Recent Posts
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
Huge registrar shake-up coming to .biz and .info
Afilias and Neustar will be soon able to sell .biz and .info domains direct, and may have to shut down registrars that refuse to sign up to the new 2013 Registrar Accreditation Agreement.
Those are two of the biggest changes proposed to the companies’ ICANN contracts, drafts of which were published this morning six months after their last registry agreements expired.
The new .biz and .info deals would allow both companies to vertically integrate — that is, own a controlling position in a registrar that sells domains in their respective gTLDs.
This would remove unwanted friction from their sales and marketing efforts, but would mean both registries would start competing with their own registrar channel in the retail market.
That’s currently not allowed in almost all gTLD contracts, but is expected to become commonplace in the era of new gTLDs, which have no such ownership restrictions.
These new vertical integration clauses were not unexpected; it’s been envisaged for a couple of years that the restrictions would be dropped in legacy gTLDs.
What is surprising are newly proposed clauses that would oblige Neustar and Afilias to terminate accredited registrars’ access to their TLDs if they don’t sign up to the 2013 RAA.
Under the process set out in the contracts, when registrars representing 67% of the domains in each given TLD have signed up to the 2013 RAA, all the other registrars would have between 270 and 330 days to also sign up to it or lose their ability to access the .biz/.info registries.
That would mean no selling new names and no accepting inbound transfers — a growth death sentence in the affected TLDs.
In the case of .info, in which Go Daddy has a 45% market share, it would only take the top four registrars to sign up to the 2013 RAA before the clock started ticking for the others.
However, this 67% rule would only kick in for Afilias and Neustar if Public Interest Registry and Verisign also voluntarily agree to the same rules for their .org, .com and .net gTLDs.
It’s a pretty aggressive move by ICANN to push the 2013 RAA onto registrars via its contracts with registries, but not the first.
In the separately proposed base New gTLD Registry Agreement, expected to be finalized in the next few weeks, registrars can only sell new gTLD domains if they’re on the 2013 RAA.
Other changes to the .biz and .info contracts include giving the registries the ability to block certain domains from registration to deal with security threats. Registries have been doing this since Conficker, but now they’ll be explicitly allowed to under their contracts.
They’ll also now be subject to the same emergency back-end transition provisions as new gTLDs, in the event of a catastrophic failure.
Both companies will also get to keep their ability to raise registry fees by 10% a year.
Presumably, given that the US Department of Commerce is not party to the .biz and .info deals, neither registry will get the same nasty surprise that Verisign got last year when Commerce froze its prices.
Both proposed contracts are now open for public comment at ICANN, here and here.
The previous contracts actually expired last December but were extended for six months due to ICANN’s focus on new gTLDs and the fact that it wanted to bring both agreements closer to the new gTLD contract.
New registrar deal to bring big changes to the domain name industry
Big changes are coming to Whois, privacy services and resellers, among other things, under the terms of a newly agreed contract between domain name registrars and ICANN.
A proposed 2013 Registrar Accreditation Agreement that is acceptable to the majority of registrars, along with a plethora of supporting documentation, has been posted by ICANN this morning.
This “final” version, which is expected to be approved by ICANN in June, follows 18 months of often strained talks between ICANN and a negotiating team acting for all registrars.
It’s expected that only 2013 RAA signatories will be able to sell domain names in new gTLDs.
Overall, the compromise reflects ICANN’s desire to ensure that all registrars adhere to the same high standards of conduct, bringing contractual oversight to some currently gray, unregulated areas.
It also provides registrars with greater visibility into their future businesses while giving ICANN ways to update the contract in future according to the changing industry landscape.
For registrants, the biggest changes are those that came about due to a set of 12 recommendations made a few years ago by law enforcement agencies including the FBI and Interpol.
Notably, registrars under the 2013 RAA will be obliged to verify the phone number or email address of each registrant and suspend the domains of those it cannot verify.
That rule will apply to both new registrations, inter-registrar transfers and domains that have changes made to their Whois records. It will also apply to existing registrations when registrars have been alerted to the existence of possibly phony Whois information.
It’s pretty basic stuff. Along with provisions requiring registrars to disclose their business identities and provide abuse points of contact, it’s the kind of thing that all responsible online businesses should do anyway (and indeed all the big registrars already do).
Registrars have also agreed to help ICANN create an accreditation program for proxy and privacy services. Before that program is created, they’ve agreed to some temporary measures to regulate such services.
