Recent Posts
- .au prices going up
- Nominet names director hopefuls
- Crowdstrike screw-up took down ICANN’s email
- We grassed up .TOP, says free abuse outfit
- ICANN to earmark $10 million for new gTLD subsidies
- TV network rebrands on single-letter domain
- First registry gets breach notice over new abuse rules
- Americans and ICANNers avoid Kigali in droves
- RDRS stats improve a little in June
- Unstoppable Domains goes down after domain hijack
- Four more gTLDs in emergency measures
- New gTLDs and ccTLDs drive domain universe growth
- Eight interesting recent dot-brand registrations
- .me premium sales down
- Pride fails to reverse gay domains decline
- Unstoppable announces another new gTLD bid
- Blockchain naming firm gets ICANN accreditation
- ICANN takes over gTLD after Whois failures
- Verisign: would-be .com contract killers are “wrong”
- Five gTLDs at risk as registry goes AWOL
- Groups make flawed case that .com is a cartel
- RDRS usage hits all-time low
- A dot-brand so unloved they killed it twice
- PorkBun hits two million domain milestone
- Crawford returns to industry to head up Com Laude
- ICANN financial data dump a damp squib?
- Unstoppable plotting manga-themed gTLDs
- Governments call for new gTLD auctions ban
- ICANN names new CEO, and it isn’t Costerton
- ICANN: We will NOT police content
- More sticker shock as new gTLD fees could top $300,000
- ICANN slashes staff and domain prices could rise
- Secret new gTLD application revealed
- WhatsApp now linkifying new gTLDs, but…
- Outrage over ICANN’s new gTLD fees
- Barrett gets second term on ICANN board
- DotMusic delays gTLD launch again
- .tm prices to skyrocket next week
- Bitcoin gTLD gets launch dates
- First metaverse gTLD is announced
- Alibaba off the naughty step
- ICANN to kill auction fund bylaws change
- The people have spoken on RDRS and they said “Meh”
- ICANN restarts work on controversial Whois privacy rules
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
New ICANN contracts chart the death throes of Whois
Whois is on its death bed, and new versions of ICANN’s standard contracts put a timeline to its demise.
The Org has posted proposed updates to its Registrar Accreditation Agreement and Registry Agreement, and most of the changes focus on the industry-wide transition from the Whois standard to the newer Registration Data Access Protocol.
We’re only talking about a change in the technical spec and terminology here. There’ll still be query services you can use to look up the owner of a domain and get a bunch of redactions in response. People will probably still even refer to it as “Whois”.
But when the new RAA goes into effect, likely next year, registrars and registries will have roughly 18 months to make the transition from Whois to RDAP.
Following the contract’s effective date there’ll be an “RDAP Ramp-up Period” during which registrars will not be bound by RDAP service-level agreements. That runs for 180 days.
After the end of that phase, registrars will only have to keep their Whois functioning for another 360 days, until the “WHOIS Services Sunset Date”. After that, they’ll be free to turn Whois off or keep it running (still regulated by ICANN) as they please.
ICANN’s CEO and the chair of the Registrars Stakeholder Group will be able to delay this sunset date if necessary.
Most registrars already run an RDAP server, following an order from ICANN in 2019. IANA publishes a list of the service URLs. One registrar has already lost its accreditation in part because it did not deploy one.
There’ll be implementation work for some registrars, particularly smaller ones, to come into compliance with the new RAA, no doubt.
There’ll also be changes needed for third-party software and services that leverage Whois in some way, such as in the security field or even basic query services. Anyone not keeping track of ICANN rules could be in for a sharp shock in a couple of years.
The contracted parties have been negotiating these changes behind closed doors for almost three years. It’s been almost a decade since the last RAA was agreed.
The contracts are open for public comment until October 24.
Kiwi Farms domain lands at Epik
The primary domain for the controversial web forum Kiwi Farms, kicked out by Cloudfare at the weekend, has been transferred to Epik.
