Recent Posts
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
Latest Go Daddy phishing attack unrelated to 2013 RAA
Fears that the 2013 Registrar Accreditation Agreement would lead to new phishing attacks appear to be unfounded, at least so far.
The 2013 RAA, which came into force at most of the big registrars on January 1, requires registrars to verify the registrant’s email address or phone number whenever a new name is registered.
It was long predicted that this new provision — demanded by law enforcement — would lead to phishers exploiting registrant confusion, obtaining login credentials, and stealing valuable domain names.
Over the weekend, it looked like this prediction had come true, with posts over at DNForum saying that a new Go Daddy scam was doing the rounds and reports that it was related to the 2013 RAA changes.
I disagree. Shane Cultra posted a screenshot of the latest scam on his blog, alongside a screenshot of Go Daddy’s actual verification email, and the two are completely dissimilar.
The big giveaways are the “Whois Data Reminder” banner and “Reminder to verify the accuracy of Whois data” subject line.
The new attack is not exploiting the new 2013 RAA Whois verification requirements, it’s exploiting the 10-year-old Whois Data Reminder Policy, which requires registrars annually to remind their customers to keep their contact details accurate.
In fact, the language of the new scam has been used in phishing attacks against registrants since at least 2010.
That’s not to say the attack is harmless, of course — the attacker is still going to steal the contents of your Go Daddy account if you fall for it.
We probably will see attacks specifically targeting confusion about the new address verification policy in future, but it seems to me that the confusion we’re seeing with the latest scam may be coincidental.
Go Daddy told DI yesterday that the scam site in question had already been shut down. It’s not clear if anyone fell for it while it was live.
Vienna is the first city with its own TLD
The world’s first city gTLD, .wien, went live on the internet this morning.
It’s the TLD for what the English-speaking world calls Vienna, the Austrian capital.
While its nic.wien starter page doesn’t seem to be resolving yet, .wien itself is in the DNS root zone file.
punkt.wien, the new registry, said in its application that .wien names will be restricted to anyone who “can demonstrate that they have an economic, cultural, historical, social or any other connection” to Vienna.
The same test will apply to the use of .wien names — the registry plans to review the content of sites under the gTLD from time to time to ensure compliance.
The policy appears to be modeled somewhat on the .cat geo-gTLD.
According to the .wien application, about a quarter of the Austrian population lives in its environs, giving the gTLD a market of about 1.7 million people.
The registry is planning to launch properly in March, according to its web site.
While it’s the first city gTLD to go live, it isn’t the first geo to hit the root in this round — that honor belongs to .ruhr, which represents a German state.
(Note: Laos’ ccTLD, .la, is often marketed as a city TLD for Los Angeles, but it’s not quite the same thing.)
.email and two other new gTLDs go live
Three more new gTLDs were delegated this afternoon, including the potentially interesting .email.
The other two were TLD Registry’s .在线 (Chinese for ‘.online’) and United TLD/Rightside’s .immobilien (German for ‘.realestate’).
The reason I think .email could be interesting is that it’s very close to “.mail”, which has been highlighted in several analyses as a potentially dangerous due to the risk of name collisions.
It’s also, I think, one of the highlights of Donuts’ portfolio, despite the fact that the company was the only applicant.
.immobilien is the third delegated gTLD for United TLD. It’s going to be competing against the arguably more attractive .immo — a well-known abbreviation — which is currently contested by four applicants.
For TLD Registry, .在线 is the first delegation. It’s planning to take both .在线 and its companion .中文网 (“Chinese website”) to Sunrise on January 17, so we might expect another delegation soon.
.ninja springs to life as a squirrel as 19 new gTLDs get delegated
ICANN may be taking Christmas week off, but Verisign apparently isn’t — another 19 new gTLDs were delegated to the DNS root system last night.
Most belong to Donuts: .training, .builders, .coffee, .codes, .education, .florist, .farm, .glass, .house, .holiday, .international, .institute, .solar, .repair and .solutions.
United TLD, the Demand Media/Rightside business that is also providing Donuts’ back-end, had .ninja and .kaufen (German for “buy”) delegated.
PeopleBrowsr’s .ceo also went live, as did I-REGISTRY’s .onl (for “online”).
