Latest news of the domain name industry

Recent Posts

Papac named interim ICANN Ombudsman

Kevin Murphy, September 27, 2023, Domain Policy

ICANN has appointed Krista Papac as interim Ombudsman, following the resignation of Herb Waye earlier this year.

Papac is currently the Org’s complaints officer, a similar role to that of the Ombudsman.

The move means that an ICANN staffer is taking the structurally independent role for the first time.

ICANN chair Tripti Sinha blogged that Papac will now report directly to the board “to ensure that the confidentiality and independence of the Ombudsman Office are maintained”, but it isn’t clear whether she will also continue to report to the usual staff chain of command in her complaints officer role.

The appointment was evidently made by the board at its September 10 retreat but was not disclosed at the time. Waye resigned in July and his last day is September 30.

The board is looking for a permanent replacement for Waye via a search committee formed two weeks ago. If the hunt is anywhere near as long-winded as the CEO search, now in its ninth month, Papac could be enjoying her new gig for some time.

.tube registry claims victory in linkification fight

Kevin Murphy, September 26, 2023, Domain Tech

Latin American Telecom, the company that runs the .tube gTLD, has claimed victory in its fight to get popular social media apps to “linkify” more than 400 TLDs that have gone live in the last eight years.

As I reported two weeks ago, CEO Rami Schwartz managed to figure out that any TLD that entered the root after November 2015 wasn’t being recognized by apps such as WhatsApp, the world’s most-popular messaging app.

This meant that any attempt to share a URL in .tube or 467 other TLDs (including major dot-brands and geo-gTLDs) would be frustrated by the fact that WhatsApp would not automatically turn the URL into a clickable link.

The root cause of the problem appeared to be a library used in the Android operating system, which had a hard-coded list of valid TLDs that had not been updated since November 2015.

In a press release today, the registry reported that the library in question was updated on September 11 (hey, that’s the same day I published my article!) with a brand-new list of TLDs.

So it seems the linkification issue will be solved, once the updated software actually makes it to affected devices.

There are not many TLDs in the pipeline for delegation for the next four years — maybe some contested 2012-round stragglers and the odd IDN ccTLD — so this particular issue is unlikely to cause much more upset for a while.

“This story exemplifies how the perseverance of a small company unearthed a Universal Acceptance issue of global significance, rallying the support of industry leaders and setting a precedent for cooperation that can positively impact billions of internet users,” the registry said in its press release.

Ancient registrar gets ICANN breach notice over UDRP

Kevin Murphy, September 25, 2023, Domain Registrars

A thirty-year-old registrar — practically prehistoric by internet standards — has been hit with an ICANN breach notice after apparently failing to transfer a domain lost in a UDRP and not paying its fees.

ICANN has told Texas-based GKG.net that it failed to implement a July UDRP decision (pdf) over the domain top-rx-market.com, which was won by generic pharmaceuticals firm TopRX.

That domain is using GKG’s Whois privacy service and suspended-domains.net as its name servers but still resolves to an active pharma storefront from where I’m sitting. The UDRP says the domain was registered to a Russian, who did not respond to the UDRP.

While the UDRP-related alleged breach is pretty recent, it looks like ICANN has been chasing GKG for a couple of years.

Compliance first notified the registrar that it was past due on its quarterly fees back in February 2022.

Since March, it also has been looking at alleged failures to handle abuse reports for pharma-related domains including canadianpharmstore.net, usapharmacymall.com, good-pills.com, and 1-pharm.com, which all resolve to the same discount medicines site.

ICANN says all of its attempts to call, email and fax GKG have fallen on deaf ears.

GKG isn’t tiny. It had over 83,000 gTLD domains under management in May, though it appears to have been shrinking by hundreds of domains per month for over a decade.

The company was accredited by ICANN with IANA number 93, which means it’s among the first wave of registrars accredited over two decades ago — it’s older than GoDaddy.

GKG has until October 13 to clean up its act or face suspension and termination.

ICANN is starting to auto-renew new gTLD contracts

Kevin Murphy, September 21, 2023, Domain Registries

Almost 10 years have passed since ICANN delegated its first 2012-round new gTLDs and the Org has started to auto-renew their contracts.

