Recent Posts
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
$55 billion bank not paying its $6,250 ICANN fees
Kuwait Finance House has become the latest new gTLD registry to get slapped with an ICANN breach notice for not paying its quarterly fees.
The company is a 40-year-old, Sharia-compliant Kuwaiti bank managing assets of $55.52 billion, according to Wikipedia. It has annual revenue in excess of $700 million.
But apparently it has not paid its fixed ICANN dues — $6,250 per quarter — for at least six months, according to ICANN’s breach letter (pdf).
KFH runs .kfh and the Arabic internationalized domain name equivalent .بيتك (.xn--ngbe9e0a) as closed, dot-brand domains.
Neither appears to have any live sites, but both appear to be in their launch ramp-up phase.
ICANN has been nagging the company to pay overdue fees since November, without success, according to its letter.
They’re the third and fourth new gTLD registries to get deadbeat breach notices this month, after .qpon and .fan and .fans.
ICANN cancels registrar audit as GDPR headaches loom
ICANN has decided to call off a scheduled audit of its registrar base, to enable registrars to focus on sorting out compliance with the General Data Protection Regulation.
The biannual audit, carried out by ICANN Compliance, was due to start in May. As you likely know by now, May 25 is GDPR Day, when the EU’s privacy law comes into full effect.
In a letter (pdf) to registrars, senior VP of compliance Jamie Hedlund said: “The April 2018 registrar audit round is on hold.”
He added: “We are reviewing the schedule, resources and risks associated with holding a single, larger audit round in autumn of 2018, as well as considering alternative approaches.”
His letter came in response to a plea (pdf) from Registrar Stakeholder Group chair Graeme Bunton, who said an audit that clashed with GDPR deadline would be an “enormous undertaking” for affected registrars.
The audits, which have been running for a few years, randomly select a subset of registries and registrars to spot-check compliance with their Registrar Accreditation Agreements and Registry Agreements.
The program looks at 20-odd areas of compliance, one of which is Whois provision.
Iceland breaks ranks on Whois, will publish emails
Iceland’s ccTLD has become what I believe is the first registry to state that it will continue to publish email addresses in public Whois records after the General Data Protection Regulation comes into effect.
The move seems to put the registry, ISNIC, in direct conflict with the opinions of European data protection authorities.
The company said in a statement last week that after GDPR comes into effect May 25 it will stop publishing almost all personal information about .is registrants in the public Whois.
However, it broke ranks with other European ccTLDs and the likely ruleset for ICANN-regulated gTLDs, by saying it would not expunge email addresses:
ISNIC will however, at least for the time being, continue to publish email addresses, country and techincal information of all NIC-handles associated with .is domains. Those customers (individuals) who have recorded a personally identifiable email address, and do not want it published, will need to change their .is WHOIS email address to something impersonal.
Registrants will be able to opt in to having their full details published.
ISNIC appears to be taking a principled stand against the Draconian regulation. It said in a statement:
Assuming that GDPR directive applies fully to the “WHOIS” service provided for decades by most ccTLD registries, these new restrictions will lead to less transparency in domain registrations and less trust in the domain registration system in general. ISNIC, as many others, strongly disagrees with the view of the European parlament [sic] in this matter and warns that GDPR, as it is being implemented, will neither lead to better privacy nor a safer network environment.
It’s a surprising decision, given that privacy regulators have indicated that they agree that email addresses are personal data that should not be published.
The Article 29 Working Party told ICANN earlier this month that it “welcomed” a proposal to replace email addresses with anonymized emails or web-based contact forms.
Muslim world still thinks .islam isn’t kosher
The Organization of Islamic Cooperation has repeated its objection to the gTLDs .islam and .halal ever seeing the light of day.
OIC Secretary General Yousef Al-Othaimeen wrote to ICANN earlier this month to declare that its position on the two controversial applications has not changed since it initially objected to them in 2013.
The OIC comprises the foreign ministers from 57 majority-Muslim countries and these ministers recently voted unanimously to re-adopt the 2013 objection, Al-Othaimeen said (pdf).
The group “maintain the position that the new gTLDs with Islamic identity are extremely sensitive in nature as they concern the entire Muslim nature” he wrote.
He reiterated “official opposition of the OIC Member states towards the probable authorization that might allow the use of these gTLDs .islam and .halal by any entity.”
This puts ICANN between a rock an a hard place.
The applicant for both strings, Turkish outfit Asia-Green IT Systems (AGIT), won an Independent Review Process case against ICANN last November.
The IRP panel ruled that ICANN broke its own bylaws when it placed .islam and .halal into permanent limbo — an “On Hold” status pending withdrawal of the applications or OIC approval — in 2014.
ICANN’s board accepted the ruling and bounced the decision on whether to finally approve or reject the bids to its Board Accountability Mechanisms Committee, which is currently mulling over the problem.
Technically, it’s “non-consensus Governmental Advisory Committee advice”, which means the board has some wriggle room to simply accept the advice and reject the applications.
