Recent Posts
- TV network rebrands on single-letter domain
- First registry gets breach notice over new abuse rules
- Americans and ICANNers avoid Kigali in droves
- RDRS stats improve a little in June
- Unstoppable Domains goes down after domain hijack
- Four more gTLDs in emergency measures
- New gTLDs and ccTLDs drive domain universe growth
- Eight interesting recent dot-brand registrations
- .me premium sales down
- Pride fails to reverse gay domains decline
- Unstoppable announces another new gTLD bid
- Blockchain naming firm gets ICANN accreditation
- ICANN takes over gTLD after Whois failures
- Verisign: would-be .com contract killers are “wrong”
- Five gTLDs at risk as registry goes AWOL
- Groups make flawed case that .com is a cartel
- RDRS usage hits all-time low
- A dot-brand so unloved they killed it twice
- PorkBun hits two million domain milestone
- Crawford returns to industry to head up Com Laude
- ICANN financial data dump a damp squib?
- Unstoppable plotting manga-themed gTLDs
- Governments call for new gTLD auctions ban
- ICANN names new CEO, and it isn’t Costerton
- ICANN: We will NOT police content
- More sticker shock as new gTLD fees could top $300,000
- ICANN slashes staff and domain prices could rise
- Secret new gTLD application revealed
- WhatsApp now linkifying new gTLDs, but…
- Outrage over ICANN’s new gTLD fees
- Barrett gets second term on ICANN board
- DotMusic delays gTLD launch again
- .tm prices to skyrocket next week
- Bitcoin gTLD gets launch dates
- First metaverse gTLD is announced
- Alibaba off the naughty step
- ICANN to kill auction fund bylaws change
- The people have spoken on RDRS and they said “Meh”
- ICANN restarts work on controversial Whois privacy rules
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
VeriSign launches free cloud domain security service
VeriSign is to offer registrars a hosted DNSSEC signing service that will be free for names in .com and the company’s other top-level domains.
The inventively named VeriSign DNSSEC Signing Service offloads the tasks associated with managing signed domains and is being offered for an “evaluation period” that runs until the end of 2011.
DNSSEC is an extension to DNS that allows domains to be cryptographically signed and validated. It was designed to prevent cache poisoning attacks such as the Kaminsky Bug.
It’s also quite complex, requiring ongoing secure key management and rollover, so I expect the VeriSign service, and competing services, will be quite popular among registrars reluctant to plough money into the technology.
While some gTLDs, including .org, and dozens of ccTLDs, are already DNSSEC-enabled, VeriSign doesn’t plan on bringing the technology online in .com and .net until early next year.
The ultimate industry plan is for all domain names to use DNSSEC before too many years.
One question I’ve never been entirely clear on was whether the added costs of implementing DNSSEC would translate into premium-priced services or price increases at the registrar checkout.
A VeriSign spokesperson told me:
The evaluation period is free for VeriSign-managed TLDs and other TLDs. After that period, the VeriSign-managed TLDs will remain free, but other TLDs will have $2 per zone annual fee.
In other words, registrars will not have to pay to sign their customers’ .com, .net, .tv etc domains, but they will have to pay if they choose to use the VeriSign service to sign domains in .biz, .info or any other TLD.
.CO publishes domain seizure policy
.CO Internet reserves the right to shut down your .co domain name if you’re being naughty.
That’s pretty much what the company has said today with the announcement of its Rapid Domain Compliance Process.
the Rapid Domain Compliance Process gives the .CO Registry the ability to quickly lock, cancel, transfer or take ownership of any .CO domain name, either temporarily or permanently, if the domain name is being used in a manner that appears to threaten the stability, integrity or security of the .CO Registry, or any of its registrar partners – and/or that may put the safety and security of any registrant or user at risk.
While the company has not published full details of how the system works, it seems to be based on security monitoring carried out by Neustar, the registry’s back-end provider, rather than a complaints-driven procedure.
Verboten activities include, as you might expect given .co’s vulnerability to typos, phishing, as well as distributing malware and child pornography.
What’s surprising about this is that .CO Internet is being “proactive” about shutting down sites, rather than waiting to receive complaints to its abuse@ address.