Whois records show the domain kiwifarms.net landed at Epik in the last hour or so. It’s still using Cloudflare’s name servers at the time of writing, so it’s still resolving to a “blocked” message from its old registrar.
Cloudflare blocked the name, reluctantly, on Saturday, citing “an imminent and emergency threat to human life”, believed to refer to a transgender activist and Twitch streamer targeted for death threats by Kiwi Farms users.
The site, whose users reportedly bully, doxx and swat trans people, has been linked to three suicides since it was launched in 2013.
The question for Epik and its new CEO now is whether they let the domain stay under its roof, or whether the same concerns cited by Cloudflare make it too toxic to touch.
UPDATE 1724 UTC: Not long after this post was published, the domain started using Epik’s name servers.
Cloudflare blocks anti-trans site for “emergency threat to human life”
Internet infrastructure provider Cloudflare has “blocked” a site it provides domain services to after identifying “an imminent and emergency threat to human life”.
The company said on Saturday that it has reluctantly stopped providing services to Kiwi Farms, a web forum whose users reportedly bully and carry out doxxing and swatting attacks on transgender people and activists.
Visitors to kiwifarms.net are now presented with a message from Cloudflare stating: “Due to an imminent and emergency threat to human life, the content of this site is blocked from being accessed through Cloudflare’s infrastructure.”
A linked blog post explaining the decision said:
This is an extraordinary decision for us to make and, given Cloudflare’s role as an Internet infrastructure provider, a dangerous one that we are not comfortable with. However, the rhetoric on the Kiwifarms site and specific, targeted threats have escalated over the last 48 hours to the point that we believe there is an unprecedented emergency and immediate threat to human life unlike we have previously seen from Kiwifarms or any other customer before.
The move is likely linked to a campaign by a trans Twitch streamer, who reportedly has been campaigning for Cloudflare to drop the site after multiple threats to her life, including a recent swatting (where armed police are tricked into showing up at your door).
Last week, the company had tried to explain its continued support for the domain by stating that one two previous occasions it has blocked sites, authoritarian governments have used that precedent to try to get human rights sites pulled.
At this stage, it appears that Cloudflare is using its status as the site’s DNS provider to implement the block. It’s still the domain’s registrar, and so far the Whois record does not reflect an attempt to move it elsewhere.
The domain was registered with DreamHost until last year, but was asked to leave following the suicide of a software developer, one of three suicides reportedly linked to Kiwi Farms users’ behavior.
Could Epik be its next destination? The company is a strong proponent of free speech, but even it has a line when it comes to violence. This could be Epik’s new CEO‘s first big test.
Cancelled misogynist Andrew Tate moves domain to (drumroll)… Epik!
Andrew Tate has become the latest high-profile controversy magnet to move his domain to Epik, at the end of a week that saw him thoroughly “cancelled” over reportedly violently misogynistic speech.
Tate, a former kick-boxer and reality TV contestant who made his money through a large social media following and an online course called Hustler’s University, reportedly told Fox News host Tucker Carlson yesterday:
When they go to cancel you, ladies and gentlemen, it comes hard and fast. You lose your Facebook, then your Instagram, then your Gmail, your Discord, then your website hosting, your domain name, like then your payment processor, and your bank.
Tate reportedly had his accounts on Facebook, YouTube, Instagram and Tiktok deleted this week. He was getting banned so much it briefly became a meme.
The domain name in question appears to be cobratate.com, based on his apparent nickname “Cobra”, and it appears to still be in his possession, although he has changed registrars.
Up until an hour or two ago the name was managed by Tucows, via United-Internet-owned reseller Fasthosts, but the Whois record now shows it’s with Epik.
It’s not clear right now whether he jumped or, as he implied to Fox, was pushed. Tucows tells me it had not received any complaints about the site, had not investigated, and had not asked Tate to leave. I’ve asked United for comment.
Epik has over the last few years become the safe-haven registrar of choice for people and groups who become internet persona non grata, typically those with far-right or violent views, such as Infowars, 8chan, Gab and The Daily Stormer.
