Latest news of the domain name industry

Recent Posts

Registrars CAN charge for Whois, ICANN grudgingly admits

Kevin Murphy, December 1, 2022, Domain Registrars

ICANN is powerless to prevent registrars from charging for access to non-public Whois data, the Org has reluctantly admitted.

In a recent advisory, ICANN said it is “concerned” that registrars including Tucows have been charging fees to process requests for data that would otherwise be redacted in the free public Whois.

But it said there’s nothing in the Registrar Accreditation Agreement, specifically the Temporary Specification governing Whois in the post-GDPR world, that bans such services:

While the RAA explicitly requires access to public registration data directory services to be provided free of charge, the Temporary Specification does not specifically address the issue of whether or not a registrar may charge a fee for considering requests for access to redacted registration data.

So basic Whois results, with all the juicy info redacted, has to be free, but registrars can bill organizations who ask for the veil to be lifted. ICANN wrote:

ICANN org is concerned that registrars’ imposition of fees for consideration of requests for access to nonpublic gTLD registration data may pose an access barrier. Access to registration data serves the public interest and contributes to the security and stability of the Internet

The advisory calls out Tucows’ Tiered Access Compliance and Operations system, TACO, as the primary example of a registrar charging for data, but notes that others are too.

Not long after the advisory was published, Tucows posted an article in which it explained that the fees are necessary to cover the cost of the “thousands” of automated requests it has received in the last four years.

Charging fees for compliance with other forms of legal process is not uncommon in the industry, and the vast majority of requests for registration data (approximately 90%) continue to come from commercial litigation interests and relate to suspected intellectual property infringement.

Facebook, now Meta, was at first, and may still well be, a frequent bulk filer.

Tucows said that it “frequently” waives its fees upon request for “single-use requestors and private parties”.

Is ICANN toothless in the face of DNS abuse?

Kevin Murphy, October 12, 2022, Domain Policy

Concerns have been raised that ICANN may lack the tools to tackle DNS abuse using its contracts with registries and registrars.

The new report from the GNSO’s “small team” on abuse has highlighted two “gaps” in the current Compliance regime that may be allowing registrars to get away with turning a blind eye to abusive customers.

The current version of the standard Registrar Accreditation Agreement calls for registrars to maintain an abuse contact email and to “take reasonable and prompt steps to investigate and respond appropriately to any reports of abuse.”

The problem, the small team report finds, is that ICANN Compliance doesn’t seem to have a standard definition of “reasonable”, “prompt”, and “appropriately”. The contract doesn’t require any specific remediations from the registrar.

“Members of the small team are concerned that this interpretation may allow DNS abuse to remain unmitigated, depending upon the registrar’s specific domain name use and abuse policies,” the report states.

Judging by conversations at ICANN 75 last month, it’s apparently the first time Compliance has gone on the record about how it enforces this part of the contract.

It’s quite rare for ICANN to issue a public breach notice to a registrar over its failure to respond to abuse reports and when it does, it tends to relate to the registrar’s failure to keep records showing how it responded.

I can’t find any instances where Compliance has canned a registrar for allowing abusive domains — typically defined as those hosting malware, phishing, botnets, pharming and some spam — to remain active after an abuse report.

The small team’s report also thinks there’s a blind spot in ICANN’s standard Registry Agreement, which in turn requires registries to include, in their Registry-Registrar Agreements, provisions requiring anti-abuse terms in the registrars’ Registration Agreements.

This complex chain of contractual provisions doesn’t seem to be enforced, the small team notes, saying “further consideration may need to be given to what Registries are doing to ensure the text is indeed included in the Registration Agreement (ie Registries enforcing their own Registry-Registrar Agreements”.

The small team recommends that contracted parties talk further with ICANN about possible contract changes or best practices documents before going ahead with policy-making. The GNSO Council will address the recommendations later this month.

ICANN terminates these three deadbeat registrars

Registrars based in the US, Philippines and Bangladesh have lost their ICANN accreditations for non-payment of fees.

