Five things I learned from UK prime minister candidates’ domain names

Boris Johnson announced he is to resign as UK prime minister after a series of scandals last week, and as of this evening 11 of his former friends have announced their plans to replace him as leader of the Conservative party and therefore UK PM.

I’ll spare you the details of Johnson’s downfall and the process used to find his successor, but domain names became part of the story over the weekend when a so-called “Dirty Dossier” began circulating among Tory MPs, denouncing candidate Rishi Sunak.

Among the allegations was that Sunak, whose resignation as chancellor last week eventually led to the Johnson’s own resignation, had been plotting Johnson’s demise and his own rise to power since last December, using Whois records for his campaign site as a smoking gun.

I thought I’d take a look at all 11 candidates’ registrations to see what else we could learn.

1. Sunak wasn’t the only “plotter”

Sunak came under scrutiny over the weekend when it emerged that the domain name readyforrishi.com has been registered since December 23 last year, a few weeks into the Partygate scandal, when the foundations of Johnson’s premiership began to weaken.

This, it was claimed in the Dirty Dossier, showed that Sunak had been plotting his boss’s downfall for six months.

His team have subsequently claimed that the name wasn’t necessarily registered by them, and his campaign is currently using the similar domain ready4rishi.com, which was registered July 7, the day Johnson announced his resignation.

The December domain forwards to Sunak’s official campaign site, suggesting its registrant is at the least a supporter.

We can’t tell for sure because all Whois records are redacted due to GDPR, which is still in effect in the UK despite Brexit.

But Sunak wasn’t the only prescient registrant in the clown car. Liz Truss’s campaign site is at lizforleader.co.uk, which was registered June 8, a month before there was a leadership job opening available, Whois records show.

Jeremy Hunt, Tom Tugendhat and Sajid Javid have names registered last week. Penny Mordaunt’s pm4pm.com was registered in 2019, but that’s because she also stood for Tory leader in 2019, ultimately losing to Johnson.

2. Not much patriotism on display

Of the 11 candidates, only five are campaigning using .uk addresses.

Kemi Badenoch uses a .org.uk. Suella Braverman uses a .co.uk. While Jeremy Hunt usually uses a .org, he’s using a .co.uk for his campaign. Same for Truss. Javid is using a thoroughly modern .uk, eschewing the third level, at teamsaj.uk.

All the rest use a .com for their sites.

3. Truss and Hunt didn’t register their matching .uk

While Javid appears to have registered the .co.uk matching his .uk, Truss and Hunt have not registered their matching second-level domains, which is just asking for trouble from pranksters and opponents.

That said, while it’s been six or seven years since .uk domains became available from Nominet, they haven’t really caught on in terms of adoption or popular mind-share. It would be a much greater crime to register a 2LD without the matching 3LD than vice versa.

4. Two candidates own their surnames

While all of the candidates own their full names in their chosen TLDs, only Grant Shapps and Nadhim Zahawi own their .com surnames.

Whois records and Archive.org show that Shapps has owned Shapps.com since 2000, years before he won his first parliamentary seat. He has a history of being involved in questionable online get-rich-quick schemes and used to follow me on Twitter, so he’s probably quite domain-savvy.

Zahawi, who’s been Chancellor of the Exchequer since Sunak quit last week, has owned zahawi.com since he first ran for parliament in 2009.

5. Here’s what domains everyone else is using

According to Google and the Twitter accounts of the candidates, these are the URLs used by each candidate for their regular official sites and, if they have one, their premiership campaign sites.

Note that in most cases their regular sites are managed by a company called Bluetree, which specializes in running boilerplate web sites for Tories, so the choice of domain may not necessarily be the choice of the MP in question.

[table id=1 /]

New gTLD in trouble as largest registrar gets suspended

The .gdn gTLD registry, Navigation-information systems, is facing more trouble from ICANN Compliance, but this time it’s because its largest registrar has got itself suspended for non-payment of fees.

ICANN has suspended the accreditation of Dubai-based registrar Intracom for failing to cure an April breach notice demanding money, not implementing an RDAP service, not escrowing its data, and generally giving Compliance staff the runaround for the last eight months.