As far as I can tell, the first delegated gTLD, شبكة. (Arabic “.web”, .xn--ngbc5azd) got its Registry Agreement renewed on July 13. The registry, dotShabaka, was informed all the way back in April.

That gTLD eventually made it to the DNS root in late October.

ICANN has this week informed Identity Digital’s subsidiaries that dozens of their RAs — the first Latin-script gTLDs from the round to go live — will auto-renew starting this month.

Under the base RA, registries get to run their TLDs for a decade and, unless they seriously screw up, there’s a presumptive right of renewal.

Freenom hit by FIFTH ICANN action after litany of screw-ups

Kevin Murphy, September 21, 2023, Domain Registrars

Is time up for Freenom? After being sued by Facebook and losing its contracts to operate ccTLDs for at least two countries, now it also has ICANN Compliance to deal with.

Its registrar arm, Netherlands-based OpenTLD, has been hit with a lengthy ICANN breach notice that alleges the company failed to allow its customers to renew and/or transfer their domains, in violation of the registrar contract.

It’s the fifth time OpenTLD has been targeted by Compliance, following breach notices in 2020, 2017 and 2015 and a notice of suspension later in 2015. ICANN says this notice is for the same sorts of failures as in 2020 and 2017.

The latest notice covers a dozen separate cases, probably the largest number in a single breach notice to date. Some of them ICANN has been investigating as far back as January 2022.

The notice says that OpenTLD failed to allow some registrants of expired domains to recover their names under the Expired Registration Recovery Policy and that some registrants were not provided with the AuthInfo codes they need to transfer their domains to other registrars upon request, which registrars have to do under the Transfer Policy.

It goes on to describe a situation where the registrar habitually did not respond to Compliance’s calls, emails or faxes.

OpenTLD apparently has not filed its 2022 Compliance Certificate with ICANN either, which it was supposed to do before January 20 this year.

The company had almost 19,000 gTLD domain names under management at the end of May, down from a 2019 peak of almost 45,000, but it’s probably better known for being Freenom, the registry behind .ml, .ga, .cf, .gq and .tk.

Domains in these five ccTLDs — mostly representing West African nations suffering under military dictatorships or civil war — were offered for free and monetized by the registry upon expiration or suspension.

But Freenom has not offered new regs in these TLD since the start of the year. Its web site blames technical problems, but it’s widely believed to be a result of the cyberquatting lawsuit filed by Facebook owner Meta in late 2022.

Mali and Gabon, of .ml and .ga, have since severed ties with Freenom. It turned out .ga had seven million domains in its zone, most of which presumably belonged to the registry.

OpenTLD has until October 11 to give ICANN evidence that it followed policy with the renewals or transfers of dozens of names domains or risk losing its accreditation.

Single/plural gTLD combos to be UNBANNED

Kevin Murphy, September 14, 2023, Domain Policy

It’s looking like ICANN won’t ban companies from applying for plural versions of existing singular gTLDs, and vice-versa, after all.

Among the pieces of the GNSO’s new gTLD policy advice ICANN’s board of directors rejected at the weekend was a proposal to essentially ban potentially confusing singular/plural combos coexisting in the DNS.

The board threw out the advice because it reckons ICANN would be put in a position where it would have to police internet content, which is outside its mission and something it is very averse to.

The recommendations would have prevented two strings existing in the DNS if one was the plural of the other, but only if they were in the same language and had the same intended usage.

The example the GNSO gave was applications for .spring and .springs — if both were intended for English-language sites related to bouncy metal coils, they would be deemed confusingly similar and only one would be allowed to exist. But if .spring was intended to relate to the season, both would be permitted to coexist.

But ICANN is uncomfortable with this because no matter what an applicant says in its application about intended language and intended use, without some post-delegation policing actual use may vary.

“Though a gTLD applicant can arbitrarily set the language of a TLD during an application round, a registrant and end-user can only see
the script of the TLD string in its practical usage. So the singular/plural determination by the gTLD applicant does not carry
onward to the registrant and end user,” the board wrote.

“Restricting the use and potentially the content of strings registered in TLDs based on the intended use therefore raises concerns for the Board in light of ICANN’s Bylaws Section 1.1 (c),” it said, referring to the part of its bylaws that says it is not allowed to regulate internet content.

So it seems likely that plural/singular clashes are probably going to be permitted in future new gTLD round after all.

