Recent Posts
- Identity Digital takes over 25-year-old TLD
- Ask.com hits the market as Jeeves breathes his last
- ICANN throws a bone to its most stubborn new gTLD applicant
- Cops get special Whois access rights
- Identity Digital acquires another dormant gTLD
- Verisign to delete .name 3LDs and email addresses
- Four more deadbeat registrars face firing squad
- ICANN punts on Oman meeting decision
- DNSSEC claims another registry victim
- .music has competition as .mu repositions
- Over 100 new gTLD bids have already been announced
- 2026 new gTLD round has actually opened
- Nominet wants to fight shrinkage without self-abuse
- Verisign cranks up guidance as .com swells
- More Verisign bitchiness as .com price rise revealed
- Is a .tree gTLD very cool or very silly?
- The internet just got its first new TLD since 2022
- Kid-friendly domains could be reborn
- Shrinking .us TLD is up for grabs
- Namecheap saw 116,000 phishing attacks last year
- .io safe for now as Trump puts Chagos deal on ice
- Amazon sells three gTLDs to Identity Digital
- .radio’s new owners might have a fight on their hands
- WIPO doubles the speed of UDRP cases
- Amazon joining GlobalBlock
- Unstoppable buys 10 new registrars
- ICANN cleaning house, cans four more registrars
- ICANN to throw millions more at cheapo gTLDs
- Introducing Stringtel, my new free new gTLD tool
- GlobalBlock signs the two best deals it will ever get
- Seven registrars get terminated
- GoDaddy launches DomainMaxxing to optimize your domains
- .latino gTLD to launch soon
- Amazon readies .pay gTLD
- Nominet reveals first DNS tech funding recipients
- ICANN hit with tinfoil-hat lawsuit
- .pn relaunches — you’ll never guess what they say it means
- Unstoppable focuses on proper domains, admits crypto was “craze”
- ICANN boss: no plans to scrap Oman meeting
- China domains dip in 2026
- ICANN maps out new gTLD timeline
- War disrupts ICANN 85
- Namecheap abandons fight for .org price caps
- Identity Digital acquires another gTLD
- Seven dead registrars on the out
- Sav.com owner takes over .radio gTLD
- .com zone tops 160 million domains
- ai.com, the most-expensive domain sale ever
- .ai hits seven figures, raises prices
- Typosquatter gets two years in jail
- Epstein low-balled registrants to get his exact-match domain
- Epstein bought “mother” domains for Fergie while serving time
- Two former ICANN directors want back in
- Former ICANN director could lose control of ccTLD
- UK launches “police.ai”, but does it own the domain?
- Team Internet still in talks to sell off domains unit
- NamesCon returning to Miami in November
- “Mad Dog” politician registers nazis.us, redirects to Trump admin site
- “Lowest Price Guaranteed!” $48 .com registrar canned
- No RDAP? No accreditation
- Fifth-largest gTLD not dead after all
- Half of registrar’s domains are abusive, ICANN says
- Burr joins PIR after leaving ICANN board
- Refunds galore as gTLD losers finally bow out
- .goo terminated as search engine closes down
- GoDaddy to offer domain blocking to people who don’t have trademarks
- Happy new year expected for domain industry, says ICANN
- Salesforce to apply for a dot-brand
- Team Internet looking to break up
- Noss to leave Tucows corner office
- Rubens Kühl has died
- Sinha angry with Chapman’s firing as ICANN vice chair
- Glitch redux: ICANN screws up new gTLD security again
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
DNSSEC claims another registry victim
DNSSEC is widely touted as a crucial security upgrade for the domain name system, but as so often is the case with security measures, it can also cause serious problems.
DENIC, the registry operator for Germany’s .de, became the latest victim of a DNSSEC screw-up earlier this week, when a botched key rollover led to the entire ccTLD being flagged as bogus by many ISPs.
That’s no small issue — .de is the internet’s third-largest TLD after .com and .cn, with some 17.9 million domains under management.
The company said that the outage began at 2157 UTC on Tuesday night, caused by “incorrect DNSSEC signatures” being deployed during a “routine, scheduled key rollover”, and was fixed by 0115 the following day.
Bad sigs means that any attempt to resolve a .de domain would fail, but only on networks where the DNS resolvers strictly enforce DNSSEC validation. That includes major free resolver networks such as those run by Google and Cloudflare.
The workaround is to temporarily stop enforcing DNSSEC validation, which can be done using a mechanism baked into the IETF standard. Cloudflare has a fairly comprehensive technical description of how it responded here.
DENIC said it has temporarily suspended is key rollover schedule while it figures out what went wrong.
The registry is far from alone when it comes to DNSSEC snafus. Literally dozens of ccTLDs and gTLDs have experiences outages related to the protocol since it was added to the DNS root in 2010.
GlobalBlock signs the two best deals it will ever get
Trademark-blocking service GlobalBlock has added the world’s second and third-largest TLDs to its roster.