Whois Disclosure System likely over a year away
ICANN lifted the curtain a little on its fetal Whois Disclosure System this week, but the news is not good if you’re champing at the bit for a usable system for requesting private Whois data from registrars.
The system, formerly referred to as SSAD Lite, will take “seven to nine months” to develop after ICANN staff gets the green light from its board, staffers told a small GNSO volunteer working group on a Wednesday conference call.
That timetable assumes the staffers working on it are 100% devoted to developing the system, rather than sharing their time between competing projects, they quickly clarified.
This raises the specter of months-long delays to the other big, already-delayed, ICANN work-in-progress — the next new gTLD application round.
The responsible staffers plan to publish a design document for the Whois Disclosure System around ICANN 75 next month, but whether the board will give its immediate approval is not clear.
We’re probably looking at at least a year before there’s a system in place that IP lawyers, security researchers and the like can log into, request data, and be disappointed.
And that’s despite the fact that the system will be built using existing technology — namely the CZDS or Centralized Zone Data Service, which has be in use for many years allowing people to request zone files from gTLD registries.
During this week’s webinar, staffers described how, like CZDS, there will be two user interfaces: one for the data requester, one for the data holder. The system will simply act as an intermediary between the two.
It will use ICANN’s existing accounts system, so there will be no user vetting beyond email address verification. There’ll be no integration with registrars’ existing ticketing systems, and any communications between registrar and requester will have to take place via email.
There’ll also be no billing function, because the system will be free to use by all parties and completely voluntary. While registrars are contractually bound to respond to Whois data requests, there’s no such obligation to use the Whois Disclosure System to do so.
Staffers admitted on the call that they’re a bit stumped about how to encourage registrars to sign up when the system goes live.
Belgium slashes its ICANN funding in “mission creep” protest
DNS Belgium has cut its contribution to ICANN’s budget by two thirds, in protest at ICANN’s “mission creep” and its handling of GDPR.
The Belgian ccTLD registry informed ICANN CFO Xavier Calvez that it will only pay $25,000 this fiscal year, compared to the $75,000 it usually pays.
Registry general manager Philip Du Bois wrote (pdf) that “during recent years there has been a shift in focus which is not in the benefit of ccTLD’s”.
ICANN has become a large corporate structure with a tendency to suffer from “mission creep”… At the same time ICANN seems to fail in dealing in an appropriate way with important issues such as GDPR/privacy. It goes beyond our comprehension that ICANN and its officers don’t feel any reluctancy to “advise” European institutions and national governmental bodies to embrace “standards developed by the multi-stakeholder structures on international level” while at the same time it is obvious that ICANN itself has not yet mastered the implementation of important European legislation.
Based in the heart of the EU, DNS Belgium was a strong proponent of Whois privacy many years before the GDPR came into effect in 2018.
Calvez, in his reply (pdf), acknowledges that ccTLD contributions are voluntary, but seems to insinuate (call me a cynic) that the criticisms are hollow and that the registry might simply be trying to reduce its costs during an economic downturn:
We do appreciate any amount of contribution, and also that the ability for any ccTLD to contribute varies over time, including based on economic circumstances. We do understand that the reduction of DNS Belgium’s contribution from US$75,000 to US$25,000 represents a significant and meaningful reduction of costs for DNS Belgium.
DNS Belgium seems to be doing okay, based on its latest annual financial report. It’s not a huge company, but registrations and revenue have been growing at a slow and steady rate for the last several years.
All ccTLD contributions to ICANN are voluntary, but there are suggested donations based on how many domains a registry has under management, ranging from the $225,000 paid by the likes of the UK registry to the $500 paid by the likes of Pitcairn.
DNS Belgium, which manages about 1.7 million names, falls into the third-highest band, with a $75,000 suggested contribution.
ICANN is budgeting for funding of $152 million in its current FY23.
Feds warn of Covid risk from “dark” Whois
The US Food and Drug Administration has escalated its beef with ICANN, warning that inaccessible Whois data is making it harder to tackle bogus Covid-19 “cures” and the country’s opioid crisis.
