ICANN turns down money from blockchain alt-root
It seems ICANN is turning down free money from blockchain alt-root providers, apparently as a matter of principle.
We hear one such alt-root, Freename.io, tried to sponsor the upcoming ICANN 78 meeting in Hamburg, but was rebuffed.
“At this time, ICANN is not interested in having Freename serve as a sponsor and will not be moving forward with a sponsorship agreement,” the Org told the company in an unsigned email.
Freename had offered to be a general sponsor, and not at the cheapest tier, I’m told.
ICANN sponsorship offers typically start in the low thousands but can get up to six figures at the higher tiers. Sponsorship is overall a very small part of ICANN’s revenue.
Org has become increasingly rattled in recent years with the proliferation of alt-roots, which have been gradually gaining market acceptance while ICANN’s own efforts to expand the domain universe languish in interminable policy knots.
ICANN delayed the sale of the UNR portfolio of gTLDs until buyers renounced their ownership rights to blockchain versions of their authoritative root strings.
Clearly, splashing an alt-root’s branding all over an ICANN stage would be seen as problematic.
Freename.io plans to attend the Hamburg meeting anyway.
.art links DNS and alt-root ENS
UK Creative Ideas, the .art gTLD registry, has started offering its registrants the ability to register names on the blockchain-based alt-root Ethereum Name Service that exactly match their DNS names, for a one-time fee.
CMO Jeff Sass said that for $20, paid in Ethereum coin, registrants can secure their exact-match on the ENS, with no renewal fees.
There’s an authentication system using DNS TXT records to make sure only .art DNS registrants can obtain their matching ENS names, he said.
“We’ve married the two together, so there can’t be any confusion or collisions,” he said.
The benefit of this is that registrants will be able use their .art domains to address their cryptocurrency wallets. Web browsers that support ENS obviously already support DNS, so there’s no real benefit in that context.
.ART is also selling ENS .art names without matching DNS names — and these can include ICANN-prohibited characters such as emojis — but these are priced from $5 to $650, based on character count, and have annual renewal fees.
.art current has about 230,000 registered names, a pretty respectable number for a new gTLD, and Sass said about 60% of them are in the form of firstnamelastname.art, suggesting usage by professional and amateur artists.
gTLD registries selling matches in alt-roots has been a cause of concern at ICANN over recent years, due to legal concerns. Uniregistry’s sale of its portfolio was held up for months because of this.
It’s ICANN versus the blockchain in Kuala Lumpur
Internet fragmentation and the rise of blockchain-based naming systems were firmly on the agenda at ICANN 75 in Kuala Lumpur today, with two sessions exploring the topic and ICANN’s CTO at one point delivering a brutal gotcha to a lead blockchain developer.
Luc van Kampen, head of developer relations at Ethereum Name Service, joined a panel entitled Emerging Identifier Technologies, to talk up the benefits of ENS.
He did a pretty good job, I thought, delivering one of the clearest and most concise explanations of ENS I’ve heard to date.
He used as an example ICANN’s various handles across various social media platforms — which are generally different depending on the platform, because ICANN was late to the party registering its name — to demonstrate the value of having a single ENS name, associated with a cryptographic key, that can be used to securely identify a user across the internet.
Passive aggressive? Maybe. But it got his point across.
“We at ENS envisage a world where everyone can use their domain as a universal identifier,” he said. Currently, 600,000 users have registered 2.4 million .eth domains, and over 1,000 web sites support it, he said.
He described how ENS allows decentralized web sites, is managed by a decentralized autonomous organization (DAO) and funded by the $5 annual fee for each .eth name that is sold.
Van Kampen had ready responses to questions about how it would be feasible for ENS to apply to ICANN to run .eth in the consensus root in the next new gTLD application round, suggesting that it’s something ENS is thinking about in detail.