This temporary spec requires proxy services to investigate claims of abuse, and to properly inform registrants about the circumstances under which it will reveal their private data.
It also requires the proxy service to hold the registrant’s real contact data in escrow, to be accessed by ICANN if the registrar goes out of business or has its contract terminated.
This should help registrants keep hold of their names if their registrar goes belly-up, but of course it does mean that their private contact information will be also stored by the escrow provider.
But the biggest changes in this final RAA, compared to the previously posted draft versions, relate to methods of changing the contract in future.
Notably, registrars have won the right to perpetual renewal of their contracts, giving them a bit more long-term visibility into their businesses.
Under the current arrangement, registrars had to sign a new RAA every five years but ICANN was under no obligation to grant a renewal.
The 2013 contract, on the other hand, gives registrars automatic renewal in five-year increments after the initial term expires, as long as the registrar remains compliant.
The trade-off for this is that ICANN has codified the various ways in which the agreement can be modified in future.
The so-called “unilateral right to amend” clauses introduced a few months ago — designed to enable “Special Amendments” — have been watered down now to the extent that “unilateral” is no longer an accurate way to describe them.
If the ICANN board wants to introduce new terms to the RAA there’s a series of complex hoops to jump through and more than enough opportunities for registrars to kill off the proposals.
Indeed, there are so many caveats and a so many procedural kinks that would enable registrars to prevent ICANN taking action without their consent I’m struggling to imagine any scenario in which the Special Amendment process is successfully used by the board.
But the final 2013 RAA contains something entirely new, too: a way for ICANN’s CEO to force registrars back to the negotiating table in future.
This seems to have made an appearance at this late stage of negotiations precisely because the Special Amendment process has been castrated.
It would enable ICANN’s CEO or the chair of the Registrars Stakeholder Group to force the other party to start talking about RAA amendments with a “Negotiation Notice”. If the talks failed, all concerned would head to mediation, and then arbitration, to sort out their differences.
My guess is that this Negotiation Notice process is much more likely to be used than the Special Amendment process.
It seems likely that these terms will provide the template for similar provisions in the new gTLD Registry Agreement, which is currently under negotiation.
The 2013 RAA public comment period is open until June 4, but I don’t expect to see any major changes after that date. The documents can be downloaded, and comments filed, here.
Cops say new gTLDs shouldn’t launch without a Big Brother RAA
Law enforcement agencies are not happy with the proposed 2013 Registrar Accreditation Agreement, saying it doesn’t go far enough to help them catch online bad guys.
Europol and the FBI told ICANN’s Governmental Advisory Committee yesterday that people need to have their full identities verified before they’re allowed to register domain names.
They added that new gTLDs shouldn’t be allowed to launch until a tougher RAA is agreed to and signed by registrars.
The draft 2013 RAA would force registrars to validate their customers’ email addresses or phone numbers after selling them a domain, but law enforcement thinks this is not enough.
“We need a bit more in this area,” Troels Oerting, head of Europol’s European Cybercrime Centre, told the GAC during a Sunday session. “We need a bit more to be verified in addition to the phone or email.”
“It’s very, very important that we are able to identify perpetrators able, to identify the originators, and it’s not enough that you just put in the email or phone,” he said.
He added that there should also be re-verification procedures and ongoing compliance monitoring from ICANN, and said that only registrars signing the 2013 RAA should be allowed to sell new gTLD domains.
Europol has sent a letter to ICANN (not yet published, it seems) outlining four areas it wants to see the RAA “improved”, Oerting said.
Given that many GAC members, including the US, seem to support this position, it’s yet another threat to ICANN’s new gTLD launch timetable, not to mention privacy and anonymous speech in general.
The law enforcement recommendations are not new, of course. They’ve been in play and GAC-endorsed for many years, but were watered down during ICANN’s RAA talks with registrars.
Registrars and ICANN hit impasse on new RAA
ICANN and its accredited domain name registrars have hit a brick wall in their long-running contract negotiations, after ICANN demanded the right to unilaterally amend the deal in future.
Documents published by ICANN this morning reveal that the two sides have reached agreement on almost all of their previous sticking points — including the extremely thorny issue of Whois verification — but have run into some fundamental, eleventh-hour disagreements.
As we’ve been reporting for the last couple of weeks, the big unresolved issue is ICANN’s unilateral right to amend the Registrar Accreditation Agreement in future, which registrars absolutely hate.