China’s .cn and Germany’s .de are now among the hundreds of TLDs, pseudo-TLDs and blockchain namespaces that are covered by the service, which is run by the GoDaddy-managed Brand Safety Alliance.
.cn usually has north of 20 million domains in its zone and .de is currently at around 17.8 million, making them second only to .com in terms of pure domain volume.
These deals are probably the best GlobalBlock will ever get — I can’t see a compelling business case for Verisign to voluntarily sign up .com to the system any time soon.
The next obvious targets would be .uk, .ru, and .nl, the next-largest in the ccTLD space. Several of the larger portfolio gTLD registries such as Radix and XYZ have also yet to join the program.
Nevertheless, GlobalBlock said that it’s recently added 70 “extensions” to the platform, bringing its total to 780.
The outfit says it has blocked five million domains from being registered and recovered over 10,000 domains via Priority AutoCatch, which prevents brand-match names dropping after they expire.
.de worst TLD for CSAM — report
Germany’s ccTLD, .de, was the worst in the world for hosting child sexual abuse material last year, according to the latest data from the Internet Watch Foundation, which many registries rely on for helping take down such material.
IWF said it found 802 unique .de domains hosting CSAM in 2023, a 1,995% increase compared to 2022. The second and third worst were .com and .ru, with 744 and 691 domains respectively. IWF noted that CSAM domains in .com were down 10% in the year.
Other TLDs in the top 10 were .cc, the non-DNS .onion, .top, .xyz, .pw, .ws and .net. The fastest-grower was Samoa’s .ws, managed by Global Domains International, which saw an increase to 2,966% to 184 unique domains.
.de was also the worst for commercial CSAM operations, IWF said. It found 783 such sites in 2023, all of which “openly displayed images and videos of child sexual abuse on the homepage”. That number in 2022 was zero, the report says.
DENIC gets approved for registry escrow
DENIC is now able to offer data escrow services to gTLD registries, in addition to registrars.
The non-profit company, which runs Germany’s .de, said it gained ICANN approval for the registry escrow function June 6.
Back in March, ICANN approved it for the registrar escrow services.
All ICANN-accredited registries and registrars are contractually obliged to deposit their registrant data with escrow agents in case they go out of business, go rogue, suffer catastrophic data loss, or otherwise screw up.
Nine companies have been approved by ICANN for registry data escrow so far.
Two of others are based in Europe, but DENIC claims to be the only one that offers full compliance with the more stringent German and European Union data protection regulations.
Kredit.com sells for a fraction of Kredit.de
Kredit.com, which means “credit.com” in German, has been sold via Sedo for a fraction of the price that Kredit.de sold for about 18 months ago.
Sedo reported today that the domain changed hands recently for €220,000, which works out to $271,000 at today’s exchange rates.
For comparison, the German ccTLD equivalent, kredit.de, went for €892,500 in December 2008, also via Sedo. At the time, that amount translated to $1.25 million.
A generic ccTLD selling for roughly 5x the .com is a fairly uncommon occurrence, perhaps demonstrating how strong the .de namespace is locally. I can’t imagine such a wide discrepancy in valuations between a generic .com and .co.uk.
Kredit.com was originally registered in 1996. It’s currently parked, with an Irish address listed in the Whois.
German domains see severe downtime
Many domains ending in .de, Germany’s country-code TLD, have seen downtime today, after something went wrong at Denic, the registry manager.
Details are sketchy at the moment, but it appears from chatter on the DNS-Ops mailing list that several instances of the .de zone stopped serving addresses this morning.
It appears that the affected servers were responsible for .de domains beginning with F through Z, so facebook.de would have worked, but heise.de would not.
The German slice of Twitter has been going a bit nuts with comments, and the German press is already on the case.
This is obviously a huge headache if you’re German or do business in Germany — I hate to think how many transactions could have been disrupted by the downtime — and I expect Denic will take a lot of flack at home over the coming days and weeks.
The problem, however, does appear to have been fixed. SANS estimates the outage as a little over an hour.
Google Translate turns ccTLDs into .com
I’ve found Google Translate an invaluable tool for researching overseas news stories, but it’s a pain in the neck for reading about domain names in foreign languages.
The service seems to have developed the habit of turning all freestanding ccTLDs into “.com”.
For an example, head over to Norid and turn on Norwegian-to-English translation (or, if you don’t have the Google Toolbar, use Google Translate on the web).
Every instance of “.no”, Norway’s country-code domain, is translated into a .com, more specifically “. Com”.
Ditto for German. Translate this story about Denic’s troubles today to see all instances of “.de” translated into “. Com”.
However, the front page of Afnic sees .fr translated to “. Com”, leaving .re, for the Reuinion Islands, untouched.
I should point out that the service leaves domain names alone, so nic.fr is still nic.fr. But you’ve still got to wonder what Google’s designers were thinking.
Recent Comments