Latest news of the domain name industry

Recent Posts

Now new gTLDs are being scapegoated for child abuse material (rant)

Kevin Murphy, April 5, 2017, Domain Registries

The guy responsible for getting the string “rape” closely restricted for no reason in .uk domain names is now gunning for ICANN and new gTLDs with a very similar playbook.
Campaigner John Carr, secretary of the little-known Children’s Charities’ Coalition on Internet Safety, wants ICANN to bring in strict controls to prevent convicted pedophiles registering domains in child-oriented domains such as .kids.
He’s written to the UK prime minister, the two other ministers with the relevant brief, the US federal government and the California attorney general to make these demands.
That’s despite the fact that he freely acknowledges that he does not have any evidence of a problem in existing kid-oriented TLDs and that he does not expect there to be a problem with .kids, should it be delegated, in future.
Regardless, ICANN comes in for a bit of a battering in the letter (pdf), with Carr insinuating that it and the domain industry are quite happy to throw child safety under the bus in order to make a quick buck. He writes:

ICANN has definitely not been keeping the internet secure for children. On the contrary ICANN shows complete indifference towards children’s safety. This has led to real dangers that ICANN could have prevented or mitigated.

ICANN, the Registries and the Registrars have an obvious financial interest in increasing the number of domain names being sold. Their interest in maximising or securing their revenues appears sometimes to blind them to a larger obligation to protect the weak and vulnerable e.g. in this instance children.

Despite this worrying premise, Carr admits in an accompanying paper (pdf) that the Russian version of .kids (.дети), which has been live for three years and only has about 1,000 registrations, does not seem to have experienced a deluge of sex offenders.
Nevertheless, he says ICANN should have forced the .дети registry to do criminal background checks on all registrants to make sure they did not have a record of sexual offences.

While at the time of writing we have no information which suggests anything untoward has happened with any Russian .kids websites, and we understand the volume of sales has been low so far, the matter should never have been left open in that way. When ICANN let the contract it could have included clauses which would have made it a contractual obligation to carry out the sort of checks mentioned. The fact that ICANN did not do this illustrates a degree of carelessness about children’s well-being which is tantamount to gross negligence.

Quite how a domain registry would go about running criminal records checks on all of its customers globally, and what the costs and the benefits would be, Carr does not say.
The letter goes on to state incorrectly that Amazon and Google are in contention for .kids.
In fact, Google applied for the singular .kid. While the two strings are in contention due to an adverse String Confusion Objection, there’s also a second applicant for .kids, the DotKids Foundation, which proposes to keep .kids highly restricted and which Carr is either unaware of or deliberately omits from his letter.
Based on his assumption that .kids is a two-horse race between Amazon and Google, he says:

while I am sure both Google and Amazon will choose to do the right thing, whichever one is the eventual winner of the contract, the point is matters of this kind should never have been left as an option

