Latest news of the domain name industry

Recent Posts

ICANN blocks almost 10 million new gTLD domains

Kevin Murphy, November 18, 2013, Domain Registries

ICANN has asked new gTLD registry operators to block a total of 9.8 million domain names, due to the perceived risk of damage from name collisions.
To put it another way, Verisign has managed to take close to 10 million domain names off the market.
ICANN today delivered second-level domain block-lists for 1,327 new gTLDs. Combined, the number of unique blocked domains is just over 9.8 million, according to DI’s preliminary analysis.
Some of the lists relate to gTLDs that will not be approved because they’re in mutually exclusive contention sets with other strings (for example, .unicorn and .unicom).
Twenty-five unfortunate gTLD applicants did not receive lists, because ICANN said they do not qualify for the block-list-based “Alternate Path to Delegation”.
We’re currently crunching the numbers and will have more information later today, with a bit of luck.

Demystifying DITL Data [Guest Post]

Kevin White, November 16, 2013, Domain Tech

With all the talk recently about DNS Namespace Collisions, the heretofore relatively obscure Day In The Life (“DITL”) datasets maintained by the DNS-OARC have been getting a lot of attention.
While these datasets are well known to researchers, I’d like to take the opportunity to provide some background and talk a little about how these datasets are being used to research the DNS Namespace Collision issue.
The Domain Name System Operations Analysis and Research Center (“DNS-OARC”) began working with the root server operators to collect data in 2006. The effort was coined “Day In The Life of the Internet (DITL).”
Root server participation in the DITL collection is voluntary and the number of contributing operators has steadily increased; in 2010, all of the 13 root server letters participated. DITL data collection occurs on an annual basis and covers approximately 50 contiguous hours.
DNS-OARC’s DITL datasets are attractive for researching the DNS Namespace Collision issue because:

  • DITL contains data from multiple root operators;
  • The robust annual sampling methodology (with samples dating back to 2006) allows trending; and
  • It’s available to all DNS-OARC Members.

More information on the DITL collection is available on DNS-OARC’s site at https://www.dns-oarc.net/oarc/data/ditl.
Terabytes and terabytes of data
The data consists of the raw network “packets” destined for each root server. Contained within the network packets are the DNS queries. The raw data consists of many terabytes of compressed network capture files and processing the raw data is very time-consuming and resource-intensive.
[table id=20 /]
While several researchers have looked at DITL datasets over the years, the current collisions-oriented research started with Roy Hooper of Demand Media. Roy created a process to iterate through this data and convert it into intermediate forms that are much more usable for researching the proposed new TLDs.
We started with his process and continued working with it; our code is available on GitHub for others to review.
Finding needles in DITL haystacks
The first problem faced by researchers interested in new TLDs is isolating the relatively few queries of interest among many terabytes of traffic that are not of interest.
Each root operator contributes several hundred – or several thousand – files full of captured packets in time-sequential order. These packets contain every DNS query reaching the root that requests information about DNS names falling within delegated and undelegated TLDs.
The first step is to search these packets for DNS queries involving the TLDs of interest. The result is one file per TLD containing all queries from all roots involving that TLD. If the input packet is considered a “horizontal” slice of root DNS traffic, then this intermediary work product is a “vertical” slice per TLD.
These intermediary files are much more manageable, ranging from just a few records to 3 GB. To support additional investigation and debugging, the intermediary files that JAS produces are fully “traceable” such that a record in the intermediary file can be traced back to the source raw network packet.
The DITL data contain quite a bit of noise, primarily DNS traffic that was not actually destined for the root. Our process filters the data by destination IP address so that the only remaining data is that which was originally destined for the root name servers.
JAS has made these intermediary per-TLD files available to DNS-OARC members for further analysis.
Then what?
The intermediary files are comparatively small and easy to parse, opening the door to more elaborate research. For example, JAS has written various “second passes” that classify queries, separate queries that use valid syntax at the second level from those that don’t, detect “randomness,” fit regular expressions to the queries, and more.
We have also checked to confirm that second level queries that look like Punycode IDNs (start with ‘xn--‘) are valid Punycode. It is interesting to note the tremendous volume of erroneous, technically invalid, and/or nonsensical DNS queries that make it to the root.
Also of interest is that the datasets are dominated by query strings that appear random and/or machine-generated.
Google’s Chrome browser generates three random 10-character queries upon startup in an effort to detect network properties. Those “Chrome 10” queries together with a relatively small number of other common patterns comprise a significant proportion of the entire dataset.
Research is being done in order to better understand the source of these machine-generated queries.
More technical details and information on running the process is available on the DNS-OARC web site.

This is a guest post written by Kevin White, VP Technology, JAS Global Advisors LLC. JAS is currently authoring a “Name Collision Occurrence Management Framework” for the new gTLD program under contract with ICANN.