Catherine Hermsen from the FDA’s Office of Criminal Investigations wrote to ICANN CEO Göran Marby last week to complain that some registrars do not adequately respond to abuse complaints and that ICANN ignores follow-up complaints from government agencies.
She doubled down on the FDA’s previous complaint that ICANN’s inaction may be because it is funded by the industry, but back-pedaled on previous insinuations that ICANN’s leadership were putting their own big salaries ahead of public safety.
The beef started in early June, when an organization called Coalition for a Secure & Transparent Internet — basically a front for the likes of DomainTools and other companies whose business models are threatened by privacy legislation — held a one-sided webinar entitled “The Threat of a Dark WHOIS”.
On that webinar, Daniel Burke, chief of the FDA’s Investigative Services Division, lamented the lack of cooperation his agency gets when requesting private Whois data from “certain” registrars, and pointed to cases where the FDA’s inability to quickly get fake pharma sites, including those related to Covid-19, shut down have led to deaths.
He also said that complaints to ICANN about non-compliant registrars fall on deaf ears, to the point that it no longer bothers complaining, and suggested that ICANN and domain companies are financially incentivized to be uncooperative.
Burke quoted the writer Upton Sinclair: “It is difficult to get a man to understand something when his salary depends on his not understanding it.”
“I have found that’s the case with my interactions with ICANN and certain registries and registrars,” Burke said. “They just don’t want to listen… it’s a money-maker for them right now, it’s not profitable for them to deal with it.”
Marby also “spoke” on the CSTI webinar, but his brief intervention was actually just an out-of-context snippet — the “GDPR is not my fault!” T-shirt speech — taken from a recording of an ICANN webinar back in January and presented — dishonestly in my opinion — as if it had been filmed as a contribution to the CSTI discussion.
His inability to directly respond to Burke live led him to write to the FDA (pdf) a couple of weeks later to dispute some of his claims.
First, Marby said the the FDA does not need to obtain a subpoena to get access to Whois data. Registrars are obliged to respond to “legitimate interest” requests, when balanced against the privacy rights of the registrant, he said. He added:
In a few instances, government agencies have submitted complaints to ICANN Contractual Compliance regarding registrars’ refusal to provide non-public registration data. These agencies were ultimately successful in gaining access to the requested data without having to obtain a subpoena or lawful order.
Second, Marby disputed the financial motivation claims, writing: “ICANN’s leadership’s salaries are in no way tied to or dependent upon domain name registrations.”
Third, he offered a (pretty weak, in my view) defense against the claim that ICANN ignores complaints from government agencies, pointing out: “ICANN is not political and, therefore, takes actions to ensure that the workings of the Internet are not politicized.”
He also pointed out that ICANN operates a system called DNSTICR which monitors reports of DNS abuse related to the pandemic and alerts the relevant registries and registrars.
The problem here is that ICANN’s definition of abuse is pretty narrow and does not extend to web sites that sell industrial bleach as a Covid cure. That would count as “content” and ICANN is not the “content police”.
That’s pretty much what Hermsen says in the latest missive (pdf) in this row.
DNS security threats such as malware and phishing, however, were not what SA Burke was referring to in his presentation. Given the agency’s public health mission, FDA has been working during the pandemic to protect Americans from unproven or fraudulent medical products claiming to treat, cure, prevent, mitigate or diagnose COVID-19…
Given your stated concerns regarding COVID-19-related malware and phishing activity, we trust that you are equally concerned about registrars who may not be following the [Registrar Accreditation Agreement’s] requirements to “investigate” and “respond appropriately” following receipt of notifications about abuse, particularly complaints reporting activity involving COVID-19-related fraud or activity exacerbated the current opioid addiction crisis — especially in light of ICANN’s singular ability to enforce the terms of RAAs.
She also comes back, splitting hairs in my opinion, on the ICANN salaries claim, stating: “SA Burke was not referring to ICANN’s leadership salaries… SA Burke was referring more generally to the substantial source of funding ICANN receives from domain name registries and registrars.”