While not confirming that ENS will apply, he described how a gateway or bridge between the Ethereum blockchain and the ICANN root would be required to allow ENS to meet contractual requirements such as zone file escrow.
What did not come up is the fact the the string “eth” is likely to be reserved as the three-character code for Ethiopia. If the next round has the same terms as the 2012 round, .eth will not even enter full evaluation.
But the real gotcha came when ICANN CTO John Crain, after acknowledging the technology is “really cool”, came to ask a question.
“What kind of safeguards and norms are you putting in place regarding misbehavior and harm with these names?” Crain asked.
Van Kampen replied: “Under the current implementation of the Ethereum Name Service and the extensions that implement us and the integrations we have, domains are unable to be revoked under any circumstances.”
“So if I understand correctly, under the current solution, if I’m a criminal and I register a name in your space, I’m pretty secure today,” Crain asked. “I’m not going to lose my name?”
Van Kampen replied: “Under the current system, everything under the Ethereum Name Service and everything registered via us with the .eth TLD are completely censorship resistant.”
Herein lies one of the biggest barriers to mainstream adoption of blockchain-based alt-roots. Who’s going to want to be associated with a system that permits malware, phishing, dangerous fake pharma and child sexual abuse material? Who wants to be known as the maker of the “kiddy porn browser”?
If I were Crain I’d be feeling pretty smug after that exchange.
That’s not to say that ICANN put in a wholly reassuring performance today.
Technologist Alain Durand preceded van Kampen with a presentation pointing out the substantial problems with name collisions that could be caused by blockchain-based alt-roots, not only between the alt-root and the ICANN root, but also between different alt-roots.
It’s a position he outlined in a paper earlier this year, but this time it was supplemented with slides outlining a hypothetical conversation between two internet users slowly coming to the realization that different namespaces are not compatible, and that the ex-boyfriend of “Sally” has registered a name that collides with current boyfriend “John”.
It’s meant to be cute, but some of the terminology used made me cringe, particularly when one of the slides was tweeted out of context by ICANN’s official Twitter account.
To learn more about alternative naming systems, read #ICANN's OCTO publication >> https://t.co/LFYjy1KX3w | Emerging Identifier Technologies #ICANN75 pic.twitter.com/mWN7fCc7eR
— ICANN (@ICANN) September 21, 2022
Maybe I’m reading too much into this, but it strikes me as poor optics for ICANN, an organization lest we forget specifically created to introduce competition to the domain name market, to say stuff like “Market, you are a monster!”.
I’m also wondering whether “icannTLD” is terminology that plays into the alt-root narrative that ICANN is the Evil Overlord of internet naming. It does not, after all, actually run any TLDs (except .int).
The language used to discuss alt-roots came under focus earlier in the day in a session titled Internet Fragmentation, the DNS, and ICANN, which touched on blockchain alt-roots while not being wholly focused on it.
Ram Mohan, chief strategy officer of Identity Digital and member of ICANN’s Security and Stability Advisory Committee, while warning against ICANN taking a reflexively us-versus-them stance on new naming systems, wondered whether phrases such as “domain name” and “TLD” are “terms of art” that should be only used to refer to names that use the consensus ICANN-overseen DNS.
We ought to have a conversation about “What is a TLD”? Is a TLD something that is in the IANA root? Is a domain name an identifier that is a part of that root system? i think we ought to have that conversation because the place where I worry about is you have other technologies in other areas that come and appropriate the syntax, the nomenclature, the context that all of us have worked very hard to build credibility in… What happens if that terminology gets taken over, diluted, and there are failures in that system? … The end user doesn’t really care whether [a domain] is part of the DNS or not part of the DNS, they just say “My domain name stopped working”, when it may not actually be a quote-unquote “domain name”.
Food for thought.
Alt-root .eth is getting very big, very fast
If .eth was a real domain, it would be the second-largest new gTLD and have more registrations than ccTLDs from nations as large as Spain and Japan, according to the blockchain-based registry.