Death of the GNSO? Again?
The text of that proposed change has today been revealed to be identical to the text ICANN wants to insert into the Registry Agreement that all new gTLD registries must sign.
It gives ICANN’s board of directors the right, by two-thirds majority, to make essentially any changes they want to the RA and RAA in future, with minimal justification.
Registrars are just as livid about this as new gTLD applicants are.
The proposed change appears to be one of those introduced last month that ICANN said “[stems] from the call by ICANN’s CEO, Fadi Chehadé, to work to improve the image of the domain industry and to protect registrants”.
Chehadé has been on the road for the last couple of months trying to raise ICANN’s profile in various stakeholder groups in the private and public sectors around the world.
One of the memes he’s impressed upon contracted parties and others is that people don’t trust the domain name industry. Part of ICANN’s solution, it seems, is to grant its board more powers over registries and registrars.
But the Registrars Stakeholder Group reckons unilateral amendments would torpedo the multistakeholder process by emasculating the Generic Names Supporting Organization. It said:
The effect of such a clause in the primary agreements between ICANN and its commercial stakeholders would be devastating to the bottom-up, multi-stakeholder model.
First, it will effectively mean the end of the GNSO’s PDP [Policy Development Process], as the Board will become the central arena for all controversial issues, not the community.
Second, it creates an imbalance of authority in the ICANN model, with no limits on the scope or frequency of unilateral amendments, and no protections for registrars and more important registrants.
That’s the biggest barrier to an agreement right now, and it’s one shared by the entire contracted parties constituency of ICANN. Expect fireworks in Beijing next month.
Friction over new gTLDs
Registrars and registries are also angry about the fact that ICANN wants to force registrars to adopt the 2013 RAA, even if their 2009 or 2001 deals are still active, if they want to sell new gTLDs.
RrSG secretary Michele Neylon of Blacknight told DI today that it looks like ICANN is trying to “drive a wedge” between registrars and registries.
Here’s why:
ICANN is trying desperately to stick to its new gTLD program timetable, which will see it start signing Registry Agreements with new gTLD applicants in late April.
But it wants the base RA to include a clause obliging registries to only sell via registrars on the 2013 RAA.
Because the 2013 RAA is not yet finalized, registrars could potentially hold up the approval and delegation of new gTLDs if they don’t quickly agree to the changes ICANN wants.
According to Neylon, the documents released today have been published prematurely; with a little more time agreement could be reached on some of the remaining differences.
Again: expect fireworks in Beijing.
Whois records will be verified
But the new RAA is not all friction.
ICANN and registrars have finally come to agreement on important topics where there was previously sharp divergence.
Registrars have agreed to a new Whois Accuracy Program Specification that is a lot weaker than ICANN had, working from a blueprint laid out by governments and law enforcement agencies, first asked for.
Under the 2013 RAA signed-up registrars will have to start verifying certain elements of the contact information submitted by their registrants.
Notably, there’ll be a challenge-response mechanism for first-time registrants. Registrars will ask their customers to verify their email address or enter a code that has been sent to them via SMS text message or phone.
Note the “or” in that sentence. ICANN and law enforcement wanted registrars to do email “and” phone verification, but ICANN appears to have relented after months of registrars yapping about costs.
In future practice, because email verification is far easier and cheaper to implement, I’d be surprised if phone verification is used in anything but the rarest of cases.
Other data points will also be verified, but only to see that they conform to the correct formats.
Registrars will have to make sure that mailing addresses meet the Universal Postal Union standards, and that phone numbers conform to International Telecommunications Union formatting, for example.
They’ll also have to verify that the street address exists (if they have access to that data) but there will be no obligation to make sure that address and phone number actually belong to the registrant.
Registrants that provide patently false information that fails registrar verification will get 15 days to correct it or face the suspension of their domains.
ICANN wants registrars to also verify their customer records (which are usually different to the Whois records and, anecdotally, more accurate anyway) too, but registrars have so far not agreed to do so.
Taken as a whole, at first reading it’s difficult to see how the new Whois verification spec will do anything to prevent fast-turnover abuse such as phishing, but it may go a small way to help law enforcement investigate longer-term scams such as counterfeit goods sites.
The proposed 2013 RAA, along with more explanatory documents than you could possibly read in a coffee break is now open for public comment, with the reply period closing shortly after the Beijing meeting.
Recent Comments