Child abuse becoming big problem for new gTLDs

There were 3,791 domain names used to host child sexual abuse imagery in 2017, up 57%, according to the latest annual report from the Internet Watch Foundation.
While .com was the by far the worst TLD for such material in terms of URLs, over a quarter of the domains were registered in new gTLDs.
Abuse imagery was found on 78,589 URLs on 3,791 domains in 152 TLDs, the IWF said in its report.
.com accounted for 39,937 of these URLs, a little over half of the total, with .net, .org, .ru and .co also in the top five TLDs. Together they accounted for 85% of all the abuse URLs found. The 2016 top five TLDs included .se, .io and .cc.
New gTLDs accounted for a small portion of the abuse URLs — just over 5,000, up 221% on 2016 — but a disproportionate number of domains.
The number of new gTLD domains used for abuse content was 1,063, spread over 50 new gTLDs. Equivalent numbers were not available in the 2016 report and IWF does not break down which TLDs were most-abused.
According to Verisign’s Q4 Domain Name Industry Brief (pdf), new gTLDs account for just 6.2% of all existing domain names, and yet they account for over 28% of the domains where IWF found child abuse imagery.
IWF said that the increasing number of domains registered to host abuse imagery can be linked to what it calls “disguised websites”.
These are sites “where the child sexual abuse imagery will only be revealed to someone who has followed a pre-set digital pathway — to anyone else, they will be shown legal content.”
Presumably this means that registries and registrars spot-checking domains they have under management could be unaware of their true intended use.

Domain universe grows almost 1% in 2017 despite new gTLD slump

The total number of registered domain names in all TLDs was up 0.9% in 2017, despite a third-quarter dip, according to the latest data compiled by Verisign.
The latest Domain Name Industry Brief, published yesterday, shows that there were 332.4 million domains registered at the end of the year.
That’s up by 1.7 million names (0.5%) on the third quarter and up 3.1 million names (0.9%) on 2016.
Growth is growth, but when you consider that 2015-2016 growth was 6.8%, under 1% appears feeble.
The drag factors in 2017 were of course the 2012-round new gTLDs and Verisign’s own .net, offset by increases in .com and ccTLDs.
New gTLD domains were 20.6 million at the end of the year, down by about 500,000 compared to the third quarter and five million names compared to 2016.
As a percentage of overall registrations, new gTLDs dropped from 7.8% at the end of 2016 to 6.2%.
The top 10 new gTLDs now account for under 50% of new gTLD regs for the first time.
The numbers were primarily affected by big declines in high-volume spaces such as .xyz, which caused the domain universe to actually shrink in Q3.
Verisign’s own .com fared better, as usual, with .net suffering a decline.
The year ended with 131.9 million .com names, up by five million names on the year, exactly offsetting the shrinkage in new gTLDs.
But .net ended up with 14.5 million names, a 800,000 drop on 2016.
In the ccTLD world, total regs were up 1.4 million (1%) quarterly and 3.4 million (2.4%) annually.
Excluding wild-card ccTLD .tk, which never deletes domains and for which data for 2017 was not available to Verisign, the growth was a more modest 0.7 million (0.5%) quarterly and 2.3 million (1.8%) annually.
The DNIB report for Q4 2017 can be downloaded here (pdf).

CentralNic spends $3.3 million on .com portfolios

CentralNic has splashed out £2.5 million ($3.3 million) to bolster its portfolio of domain names for the secondary market.
The company said in a brief statement today that it acquired an unspecified number of domains across “a number of portfolios”. The sellers were not disclosed.
The names were all in .com.
CEO Ben Crawford said the names were acquired “at an attractive discount to current market rates”.
The deals mean London-listed CentralNic might be able to continue to prop up its recurring revenue (registry/registrar) numbers through the sale of premium names, something it still needs to do if it wants to show investors a pleasing growth curve.
That’s assuming it can sell the names at a profit, of course.
Some call this the premium domain “hamster wheel”.

Namecheap to bring millions of domains in-house next week

Namecheap is finally bringing its customer base over to its own ICANN accreditation.
The registrar will next week accept transfer of an estimated 3.2 million .com and .net domains from Enom, following a court ruling forcing Enom owner Tucows to let go of the names.
The migration will happen from January 8 to January 12, Namecheap said in a blog post today.
Namecheap is one of the largest registrars in the industry, but historically it mostly acted as an Enom reseller. Every domain it sold showed up in official reports as an Enom sale.
While it’s been using its own ICANN accreditation to sell gTLD names since around 2015 — and has around four million names on its own credentials — it still had a substantial portion of its customer base on the Enom ticker.
After the two companies’ arrangement came to an end, and Enom was acquired by Tucows, Namecheap decided to also consolidate its .com/.net names under its own accreditation.
After Tucows balked at a bulk transfer, Namecheap sued, and a court ruled in December that Tucows must consent to the transfer.
Now, Namecheap says all .com and .net names registered before January 2017 or transferred in before November 2017 will be migrated.
There may be some downtime as the transition goes through, the company warned.

