, which ICANN also contacted for guidance, will say.
UPDATE: ICANN has just released the following statement from general counsel John Jeffrey:
We want to thank Chairwoman Ramirez for her response and for the FTC’s active interest in ICANN.
We greatly appreciate the Chairwoman’s stated understanding and appreciation of the importance of the concerns ICANN had conveyed regarding the .SUCKS gTLD rollout, as well as the broader set of consumer protection issues relating to the new gTLD program that the FTC has restated in the Chairwoman’s letter.
The FTC’s comments on consumer protection issues throughout the new gTLD program have been an important part of the dialogue of the ICANN community relating to these topics.
ICANN fingers perps in new gTLD breach
A small number of new gTLD registries and/or applicants deliberately exploited ICANN’s new gTLD portal to obtain information on competitors.
That’s my take on ICANN’s latest update about the exploitation of an error in its portal that laid confidential financial and technical data bare for two years.
ICANN said last night:
Based on the information that ICANN has collected to date our investigation leads us to believe that over 60 searches, resulting in the unauthorized access of more than 200 records, were conducted using a limited set of user credentials.
The remaining user credentials, representing the majority of users who viewed data, were either used to:
Access information pertaining to another user through mere inadvertence and the users do not appear to have acted intentionally to obtain such information. Access information pertaining to another user through mere inadvertence and the users do not appear to have acted intentionally to obtain such information. These users have all confirmed that they either did not use or were not aware of having access to the information. Also, they have all confirmed that they will not use any such information for any purpose or convey it to any third party; or
Access information of an organization with which they were affiliated. At the time of the access, they may not have been designated by that organization as an authorized user to access the information.
We can infer from this that the 60 searches, exposing 200 records, were carried out deliberately.
I asked ICANN to put a number on “limited set of user credentials” but it declined.
The breach resulted from a misconfiguration in the portal that allowed new gTLD applicants to view attachments to applications that were not their own.
ICANN knows who exploited the bug — inadvertently or otherwise — and it has told the companies whose data was exposed, but it’s not yet public.
The information may come out in future, as ICANN says the investigation is not yet over.
Was your data exposed? Do you know who accessed it? You know what to do.
New gTLD phishing still tiny, but .xyz sees most of it
New gTLDs are not yet being widely used to carry out phishing runs, but most such attacks are concentrated in .xyz.
That’s one of the conclusions of the Anti-Phishing Working Group, which today published its report for the second half of 2014.
Phishing was basically flat in the second half of the year, with 123,972 recorded attacks.
The number of domains used to phish was 95,321, up 8.4% from the first half of the year.
However, the number of domains that were registered maliciously in order to phish (as opposed to compromised domains) was up sharply — by 20% to 27,253 names.
In the period, 272 TLDs were used, but almost 54% of the attacks used .com domains. In terms of maliciously registered domains, .com fared worse, with over 62% share.
According to APWG, 75% of maliciously registered domains were in .com, .tk, .pw, .cf and .net.
Both .tk and .cf are Freenom-administered free ccTLDs (for Tokelau and the Central African Republic) while low-cost .pw — “plagued” by Chinese phishers — is run by Radix for Palau.
New gTLDs accounted for just 335 of the maliciously registered domains — 1.2% of the total.
That’s about half of what you’d expect given new gTLDs’ share of the overall domain name industry.
Twenty-four new gTLDs had malicious registrations, but .xyz saw most of them. APWG said:
Almost two-thirds of the phishing in the new gTLDs — 288 domains — was concentrated in the .XYZ registry. (Of the 335 maliciously registered domains, 274 were in .XYZ.) This is the first example of malicious registrations clustering in one new gTLD, and we are seeing more examples in early 2015.
XYZ.com aggressively promoted cheap or free .xyz names during the period, but APWG said that only four .xyz phishing names were registered via freebie partner Network Solutions.
In fact, APWG found that most of its phishing names were registered via Xin Net and used to attack Chinese brands.