This, of course, reopens the business model of a lazy applicant going after the singular/plural of an existing registry’s string and piggybacking on its installed user base or marketing budget.

ICANN rejects a whole bunch of new gTLD policy stuff

Kevin Murphy, September 14, 2023, Domain Policy

ICANN has delivered some bad news for dot-brands, applicants from poorer countries, and others, at the weekend rejecting several items of new gTLD policy advice that the community spent years cooking up.

The board of directors on Sunday approved a scorecard of determinations, including the rejection (or non-adoption) of seven GNSO recommendations that it deems “would not be in the best interests of the ICANN community or ICANN”.

In reality, it’s the latter that seems to have been foremost in the board’s mind; most of the rejections appear to be geared toward reducing ICANN Org’s legal or financial exposure.

Notably, dot-brands are denied some of the relief from cumbersome or expensive requirements that the GNSO had wanted rid of.

The board rejected a recommendation that would exempt them from the Continued Operations Instrument — a financial bond used to pay an Emergency Back-End Registry Operator should the applicant go out of business.

“[T]he Board is concerned that an exemption from an COI for Spec 9 applications would have financial impact on ICANN since there would be no fund to draw from if such a registry went into EBERO,” the board wrote.

It also rejected a request to exempt dot-brands from rules requiring them to contractually ban and monitor abuse in their TLDs. The GNSO had argued that single-registrant TLDs do not suffer abuse, but the board said this could lead to abuse from compromised domains going unaddressed.

“The Board concludes that Recommendation 9.2, if implemented, could lead to DNS abuse for second-level registrations in a single-registrant TLD going unaddressed, unobserved, and unmitigated,” it said.

Applicants hoping to benefit from the Applicant Support Program — which in 2012 offered heavily discounted application fees to poorer applicants — also got some bad news.

The GNSO wants the support to extend to other costs such as application-writing services and lawyers, which naturally enough put the frighteners on the board, which noted “such expansion of support could raise the possibility of inappropriate use of resources (e.g. inflated expenses, private benefit concerns, and other legal or regulatory concerns)”.

The board also rejected a couple of recommendations that could be seen as weakening its role as ultimate authority over all things gTLD.

It rejected a proposal to remove the controversial covenant not to sue (CNTS) from the application process unless other recommendations related to appeals processes are implemented.

ICANN said that because it has not yet approved these other recommendations, it has rejected this recommendation.

The board also rejected a recommendation that would have limited its ability to reject a gTLD application to only when permitted to do so by the rules set out in the Applicant Guidebook.

The idea was to prevent applications being arbitrarily rejected, but the board said this “may unduly limit ICANN’s discretion to reject an application in yet-to-be-identified future circumstance(s)”.

The rejections invoke part of the ICANN bylaws that now requires the GNSO Council to convene and either affirm or amend its recommendations before discussing them with the board. Presumably this could happen at ICANN 78 next month.

The bylaws process essentially gives the board the ultimately authority to throw out the GNSO recommendations if it can muster up a two-thirds supermajority vote, something it rarely has a problem achieving.

Volkswagen ditches its dot-brand

Kevin Murphy, September 12, 2023, Domain Registries

Another major car-maker has thrown in the towel on its key dot-brand gTLD. This time it’s Volkswagen.

Referring to .volkswagen, the company has told ICANN: “This top level domain has never been utilized by Volkswagen of America and we do not intend to utilize it.”

The company had already ditched its secondary dot-brand, .大众汽车 (.xn--3oq18vl8pn36a), which is the Chinese version of its name.

Fiat Chrysler and Bugatti have both also previously terminated dot-brand contracts, while Seat and Audi each have thousands of names in their main dot-brand gTLDs.

Is this why WhatsApp hates some TLDs but not others?

Kevin Murphy, September 11, 2023, Domain Tech

Developers of major pieces of internet software, including the world’s most-popular messaging app, may be relying on seriously outdated lists of top-level domains.

That’s the picture that seems to be emerging from one new gTLD operator’s quest to discover why WhatsApp doesn’t recognize its TLD, and many others including major dot-brands, as valid.

And ICANN isn’t interested in helping, despite its declared focus on Universal Acceptance, the CEO of this registry claims.