While the announcement is undoubtedly good for the registry’s corporate responsibility image, it also has the potential to backfire horribly if mistakes are made.
Initiatives to block web sites considered security risks almost always lead to false positives.
Even when genuinely criminal sites are taken down, it can lead to loud (if spurious) claims of “censorship”, as we discovered this week with the .com seizures in the US – and they had a court order.
.CO Internet’s policy does not explicitly place piracy or selling counterfeit goods on its naughty list, but it doesn’t rule them out either.
Not to be too cynical, but I give it six months before the first “seized” domain owner cries foul.
Porn industry “ready for war” with .xxx
The Free Speech Coalition and ICM Registry are poised to do battle over the .xxx top-level domain at next week’s ICANN meeting in Cartagena, Colombia.
The FSC, which has opposed the porn-only domain for years, is trying to rally its troops with a flyer declaring it’s “Ready For War”, illustrated with a photograph apparently of Cartagena’s battlements.
(Apropos, really, given the city’s history fighting off the British and ICM’s habit of recruiting Brits for key positions.)
The FSC said on its blog:
the majority of adult Internet business owners and webmasters do not support being categorized in an Internet ghetto that will cost them millions in extra fees annually and also make it easier for anti-adult entities to censor and block their sites.
The trade group will be represented at the meeting by executive director Diane Duke and chair Jeffrey Douglas.
But ICM will have them out-gunned almost 10-to-1. President Stuart Lawley tells me the company is sending 19 people to the meeting.
Discussion of the .xxx TLD is on the ICANN board’s agenda for its meeting Friday December 10. I think it’s quite likely to be approved at that time.
The main stumbling block for ICM is ICANN’s Governmental Advisory Committee, which has expressed reservations about the domain over the years and is firmly opposed to “controversial” TLDs.
Which way the vote swings will depend greatly on what the GAC has to say, and how the power struggle it’s currently engaged in with ICANN pans out.
Here’s part of the FSC’s flyer.
.SO extends sunrise, delays landrush
.SO Registry, the company behind the newly launched Somalian top-level domain, has added an extra month to its sunrise period and delayed its landrush accordingly.
The trademark-holders-only sunrise was due to run for the month of November. Instead, it will now end December 31.
The registry said on Thursday that the changes were made “due to the high demand” for sunrise registrations.
The landrush, which will be open to all, is now scheduled to launch January 11.
File-sharers try to create .p2p domain
A move to create a .p2p top-level domain outside of the regular DNS root is under way.
Following the outcry over the US government’s seizure of 82 .com domain names this weekend, a group of coders have decided to create a namespace not overseen by ICANN (which had nothing to do with it).
It’s not entirely clear to me how many projects have launched.
There’s a blog over here that talks about a “distributed DNS” that would be “decentralized”, but this new wiki seems to be limited to the idea of launching .p2p as a TLD.
(Interestingly, dot-p2p.org appears to have been registered several days prior to the weekend’s domain name seizures)
The .p2p project plans to create an application that would intercept all DNS requests for .p2p domains and route them via a peer-to-peer network rather than the user’s regular DNS servers.
This presumably means that the entire .p2p zone file could wind up being stored on endpoints, which sounds like a scalability challenge to me.
More problematic is the the issue of “decentralization”, which is of course critical when you’re talking about trustworthy DNS. It can be summed up in this sentence:
“Hello, I’m bankofamerica.com.”
If anybody can claim to own any domain name, you need to be able to figure out who’s telling the truth.
The .p2p initiative seems to be dealing with this by, um, centralizing control over .p2p domain assignments to a free “registrar” at nic.p2p.
To prevent warehousing, registrants would need to prove they already own the string in another TLD in order to register the equivalent .p2p domain.
The project is obviously in its very early stages, as demonstrated by this wiki page, which tries to figure out the problem of decentralization using some kind of trust/voting system.
Here’s an example of the lack of thought that seems to have gone into it so far:
A small conflict, not malicious
1. Alice assigns fbi.p2p -> 1.1.1.1.
2. Bob propagates the assignment to his node, because he trusts Alice.
3. Dave assigns fbi.p2p -> 2.2.2.2. Conflict created.
4. Carol sees the conflict and:
– Decides to just follow the decision of her trustees and assigns fbi.p2p -> 2.2.2.2, or
– Does not create any assignment. There will be a warning and she will try to work out the problem with others.