ICANN has just started work on a Whois Disclosure System that, while pretty weak, may make it slightly easier for government agencies to obtain the data they want.
New gTLD prep work delayed until December
ICANN has confirmed that the current phase of preparation for the next round of new gTLDs will last six weeks longer than previously expected.
The new deadline for the delivery of the Operational Design Assessment for the project is December 12, almost certainly pushing out board consideration of the document out into 2023.
The extension follows the GNSO’s approval of a new Whois Disclosure System, which will suck Org resources from the new gTLDs ODP as work on both continues in parallel.
ICANN chair Maarten Botterman confirmed the delay yesterday, and the precise length was disclosed by staff in a blog post today. It says in part:
While we’re sharing our best estimate of the impact that the WHOIS Disclosure System design paper work could have on the SubPro ODA in the interest of transparency, rest assured that we are simultaneously moving forward on the ODA and actively seeking ways to streamline and minimize the impact as much as possible.
The updated timetable has been published here.
New gTLDs WILL be delayed by Whois work
The next round of new gTLD applications will be delayed by ICANN’s work on Whois reform, ICANN chair Maarten Botterman confirmed today.
In a letter to his GNSO Council counterpart Philippe Fouquart, Botterman states that the new gTLDs Operational Design Phase, which was due to wrap up in October, will have to proceed with an “extended timeline”.
This is because the GNSO has pushed the concept of a Whois Disclosure System, previously known as SSAD Light and meant to provide the foundations of a system for access private Whois data, and ICANN needs time to design it.
Botterman wrote (pdf):
there is an overlap in org resources with the relevant expertise needed to complete these efforts. As a result, work on the [Whois] design paper will impact existing projects. While SubPro [new gTLDs] ODP work will not stop during this period, we anticipate that an extended timeline will be required to account for the temporary unavailability of resources allocated to the design paper work.
Botterman did not put a length of time to these delays, but previous ICANN estimates have talked about six weeks. GNSO members had worried that this estimate might be a low-ball that could be extended.
ICANN had given the GNSO the option to choose to delay Whois work to complete the SubPro ODP, but it could not come to an agreement on which project was more important, and seemed to resent even being asked.
Community tells ICANN to walk and chew gum at the same time
Whois or new gTLDs? Whois or new gTLDs? Whois or new gTLDs?
It’s the question ICANN has been pestering the community with since early May. ICANN can’t work on developing the proposed Whois Disclosure System (formerly known as SSAD) without delaying work on the next round of new gTLDs, Org said, so the community was given a Sophie’s Choice of which of its babies to sacrifice on the altar of failed resource planning.
And now it has its answer: why the heck can’t you do both, and why the heck are you asking us anyway?
GNSO Council chair Philippe Fouquart has written to Maarten Botterman, his counterpart on the ICANN board of directors, to request that Org figure out how to do both Whois and new gTLDs at the same time, and to existing deadlines:
While Council members might differ on which project should take precedence, there is unanimous agreement that the Subsequent Procedures ODP and SSAD development are among the most important tasks before ICANN. Therefore, we urge that every effort should be undertaken by ICANN Org to complete the work in parallel and to meet currently published milestones.
Fouquart goes on (pdf) to puzzle as to why ICANN decided to “inappropriately include the broad community in the minutiae of ICANN operations planning”.
ICANN had told the GNSO that if it wanted the Whois work to kick off, it would add “at least” six weeks of delay to the new gTLDs Operational Design Phase, which is scheduled to wrap up in October.
Naturally enough, folks such as IP lawyers were very keen that ICANN start to do something — anything — to roll back the damage caused by GDPR, while domain-selling companies are anxious that they get more inventory for their virtual shelves.
The public record has always been a bit sketchy on where the resource bottleneck actually is, in an organization with half a billion bucks in the bank, a $140 million operating budget, and around 400 staff.
Maintaining Whois and the expansion of the root zone are, after all, two of the main things ICANN was founded to do, being unable to do both at once could be seen as embarrassing.
But now it has its answer, as unhelpful as it is.
And it only took two months.
Recent Comments