ICANN recently sent termination notices to Domainia, HOAPI, and Innovadeus, which the Org says have breached their contracts by not paying and in some cases failing to provide required information and services on their web sites.

It appears all three companies are no longer operational. Domainia’s domain resolves to a GoDaddy sales lander, HOAPI’s is NX’d, and Innovadeus’s site is riddled with WordPress errors.

Innovadeus and HOAPDI were first deemed “past due” on their fees in November 2020, according to ICANN. For Domainia, it was September 2020.

Fortunately, it seems few to no registrants will be affected by the terminations. HOAPI had one gTLD domain under management, its own. Domainia had none, and Innovadeus had a few hundred, which will be transferred to another registrar.

Russian registry hit with second breach notice after downtime

ICANN has issued another breach notice against the registry for .gdn, which seems to be suffering technical problems and isn’t up-to-date on its bills.

Navigation-Information Systems seems to have experienced about 36 hours of Whois/RDDS downtime starting from April 22, and is past due with its quarterly ICANN fees, according to the notice.

Contractually, if ICANN’s probes detect downtime of Whois more than 24 hours per week, that’s enough to trigger emergency measures, allowing ICANN to migrate the TLD to an Emergency Back-End Registry Operator.

Today, the registry’s web site hasn’t resolved for me in several hours, timing out instead, suggesting serious technical problems. Other non-registry .gdn web sites seem to work just fine.

NIS seems to be a Russian company — although most ICANN records give addresses in Dubai and Toronto — so it might be tempting to speculate that its troubles might be a result of some kind of cyber-war related to the Ukraine invasion.

But it’s not the first time this has happened by a long shot.

The company experienced a pretty much identical problem twice a year earlier, and it seems to have happened in 2018 and 2019 also.

NIS just can’t seem to keep its Whois up.

According to the breach notice, whenever Compliance manages to reach the registry’s 24/7 emergency contact they’re told he/she can’t help.

ICANN has given the registry until May 29 to fix its systems and pay up, or risk termination.

.gdn was originally applied for as something related to satellites, but it launched as an open generic that attracted over 300,000 registrations, mostly via disgraced registrar AlpNames, earning it a leading position in spam blocklists. Today, it has around 11,000 names under management, mostly via a Dubai registrar that seems to deal purely in .gdn names.

Two countries could lose registrar competition after breach notices

ICANN has issued breach-of-contract notices to two small registrars, potentially reducing the number of accredited registrars in two countries to just one.

It’s sent notices to Tecnologia, Desarrollo Y Mercado S de RL de CV, one of two accredited registrars based in Honduras, and to Innovadeus, one of only two in Bangladesh.

In the former case, ICANN claims TDM has failed to respond to abuse reports and has been generally sluggish and reluctant to cooperate with Compliance requests.

In the case of Innovadeus, it claims the registrar — which records show has lost almost all of its domains under management in the last couple of years — has failed to pay its accreditation fees.

TDM has been told to shape up by May 27. Innovadeus has been given until May 26 to pay up. Failure in either case could mean termination.

ICANN picks 28 registries for abuse audit

Kevin Murphy, April 13, 2022, Domain Registrars

ICANN has kicked off its annual compliance audit, and this time it’s focused on registries rather than registrars.

It’s picked 28 gTLDs based on whether they’ve not been fully audited before, whether they have more than 100 domains, and whether they show up a lot in abuse blocklists (excluding spam blocklists).

Only one gTLD per registry has been picked, which might be why the number is lower than previous audit rounds.

The audit will entail sending a questionnaire to each registry to ask how they are complying with each of their commitments under the Registry Agreement.

Registries have already been told if they’ve been picked. ICANN hopes to have it all wrapped up in the third quarter.

Bye-bye Alice’s Registry

Kevin Murphy, April 13, 2022, Domain Registrars

One of ICANN’s oldest accredited registrars has had its contract terminated for non-payment of fees and other alleged breaches.

Alice’s Registry, which has been around since 1999, has been told it’s no longer allowed to sell gTLD domains and that whatever remains of its managed domains will be transferred to another registrar.