Donuts is already redirecting its latest batch of nic.[tld] domains to donuts.co.
The web site at nic.ninja currently shows this image as part of a placeholder page:
UPDATE: It occurs to me that this might actually be a prairie dog or something, rather than a squirrel.
ICANN has spent $120 million on new gTLDs
The new gTLD program has cost ICANN almost $120 million so far, according to a quarterly financial report published earlier this week.
It’s the first time ICANN has published a quarterly statement. Normally it only files a formal report annually.
According to the report, ICANN has spent $119.2 million of its original £344.9 million program budget (which comprises application fees net of refunds).
As of September 30, it still had $225.7 million in cash dedicated to the program, which is accounted for separate to ICANN’s regular operating budget.
ICANN estimates its total spend will be $204.3 million. If you factor in the $108.9 million “risk reserve”, that would put the program $3 million over budget by the time it concludes.
None of this includes the likely proceeds of contention set auctions, which are expected to amount to many millions. This cash will also be accounted for separately, but the community discussion on how to spend it is only just beginning.
Uniregistry plans “dot-spanning” Sunrise periods and anti-gaming protection
Uniregistry is to offer a second Sunrise period in its new gTLDs, going over and above what is required by ICANN, aimed at companies with trademarks that “span the dot”.
Say you run a tattoo parlor and have a trademark on “Joe’s Tattoo”. The ICANN-mandated Sunrise would only allow you to register joestattoo.tattoo, but Uniregistry will allow you to buy joes.tattoo as well.
It would also allow “plurals and conjugations”, so a company with a trademark on “Joe’s Tattoos” would presumably also be eligible for joes.tattoo, even though they’re not an exact match.
This Sunrise B plan appears to apply to all of Uniregistry’s forthcoming gTLDs and was approved by ICANN recently (pdf).
The additional service would be invitation-only, restricted to companies that have participated in the regular Sunrise period, which Uniregistry is calling Sunrise A.
For Sunrise A, Uniregistry plans to allow mark owners to register regular resolving domain names or purchase “blocking” registrations, where the domain resolves to a non-monetized Uniregistry placeholder.
Sunrise B participants would not be able to purchase blocking registrations; for “dot-spanning” trademarks the name must resolve.
Uniregistry also plans to implement an “anti-hijack” measure to help prevent — or at least add friction to — .eu-style gaming by domain speculators during its launch periods.
If you participate in either Sunrise period, you won’t be able to later transfer your name to a third party without providing the registry with proof that you’ve also transferred the corresponding trademark registration.
Applicant says .islam ban would damage ICANN
If ICANN decides to reject Asia Green IT’s applications for .islam and .halal it would “be dealing a blow to the new gTLD program’s credibility”, according to AGIT.
The two potential new gTLDs are currently in limbo, awaiting a decision by the ICANN’s board of directors’ New gTLD Program Committee, following stalemate within the Governmental Advisory Committee.
The Organization for Islamic Cooperation has objected to the applications, saying it represents 1.6 billion Muslims and that it’s “concerned” about the potential “misuse” of the names.
Mehdi Abbasnia, managing director of the Turkey-based company, recently wrote to ICANN too (pdf) to ask that ICANN speedily approve its applications, given that two formal OIC-backed Community Objections have already failed.
Abbasnia also wrote to DI on Friday (pdf) to reiterate many of the same points.
The two gTLDs are among only a handful originating it the Muslim world, he said, and the idea is to spur adoption of domain names among all Muslims.
Muslim communities the world over have a lot to gain from seeing their members empowered through namespaces that are better suited to their specific needs, easier for them to relate to and use and respectful of their culture and laws.
As Muslims ourselves, this is what we felt we could bring to our community when we first heard of the new gTLD program: our expertise as a technical enabler of TLDs by Muslims, for Muslims. We are looking to fuel the engine, not drive the car.
He added that AGIT prevailed in the objections filed against it, and the GAC failed to reach a consensus to object.
Some in ICANN circles have used the phrase “taking a second bite at the apple” to characterize attempts to overturn decisions and derail processes. In the case of our applications for .Halal and .Islam, the apple’s been eaten to the core!