So not only does Carr not have any evidence that extant “.kids” domains are currently being abused years after delegation, he’s also sure that .kids won’t be in future.
But he wants Draconian background checks implemented on all registrants anyway.
His letter coincides with the release of and heavily cites the 2016 annual report (pdf) of the Internet Watch Foundation — the organization that coordinates the takedown of child abuse material in the UK and elsewhere.
That report found that new gTLD domains are being increasingly used to distribute such material, but that Verisign-run TLDs such as .com are still by far the most abused for this purpose.
The number of takedowns against new gTLD domains in 2016 was 272 (226 of which were “dedicated to distributing child sexual abuse content”) the IWF reported, a 258% increase on 2015.
That’s 272 domains too many, but averages out at about a quarter of a domain per new gTLD.
There were 2,416 domains being used to distribute this material in 2016, IWF said. That means new gTLDs accounted for about 11% of the total child abuse domains — higher than the 7.8% market share that new gTLDs command (according to Verisign’s Q4 industry brief).
But the IWF report states that 80% of the total abuse domains are concentrated in just five TLDs — .com, .net, .se, .io, and .cc. Even child abusers are not fans of new gTLDs, it seems.
Despite the fact that two of these domains are operated under ICANN contract, and the fact that .io is operated by a British company representing a British overseas territory, Carr focuses his calls for action instead on new gTLDs exclusively.
And his calls are receiving attention.
A The Times article this week cries “New internet domain is magnet for paedophiles, charities warn”, while tabloid stable sister The Sun reported on “fears predators are exploiting new website addresses to hide indecent material”.
This is how it started with Carr’s campaign to get “rape” domains banned in the UK.
Back in 2013, he wrote a blog post complaining that it was possible to register “rapeher.co.uk” — not that it had been registered, only that it could be registered — and managed to place a couple of stories in the right-leaning press calling for Nominet to do more to prevent the registration of “depraved and disgusting” domains such as the one he thought up.
This led to a government minister calling for an independent policy review, an actual review, and a subsequent policy that sees some poor bastard at Nominet having to pore over every .uk registration containing rapey strings to see if they’re potentially advocating or promoting actual rape.
Implementation of that policy has so far confirmed that Carr’s worries were, as I said in my 2013 rant, baseless.
In 2016, there were 2,407 registrations of domains containing the string “rape”, but just one of them was found to be using it in the context of sexual assault and was suspended, according to Nominet stats.
In 2015, the number of suspensions was the same. One.
The same story is playing out now — a single Don Quixote with a tenuous grasp of the systems he’s criticizing calling for ludicrous policies to prevent a problem that he freely admits does not exist and probably won’t exist in future.
Still, at least he gets to wave some headlines in front of his employers to pretend he’s actually earning his salary.

Belgium domains will be registered in Ireland after cloud move

Kevin Murphy, February 20, 2017, Domain Registries

DNS Belgium, operator of .be, has moved its shared registration systems to the cloud, the non-profit said last week.
The registry migrated from a self-hosted system to Amazon Web Services on February 11.
It’s an effort to cut costs, increase efficiency, and free up engineering time currently dedicated to non-core functions such as hardware maintenance, executives said.
“As AWS sees to the hardware, connectivity etc., DNS Belgium can focus on the layers above, such as the software,” general manager Philip Du Bois said in a press release.
Business development manager Lut Goedhuys said that while the system has been moved to the cloud, AWS allows customers to select the data centers where their applications will be stored.
DNS Belgium picked Ireland, she said.

Amazon backtracks after pricing free Alexa list at over $900,000

Kevin Murphy, November 23, 2016, Domain Services

Amazon has reversed, at least temporarily, its decision to yank its free list of the world’s most popular domains, after an outcry from researchers.
The daily Alexa list, which contains the company’s estimate of the world’s top 1 million domains by traffic, suddenly disappeared late last week.
The list was popular with researchers in fields such as internet security. Because it was free, it was widely used.
DI PRO uses the list every day to estimate the relative popularity of top-level domains.
After deleting the list, Amazon directed users to its Amazon Web Services portal, which had started offering the same data priced at $0.0025 per URL.
That’s not cheap. The cost of obtaining same data suddenly leaped from nothing to $912,500 per year, or $2,500 per day.
That’s beyond the wallets, I suspect, of almost every Alexa user, especially the many domain name tools providers (including yours truly) that relied on the data to estimate domain popularity.
Even scaling back usage to the top 100,000 URLs would be prohibitively expensive for most researchers.
While Amazon is of course free to price its data at whatever it thinks it is worth, no notice was given that the file was to be deleted, scuppering without warning goodness knows how many ongoing projects.
Some users spoke out on Twitter.


I spent most of yesterday figuring out how to quickly rejigger DI PRO to cope with the new regime, but it seems I may have been wasting my time.
After an outcry from fellow researchers, Amazon has restored the free list. It said on Twitter:


It seems clear that the key word here is “temporarily”, and that the the restoration of the file may primarily be designed to give researchers more time to seek alternatives or wrap up their research.

