Recent Posts
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
Is this the worst new gTLD video yet?
If you’re trying to market a new gTLD aimed solely at CEOs, and your messaging is security, credibility and authority, what’s the best medium to get that message across?
Why, it’s white rap of course! In Donald Trump masks!
That’s apparently the thought process of PeopleBrowsr, the applicant for .ceo, anyway.
The video below got its first airing during a joint PeopleBrowsr/TLDH party at ICANN 48 in Buenos Aires last week.
I was on a bio break at the time and missed the premiere, but I was assured by other party-goers that it was the most painfully awkward video ever screened at an ICANN meeting.
After PeopleBrowsr published it on YouTube today, I was not disappointed. Enjoy a true classic:
These are the top 50 name collisions
Having spent the last 36 hours crunching ICANN’s lists of almost 10 million new gTLD name collisions, the DI PRO collisions database is back online, and we can start reporting some interesting facts.
First, while we reported yesterday that 1,318 new gTLD applicants will be asked to block a total of 9.8 million unique domain names, the number of distinct second-level strings involved is somewhat smaller.
It’s 6,806,050, according to our calculations, still a bewilderingly high number.
The most commonly blocked string, as expected, is “www”. It’s on the block-lists for 1,195 gTLDs, over 90% of the total.
Second is “2010”. I currently have no explanation for this, but I’m wondering if it’s an artifact of the years of Day In The Life data upon which ICANN based its lists.
Protocol-related strings such as “wpad” and “isatap” also rank highly, as do strings matching popular TLDs such as “com”, “org”, “uk” and “de”. Single-character strings are also very popular.
The brand with the most blocks (free trademark protection?) is unsurprisingly Google.
The string “google” appears as an exact match on 930 gTLDs’ lists. It appears as a substring of 1,235 additional blocked strings, such as “google-toolbar” and “googlemaps”.
Facebook, Yahoo, Gmail, YouTube and Hotmail also feature in the top 100 blocked brands.
DI PRO subscribers can search for strings that interest them, discovering how many and which gTLDs they’re blocked in, using the database.
Here’s a table of the top 50 blocked strings.
[table id=22 /]
.sexy and .uno raise the average collisions list size
The third batch of new gTLD collisions lists has been released by ICANN, raising the average number of domains that registries are being told to block on extremely cautious security grounds.
The average number of second-level domains to be blocked per gTLD is now 1,904, largely due to the impact of very large lists for .uno (which has 8,187) and .sexy (6,560), which were published yesterday.
This number is only going to get bigger as more cool-sounding Latin-script gTLDs raise the average.
It will be tempered somewhat by the IDN gTLDs, however. The average list for IDNs has only 253 names on it, based on the five published so far.
The most popular strings, ranked by the number of gTLDs’ lists in which they show up (out of a possible 18), are:
[table id=15 /]
There are 30,581 unique second-level strings in total, all of which are fully cross-referenced and searchable at DI PRO.
The most-blocked exact-match brands so far are Yahoo and Google, which both appear on 10 lists. Apple, Facebook and YouTube appear as exact matches on eight.
ICANN helps bust Russian child porn ring
ICANN recently helped break up a Russian child pornography ring.
That’s according to a remarkable anecdote from CEO Fadi Chehade, speaking during a session at the Internet Governance Forum in Bali, Indonesia today.
The “investigative effort” took “months” and seems to have entailed ICANN staff sifting through company records and liaising with law enforcement and domain name companies on three continents.
Here’s the anecdote in full:
We participated in a global effort to break down a child pornography ring.
You think: what is ICANN doing with a child pornography ring? Well, simple answer: where does child pornography get put up? On a web site. Where’s that web site hosted? Well, probably at some hosting company that was given the web site name by a registrar that is hopefully a registrar or reseller in the ICANN network.
We have a public responsibility to help with that.
We have some of the smartest people in the world in that space.
It took us months to nail the child pornography ring.