ICANN punts o.com auction to US watchdogs

Verisign’s proposed auction of the domain o.com might have a negative effect on competition and has been referred to US regulators.
That’s according to ICANN’s response to the .com registry’s request to release the domain, which is among the 23 single-letter domains currently reserved under the terms of its contract.
ICANN has determined that the release “might raise significant competition issues” and has therefore been referred to “to the appropriate governmental competition authority”.
It’s forwarded Verisign’s request to the US Department of Justice.
Verisign late last month asked ICANN if it could release o.com to auction as a test that could presumably lead to other single-character .com names being released in future.
The plan is for a charity auction, in which almost all the proceeds are donated to internet-related good causes.
Only the company running the auction would make any significant money; Verisign would just take its standard $7.85 annual fee.
ICANN told the company that it could find no technical reason that the release could not go ahead.
The only barrier is the fact that Verisign arguably has government-approved, cash-printing, market dominance and is therefore in a sensitive political position.
Whether its profitless plan will be enough to see the auction given the nod remains to be seen.
A certain bidder in the proposed auction would be Overstock.com, the online retailer, which has been pressuring ICANN and Verisign for the release of O.com for well over a decade and even owns trademarks covering the domain.
Disclosure: several years ago I briefly provided some consulting/writing services to a third party in support of the Verisign and Overstock positions on the release of single-character domain names, but I have no current financial interest in the matter.

Verisign wants to auction off O.com for charity

The internet could soon gets just its fourth active single-character .com domain name, after Verisign revealed plans to auction off o.com for charity.
The company has asked ICANN to allow it to release just one of the 23 remaining one-letter .com domains, which are currently reserved under the terms of the .com registry agreement.
It’s basically a proof of concept that would lead to this contractual restriction being lifted entirely.
O.com has been picked as the guinea pig, because of “long-standing interest” in the domain, according to Verisign.
Overstock.com, the $1.8 billion-a-year US retailer, is known to have huge interest in the name.
The company acquired o.co from .CO Internet for $350,000 during the ccTLD’s 2010 relaunch, then embarked upon a disastrous rebranding campaign that ended when the company estimated it was losing 61% of its type-in traffic to o.com.
Overstock has obsessed over its unobtainable prize for over a decade and would almost certainly be involved in any auction for the domain.
In fact, I wouldn’t be surprised to discover that Overstock pressured Verisign into requesting the release of o.com.
Despite the seven or eight figures that a single-letter .com domain could fetch, Verisign’s cut of the auction proceeds would be just $7.85, its base registry fee.
Regardless, it has a payment schedule in mind that would see the winning bidder continue to pay premium renewal fees for 25 years, eventually doubling the sale price.
The winner would pay their winning bid immediately and get a five-year registration, but then would have to pay 5% of that bid to renew the domain for years six through 25.
In other words, if the winning bid was $1 million, the annual renewal fee after the first five years would be $50,000 and the total amount paid would eventually be $2 million.
All of this money, apart from the auction provider’s cut, would go to a trust that would distribute the funds to internet-focused non-profit organizations, such as those promoting security or open protocols.
There’s also a clause that would seem to discourage domain investors from bidding. The only way to transfer the domain would be if the buyer was acquired entirely, though this could be presumably circumvented with the use of a shell company.
It’s an elaborate auction plan, befitting of the fact that one-character .com domains are super rare.
Only x.com, q.com and z.com are currently registered and it’s Verisign policy to reserve them in the unlikely event they should ever expire.
Billionaire entrepreneur Elon Musk this July reacquired x.com, the domain he used to launch PayPal in the 1990s, back from PayPal for an undisclosed sum.
Z.com was acquired by GMO Internet for $6.8 million in 2014.
Single-character domains are typically not reserved in the ICANN contracts of other gTLDs, whether pre- or post-2012, though it’s standard practice for the registry to reserve them for auction anyway.
Verisign’s reservations in .com and .net are a legacy of IANA policy, pre-ICANN and have been generally considered technically unnecessary for some years.
Still, there’s been a reluctance to simply hand Verisign, already a money-printing machine through accident of history, another windfall of potentially hundreds of millions of dollars by allowing it to sell off the names for profit. Hence the elaborate plan with the O.com trust fund.
The proposal to release O.com requires a contractual amendment, so Verisign has filed a Registry Services Evaluation Process request (pdf) with ICANN that is now open for public comment.
As a matter of disclosure: several years ago I briefly provided some consulting/writing services to a third party in support of the Verisign and Overstock positions on the release of single-character domain names, but I have no current financial interest in the matter.