Registrars say Amazon is “closing” open gTLD

Kevin Murphy, April 25, 2016, Domain Registries

A group comprising some of the largest domain registrars has claimed Amazon is attempting to close off a new gTLD that it previously indicated would be unrestricted.
The 12-strong group, which includes Go Daddy, Network Solutions and Tucows, also claims that the company’s proposal for a “Registration Authentication Platform” is anti-competitive.
The complaints follow Amazon’s filing of a Registry Services Evaluation Process request with ICANN in March.
The RSEP speaks in broad terms about rejigging the conventional domain registration path so that all .moi sales are funneled through Amazon’s registry site, where registrants will have their eligibility verified and then be offered a set of add-on “technology tools” before being bounced back to their chosen registrar.
Amazon hasn’t said who will be eligible to register .moi domains, nor has it explained what technology tools it plans to offer. I expect the tools will include things such as hosting and security, where many registrars currently make money.
Unsurprisingly, many registrars are not happy about these vague proposals.
In a comment (pdf) to the RSEP filed yesterday, they said:

Ultimately, the use of pre-registration verification and “optional” value added services will negatively impact competition. By tying both practices in a TLD, a TLD Operator can create a “captive audience” via the pre-registration verification and then offering optional services. This will effectively bypass the existing registration and purchase process, putting TLD Operator in a privileged position. The TLD is set up to capture customers earned via the Registrars marketing efforts to promote its own tools and services.

It’s not unusual for “sponsored” or “restricted” gTLDs to implement registry-side verification, they admitted, but said that .moi is meant to be “open”.
They wrote:

While this practice is not explicitly prohibited under gTLDs, we believe that post-delegation inclusion of these practices should only be allowed in compelling circumstances because they are, in effect, retroactively “closing” what was applied for and approved to be operated as an open, generic TLD.

Amazon’s application for .moi, like all of its new gTLD applications, is not entirely clear on what the company’s plans are. There’s vague talk about eligibility, but no details and nothing substantial to suggest a tightly restricted zone.
The signatories to the registrar comment represent the majority of registered domain names. They are: Astutium, Blacknight Internet Solutions, Domain.com, EuroDNS, GoDaddy.com, OpenproviderNetEarth One, Key-Systems, Netistrar, Network Solutions, Nordreg, Realtime Register, Tucows Domains.
One registrar, Com Laude, whose sister company Valideus handles Amazon’s gTLD applications, wrote a comment (pdf) expressing the opposite view.
Com Laude says that it’s not unusual for registries to require registry-side verification. It points to .bank, .pharmacy and .travel as examples.
The company also claims that the 12 registrars are in essence complaining about the idea of vertical integration — where registries and registrars are under common ownership — which is already in place at companies such as Uniregistry and Rightside.
Com Laude’s Jeff Neuman wrote:

We do not believe that it is unacceptable for a company like Amazon to do what these other companies have been doing for some time. To apply different standards to Amazon Registry than it does for each of the other vertically integrated entities would single them out for disparate treatment – especially when there is no factual basis to believe that Amazon Registry has not adhered to its vertical integration-related obligations under the Registry Agreement.

What’s going on here, I suspect, is a bit of a proxy war.
Neither Amazon nor the registrars care a great deal about .moi, I think. The gTLD is merely a canary for Amazon’s 30-odd yet-to-be-launched gTLDs. The company has the rights to potentially more attractive strings, including .book, .song and .tunes.
Amazon originally wanted to make these strings “closed generics”, or what ICANN calls “exclusive access” gTLDs, where only Amazon could register names.
It has since disavowed such plans, but still hasn’t said who will be able to register names in its portfolio or how they will prove eligibility.
.moi was not originally identified as a closed generic by ICANN, but it could represent a model for what Amazon plans to do with the rest of its stable.