When most social media apps detect the user has inputted a URL or domain name, they automatically “linkify” it so it can be easily clicked or tapped without the need for copy/paste.

But when Rami Schwartz of new gTLD .tube discovered that .tube URLs sent via WhatsApp, said to have two billion users, were not being linkified, despite the TLD being delegated by ICANN almost eight years ago, he set out to find out why.

Schwartz compiled a spreadsheet (.xlsx) listing which gTLDs are recognized by WhatsApp and which are not and discovered a rough cut-off point in November 2015. TLDs delegated before then are linkified, those delegated after were not.

According to my database, 468 TLDs have been delegated since December 2015, though not all are still in the root. That’s about a third of all TLDs.

This means that, for example, .microsoft domains linkify but .amazon and .apple domains do not; .asia domains linkify but .africa and .arab domains do not; .london works but .abudhabi doesn’t. Even .verisign missed the cut-off.

If WhatsApp users include a “www.” or “http://” then the app will linkify the domain, even if the specified TLD does not exist.

During the course of a discussion on the web site of the Public Suffix List — which maintains an open-source list of all TLDs and the levels at which names may be registered — it was discovered that the problem may be deeper rooted than the WhatsApp app.

It turns out a library in the Android operating system contains a hard-coded list of valid TLDs which hasn’t been updated since November 24, 2015.

Any app relying on Android to validate TLDs may therefore be susceptible to the same problem — any TLD younger than seven years won’t validate. Schwartz tells us he’s experienced the same issues with the Facebook app on Android devices.

The problem is of particular concern to Schwartz because he’s been planning to market .tube as a form of link-shortening service, and without full support among the most popular messaging apps such a service would be much less attractive.

“I can’t launch this now if it’s not going to work in WhatsApp, if it’s not going to work in Facebook,” he said.

While engineers from Facebook/WhatsApp parent Meta now seem to be looking into the problem, Schwartz says his complaints fell on deaf ears for a long time.

He additionally claims that “ICANN doesn’t really care about universal acceptance” and his attempts to get the Org to pay attention to the problem have been brushed off, despite ICANN making Universal Acceptance one of its key priorities.

Schwartz says ICANN is much more interested in UA when it comes to internationalized domain names (those in non-Latin scripts, such as Arabic or Chinese) and not the technical issues that underpin the functionality of all TLDs.

“I’ve no idea why ICANN makes the decisions it makes, but I think it has to do with inclusion, I think it has to do with diversity, I think it has to do with a lot of things — not technical,” he said. “But this is a technical issue.”

ICANN maintains a set of UA technical resources on its web site and supports the work of the independent Universal Acceptance Steering Group.

Blockchain startup gets $5 million to apply for gTLDs

Kevin Murphy, September 5, 2023, Domain Registries

A company backed by some familiar industry names has raised $5 million in seed funding to apply to ICANN for new gTLDs and, it says, bridge the gap between the traditional DNS and blockchain alternate roots.

Las Vegas-based D3 Global is being led by Fred Hsu, one of the founders of aftermarket pioneer Oversee.net. Among its listed founders are Paul Stahura, one of the triumvirate that launched Donuts, now Identity Digital, to apply for hundreds of gTLDs in 2012.

Also listed as founders are Shayan Rostam, who’s currently building Internet Naming Co into a prominent new gTLD portfolio player, former Network Solutions engineer Shay Chinn and investment banker Michael Ho.

These are people with domain industry experience going back in some cases to the 1990s and track records of building successful disrupters, so it’s worth paying attention no matter what you think of blockchain stuff.

D3 says it plans to apply to ICANN for traditional TLDs but will also introduce interoperability with blockchain-based “Web3” naming systems.

Hsu said in a press release: “We are committed to driving forward the convergence of the traditional DNS system and Web3 to make domain names more versatile, secure, and universally accessible.”

It also talks of introducing a marketplace that combines traditional DNS names with blockchain to “significantly reduce the friction traditionally seen in domain name transactions, such as low transparency, high broker fees, transfer delays, and escrow services.”

The funding round was led by Shima Capital with participation from Lightshift, Dispersion Capital, VentureSouq, Infinite Capital, MZ Web3 Fund, Kestrel0x1, Nonagon, C² Ventures, Arthur Hayes’ Maelstrom, Stahura himself.