Verisign launches name-spinner tool for if you really, really need a .com

Verisign has launched a new name-spinning tool, designed to help new businesses find relevant domain names in Verisign-managed TLDs.
It’s called NameStudio. Verisign said:

NameStudio can deliver relevant .com and .net domain name suggestions based on popular keywords, trending news topics and semantic relevance. Pulling from multiple and diverse data sources, the service can identify the context of a word, break search terms apart into logical combinations and quickly return results. It can also distinguish personal names from other keywords and use machine-learning algorithms that get smarter over time.

The machine-learning component may come in handy, based on my non-scientific, purely subjective messing around at the weekend.
I searched for “london pubs”, a subject close to my heart. Naturally enough, londonpubs.com is not available, but the suggestions were not what you’d call helpful.

As you can see, the closest match to London it could find was “Falkirk”, a town 400 miles away in Scotland. The column is filled with the names of British towns and cities, so the tool clearly knows what London is, even if its suggestions are not particularly useful for a London-oriented web site.
The closest match to “pubs” was “cichlids”, which Google reliably informs me is a type of fish. “ComicCon” (a famous trademark), “barbarians” and a bunch of sports, dog breeds and so on feature highly on its list of suggestions.
NameStudio obviously does not know what a “pub” is, but it’s not a particularly common word in most of Verisign’s native USA, so I tried “london bars” instead. The results there were a little more encouraging.
Again, Falkirk topped the list of London alternatives, a list that this time also prominently included the names of Australian cities.
On the “bars” column, suggestions such as “parties”, “stags” and “nights” suggests that NameStudio has a notion what I’m looking for, but the top suggestion is still “birthdays”.
I should note that the service also suggests prefixes such as “my” and “free” and suffixes such as “online” or “inc”, so if you have your heart set on a .com domain you’ll probably be able to find something containing your chosen keywords.
The domains alllondonpubs.com and alllondonbars.com were probably the best available alternatives I could find. For my hypothetical London-based pub directory/blog web site, they’re not terrible choices.
I also searched NameStudio for “domain blog”, another subject close to my heart.
The top three suggestions in the “domain” column were “pagerank”, “websites” and “query”. Potentially relevant. Certainly some are in the right ball-park. Let’s ignore that “pagerank” is a Google trademark that nobody really talks about much any more.
The top suggestions to replace “blog” were “infographic”, “snippets” and “rumor”. Again, right ball-park, but my best bet still appears to be adding a prefix or suffix to my original keywords.
I tried a few more super-premium one-word keywords too.
The best suggestion for “vodka” was “dogvodka.com”. For “attorney”, it was “funattorney.com”. For “insurance”, there were literally no available suggestions.
Currently — and to be fair the tool just launched last week — you’re probably better off looking at other name suggestion tools.
NameStudio does not appear to currently suggest domains that are listed for sale on the aftermarket. I expect that’s a feature addition that could come in future.
But possibly the main problem with the tool appears to be that it currently only looks for available names in .com, .net, .tv or .cc.
Repeating my “london pubs” search with GoDaddy and DomainsBot, which each support hundreds more TLDs, produced arguably superior results.

They’re only superior, of course, if you consider your chosen keywords, and the brevity of your domain, more important than your choice of TLD. For some people, a .com at the end of the domain will always be the primary consideration, and perhaps those people are Verisign’s target market.

Verisign and Afilias testing Whois killer

Verisign and Afilias have become the first two gTLD registries to start publicly testing a replacement for Whois.
Both companies have this week started piloting implementations of RDAP, the Registration Data Access Protocol, which is expected to usurp the decades-old Whois protocol before long.
Both pilots are in their very early stages and designed for a technical audience, so don’t expect your socks to be blown off.
The Verisign pilot offers a web-based, URL-based or command-line interface for querying registration records.
The output, by design, is in JSON format. This makes it easier for software to parse but it’s not currently very easy on the human eye.
To make it slightly more legible, you can install a JSON formatter browser extension, which are freely available for Chrome.
Afilias’ pilot is similar but does not currently have a friendly web interface.
Both pilots have rudimentary support for searching using wildcards, albeit with truncated result sets.
The two new pilots only currently cover Verisign’s .com and .net registries and Afilias’ .info.
While two other companies have notified ICANN that they intend to run RDAP pilots, these are the first two to go live.
It’s pretty much inevitable at this point that RDAP is going to replace Whois relatively soon.
Not only has ICANN has been practically champing at the bit to get RDAP compliance into its registry/registrar contracts, but it seems like the protocol could simplify the process of complying with incoming European Union privacy legislation.
RDAP helps standardize access control, meaning certain data fields might be restricted to certain classes of user. Cops and IP enforcers could get access to more Whois data than the average blogger or domainer, in other words.
As it happens, it’s highly possible that this kind of stratified Whois is something that will be legally mandated by the EU General Data Protection Regulation, which comes into effect next May.