It took us through LA to Panama. We had to work with the attorney general of Panama to find the roots of that company. One of our team members who speaks Spanish went into public company records until he found, connected — these are investigative efforts that we do with law enforcement — then we brought in the registrars, the registries… and it turned out that this ring was actually in Russia and then we had to involve the Russian authorities.
ICANN does all of this work quietly, in the background, for the public interest.
Wow.
At first I wasn’t sure what to make of this. On the one hand: this obviously excellent news for abused kids and ICANN should be congratulated for whatever role it took in bringing the perpetrators to justice.
On the other hand: is it really ICANN’s job to take a leading role in covert criminal investigations? Why are ICANN staffers needed to trawl through Panamanian company records? Isn’t this what the police are for?
ICANN is, after all, a technical coordination body that repeatedly professes to not want to involve itself in “content” issues.
Session moderator Bertrand de La Chappelle, currently serving out his last month on the ICANN board of directors, addressed this apparent disconnect directly, asking Chehade to clarify that ICANN is not trying to expand its role.
In response, Chehade seemed to characterize ICANN as something of an ad hoc coordinator in these kinds of circumstances:
There are many topics that there is no home for them to be addressed, so ICANN gets the pressure. People come to us and say: “Well you solve this, aren’t you running the internet?”
We are not running the internet. We do names and numbers. We’re a technical community, that’s what we do.
But the pressure is mounting on us. So it’s part of our goal to address the larger issues that we’re not part of, is to frankly keep us focused on our remit. In fact, ICANN should become smaller, not bigger. It should focus on what it does. The only area we should get bigger in is involving more people so we can truly say we’re legitimate and inclusive.
The bigger issues and the other issues of content and how the internet is used and who does what, we should be very much in the background. If there is a legal issue, if we are approached legally by an edict of a court or… if it’s a process we have to respond to it.
We don’t want to be instigating or participating or leading… we don’t, we really don’t.
A desire to make ICANN smaller doesn’t seem to tally with the rapid expansion of its global footprint of hubs and branch offices and the planned doubling of its staff count.
Indeed, the very next person to speak on today’s panel was Chehade’s senior advisor and head of communications Sally Costerton, who talked about her team doubling in size this year.
I don’t personally subscribe to the idea that ICANN should be shrinking — too much is being asked of it, even if it does stick to its original remit — but I’m also not convinced that it’s the right place to be be carrying out criminal investigations. That’s what the cops are for.
US raises ITU bogeyman as Chehade pushes for exit
ICANN CEO Fadi Chehade and a US ambassador today both talked up the multistakeholder model as a cure to concerns about PRISM and related surveillance programs.
But the US warned against using the spying scandal to push internet governance into the hands of “centralized intergovernmental control”, which I’m taking to mean the International Telecommunications Union.
Chehade and Ambassador Danny Sepulveda, US coordinator for international communications and information policy, were speaking at the opening ceremony of the Internet Governance Forum in Bali, Indonesia.
Chehade went first, telling the audience that ICANN plans to set up legal structures in other countries in addition to the US, following on from the three-hub strategy he put in place earlier this year.
It’s part of his effort to internationalize ICANN, he said.
“While we are a California corporation today there is nothing that precludes us from being also, in addition to that, a legal organization in other places, and we intend to do that in order to make ICANN a more international organization,” he said.
He went on to say something that could be interpreted as his intention to get rid of or renegotiate the Affirmation of Commitments with the US government:
We also believe our commitment to the world should be indeed to the world and not to any particular stakeholder, and we will work towards that and change that.
Minutes later, Sepulveda took the stage to more or less agree with Chehade — at least at a high level — whilst simultaneously warning about too much governmental control over the internet.
He said:
The internet today is no more any one country’s than any others. It is no more any one stakeholder’s than any others.
…
We support an open dialogue on the modernization and evolution of the multistakeholder system that enables the operation of the global internet. Bottom-up, inclusive, cooperative efforts to empower users and enable innovation, free from arbitrary government control, is what the US has been pulling for all along.