Amazon files appeal on rejected .amazon domain

Kevin Murphy, March 3, 2016, Domain Policy

Amazon has appealed the rejection of its proposed .amazon new gTLD.
The company this week told ICANN that it has invoked the Independent Review Process, after 18 months of informal negotiations proved fruitless.
Amazon’s .amazon application was controversially rejected by ICANN in May 2014, due to advice from the Governmental Advisory Committee.
The GAC, by a consensus, had told ICANN that .amazon should be rejected.
South American nations that share the Amazonia region of the continent had said the string was “geographic” and should therefore be unavailable to the US-based company.
The word “Amazon” is not protected by ICANN’s geographic string rules, because “Amazon” is not the name of a region, and was only rejected due to governmental interference.
The GAC’s decision came only after the US, which had been preventing consensus in order to protect one of its biggest native internet companies, decided to step aside.
Amazon has been in ICANN’s Cooperative Engagement Process — an informal set of talks designed to avoid the need for too many lawyers — since July 2014.
Those talks have now ended and Amazon has told ICANN that an IRP is incoming, according to ICANN documentation published on Tuesday (pdf).
The IRP documents themselves have not yet been published by ICANN.
UPDATE: This article originally incorrectly stated that the US withdrew its objection to the GAC consensus on .amazon after the IANA transition was announced. In fact, it did so several months prior to that announcement.

Amazon plotting registrar workaround?

Kevin Murphy, March 3, 2016, Domain Registries

Amazon has given an early hint at how it may manage its new gTLD registries.
The company seems to be planning to make its own web site the place to go to for its new gTLD domains, relegating registrars to secondary players in the sales path.
It also seems to be planning to up-sell registrants with services, possibly including hosting, before they even get to the registrar’s storefront.
Amazon has filed a Registry Services Evaluation Process request with ICANN, relating to its gTLD .moi (French for “.me”) covering a “Registration Authentication Platform”.
.moi isn’t a brand, but Amazon says it plans to verify registrant “eligibility” before allowing a registration to take place.
To date, it has not revealed what the eligibility requirements for .moi are.
Its RSEP filing says that it intends to offer registrants a suite of optional add-on “technology tools or applications” at the point of verification.
Crucially, that’s before they get bounced to their registrar of choice to actually register the name.
Amazon is basically putting its up-sell pitch into the sales path before registrars get to do the same.
The RSEP explains it like this:

After the customer selects the Technology Tools of interest and/or ancillary products or services (if any), the customer will select its registrar of choice from among the complete list of .MOI-accredited registrars and be directed to that registrar’s site to permit that registrar to collect the required registrant information for the domain name registration, and to submit payment for the selected .MOI domain name. Upon completion of these steps, the registrar, through the normal EPP processes, shall transmit the required registration information to the Registry and the .MOI domain name shall be registered. A customer that first visits a .MOI-accredited registrar’s website will be directed to the Registry’s .MOI website to undergo the process noted above. After pre-registration policy verification, those customers will be transitioned back to the originating registrar’s site.

The RSEP does not explain what the “technology tools” are, but I’d be very surprised if they did not include for example web hosting, a staple higher-margin registrar product.
It’s not entirely clear what, if any, consultations Amazon has had with registrars regarding its proposals. The RSEP language is evasive:

Amazon Registry reached out to several registrars to have general discussions about their experience with pre-registration policy verification and how that experience (including customer experience) could be improved. Any consultations that may have occurred regarding the Technology Tools and the ancillary products and services would have occurred subject to a Mutual Non-Disclosure Agreement and cannot be disclosed.

Currently, the RSEP only covers .moi. Amazon would have to file additional RSEPs if it wanted the new service applied to its 32-TLD-strong portfolio, which includes the likes of .book, .song and .tunes.
ICANN has already made a preliminary determination that the RSEP “does not raise significant competition, security or stability issues”.
As usual, there’s a public comment period, which ends April 14.