But, normalizing the numbers to take account of different market shares, .xyz shapes up poorly when compared to .com and other TLDs, in terms of maliciously registered domains. APWG said:
XYZ had a phishing-per-10,000-domains score of 3.6, which was just slightly above the average of 3.4 for all TLDs, and lower than .COM’s score of 4.7. Since most phishing domains in .XYZ were fraudulently registered and most in .COM compromised, .XYZ had a significantly higher incidence of malicious domain registrations per 10,000 coming in at 3.4 versus 1.4 for .COM.
APWG said that it expects the amount of phishing to increase in new gTLDs as registries, finding themselves in a crowded marketplace, compete aggressively on price.
It also noted that the amount of non-phishing abuse in new gTLDs is “much higher” than the phishing numbers would suggest:
Tens of thousands of domains in the new gTLDs are being consumed by spammers, and are being blocklisted by providers such as Spamhaus and SURBL. So while relatively few new gTLD domains have been used for phishing, the total number of them being used maliciously is much higher.
The number of maliciously registered domains containing a variation on the targeted brand was more or less flat, up from 6.6% to 6.8%.
APWG found that 84% of all phishing attacks target Chinese brands and Chinese internet users.
The APWG report can be downloaded here.
UPDATE: XYZ.com CEO Daniel Negari responded to the report by pointing out that phishing attacks using .xyz have a much shorter duration compared to other TLDs, including .com.
According to the APWG report, the average uptime of an attack using .xyz is just shy of 12 hours, compared to almost 28 hours in .com. The median uptime was a little over six hours in .xyz, compared to 10 hours in .com.
Negari said that this was due to the registry’s “aggressive detection and takedowns”. He said XYZ has three full-time employees devoted to handling abuse.
Draconian Chinese crackdown puts domain industry at risk
The vast majority of top-level domain registries could soon be banned from selling domains into China due to a reported crackdown under a decade-old law.
That’s according to Allegravita, a company that helps registries with their go-to-market strategies in the country.
Allegravita released a report last week claiming that Chinese registrars will be forbidden to sell domains in TLDs that are not on a government-approved list.
The crackdown could come as early as July, the report says:
Foreign registries which have not applied for Chinese market approval are advised to do so in the near term, as unapproved Top-Level Domains are likely to be taken off the market from July this year.
As of April 30, there were only only 14 TLDs on the approved list. All of them are run by Chinese registries and only five do not use Chinese script.
Not on the list: every legacy gTLD, including .com, as well as every ccTLD apart from .cn.
The Draconian move is actually the implementation of regulations introduced by China’s Ministry of Industry and Information Technology over a decade ago but not really enforced since.
As I reported in December, Donuts was facing problems launching its Chinese-script gTLDs due to this red tape.
MIIT announced in 2012 that new gTLD applicants would need licenses to sell into China.
According to Allegrevita, which until recently was working heavily with TLD Registry (“.chinesewebsite”) on its entry into the country, it’s “no longer ambiguous” that MIIT has asserted full oversight of the domain industry in China.
MIIT’s crackdown appears to be focused on the 93 Chinese registrars it has approved to do business.
Allegravita says these companies will not be allowed to sell unapproved TLD domains to Chinese registrants, but that existing registrations will be grandfathered:
by sometime in July 2015, the MIIT will not permit unapproved registries to operate or offer their domains for sale in China. The MIIT will not interfere with existing domain registrations for unapproved registries; however, new registrations will not be permitted to be sold by Chinese registrars to Chinese registrants.
Presumably, non-Chinese registrars will reap the benefits of this as Chinese would-be registrants look elsewhere to buy their domains.
China is an important market for many registries, particularly the low-cost ones.
Judging by MIIT’s web site, getting approval to sell your TLD in China involves a fairly stringent set of requirements, including having a local presence.
MIIT said in a press release last month that the “special action” is designed “to promote the healthy development of the Internet, to protect China’s Internet domain name system safe and reliable operation
Recent Comments