…
The ball is now in the ICANN Board’s court. If it bows to the OIC’s pressure and blocks our TLD applications, not only will Muslims the world over be prevented from claiming their very own space on the Internet, but I believe it will also be dealing a blow to the new gTLD program’s credibility, and to the credibility of ICANN as a multi-stakeholder governance organization.
While I have no opinion on whether the two applications should be approved or not, I disagree with the apple metaphor.
AGIT is in receipt of formal “GAC Advice on New gTLDs” explaining a non-consensus objection. That’s clearly envisaged by the Applicant Guidebook, and there a process for dealing with it: ICANN’s board talks to the GAC to understand the extent of its members’ concerns and then explains itself after it makes a decision one way or the other.
There doesn’t seem to be an abuse of process by the OIC or GAC here, just a very tricky question for the ICANN board to answer.
Extortion.sucks — Vox Pop CEO defends “under-priced” $25,000 sunrise fee
Vox Populi Registry, the .sucks new gTLD applicant backed by Momentous Corp, is to charge trademark owners $25,000 to participate in its Sunrise period, should it win the TLD.
Not only that, but it’s become the first new gTLD applicant that I’m aware of to start taking pre-registration fees from trademark owners while it’s still in a contention set with other applicants.
At first glance, it looks like plain old trademark-owner extortion, taken to an extreme we’ve never seen before.
But after 45 minutes talking to Vox Pop CEO John Berard this evening, I’m convinced that it’s worse than that.
The company is setting itself up as the IP lobby’s poster child for everything that is wrong with the new gTLD program.
If Vox Pop wins the .sucks contention set — it’s competing against Donuts and Top Level Spectrum — it plans to charge trademark owners $25,000 to participate in Sunrise and $25,000 a year thereafter.
Registrations during general availability, whether they match a trademark or not, will cost $300 a year.
During the pre-registration period, the Sunrise fee is $2,500 and the “Priority Reservation” fee is $250.
The Sunrise fee is, I believe, higher than any sunrise fee in any TLD ever to launch.
But Berard said that he believes Vox Pop’s .sucks proposition is, if anything, “under-priced”.
“Most companies spend far more than $25,000 a month on a public relations agency, most companies spend more than $25,000 a month on a Google ad campaign,” he said.
“Companies spend millions of dollars a year on customer service. We view .sucks as an element of customer service on the part of companies,” he said.
Berard, a 40-year veteran of the public relations business, said that he believes .sucks represents an opportunity for brands to engage with their customers, gaining valuable insight that could help them improve product development or customer service.
“The last thing I view .sucks as is a domain name. That’s the last value proposition for .sucks,” he said. “The primary value proposition is as a key and innovative part of customer service, retention and loyalty.”
It’s about giving companies “the ability to bring internet criticism and commentary out of the shadows and into the light” and “an opportunity to actually have a legitimate ability to correct misconceptions and engage, in much the way they’re doing now with Facebook”, he said.
It’s all about helping companies create a dialogue, in other words.
But Berard said that Vox Pop does not intend to launch any value-added services on .sucks domains.
While a domain name may be the “last value proposition” of .sucks, it is also the only thing that Vox Pop is actually planning to sell.
Asked to justify the $25,000 Sunrise fee, at first Berard pointed to policies that he said will ensure a transparent space for conversation.
“A company might not have to register its brand in .sucks, because if someone else does the policies and practices that we hope to deploy give that company a transparent opportunity to participate,” Berard said. “There’s no chasing unknown people down dark alleys for unfounded criticism. It will all be done in the light of day.”
“We have built-in policies that prevent sites from being parked pages,” he said. “The site must be put to that use — of customer service — whether you are the company that owns [the brand] or a customer that wants to complain about it.”
There was some confusion during our conversation about what the policies are going to be.
At first it sounded like companies would be obliged to run criticism/conversation sites targeting their own brands or risk losing their domains, but Berard later called to clarify that while pages cannot be parked under the policy, they can be left inactive.
It will be possible, in other words, for a company to register its brand.sucks and leave the associated site dark.
The registry would also have an “authenticated Whois database”, he said, though it would allow registrants to use privacy services.
There would also be prohibitions on cyber-bullying and porn in .sucks, if Vox Pop wins it. It has committed to these policies in its Public Interest Commitments (pdf)
But the company does not appear to be doing anything that ICM Registry did not already do when it launched .xxx a couple of years ago, when it comes to making brand owners’ lives easier.