Foot-dragging Amazon has bumper crop of new gTLDs

Kevin Murphy, December 7, 2015, Domain Registries

Amazon Registry Services took possession of 17 new gTLDs at the weekend.
The would-be portfolio registry had .author, .book, .bot, .buy, .call, .circle, .fast, .got, .jot, .joy, .like, .pin, .read, .room, .safe, .smile and .zero delegated to the DNS root zone.
Amazon seems to have waited until the last possible moment to have the strings delegated.
It signed its registry agreements — which state the TLDs must be delegated with a year — in mid-December 2014.
Don’t plan on being able to register domains in any of these gTLDs. You may be disappointed.
All of the strings were originally applied for as what became known as “closed generics”, in which Amazon would have been the only permitted registrant.
It recanted this proposed policy in early 2014, formally amending its applications to avoid the Governmental Advisory Committee’s anti-closed-generic advice.
Its registry contracts do not have the standard dot-brand carve-outs.
However, the latest versions of its applications strongly suggest that registrant eligibility is going to be pretty tightly controlled.
The applications state: “The mission of the <.TLD> registry is: To provide a unique and dedicated platform while simultaneously protecting the integrity of Amazon’s brand and reputation.”
They go on to say:

Amazon intends to initially provision a relatively small number of domains in the .CIRCLE registry to support the goals of the TLD… Applications from eligible requestors for domains in the .CIRCLE registry will be considered by Amazon’s Intellectual Property group on a first come first served basis and allocated in line with the goals of the TLD.

They state “domains in our registry will be registered by Amazon and eligible trusted third parties”.
Amazon has not yet published its TLD start-up information, which may provide more clarity on how the company intends to handle these strings.
I suspect we’ll be looking at a policy that amounts to a workaround of the closed-generic ban.
The registry seems to be planning to run its registry from AmazonRegistry.com.

Panel throws out ludicrous .shop confusion ruling

Kevin Murphy, August 25, 2015, Domain Registries

The new gTLD strings .shop and .通販 are not too confusingly similar-looking to coexist on the internet.
While that may be blindingly obvious to anyone who is not already blind, it’s taken the ICANN process three years to arrive at this conclusion.
An August 18 ruling by a three-person International Centre for Dispute Resolution appeals panel has “reversed, replaced and superseded” a two-year-old decision by a lone String Confusion Objection panelist. The appeals panel found:

the [original] expert panel could not have reasonably come to the decision reached by it in connection with the underlying String Confusion Objection

The two strings indisputably have no visual or aural similarity, are in different languages, written in different scripts that look very different, and have different phonetic spellings and pronunciations.

.通販 is the Japanese for “.onlineshopping”, applied for by Amazon in the 2012 new gTLD round.
.shop is a contested string applied for by Commercial Connect and others.
The two strings were ruled dissimilar by the String Similarity Panel in February 2013, but Commercial Connect filed the SCO a few weeks later.
In an SCO, the complainant must show that it is “probable, not merely possible” that the two strings will get mixed up by internet users.
In August 2013, ICDR panelist Robert Nau ignored that burden of proof and inexplicably ruled that the two strings were too similar to coexist and should therefore be placed in a contention set.
Nau would later rule that .shop and .shopping are also confusingly similar.
The .通販 decision was widely criticized for being completely mad.
Amazon appealed the decision via the ICANN Request for Reconsideration, but predictably lost.
After much lobbying, last October ICANN’s board of directors created an appeals process for SCO decisions, but limited the appellant pool to Amazon with .通販 and applicants for .cam (which had been ruled similar to .com).
Now, 10 months later, we finally have a sane decision in the Amazon case. Its application will presumably now be removed from the .shop contention set.
Read the final ruling here.

US Congresspeople tell ICANN to ignore GAC “interference”

Kevin Murphy, June 12, 2015, Domain Policy

A bispartisan group of US Congresspeople have called on ICANN to stop bowing to Governmental Advisory Committee meddling.
Showing characteristic chutzpah, the governmental body advises ICANN that advice from governments should be viewed less deferentially in future, lest the GAC gain too much power.
The members wrote (pdf):

Recent reports indicate that the GAC has sought to increase its power at the expense of the multistakeholder system. Although government engagement in Internet governance is prudent, we are concerned that allowing government interference threatens to undermine the multistakeholder system, increasing the risk of government capture of the ICANN Board.