But AGIT’s lawyer disagrees, recently telling ICANN (pdf) its options are to approve the bids or facilitate dialogue towards their approval, rather like ICANN is doing with .amazon right now.
Drop-catcher drops almost all remaining registrars
Drop-catch specialist Pheenix has terminated almost all of its remaining registrar accreditations, leaving it with just its core registrar.
By my count, 50 shell registrars have terminated their ICANN contracts over the last few days, all of them part of the Pheenix dropnet.
Only Pheenix.com remains accredited.
That’s one registrar, down from a peak of about 500 at the end of 2016.
Almost 450 were terminated in November.
With registrars equating to connection time with the .com registry, it looks like Pheenix’s ability to catch dropping names through its own accreditations has been severely diminished.
By my count, ICANN currently has 2,495 accredited registrars, having terminated 524 and accredited about 40 since last July, when it said it expected to lose a net 750 over the coming 12 months.
Fifty registrars is worth a minimum of $200,000 in fixed annual fees to ICANN.
ICANN found a zero-day hole in Adobe Connect
It’s looking like ICANN may have found a zero-day vulnerability in Adobe Connect, until recently its default collaboration tool.
The organization on Friday announced the results of a “forensic investigation” into the bug, and said it has reported its findings to Adobe, which is now “working on a software fix to address the root cause of the issue”.
If Adobe didn’t know about it, it looks rather like ICANN — or at least the unnamed member of the security advisory committee who found it — has bagged itself a zero-day.
ICANN had previously said that the glitch “could possibly lead to the disclosure of the information shared in an ICANN Adobe Connect room”.
The review found that the only person who exploited the bug was the person who discovered and disclosed it.
AC is used not only in ICANN’s public meetings but also, I understand, in closed sessions of ICANN staff, board and committees, where secret information is most likely to be shared.
After the bug was discovered, ICANN shut off the system and started using alternatives such as WebEx, to a mixed reception.
In the absence of an immediate patch from Adobe, ICANN has been testing workarounds and said it hopes to have two working ones deployed by May 3.
This would allow the tool to come back online in time for its board workshop, GDD Summit and ICANN 62, the organization said.
I just bought a new gTLD registry’s domain for $10
Are .fan and .fans the latest new gTLDs to go out of business? It certainly looks that way.
ICANN has hit the registry with a breach notice for unpaid dues and stripped it of its registrar accreditation.
In addition, its web sites no longer appear functional and I’ve just bought its official IANA-listed domain name for under $10.
Asiamix Digital is the Hong Kong-based company behind both TLDs, doing business as dotFans.
It launched .fans in September 2015, with retail pricing up around the $100 mark, but never actually got around to launching the singular variant, which it acquired (defensively?) from Rightside (now Donuts) earlier that year.
.fans had fewer than 1,400 domains in its zone file yesterday, down from a peak of around 1,500, while .fan had none.
dotFans in-house accredited registrar, Fan Domains, didn’t seem to actually sell any domains and it got terminated by ICANN (pdf) at the end of March for failing to provide basic registrar services.
And now it seems the registry itself has been labeled as a deadbeat by ICANN Compliance, which has filed a breach notice (pdf) alleging non-payment of registry fees.
While breach notices against TLD registries are not uncommon these days, I think this is the first one I’ve seen alleging non-payment and nothing else.
The notice claims that the registry’s legal contact’s email address is non-functional.
In addition, the domains nic.fans, nic.fan and dotfans.com all currently resolve to dead placeholder pages.
Meanwhile, dotfans.net, the company’s official domain name as listed in the IANA database now belongs to me, kinda.
It expired March 12, after which it was promptly placed into a GoDaddy expired domains auction. Where I just bought it for £6.98 ($9.92).
To be clear, I do not currently control the domain. It’s still in post-expiration limbo and GoDaddy support tells me the original owner still has eight days left to reclaim it.
After that point, maybe I’ll start getting the registry’s hate mail from ICANN. Or perhaps not; it seems to have been using the .com equivalent for its formal communications.
Should .fan and .fans get acquired by another registry soon — which certainly seems possible — rest assured I’ll let the domain go for a modest sum.
Bling-maker kills off fifth dot-brand gTLD
Richemont, the company behind brands such as Cartier jewelry and Mont Blanc pens, has terminated its fifth dot-brand gTLD.
It filed with ICANN to terminate its registry contract for .iwc earlier this month.
IWC is a Swiss brand of expensive watches, but its dot-brand has never been used to any notable extent.
The company had registered the domain watches.iwc, which it apparently planned to use for URL redirection via Rebrandly.
It’s the third gTLD Richemont has voluntarily terminated, after .montblanc and .chloe last year.
The company also withdrew its unopposed applications for .netaporter and .mrporter back in 2014, before it actually signed contracts with ICANN.
Richemont was one of the more prolific dot-brand applicants, applying for 14 gTLDs in total back in 2012.
It also applied for (defensively?) and won the generic .watches and some translations.
While the .watches gTLD has been live in the DNS for two and a half years, Richemont has not yet set a launch date and has not yet said who will even be eligible to buy domains there.