Intracom is NIS’ biggest partner, responsible for over 10,000 of its 11,000 registered domain names. It doesn’t appear to have many domains in other gTLDs.

The company will not be allowed to sell gTLD domains or accept inbound transfers from July 6 to October 4.

NIS has been hit with its own breach notices twice in the last year, most recently the day after Intracom’s own notice, for failing to keep its Whois service up, but it cured the breaches before ICANN escalated.

New gTLDs or Whois access? What’s more important?

Should ICANN focus its resources on getting the next round of new gTLDs underway, or making some baby steps towards a post-GDPR system of Whois access?

That’s a question the community is going to have to address when ICANN 74 rolls around next month, after the ICANN board presented it with a divisive question on two of the industry’s most pressing issues that split the GNSO Council along predictable lines at its monthly meeting last week.

It turns out that ICANN doesn’t have the resources to both design a new “SSAD Light” system for handling Whois requests and also carry on its new gTLDs Operational Design Phase, “SubPro”, at the same time.

If the community wants ICANN staff to start work on SSAD Light, work will be paused on the ODP for at least six weeks, ICANN has said. If they want the system also built, the delay to new gTLDs could be much, much longer.

Intellectual property lawyers are of course keen to at least start undoing some of the damage caused by privacy legislation such as GDRP, while registries and consultants are champing at the bit for another expansion of the gTLD space.

This split was reflected on the Council’s monthly call last week, where registry employees Maxim Alzoba, Kurt Pritz and Jeff Neuman were opposed by IP lawyers Paul McGrady and John McElwaine.

“Six weeks is a sneeze in a hurricane,” McGrady said. “We are right on the cusp of taking first steps to solve a problem that has plagued the Community since GDPR came out. I don’t think a six-week delay on SubPro, which again we’re years into and it looks like will be years to go, is a material change to SubPro… a very minor delay seems well worth it.”

At this point, ICANN is still planning to have the SubPro ODP wrapped up in October, thought it has warned that there could be other unforeseen delays.

Neuman warned that even a six-week pause could provide more than six weeks delay to SubPro. Staff can’t just down tools on one project and pick up again six weeks later without losing momentum, he said.

Pritz seemed to echo this concern. The Registries Stakeholder Group hasn’t finished discussing the issue yet, he said, but would be concerned about anything that caused “inefficiencies” and “switching costs”.

The discussion was pretty brief, and no votes were taken. It seems the conversation will pick up again in The Hague when ICANN meets for its short mid-year public meeting on June 13.

After 10 months, ICANN board “promptly” publishes its own minutes

ICANN’s board of directors has approved a huge batch of its own meeting minutes, covering the period from July 15 last year to March 10 this year, raising questions about its commitment to timely transparency.

The board approved the minutes of its last 14 full-board meetings in one huge batch of 14 separate resolutions at its May 12 meeting, and they’ve all now been published on the ICANN web site, along with redacted briefing papers for said meetings.

The period includes decisions on planning for the next new gTLD round and Whois reform, the legal fight with Afilias over the contested .web gTLD, and apparently divisive discussions about the timing of a post-pandemic return to face-to-face meetings.

No explanation has been given for why it’s taken so long for these documents to appear, the timing of which appears to go against ICANN’s bylaws, which state that minutes are supposed to be approved and published “promptly”:

All minutes of meetings of the Board, the Advisory Committees and Supporting Organizations (and any councils thereof) shall be approved promptly by the originating body and provided to the ICANN Secretary (“Secretary”) for posting on the Website.

ICANN almost always published its board’s resolutions within a few days of approval, and a preliminary report — which also includes the number of votes yay or nay, without naming the directors — within a couple of weeks.

The minutes, which are published only after the board rubber-stamps them, typically include a further vote breakdown and a little bit of color on how the discussion went down.

In the newly published batch, some of the documents are somewhat illuminating, while others barely nudge the dimmer switch.

For example, the preliminary report for the July 15, 2021 meeting, published 11 days later, notes that three of the 16 voting directors rebelled on a resolution about making the October annual general meeting in Seattle a virtual-only event, but the just-published minutes name those directors and flesh out some of their reasons for dissenting.