The letter was signed by 11 members of the House Judiciary Subcommittee on Courts, Intellectual Property and the Internet, which is one of the House committees that most frequently hauls ICANN to Capitol Hill to explain itself.
Most of the signatories are from the Republican majority, but some are Democrats.
It’s not entirely clear where they draw the line between “engagement” and “interference”.
The letter highlights two specific pieces of GAC input that the signatories seem to believe constitute interference.
First, the GAC’s objection to Amazon’s application for .amazon. The letter says this objection came “without legal basis” and that ICANN “succumbed to political pressure” when it rejected the application.
In reality, the GAC’s advice was consensus advice as envisaged by the Application Guidebook rules. It was the US government that succumbed to political pressure, when it decided to keep its mouth shut and allow the rest of the GAC to reach consensus.
The one thing the GAC did wrong was filing its .amazon objection outside of the window envisaged by the Guidebook, but that’s true of almost every piece of advice it’s given about new gTLD applications.
Second, the Congresspeople are worried that the GAC has seized for its members the right to ban the two-letter code representing their country from any new gTLD of their choosing.
I’ve gone into some depth into how stupid and hypocritical this is before.
The letter says that it has “negative implications for speech and the world economy”, which probably has a grain of truth in it.
But does it cross the line from “engagement” to “interference”?
The Applicant Guidebook explicitly “initially reserved” all two-letter strings at the second level in all new gTLDs.
It goes on to say that they “may be released to the extent that Registry Operator reaches agreement with the government and country-code manager.”
While the rule is pointless and the current implementation convoluted, it comes as a result of the GAC engaging before the new gTLD program kicked off. It was something that all registries were aware of when they applied for their gTLDs.
However, the GAC’s more recent behavior on the two-letter domain subject has been incoherent and looks much more like meddling.
At the ICANN meeting in Los Angeles last October, faced with requests for two-character domains to be released, the GAC issued formal advice saying it was “not in a position to offer consensus advice on the use of two-character second level domain names”.
ICANN’s board of directors accordingly passed a resolution calling for a release mechanism to be developed by ICANN staff.
But by the time February ICANN meeting rolled around, it had emerged that registries’ release requests had been put on hold by ICANN due to letters from the GAC.
The GAC then used its Singapore communique to advise ICANN to “amend the current process… so that relevant governments can be alerted as requests are initiated.” It added that “Comments from relevant governments should be fully considered.”
ICANN interpreted “fully considered” to mean an effective veto, which has led to domains such as it.pizza and fr.domains being banned.
So it does look like thirteenth-hour interference but that’s largely because the GAC is often incapable of making its mind up, rarely talks in specifics, and doesn’t meet frequently enough to work within timelines set by the rest of the community.
However, while there’s undoubtedly harm from registries being messed around by the GAC recently, governments don’t seem to have given themselves any powers that they did not already have in the Applicant Guidebook.

Amazon staffing up for new gTLD launches

Kevin Murphy, January 30, 2015, Domain Registries

Amazon is one of the biggest portfolio applicants for new gTLDs, but to date we haven’t heard much from the e-commerce giant about how it intends to use its new assets.
That could change soon, however. The company is currently looking to bulk up its registry services staff, according to two job ads posted to DI Jobs today.
Amazon is looking for a Project Manager, Registry Services and a Sr. Software Development Manager, Registry Services to “help develop and launch innovative business models across Amazon’s new domain program.”.
Applicants will need to “see beyond DNS in its traditional function”, one of the ads intriguingly notes.
The project manager role is described as “a start-up opportunity with the backing of a larger organization”.
Amazon currently has 63 live new gTLD applications, of its original 76, 21 of which are currently in the final testing phase before delegation. Those include strings such as .buy, .read, .author and .like. Another 29 are in contracting with ICANN right now.