Ethereum-based alt-root registry ENS Domains today tweeted that it added 301,000 new .eth domains in August, to end the month with a total of 2.17 million names. It said it now has 540,000 registrants.
August 2022 stats for ENS
– 301K new .eth registrations (total 2.17m names)
– $4.7m in protocol revenue (all goes to the @ENS_DAO)
– 2,744 ETH in revenue (3rd highest month)
– 34K new eth accounts w/ at least 1 ENS name (total 540k)
– >99% of OpenSea domain vol pic.twitter.com/utU8i4cBMT— ens.eth (@ensdomains) September 1, 2022
For context, that’s about 10% of what .com does in a month, and about 75% of monthly registration volume for .xyz, the largest new gTLD.
The total of 2.17 million domains would make .eth bigger than .online, the current second-largest new gTLD, and would put it in the top 10 ccTLDs (of those tracked by DI).
Not bad for a niche product that won’t resolve in most browsers and is chiefly useful for addressing cryptocurrency wallets.
Group crowdfunding crypto to apply to ICANN for blockchain gTLD
Do we have our first confirmed blockchain-themed new gTLD application? Looks like it.
A group of pseudonymous individuals have announced plans to apply to ICANN for .dao in the next round, and are currently crowdfunding the project by asking for donations in the Ethereum cryptocurrency.
Going by the name DomainDAO, they say they’ve raised 230 ETH so far, which appears to be worth over $430,000 at today’s rates, already probably enough for a bare-bones new gTLD application.
They want to apply for .dao, an acronym for “decentralized autonomous organization”, a type of entity where token-owning participants set the direction of the DAO via rules laid down in software and votes encoded into a blockchain.
DomainDAO’s web site takes a few pops at the likes of Verisign and Identity Digital owner Ethos Capital for alleged unethical practices and says the goal is for .dao to one day “supersede” .com.
The concept differs from other blockchain-based TLD projects, such as Unstoppable Domains, in that it’s not alt-root. The plan is to apply to ICANN to get into the authoritative, consensus DNS root, so that .dao domains can be used by all.
Unstoppable already runs .dao in its own alt-root, selling domains for $20, and has recently proven litigious when it smells a collision from a competing project.
But the main roadblock to the root may well be ICANN itself.
While the rules governing the next round of gTLD applications are not yet set in stone, it strikes me as incredibly unlikely that ICANN will entertain a bid from an applicant that is not a recognized legal entity with a named board of directors that can be subjected to background screening.
DomainDAO is itself a DAO, and the DAO concept is reportedly prone to corruption and hacking, which could make ICANN nervous.
In addition, people funding DomainDAO today are offered crypto tokens that can be redeemed for second-level domains if the TLD eventually goes live — it’s essentially already selling pre-registrations — which could interfere with rights protection mechanisms, depending on implementation.
But DomainDAO claims to have an industry Greybeard on the payroll, a senior advisor going by the handle “Speech-less”, an “Executive with 20+ years experience in domain and ICANN”.
If that’s you, we probably already know each other. Why not get in touch to tell me why this thing is going to work?
Unstoppable valued at over $1 billion after huge new investment
Unstoppable Domains has received a huge new funding round that the company says means it now has a valuation in excess of $1 billion.
The $65 million Series A round was led by Pantera Capital, with a whopping 17 other venture capital firms taking part, according to the company.
Unstoppable is an alt-root player, offering blockchain-based domains in nine TLDs such as .nft, .blockchain, .crypto and .wallet.
Much of its work to date has been on persuading crypto currency users to use Unstoppable domains to replace the otherwise cumbersome and confusing addresses of their crypto wallets, but the names can also be used to address web sites if you use the right browser software.
Unlike the regular domain name industry, where much of the investment attractiveness comes from the possibility of high-margin recurring renewal revenue, Unstoppable sells its names for a one-time fee. It presumably has other revenue sources in mind for long-term growth.