He directly addressed the Montevideo declaration, which I wrote about earlier today, which he said was a call “to modernize the internet’s governing system and make it more inclusive”.
The declaration, he said, “should be seen as an opportunity to seek that broad inclusion and for organizing multistakeholder responses to outstanding internet issues”.
“We must work together with these organizations, in good faith, on these important issues,” he said.
“We should however guard against recent arguments for centralized intergovernmental control of the internet that have used recent news stories about intelligence programs for their justification,” he said.
This seems to be a reference to the ITU, the standard US bogeyman when it comes to control over ICANN.
Watch Chehade’s speech here, then fast forward to 1:25 to hear Sepulveda’s response.
ICANN looking into string confusion confusion
ICANN is looking at “consistency issues” in new gTLD String Confusion Objections, program manager Christine Willett said in an ICANN interview published last night.
The nature of the probe is not clear, but ICANN does appear to be working with the dispute resolution provider, the International Centre For Dispute Resolution, on the issue.
In the interview, Willett said:
Staff is working diligently with dispute resolution service providers to ensure that all procedures have been followed and to look at the expert determinations — we’re looking at these consistency issues.
The SCO has come in for tonnes of criticism due to the conflicting and downright ludicrous decisions made by panelists.
I would hope that ICANN is looking beyond just whether “all procedures have been followed”, given that the root cause of the consistency problems appears to be the lack of guidance for panelists in the policy itself.
Also in the interview, Willett said that she expects the first new gTLDs to be “in production” before the end of the year, and guessed that the second round of applications “is a couple of years down the road”.
Watch it here:
NTAG rubbishes new gTLD collision risk report
The New gTLD Applicants Group has slated Interisle Consulting’s report into the risk of new gTLDs causing security problems on the internet, saying the problem is “overstated”.
The group, which represents applicants for hundreds of gTLDs and has a non-voting role in ICANN’s GNSO, called on ICANN to reclassify hundreds of “Uncalculated” risk strings as “Low” risk, meaning they would not face as substantial a delay before or uncertainty about their eventual delegation.
But NTAG said it “agreed” that the high-risk .corp and .home “should be delayed while further studies are conducted”. The current ICANN proposal is actually to reject both of these strings.
NTAG was responding to ICANN’s proposal earlier this month to delay 523 applications (for 279 strings) by three to six months while further studies are carried out.
The proposal was based on Interisle’s study of DNS root server logs, which showed many millions of daily queries for gTLDs that currently do not exist but have been applied for.
The worry is that delegating those strings would cause problems such as downtime or data leakage, where sensitive information intended for a recipient on the same local network would be sent instead to a new gTLD registry or one of its (possibly malicious) registrants.
NTAG reckons the risk presented by Interisle has been overblown, and it presented a point-by-point analysis of its own. It called for everything except .corp and .home to be categorized “Low” risk, saying:
We recognize that a small number of applied for names may possibly pose a risk to current operations, but we believe very strongly that there is no quantitative basis for holding back strings that pose less measurable threat than almost all existing TLDs today. This is why we urge the board to proceed with the applications classified as “Unknown Risk” using the mitigations recommended by staff for “Low Risk” strings. We believe the 80% of strings classified as “Low Risk” should proceed immediately with no additional mitigations.
The group pointed to a recent analysis by Verisign (which, contrarily, was trying to show that new gTLDs should be delayed) which included data about previous new gTLD delegations.
That report (pdf) said that .xxx was seeing 4,018 look-ups per million queries at the DNS root (PPM) before it was delegated. The number for .asia was 2,708.
If you exclude .corp and .home, both of those PPM numbers are multiples larger than the equivalent measures of query volume for every applied-for gTLD today, also according to Verisign’s data.
NTAG said:
None of these strings pose any more risk than .xxx, .asia and other currently operating TLDs.