It turns out the directors had a “robust discussion”, with some arguing that it would be safe to go ahead with a “hybrid” meeting comprising both face-to-face and remote participation options.

The dissenting directors were Ron da Silva, Avri Doria, and Ihab Osman, it turns out. Osman and da Silva had voted a similar way a year earlier.

Directors could not reasonably have been expected to know about the impact the Delta variant of Covid-19 would have on world health in the latter half of the year. It had been identified and named by scientists but had yet to spread to the extent it was making headlines.

But they were aware of concerns from the Asia-Pacific members of the community, worried that a hybrid meeting in Seattle would disadvantage those unable to attend due to pandemic travel restrictions. This appears to have been raised during the discussion:

Some Board members expressed desire to see more work done to have ICANN72 as a hybrid meeting. They noted that Seattle has protocols in place to ensure the health and safety of ICANN staff and the community, and ICANN should use this opportunity to begin to return to its normal meeting standards as much as possible. Others noted that the concerns about travel inequities or restrictions for certain parts of the world should not prevent moving forward with an in-person component for ICANN72 because such inequities and restrictions exist with or without the pandemic.

The return to in-person meetings was discussed again in November, when the board decided to junk plans, secured by the dissenting directors in July, for a hybrid meeting in San Juan, Puerto Rico.

Ron da Silva had left the board by this point, but the new minutes show that Doria and Osman were joined by León Sánchez in advocating for a hybrid meeting with an in-person component.

While the July minutes contains a few paragraphs summarizing discussions, the November minutes simply notes that the board “reviewed the proposed resolution and rationale to confirm that it reflects the Board’s discussion and edits”.

And that’s pretty typical for most of the documents published this week — time and again the substantive discussion appears to have either happened off-camera, during non-minuted sessions of the board at unspecified times, or was simply not minuted.

Interested in the talks leading to the approval of the new gTLDs Operational Design Phase? The minutes shed no light.

Interested in how the board reacted to ICANN losing its Independent Review Process case with Afilias about .web? The minutes merely note that the resolution was approved “after discussion”.

There’s also a glaring hole in one set of minutes, raising questions about whether these documents are a reliable record of what happened at all.

We know for a fact that on September 12 the ICANN board approved a resolution naming the new chair and vice chair of its influential Nominating Committee, only to reconvene two weeks later to scrap that decision and name a different chair instead.

But if you read the September 12 minutes, you’ll find no record of NomCom even being discussed, let alone a resolution being passed appointing a chair.

The newly published batch of documents cover several resolutions related to executive pay, but none of the minutes contain the same level of transparency as ICANN displayed in February 2021, when it revealed that three directors voted against CEO Göran Marby’s pay rise.

In terms of transparency, that now appears to fully confirmed as an isolated incident.

China yanks Daily Stormer domain after Buffalo mass shooting

The far-right propaganda site The Daily Stormer has lost yet another domain name, after the Chinese ccTLD registry deleted dailystormer.cn.

The Daily Stormer was among the sites the suspect in this weekend’s mass shooting in Buffalo reportedly cited as sources of his radicalization to a violent white-supremacist ideology.

Whois records show that dailystormer.cn was registered barely a month ago. The web site had previously been using a .name domain registered via a Chinese registrar, having TLD-hopped between various ccTLDs and gTLDs for years.

Today, English-language Chinese government-owned newspaper Global Times reported that the .cn domain has been taken down after registry CNNIC was alerted to the connection.

It’s no longer resolving from where I’m sitting, but Whois records indicate it was owned by Daily Stormer owner Andrew Anglin.

The web site, which cached copies show is filled with racist, sexist, homophobic and downright inaccurate posts, first ran afoul of domain registrars in 2017, when GoDaddy, Tucows and Google all kicked it out on the same day. Namecheap has also previously deleted one of its names.

It’s also been banned from ccTLDs from Albania, Austria, Iceland and Russia, along with gTLDs including .lol, .name, .red and .top.

ICANN highlights “not getting things done” risk

ICANN’s board of directors addressed a number of existential threats at its latest workshop, including the perception that it’s simply “not getting things done.”

Chair Maarten Botterman disclosed the discussions, which took place at the end of April, in a blog post Friday.