Forget emojis, you can buy Egyptian hieroglyph .com domains

Call them the Emojis of the Ancient World.
Egyptian hieroglyphs were once the cutting edge of written communication, and it turns out Verisign lets you register .com domains using them.
Internationalized domain names expert Andre Schapp discovered a couple months ago that the Unicode code points for the ancient script have been approved in 16 Verisign gTLDs, and apparently no others.
This means that domains such as should resolve.
Unfortunately, DI’s database does not support these characters, so I’m having to use images.
But at least one domain investor seems have snapped up a few dozen single-pictograph Egyptian hieroglyph names about a month ago, and his page has clickable links.
Whether you see the hieroglyph or the Punycode, prefixed “xn--“, seems to depend on your browser configuration.
Ancient Egyptian is apparently not the only dead script that Verisign supports.
According to IANA, you can also get .com domains in Sumero-Akkadian cuneiform, which went out of fashion in the second century CE, as well Phoenician, the world’s oldest known script.
Then there’s Imperial Aramaic, Meitei, Kharosthi, ‘Phags-pa, Sylheti Nagari and goodness knows how many other extinct writing systems.
It seems .com has been approved for 237 IDN scripts, in total. Let it not be said that Verisign does not offer domainers ample opportunity to spunk their cash on gibberish.
No Klingon, though.

How .com became a restricted TLD

Verisign has been given approval to start restricting who can and cannot register .com and .net domain names in various countries.
Customers of Chinese registrars are the first to be affected by the change to the registry’s back-end system, which was made last year.
ICANN last week gave Verisign a “free to deploy” notice for a new “Verification Code Extension” system that enables the company to stop domains registered via selected registrars from resolving unless the registrant’s identity has been verified and the name is not on China’s banned list.
It appears to be the system Verisign deployed in order to receive its Chinese government license to operate in China.
Under Verification Code Extension, Verisign uses ICANN records to identify which registrars are based in countries that have governmental restrictions. I believe China is currently the only affected country.
Those registrars are able to register domains normally, but Verisign will prevent the names from resolving (placing them in serverHold status and keeping them out of the zone file) unless the registration is accompanied by a verification code.
These codes are distributed to the affected registrars by at least two verification service providers. Verisign, in response to DI questions, declined to name them.
Under its “free to deploy” agreement with ICANN (pdf), Verisign is unable to offer verification services itself. It must use third parties.
The company added the functionality to its .com and .net registry as an option in February 2016, according to ICANN records. It seems to have been implemented last July.
A Verisign spokesperson said the company “has implemented” the system.
The Verification Code Extension — technically, it’s an extension to the EPP protocol pretty much all registries use — was outlined in a Registry Services Evaluation Process request (pdf) last May, and approved by ICANN not long after.
Verisign was approved to operate in China last August in the first wave of gTLD registries to obtain government licenses.
Under Chinese regulations, domain names registered in TLDs not approved by the government may not resolve. Registrars are obliged to verify the identities of their registrants and names containing certain sensitive terms are not permitted.
Other gTLDs, including .vip, .club, .xyz .site and .shop have been granted approval over the last few months.
Some have chosen to work with registration gateway providers in China to comply with the local rules.
Apart from XYZ.com and Verisign, no registry has sought ICANN approval for their particular implementation of Chinese law.
Because Chinese influence over ICANN is a politically sensitive issue right now, it should be pointed out that the Verification Code Extension is not something that ICANN came up with in response to Chinese demands.
Rather, it’s something Verisign came up with in response to Chinese market realities. ICANN has merely rubber-stamped a service requested by Verisign.
This, in other words, is a case of China flexing market muscle, not political muscle. Verisign, like many other gTLD registries, is over-exposed to the Chinese market.
It should also be pointed out for avoidance of doubt that the Chinese restrictions do not apply to customers of non-Chinese registrars.
However, it appears that Verisign now has a mechanism baked into its .com and .net registries that would make it much easier to implement .com restrictions that other governments might choose to put into their own legislation in future.