The traditional domain name industry, ICANN, and potential new gTLD applicants should pay attention.
If, as seems likely, some of the TLD strings Unstoppable is using in its alt-root are applied for in the next new gTLD round, a well-funded competitor that has already proven itself litigious when it comes to name collisions could prove a formidable opponent.
Of course, some potential applicants might see a well-funded alt-root player as an invitation to apply for colliding strings in the hope of a quick pay-off at private auction.
Unstoppable targets another city gTLD with free domains
Alt-root provider Unstoppable Domains has inked another partnership with a city that already has its own gTLD in the authoritative root.
The blockchain domains company said it has linked up with the City of Miami’s Venture Miami project, which encourages tech investment in Miami, to offer $50 in Unstoppable’s alternative domains to anyone attending Miami Dade College or showing up at an event there over the weekend.
For nine out of 10 of Unstoppable’s extensions, that’s enough to buy at least one domain. The company does not charge renewal fees.
It’s the second city recently that Unstoppable has partnered with, following its offer of free domains to all female residents of Abu Dhabi a couple of weeks ago.
In both of these cases, the cities in question already have their own gTLD in the authoritative, functioning, ICANN root. Unstoppable’s extensions, which are largely themed around crytopcurrency, mostly do not function without browser plug-ins.
While .abudhabi has only about a thousand registered domains, .miami, which was acquired from MMX by GoDaddy last year and has the city as a partner, has been more popular, with close to 16,000 names in its zone file currently.
Whether this can be dismissed as more “web3” hype or alt-root snake oil or not, Unstoppable seems to have secured a couple of pretty interesting marketing coups, and it will be interesting to see which city gets targeted next.
GoDaddy and XYZ sign away rights after UNR’s crypto gambit
ICANN has started asking registries to formally sign away ownership rights to their gTLDs when they acquire them from other registries.
GoDaddy and XYZ.com both had to agree that they don’t “own” their newly acquired strings before ICANN would agree to transfer them from portfolio UNR, which auctioned off its 23 gTLD contracts a year ago.
GoDaddy bought .photo and .blackfriday for undisclosed sums in the auction, it emerged last week. XYZ bought 10 others and newcomer Dot Hip Hop bought .hiphop.
All three transfers were signed off March 10 (though GoDaddy’s were inexplicably not published by ICANN until last Thursday, when much of Christendom was winding down for a long weekend) and all three contain this new language:
The Parties hereby acknowledge that, notwithstanding anything to the contrary in any marketing or auction materials, documentation or communications issued by Assignor or any other agreements between the Parties or otherwise, nothing in the Registry Agreement(s) or in any other agreements between Assignor and Assignee have established or granted to Assignor any property or ownership rights or interest in or to the TLDs or the letters, words, symbols or other characters making up the TLDs’ strings and that Assignee is not being granted any property or ownership rights or interest in or to the TLDs or the letters, words, symbols or other characters making up the TLDs’ strings.
The Parties represent that they understand the scope of ICANN’s Consent, which: (A) does not grant Assignee any actual or purported property or ownership rights or interest in or two the TLDs or the letters, words, symbols or other characters making up the TLDs’s strings; (B) is solely binding and applicable to the assignment of rights and obligations pursuant to the Registry Agreement(s); (C) solely relates to the operation of the TLDs in the Domain Name System as specified in the applicable Registry Agreement(s); and (D) does not convey any rights to the letters, words or symbols making up the TLD string for use outside the Domain Name System.
The TL;DR of this? Registries don’t “own” their gTLDs, ICANN just allows them to use the strings.
The new language is in there because UNR’s auction had offered, as a bonus, ownership of matching non-fungible token “domains” on the blockchain-based alt-root Ethereum Name Service.
Alt-roots arguably present an existential threat to ICANN and a risk to the interoperability of the internet, so ICANN delayed authorization of its approvals for many months while it tried to figure out the legalities.