5. Everyone will try to agree on a solution.
The page also currently includes this beauty:
Botnet-driven attack
1. Chuck owns a botnet and uses 10^6+ zombies to game the system.
2. Shitload of fake request need to be disproved
3. …
4. Problem? :U
The project seems like a heck of a lot of wheel-reinventing in order to solve a problem that doesn’t exist.
Is this the domain name industry’s first music video?
DotAfricaConnect is pretty serious about its plan for .africa.
The company yesterday released this music video to promote its top-level domain bid. Unlike most corporate anthems, this one is actually not terrible, despite the dodgy editing.
The singer, Patricia Kihoro, appears to be the former winner of an African TV talent show. It mystifies me how few people in the room seem to be paying her, and her dancers, any attention.
Domain universe breaks through 200 million
VeriSign is reporting that the number of registered domain names worldwide broke through the 200 million mark in the third quarter.
There were 202 million domains at the end of September, according to the company’s Domain Name Industry Brief, which was published today.
Over half of those domains, 103 million names in total, can be found in the .com and .net namespaces that VeriSign manages.
In a not-so-subtle plug for VeriSign’s 2011 growth strategy, the company also declared that the next ten years will be “The Decade of the International Internet”.
In the coming decade, the Internet will continue to become a ubiquitous, multi-cultural tool, fueled in part by the adoption of IDNs. By enabling online content and businesses to be represented in local scripts and languages, IDNs help the Internet to expand the power of technology to regions and cultures, and connect the world in new ways. Over the past year, several new IDNs for ccTLDs have been approved. The next step will be approval of IDNs for generic Top Level Domains (gTLDs).
The company, of course, plans to apply to ICANN to operate IDN versions of .com and .net, although it has not to date discussed openly which languages or strings it wants.
The VeriSign report also says that ccTLD registrations grew 2.4%, compared to the same quarter last year, to 79.2 million domains.
I expect this growth would have been tempered had it not been for the relaunch of .co, which occurred during the quarter, but it does not merit a mention in the report.
The report also reveals that .info has overtaken .cn in the biggest-TLD charts, although this is due primarily to the plummeting number of registrations in the Chinese ccTLD.
ICANN had no role in seizing torrent domains
Okay, this is getting a bit silly now.
As you may have read, the US government “seized” a bunch of domain names that were hosting sites allegedly involved in piracy and counterfeit goods over the Thanksgiving weekend.
Over 80 domains, all of them in the .com namespace, had their DNS settings reconfigured to point them to a scary-looking notice from the Department of Homeland Security’s ICE division.
Somehow, in several reports over the last few days, this has been pinned on ICANN, and now some pro-piracy advocates are talking about setting up alternate DNS roots as a result.
Claims that ICANN colluded with the DHS on the seizures seem to have first appeared in TorrentFreak, which broke the news on Friday.
The site quoted the owner of torrent-finder.com:
“I firstly had DNS downtime. While I was contacting GoDaddy I noticed the DNS had changed. Godaddy had no idea what was going on and until now they do not understand the situation and they say it was totally from ICANN.”
For anyone involved in the domain name industry and the ICANN community, this allegation screams bogosity, but just to be on the safe side I checked with ICANN.
A spokesperson told me he’s checked with ICANN’s legal, security and compliance departments and they all had this to say:
ICANN had nothing to do with the ICE investigation… nobody knew anything about this and did not take part in the investigation.
All of the seized domains were .coms, and obviously ICANN has no technical authority or control over second-level .com domains. It’s not in the position to do what the reports allege.
If anybody were to ask ICANN to yank a domain, all it could do would be to politely forward the request to the registrar (in the case of torrent-finder.com, apparently Go Daddy) or the registry operator, which in the case of .com is of course VeriSign.
It would make more sense, save more time, and be less likely to create an international political incident, for the DHS to simply go directly to Go Daddy or VeriSign.
Both are US companies, and the DHS did have legal warrants, after all.
That’s almost certainly what happened here. I have requests for comment in with both companies and will provide updates when I have more clarity.