He described how the board broke up into four “brainstorming” groups, which returned with strikingly similar views on the risks ICANN faces.

There’s a worry that the lack of in-person meetings due to the pandemic is harming ICANN’s ability to work and that various unspecified “geopolitical initiatives” may get in the way of the mission. He added:

Moreover, we recognized the risk of ICANN being seen as “not getting things done.” On the opportunity side is the broad awareness within ICANN that we need to continue to deliver on our mission in the face of new challenges, as demonstrated by the prioritization efforts of the Board, Org, and Community, and our ability to adapt to changing circumstances.

The Org and the community have been faced with what I would call organizational inertia in recent months and years.

I wrote a few months ago about how ICANN hadn’t implemented a policy since December 2016 — more than five years previously.

Major issues facing the industry seem to be either stuck in endless feedback loops of community arguments or interminable Org preparatory work.

The SSAD, pitched as a solution to the problem of Whois access, appears doomed to be scrapped entirely or approved in a much-reduced form that many believe will not address the problem of identifying registrants in a post-GDPR world.

And even if the stripped-back SSAD Light gets approved, there’s a good chance this will add many months to the runway of the next round of new gTLDs, which itself is at an impasse because the Governmental Advisory Committee and the the GNSO cannot agree on whether to allow closed generics.

As it stands, 10 years after the last application round new gTLD policy is in the Operational Design Phase within Org, and not expected to come before the board until late this year. Much of what has been disclosed about the ODP to date looks a lot like wheel-spinning.

Russian registry hit with second breach notice after downtime

ICANN has issued another breach notice against the registry for .gdn, which seems to be suffering technical problems and isn’t up-to-date on its bills.

Navigation-Information Systems seems to have experienced about 36 hours of Whois/RDDS downtime starting from April 22, and is past due with its quarterly ICANN fees, according to the notice.

Contractually, if ICANN’s probes detect downtime of Whois more than 24 hours per week, that’s enough to trigger emergency measures, allowing ICANN to migrate the TLD to an Emergency Back-End Registry Operator.

Today, the registry’s web site hasn’t resolved for me in several hours, timing out instead, suggesting serious technical problems. Other non-registry .gdn web sites seem to work just fine.

NIS seems to be a Russian company — although most ICANN records give addresses in Dubai and Toronto — so it might be tempting to speculate that its troubles might be a result of some kind of cyber-war related to the Ukraine invasion.

But it’s not the first time this has happened by a long shot.

The company experienced a pretty much identical problem twice a year earlier, and it seems to have happened in 2018 and 2019 also.

NIS just can’t seem to keep its Whois up.

According to the breach notice, whenever Compliance manages to reach the registry’s 24/7 emergency contact they’re told he/she can’t help.

ICANN has given the registry until May 29 to fix its systems and pay up, or risk termination.

.gdn was originally applied for as something related to satellites, but it launched as an open generic that attracted over 300,000 registrations, mostly via disgraced registrar AlpNames, earning it a leading position in spam blocklists. Today, it has around 11,000 names under management, mostly via a Dubai registrar that seems to deal purely in .gdn names.

SSAD: Whois privacy-busting white elephant to be shelved

ICANN is likely to put SSAD, the proposed system for handling requests for private Whois data, on the back-burner in favor of a simplified, and far less expensive, temporary fix.

But now ICANN is warning that even the temporary fix might be problematic, potentially delaying unrelated work on the next new gTLD round for months.

The GNSO Council has asked the ICANN board of directors that “consideration of the SSAD recommendations be paused” in favor of what it calls “SSAD Light”.

SSAD, for Standardized System for Access and Disclosure, is a sprawling, multifaceted proposal that would create a system whereby trademark owners, for example, can request Whois data from registrars.

After months of studying the proposal, ICANN decided it could cost as much as $27 million to build and might not go live before 2028.

There’s apparently substantial resistance within ICANN Org to committing to such a project, so the GNSO put together a small team of experts to figure out whether something simpler might be a better idea.

They came up with SSAD Light, which would be basically a stripped-down ticketing system for data requests designed in part to gauge potential uptake and get a better idea of what a full SSAD might cost.

But there’s some strong resistance to SSAD Light, notably from former ICANN chair Steve Crocker, who recently called it “nonsense” with a design that does not match its goals.