…
the least “dangerous” current gTLD on the chart, .sx, had 331 queries per million in 2006. This is a higher density of NXDOMAIN queries than all but five proposed new TLDs. 4 Again, .sx was launched successfully in 2012 with none of the problems predicted in these reports.
Verisign’s report, which sought to provide a more qualitative risk analysis based on some data-supported guesses about where the error traffic is coming from and why, anticipated this interpretation.
Verisign said:
This could indicate that there is nothing to worry about when adding new TLDs, because there was no global failure of DNS when this was done before. Alternately, one might conclude that traffic volumes are not the only indicator of risk, and the semantic meaning of strings might also play a role. We posit that in some cases, those strings with semantic meanings, and which are in common use (such as in speech, writing, etc.) pose a greater risk for naming collision.
The company spent most of its report making somewhat tenuous correlations between its data (such as a relatively large number of requests for .medical from Japanese IP addresses) and speculative impacts (such as “undiagnosed system failures” at “a healthcare provider in Japan”).
NTAG, by contrast, is playing down the potential for negative outcomes, saying that in many cases the risks introduced by new gTLDs are no different from collision risks at the second level in existing TLDs.
Just as the NTAG would not ask ICANN to halt .com registrations while a twelve month study is performed on these problems, we believe there is no reason to introduce a delay in diversifying the Internet’s namespace due to these concerns.
While it stopped short of alleging shenanigans this time around, NTAG also suggested that future studies of root server error traffic could be gamed if botnets were engaged to crapflood the roots.
Its own mitigation plan, which addresses Interisle’s specific concerns, says that most of the reasons that non-existent TLDs are being looked up are either not a problem or can be easily mitigated.
For example, it says that queries for .youtube that arrived in the form of a request for “www.youtube” are probably browser typos and that there’s no risk for users if they’re taken to the YouTube dot-brand instead of youtube.com.
In another example, it points out that requests for “.cisco” or “.toshiba” without any second-level domains won’t resolve anyway, if dotless domains are banned in those TLDs. (NTAG, which has influential members in favor of dotless domains, stopped short of asking for a blanket ban.)
The Interisle report, and ICANN’s proposal to deal with it, are open for public comment until September 17. NTAG’s response is remarkably quick off the mark, for guessable reasons.
Spoof video reveals Donuts paid Tucows for two gTLDs
This has to be the strangest way to announce a new gTLD partnership to date.
Judging by a spoof video uploaded to YouTube yesterday, Tucows withdrew its applications for the .media and .marketing new gTLDs after receiving a pay-off from rival applicant Donuts.
Presented as “the hotly contested .media and .marketing gTLD bout” between Tucows CEO Elliot Noss and Donuts co-founder Jon Nevett, the video humorously documents the negotiation process.
If you don’t have four minutes to spare, or if awkward office-based spoof videos make you want to beat yourself to death with a bright red stapler, here’s the money shot:
While I’ve not yet received confirmation that the video is based on true events (it’s Saturday), the facts all fit.
Tucows withdrew both its .media and .marketing applications around July 26, according to the DI PRO new gTLD timeline, giving Donuts a clear run at delegation.
Uniregistry was the only other applicant in both contention sets, but withdrew its applications for .media and .marketing July 19 and June 21 respectively.
There’s nothing in the video to suggest that Uniregistry made a similar deal, but it seems likely.
It’s the first example I’m aware of of Donuts settling a contention set outside of the private auction process.
ICANN says DotConnectAfrica’s .africa bid is officially “Not Approved”
Watch .club win its new gTLD for $[censored]
As we reported earlier in the week, .CLUB Domains was one of the first companies to win its new gTLD auction and now the company has published a short video of the moment the auction closed.
The first reaction of CEO Colin Campbell is to put out a press release announcing the win, followed by calling the lawyers, which I think we can all agree is the Natural Order for all things.
Sadly, because winning bids are supposed to be confidential, the company has bleeped out references to the amount it paid and blurred a laptop screen in shot, lest CSI:Miami’s cyberpunks are watching.
Recent Comments