Now GNSO mulls emergency response to GDPR deadline
ICANN’s GNSO Council is thinking about deploying a never-before-used emergency mechanism to develop a Whois privacy policy in response to GDPR.
With the May 25 deadline for compliance with the EU’s General Data Protection Regulation fast approaching, the community is scrambling to figure out how it can bring ICANN’s policies and therefore its contracts into line with the Draconian privacy provisions of the new law.
Currently, ICANN contracts with registries and registrars demand the publication of full Whois records, something GDPR will not permit, so each company in the industry is busily figuring out how its own Whois database will comply.
Fearful of a “fragmented” Whois, ICANN’s board of directors is considering deploying its own top-down emergency measure — called a Temporary Policy in its contracts — to ensure uniformity across its contracts.
CEO Goran Marby revealed to DI earlier this month that a Temporary Policy was being considered, and he and other members of the board confirmed as much to GNSO leadership during a telephone briefing last week.
(It should be noted that the call took place prior to the receipt last week of guidance from the EU Article 29 Working Party, which prompted ICANN to start mulling legal options as one way to buy the industry some time to comply post-May.)
The call (recorded here with password Eur3wiEK and summarized in this letter (pdf)), focused almost exclusively on how the Council could respond to a board-mandated Temporary Policy, with the board suggesting a GNSO Expedited Policy Development Process might be the best way to proceed.
A Temporary Policy would expire within a year, so the GNSO would have to come up with a formal Consensus Policy within that time-frame if ICANN were to have any hope of having a uniform view of Whois across its contracts.
The Temporary Policy is a “strong option” for the board, and a “highly likely or likely” outcome, but nothing has been formally decided, the GNSO leaders heard from ICANN vice-chair Chris Disspain. He was briefly challenged by Marby, who appeared somewhat more committed to the move.
While the GNSO Council has not yet formally decided to deploy the EPDP, it appears to be the most-feasible option to meet the deadline a Temporary Policy would impose.
It is estimated that an EPDP could take as little as 360 days, compared to the estimated 849 days of a regular PDP.
The EPDP cuts out several of the initial steps of a regular PDP — mainly the need for an Initial Report and associated public comment period — which by my reading would shorten the process by at least 100 days.
It also seems to give the GNSO some wriggle room in how the actual policy creation takes place. It appears that the regular “working group” structure could be replaced, for example, with a “drafting team”.
If the EPDP has the Temporary Policy and WP29 guidance as its baseline for discussions, that could also help cut out some of the circular argument that usually characterizes Whois discussions.
Aware that the EPDP is a strong possibility, the Council is currently planning to give itself a crash course in the process, which has never been used before by any iteration of the Council.
It’s uncharted territory for both the GNSO and the ICANN board, and the only people who seem to have a firm grasp on how the two emergency mechanisms slot together are the ICANN staffers who are paid to know such things.
UPDATE: A couple of hours after this article was published, ICANN posted this three-page flow-chart (pdf) comparing EPDP to PDP. Lots of luck.
auDA refers former directors to police
Imploding Australian ccTLD registry auDA has ratted out “several” of its former directors to the local cops, it was revealed this week.
In a message to its community to mark Chris Leptos’ 150th day as chair of the organization, he wrote:
I am disappointed to advise you that in my first week as Independent Chair I was briefed on a number of practices of several former auDA directors. Your Board concluded that those practices warranted referral to the Victoria Police. As you would appreciate, it is not appropriate at this stage to provide further details regarding this matter.
I’m told there are 48 former auDA directors, and auDA has not said which of them have been referred to the police.
Josh Rowe, a former director who’s orchestrating a campaign to oust Leptos, auDA CEO Cameron Boardman, and two other directors, called the move a “heinous act of bullying against all 48 ex auDA directors”.
Another former director, the Aussie domain industry blogger David Goldstein, has suggested that the timing of the revelation was designed to “silence” critics including Rowe.
The Grumpier.com.au petition organized by Rowe and others has forced auDA to hold a members meeting at which the four directors’ future employment will be voted on.
auDA lawyers contacted Grumpier earlier this week to warn that any defamatory or confidential information posted on the site could lead to litigation.
But Leptos has now seemingly confirmed that the special members meeting will in fact go ahead.
Goldstein also suggested that the police referrals are related to insinuations contained within a pair of Freedom of Information Act requests filed late last year by domain consultant Ron Andruff.
In one of Andruff’s FOIA requests, he suggests that auDA may have paid legal fees of up to AUD 120,000 incurred by Rowe when he was sued almost a decade ago by a alleged domain slammer he had regularly criticized.
Rowe has called these inferences “grossly inaccurate” and “defamatory”.
In the other, which we have reported on previously, Andruff has asked for records of expenses incurred by former auDA CEO Chris Disspain, current vice-chair of ICANN.
Both FOIA requests have been denied by the Aussie government and subsequently appealed by Andruff.
Andruff is known to have beef with Disspain after he was passed over for a prominent ICANN volunteer role.
I should note for the record that, for all of the allegations swirling around, I have not seen any evidence directly connecting any individual to any wrongdoing.
Recent Comments