In the meantime, I suggest that any would-be pirates might be better served by switching their web sites to non-US domains, rather than trying to build an alternate root system from the ground up.
UPDATE: Ben Butler, Go Daddy’s director of network abuse, has just provided me with the following statement, via a spokesperson:
It appears the domain names were locked directly by VeriSign. Go Daddy has not received any law enforcement inquiries or court orders concerning the suspension of the domains in question.
Go Daddy has not been contacted by ICE or DHS on the domain names in question.
The statement goes on to say that Go Daddy believes that it should be the registrar’s responsibility to handle such takedown notices.
With regard to the registry taking action against the domain names in question, Go Daddy believes the proper process lies with the registrar and not the registry. This gives the registrar the ability to communicate with their customer about what has happened and why. When the registry acts, Go Daddy is unable to provide any information to our customers regarding the seizure of their domain names.
Go Daddy routinely cooperates with government and law enforcement officials to enforce and comply with the law.
I’ll post any statement I receive from VeriSign when I have it.
UPDATE: VeriSign sent this statement:
VeriSign received sealed court orders directing certain actions to be taken with respect to specific domain names, and took appropriate actions. Because the orders are sealed, further questions should be directed to the U.S. Department of Homeland Security.
Rejected Bulgarians want ICANN appeal
A handful of Bulgarian internet users have asked ICANN for the right to appeal the rejection of .бг, the proposed Cyrillic country-code top-level domain.
ICANN has received five emails from from the country in the last week, all expressing frustration that .бг (.bg) was turned down with no public explanation and no right to reply.
The string was rejected in May due to what ICANN determined was its confusing visual similarity with Brazil’s ccTLD, .br.
Polls of the Bulgarian people have been unable to find consensus on a suitable alternative, and the government has repeatedly said it would like to apply again or appeal.
Whether to introduce a right of appeal for rejected applicants is one of the topics ICANN is currently soliciting comments on as part of the review of its IDN ccTLD Fast Track program.
Bulgarian freelance developer Stoyan Danev wrote in his comment:
The Bulgarian community has clearly demonstrated that selecting another string is unacceptable and if the proposed one is not approved, Bulgaria will remain WITHOUT an IDN ccTLD. This is really against the ICANN policy of making Internet accessible to everyone.
He questioned whether .бг really is confusable with .br, linking to the Unicode web site, which suggests that б can be confused with 6 but not b, to prove his point.
Another commenter suggested that that the .бг registry could make it a matter of policy to only accept registrations at the second level that include at least one uniquely Cyrillic character.
Olympics tells ICANN to abandon new TLD launch or get sued
The International Olympic Committee has threatened to sue ICANN unless it gives IOC trademarks special protection in its new top-level domains program.
The IOC’s critique of ICANN’s new Applicant Guidebook is the first to be filed by a major organization in the current public comment period.
The organization has accused ICANN of ignoring it, preferring instead to take its policy cues from the domain name industry, and said it should “abandon its current timeline” for the launch.
ICANN currently plans to start accepting TLD applications May 30, 2011.
Calling the guidebook “inherently flawed”, the IOC’s director general Urs Lacotte wrote:
If these critical issues are not fully resolved and ICANN chooses not to place the Olympic trademarks on the reserved names list, then the IOC and its National Olympic Committees are prepared to employ all available legislative, regulatory, administrative and judicial mechanisms to hold ICANN accountable for damage caused to the Olympic movement.
(That language looks like it could have been cut-n-paste from a separate letter from the financial services industry, which I reported on last week).
The IOC said that it has opposed the new TLD program 11 times – asking for its trademarks to be placed on the AGB’s reserved strings lists, but received no response.
Special pleading? Perhaps, but the IOC’s trademarks are already specifically protected by legislation in numerous countries, including the US, UK, Canada and China.
The IOC also wants stronger trademark protection mechanisms, such as mandatory typosquatting protections in sunrise periods and extending dispute proceedings to registrars.
Expect many more such missives to start showing up on the ICANN web site over the next 11 days before the ICANN board of directors meets to approve the AGB in Cartagena.
This may be the last chance many organizations get to ask for the changes they want in the AGB before the first round of new TLD applications opens, and I expect them to seize it with both hands.
Recent Comments