The termination comes at the end of more than two years of ICANN’s Compliance department pursuing AR for not paying its accreditation fees, not operating a working Whois service, not implementing RDAP, and not showing its company is in good standing.

The registrar’s web site hasn’t been working in many months, and until its accreditation was suspended last October it had not responded to ICANN’s calls and emails.

Its responses to Compliance since then did not help its case, so ICANN made the decision to terminate.

ICANN offers $1 million to Ukraine projects, supports Ukrainian registrants

Kevin Murphy, March 8, 2022, Domain Policy

ICANN has allocated $1 million to help protect internet access in war-torn Ukraine.

Its board of directors at the weekend voted to set aside the “initial sum” of money “to provide financial assistance to support access to Internet infrastructure in emergency situations.”

There’s an expectation that the cash will be spent “on support for maintaining Internet access for users within Ukraine”, where the Russian invasion is described as “tragic and profoundly troubling”, over the next few months, the board said.

It’s not clear yet exactly how the money will be spent, though something related to the keeping the DNS up and running would seem to be the most probable. The resolution calls for the CEO to develop a process to figure it out.

Ukraine’s ccTLD manager, Hostmaster, moved its servers into other European countries shortly after the invasion, and signed up to Cloudlflare’s DDoS protection service. It’s not clear whether it had to spend money on these moves.

ICANN’s million will come from its regular operating budget, not the stash it has set aside from its new gTLD auctions. The auction money will probably be spent on similar things eventually, but the process for allocating that is still being worked out in a committee.

ICANN also said this week that it is, as I and others suggested, exercising section 3.7.5.1 of its Registrar Accreditation Agreement to declare the invasion an “extenuating circumstance”, meaning Ukrainians who are unable to renew their domain name registrations before they expire may not lose them.

Registrars now have the option to keep these domains registered after their usual expiration date and ICANN will not send its Compliance enforcers after them.

“We encourage registrars and registries to support this action and take these circumstances into consideration when reviewing impacted registrants’ renewal delinquencies in affected regions,” ICANN said.

It’s the first time ICANN has exercised this power in connection with a human-made disaster. It previously invoked 3.7.5.1 in response to Hurricane Maria in Puerto Rico and worldwide in response to the Covid-19 pandemic.

Hostmaster itself has extended the redemption period for .ua domains from 30 to 60 days.

Registrar hit with second porn UDRP breach notice this year

Kevin Murphy, February 21, 2022, Domain Registrars

A Chinese registrar group has been accused by ICANN of shirking its UDRP obligations for the second time this year.

ICANN has put Hong Kong-based DomainName Highway on notice that is in breach of its contract for failing to transfer the domain 1ockheedmartin.com to defense contractor Lockheed Martin.

The domain is a straightforward case of typosquatting, with the initial L replaced with a numeral 1. At time of writing, it still resolves to a page of pornographic thumbnail links, despite being lost in a UDRP case January 4.

Under UDRP rules, registrars have 10 days to transfer a UDRP-losing domain to the trademark owner, unless a lawsuit prevents it.

The circumstances are very similar to a breach notice ICANN issued against ThreadAgent.com over a case of BMW’s brand being cybersquatted with porn last month.

Both ThreadAgent and DomainName Highway appear to be part of the XZ.com, aka Xiamen DianMedia Network Technology Co, which is based in China but has about 20 accredited registrars based in Hong Kong.

DomainName Highway has about 30,000 gTLD domains under management.

Costa Rica’s only registrar gets terminated

Kevin Murphy, February 16, 2022, Domain Registrars

Costa Rica no longer has any in-country accredited registrars, after ICANN terminated Toglodo for non-payment of fees.

ICANN told the company last week that its accreditation is terminated effective February 23.

It seems Toglodo owed ICANN thousands of dollars in past-due fees. The Org says had been chasing it for money since at least March last year, but had not managed to make contact.

The registrar once had a few thousand gTLD domains under management, mostly .coms, but that’s dwindled to almost nothing recently. Whatever domains remain, ICANN will attempt to transfer to another registrar.