Latest news of the domain name industry

Recent Posts

ICANN rules could hamper agentic AI domain regs

Kevin Murphy, July 13, 2026, Domain Policy

Bulk registration of domain names is likely to become more difficult under policy proposals being considered in ICANN, potentially limiting the potential of agentic AI.

The Generic Names Supporting Organization is in the very early stages of a Policy Development Process that aims to “introduce friction” into bulk registration shopping carts for untrusted registrants.

The PDP was initially conceived last year as targeting API-based registrations, which are believed to be often used by Bad Guys to bulk-register domains for abusive purposes like malware and spam.

But the first version of the draft charter that will govern the PDP is now using “technology neutral” language, recognizing that APIs may not be as relevant in future. Bots and agentic AI are not directly mentioned, but it’s clearly what the authors have in mind.

The charter states:

This PDP would seek to introduce a requirement to put safeguards in place to ensure that registrants, particularly new or untrusted accounts, cannot immediately access domain name registrations at scale until they have demonstrated basic trustworthiness.

Quite how the limits would be put in place, what “at scale” means numerically, and how “trustworthiness” would be defined and earned, are all issues that would have to be hashed out by the PDP working group.

Whatever rules are created would be binding on all ICANN-accredited registrars and their resellers.

The PDP working group has yet to be created, and it seems the absolute earliest any agreed policy could be approved by ICANN would be the end of next year, with the rules coming into effect perhaps the following year.

The PDP is set to be the second of the Domain Abuse Mitigation efforts that began last year under pressure from governments and others and studies such as ICANN’s INFERMAL, which discovered that registrars with freely available APIs were far more likely to be abused by ne’er-do-wells.

ICANN looking at new bulk reg rules

Kevin Murphy, August 11, 2025, Domain Policy

ICANN seems set to start creating more rules governing DNS abuse, including limits on bulk registrations and more tracking of registrants.

A small team of GNSO volunteers have put together a list (pdf) of dozens of proposed policy change areas, covering everything from registrant data accuracy to pricing to API access to getting ICANN Compliance to be more proactive.

While most of the ideas in the team’s analysis received a broad range of views, it settles on three areas, all related to bulk registration of abusive domains, that it thinks are ripest for further policy work.

The first is “Associated Domain Checks”. The small team think it’s worth looking into whether registrars should have to investigate proactively domains registered by known abusive registrants.

The group also thinks it’s worth looking into better industry information-sharing about domain generation algorithms, which bad actors use to create vast numbers of gibberish names that can be used in spam runs, phishing attacks, or botnets.

Finally, the group thinks rules around API access to registrar platforms should be looked at, given that bulk-registered abusive domains often seem to use APIs to programmatically obtain thousands of throwaway domains in seconds.

The small team thinks a Policy Development Process looking at just these three issues could be completed relatively quickly and the community could address the remaining issues later.

Whether the recommendations go to a PDP is now up to the GNSO Council, which will vote on the matter this Thursday. Assuming the vote passes, which seems likely, ICANN staff would then have to prepare a formal Issue Report, setting out the scope of future work, if any.

A PDP would likely take years to complete.

The three priority topic areas reflect closely the Governmental Advisory Committee advice coming out of June’s ICANN 83 public meeting. Both small team and GAC heavily source ICANN’s INFERMAL research and a recent NetBeacon white paper as their inspirations.

ICANN to mull bulk registration ban

Kevin Murphy, October 12, 2022, Domain Policy

ICANN policymakers are to take a look at banning bulk domain registrations in ongoing efforts to combat DNS abuse.

While in the very early stages of discussion, the GNSO Council is being urged to start gathering data “to further explore the role that bulk registrations play in DNS Abuse” and “to consider whether further action on bulk registrations is deemed necessary”

The recommendation is among several in a newly published report of a cross-constituency GNSO “small team”, which may lead to “tightly focused and scoped policy development”.

While acknowledging “there are also examples in which bulk registrations are used for legitimate purposes”, the report states:

The small team recommends that the GNSO Council requests the Registrar Stakeholder Group and others (for example, ICANN org, the RySG and the DNSAI) to further explore the role that bulk registrations play in DNS Abuse as well as measures that Registrars may have already put in place to address this vector. Based on the feedback received, the GNSO Council will consider whether further action on bulk registrations is deemed necessary.

The report is to be considered later this month at the GNSO Council’s monthly meeting. Any actual policy outcome, if any, will be years away.