In fact, it’s planning to do a lot less, while being literally a hundred times more expensive.
By contrast, if Donuts wins .sucks, brand owners will be able to defensively block their marks using the Domain Protected Marks List for $3,000 over five years, which would cover all of Donuts 200-300 new gTLDs.
There doesn’t appear to be any good reason Vox Pop is charging prices well above the market rate, in my view, other than the fact that the company reckons it can get away with it.
In what may well be a deliberate move to put pressure on trademark owners, Vox Pop is also the first registry I’ve encountered to say it will do a 30-day, as opposed to a 60-day, Sunrise period.
Under ICANN rules, registries have to give at least 30 days warning before a 30-day Sunrise starts, but once it’s underway they are allowed to allocate domains on a first-come-first-served basis.
All of the 30-odd registries currently in Sunrise have opted for the traditional 60-day option instead, where no domains are allocated until the end of the period.
There’s also the question of accepting Sunrise pre-registrations before Vox Pop even knows whether it will get to run .sucks.
There are two other applicants and Berard said that he reckons the contention set is likely to go to an ICANN last-resort auction.
Judging by ICANN’s preliminary timetable, the .sucks auction wouldn’t happen until roughly September next year, by my reckoning.
Anyone who pre-registers today will have to wait a year before they can use (or not) their domain, if they even get to register it at all.
Any money that is taken during the pre-reg period will be refunded if Vox Pop fails to launch.
In the meantime, it will be sitting in Momentous’ bank account where the company, presumably, will be able to use it to try to win the .sucks auction.
Trademark owners, in my view, should vote with their wallets and stay the hell away from Vox Pop’s pre-registration service.
I’m not usually in the business of endorsing one new gTLD applicant over another, but I think Vox Pop’s Sunrise pricing is going to make the whole new gTLD program — and probably also ICANN and the domain name industry itself — look bad.
It’s a horrible reminder of a time when domain name companies were often little better than spammers, operating at the margins and beyond of acceptable conduct, and it makes me sad.
The new gTLD program is about increasing choice and competition in the TLD space, it’s not supposed to be about applicants bilking trademark owners for whatever they think they can get away with.
Applicants spank IO in .health objections
Donuts and Dot Health LLC have beaten back objections filed by ICANN’s Independent Objector over the .health gTLD.
In simultaneous separate rulings by the same three-person International Chamber of Commerce panel, it was decided that the string “health” is not intrinsically offensive.
The IO, in his Limited Public Interest Objections, had argued that health is a human right protected by international law, and that .health should be managed with certain safeguards to protect the public.
But the ICC panels sided with the applicants, finding that in order for an objector to prevail in a LPI objection he must show that the string itself contravenes international law.
The panels used a strict reading of the Applicant Guidebook and supporting documentation to come to their conclusions. In the Donuts case, the panel ruled:
The Panel has no hesitation in finding that the string “health” is not objectionable in and of itself. It is obvious to the Panel that the word “health” does not conflict with any generally accepted legal norms relating to morality and public order of the same nature as the first three grounds ICANN listed in AGB Section 3.5.3.
The LPI objection was created in order to prevent gTLDs from being delegated where the string itself endorses ideas such as racism, slavery or child abuse.
ICANN has said that applications for such strings “may well be rare or non-existent”.
The panels sharply dismissed claims that IO, Alain Pellet, and a staff member were conflicted due to their previous work for the World Health Organization.
The Donuts ruling is here and the Dot Health ruling is here.
.buzz and .support go live
DotStrategy has become the newest registry with a gTLD live in the DNS root.
Its .buzz, which is aimed at “groups related to blogging, communications, journalism, advertising, and marketing and development” was delegated last night.
The first second-level name, nic.buzz, is currently resolving to a parking page — seemingly managed by one of the usual parking companies — which, let’s face it, looks a bit crap even as a temporary measure.
That said, I really like .buzz as a concept, if for no other reason than it’s a rare example of a gTLD string that seems to have been selected by a human rather than an algorithm.
Speaking of which, Donuts also had its 42nd gTLD, .support, delegated last night.
There are now 54 new gTLDs live in the DNS root.
Recent Comments