Dot Hip Hop, for one, has said it couldn’t care less about the Ethereum NFT, and has had it deleted.
Separately, the .ruhr contract has been transferred from regiodot to fellow German geo-TLD operator DotSaarland, a subsidiary of London-based CentralNic, which announced the acquisition in February.
This assignment agreement was signed March 31 — after GoDaddy’s and XYZ’s — and does not include the new ownership waiver language, suggesting that it’s unique to UNR’s auction winners.
However, the friction between blockchain alt-roots is likely to be an issue when the next new gTLD application round opens.
It’s being said that a great many “TLDs” are being registered on various blockchains specifically in order to interfere with matching ICANN applications, and that blockchain fans are attempting to delay the next round to give their own projects more time to take root.
GoDaddy’s two acquisitions bring the total known outcomes of UNR’s auctions to 13 out of 23 gTLDs. At least four more are being processed by ICANN, according to a now month-old statement.
Could .trust be the next big crypto TLD?
UNR has some big plans for .trust, a gTLD that mysteriously was omitted from its big fire-sale auction last month.
When UNR auctioned 23 of its gTLD portfolio, raising over $40 million over a three-day event, it escaped pretty much everyone’s notice — including mine — that .trust was not among those up for sale.
UNR, the former Uniregistry, acquired the TLD from NCC Group last November. It had been owned before NCC by Deutsche Post.
While it’s technically live, it’s never sold a domain.
It had been expected to launch as a vanilla gTLD around about now, but it seem plans have changed.
Registrars have been told to expect something “innovative” instead, and UNR tells me it has big plans it’s not ready to talk about yet.
My hunch? Crypto.
This is pure speculation based on nothing more than the string being closely associated with the kind of cryptocurrency slash blockchain slash non-fungible token malarkey the interwebs is going barmy for at the moment.
While UNR has not disclosed the identities of its auction winners, it has said at least one buyer is from the blockchain world.
Given UNR’s evident boredom with basic, workaday gTLDs, we’d have to expect its single retained top-level domain to do something a bit special, right?
Could crypto solve the Whois crisis?
Could there be a cryptographic solution to some of the problems caused by GDPR’s impact on public Whois databases? Security experts think so.
The Anti-Phishing Working Group has proposed that hashing personal information and publishing it could help security researchers carry on using Whois to finger abusive domain names.
In a letter to ICANN, APWG recently said that such a system would allow registries and registrars to keep their customers’ data private, but would still enable researchers to identify names registered in bulk by spammers and the like.
“Redacting all registration records which were formerly publicly available has unintended and undesirable consequences to the very citizens and residents that electronic privacy legislation intends to protect,” the letter (pdf) says.
Under the proposed system, each registry or registrar would generate a private key for itself. For each Whois field containing private data, the data would be added to the key and hashed using a standard algorithm such as SHA-512.
For items such as physical addresses, all the address-related fields would be concatenated, with the key, before hashing the combined value.
The resulting hash — a long string of gibberish characters — would then be published in the public Whois instead of the [REDACTED] notice mandated by current ICANN policy.
Security researchers would then be able to identify domains belonging to the same purported registrant by searching for domains containing the same hash values.
It’s not a perfect solution. Because each registry or registrar would have their own key, the same registrant would have different hash values in different TLDs, so it would not be possible to search across TLDs.
But that may not be a huge problem, given that bad guys tend to bulk-register names in TLDs that have special offers on.
The hashing system may also be beneficial to interest groups such as trademark owners and law enforcement, which also look for registration patterns when tracking down abuse registrants.
The proposal would create implementation headaches for registries and registrars — which would actually have to build the crypto into their systems — and compliance challenges for ICANN.
The paper notes that ICANN would have to monitor its contracted parties — not all of which may necessarily be unfriendly to spammers — to make sure they’re hashing the data correctly.
Recent Comments