Nevertheless, the GNSO Council submitted the bare-bones proposal to the ICANN board in an April 27 letter (pdf).

Since then, it’s emerged that simply fleshing out the design for SSAD Light would add at least six weeks to the separate Operational Design Phase of the next new gTLD application round (known as SubPro). I assume this is due to ICANN staff workload issues as the two projects are not massively interdependent.

This delay could extend to “months” to SubPro if ICANN is then asked to build SSAD Light, according to Jeff Neuman, who’s acting as liaison between the GNSO and ICANN on the SubPro ODP.

In a nutshell, the GNSO Council is being asked what it wants more — Whois reform, or more new gTLDs. It’s a recipe for fireworks, and no mistake.

It will meet May 19 to discuss the matter.

Bye-bye Alice’s Registry

One of ICANN’s oldest accredited registrars has had its contract terminated for non-payment of fees and other alleged breaches.

Alice’s Registry, which has been around since 1999, has been told it’s no longer allowed to sell gTLD domains and that whatever remains of its managed domains will be transferred to another registrar.

The termination comes at the end of more than two years of ICANN’s Compliance department pursuing AR for not paying its accreditation fees, not operating a working Whois service, not implementing RDAP, and not showing its company is in good standing.

The registrar’s web site hasn’t been working in many months, and until its accreditation was suspended last October it had not responded to ICANN’s calls and emails.

Its responses to Compliance since then did not help its case, so ICANN made the decision to terminate.

“It’s not our fault!” — ICANN blames community for widespread delays

ICANN may be years behind schedule when it comes to getting things done on multiple fronts, but it’s the community’s fault for making up rubbish policies, bickering endlessly, and attempting to hack the policy-making process.

That’s me paraphrasing a letter sent last week by chair Maarten Botterman to the Registries Stakeholder Group, in which he complained about the community providing “ambiguous, incomplete, or unclear policy recommendations”.

RySG chair Samantha Demetriou had written to Botterman (pdf) in December to lament the Org and board’s lack of timely progress on many initiatives, some of which have been in limbo for many years.

Policies and projects related to Whois, new gTLDs and the Independent Review Process have been held up for a long time, in the latter case since 2013, she wrote, leading to community volunteers feeling “disempowered or discouraged”.

As I recently reported, ICANN has not implemented a GNSO policy since 2016.

The lack of board action on community work also risks ICANN’s legitimacy and credibility, Demetriou wrote.

But Botterman’s response (pdf), sent Thursday, deflects blame back at the community, denying that the delays are “simply because of failure at the level of the organization and Board.”

He wrote:

we need to continue to find our way forward together to address the challenges that affect the efficiency of our current decision-making processes, including, for example, ambiguous, incomplete, or unclear policy recommendations, the relitigation of policy issues during implementation, and the use of the review process to create recommendations that should properly be addressed by policy development

In other words, the community is providing badly thought-out policy recommendations, continuing to argue about policy after the implementation stage is underway, and using community reviews, rather than the Policy Development Process, to create policy.

The RySG, along with their registrar counterparts, put their concerns to the board at ICANN 72 in October, warning of “volunteer burnout” and a “chilling effect” on community morale due to board and Org inaction.

At that meeting, director Avri Doria presented staff-compiled stats showing that across five recent bylaws-mandated community reviews (not PDPs), the board had received 241 recommendations.

She said that 69% had been approved, 7% had been rejected, 18% were placed in a pending status, and 6% were “still being worked on”.

CEO Göran Marby provided a laundry list of excuses for the delays, including: reconciling differing community viewpoints, the large number of recommendations being considered, the potential for some recommendations to break ICANN bylaws, sensitivity to the bottom-up nature of the multi-stakeholder process, lack of staff, and the extra time it takes to be transparent about decision-making.

Just this week, ICANN has posted eight job listings, mostly in policy support.

In his letter last week, Botterman pointed to a “Prioritization Framework”, which is currently being piloted, along with further community conversations at ICANN 73 next month and a “thought paper” on “evolving consensus policies”.

Because why fix something when you can instead create another layer of bureaucracy and indulge in more navel-gazing?