Only two new gTLD bids in Initial Evaluation

Kevin Murphy, November 16, 2013, Domain Registries

Initial Evaluation on the first round of new gTLD applications is almost done, with only two bids now remaining in that stage of the program.
ICANN last night published the delayed IE results for PricewaterhouseCooper’s .pwc and the Better Business Bureau’s .bbb, both of which were passes.
The only two applications remaining in IE are Kosher Marketing Assets’ .kosher and Google’s .search.
The latter is believed to be hung up on technical changes it has made to its bid, to remove the plan to make .search a “dotless” gTLD, which ICANN has banned on stability grounds.
Eight applications are currently in Extended Evaluation, having failed to achieve passing scores during IE.

Kleinwächter joins ICANN board

Kevin Murphy, November 16, 2013, Domain Policy

Internet governance expert Wolfgang Kleinwächter has joined ICANN’s board of directors with immediate effect.
Kleinwächter is the emergency replacement for Judith Vazquez, who quit with no explanation last month. He’ll carry out Vazquez’s duties until her term was due to end, a year from now.
He’s a rare insider appointment from the Nominating Committee, which regularly looks outside of ICANN for its board expertise.
He has been involved with ICANN since almost the beginning, and currently sits on the GNSO Council (a term due to expire this week) as a representative of the Non-Commercial Users Constituency.
He’s a German national and currently employed by the University of Aarhus, Denmark, where he teaches on the subjection of internet policy and regulation.
He also has experience in UN-related policy projects such as the World Summit on the Information Society and the Internet Governance Forum.

.sexy and 10 more gTLDs now in the root

Kevin Murphy, November 14, 2013, Domain Registries

The third batch of new gTLDs have gone live.
Uniregistry’s .sexy and .tattoo are currently in the DNS root zone, the first two of its portfolio to become active.
The TLDs .bike, .construction, .contractors, .estate, .gallery, .graphics, .land, .plumbing, and .technology from Donuts have also gone live today.
Donuts already had 10 new gTLDs in the root from the first two batches.
There are now 24 live new gTLDs.
The first second-level domains to become available will be nic.tld in each, per the ICANN contract they’ve all signed.
You’ll notice that they’re all ASCII strings, despite the fact that IDNs get priority treatment in the new gTLD program.

Name collisions expert JAS to guest blog on DI

Kevin Murphy, November 14, 2013, Domain Tech

JAS Global Advisors, the consultancy hired by ICANN to provide the final analysis on the risks posed by name collisions in new gTLDs, is to exclusively guest-blog its work here on DI.
ICANN picked JAS to provide a “Name Collision Occurrence Management Framework” earlier this week.
Its job is to basically figure out how new gTLD registries — some of which have been told to block many thousands of potential collisions from their zones — can identify and mitigate the risks, if any, posed by these names.
The framework will help registries reduce the size of their block-lists, in other words.
JAS expects to provide a short series of guest posts over the next few months, explaining the state of the project as it progresses. Reader comments will be read, I’m assured.
JAS CEO Jeff Schmidt said: “The macro intent is to shorten the feedback cycle so folks can see where we are incrementally and comment along the way.”
I’m hoping that the guest posts will provide DI readers with insight into the issue that is as disinterested as DI’s usual coverage, but better informed on the nitty-gritty of the affected technologies.
JAS is a regular consultant for ICANN. It was one of the independent evaluators for the new gTLD program itself.
I’m told that JAS doesn’t have financial relationships with either any new gTLD applicants, which generally think the collision risks have been overstated, or with Verisign, which say they could cause real damage.
JAS isn’t getting paid for the posts; nor is DI getting paid to carry them.
The first post in the series will appear soon, probably Friday.

Will ICANN be forced to reject Islamic gTLDs?

Kevin Murphy, November 14, 2013, Domain Policy

The Organisation of Islamic Cooperation has condemned applications for .islam and .halal gTLDs filed by a Turkish company, despite the applicant recently fighting off an OIC-backed objection.
Claiming to represent the world’s 1.6 billion Muslims, the OIC expressed in a November 4 letter to ICANN and its Governmental Advisory Committee:

official opposition of the Member States of the OIC towards probable authorization by the GAC allowing use of these new gTLDs .Islam and .Halal by any entity not representing the collective voice of the Muslim people.

The letter seems to have been sent in response to the GAC’s current stalemate on these two TLDs, which were applied for, uncontested, by Istanbul-based Asia Green IT System.
At the ICANN meeting in Beijing six months ago, the GAC was unable to reach a consensus to object to .islam and .halal, instead merely noting:

Some GAC members have raised sensitivities on the applications that relate to Islamic terms, specifically .islam and .halal. The GAC members concerned have noted that the applications for .islam and .halal lack community involvement and support. It is the view of these GAC members that these applications should not proceed.

As a non-consensus objection, there’s no presumption that the ICANN board of directors should reject the applications.
And it seems that the New gTLD Program Committee, which carries board powers, has been deliberately ignoring the controversy pending the resolution of two formal Community Objections.
The objections were filed by the United Arab Emirates’ Telecommunications Regulatory Authority, the UAE’s ccTLD registry operator, with backing (it claimed) from the OIC.
But the TRA lost both objections, partly because the wishy-washy government-speak OIC letter it submitted in evidence failed to convince International Chamber of Commerce adjudicator Bernardo Cremades that it really did have that OIC support.
Whether the OIC really does object to Asia Green’s bids now seems beyond dispute.
In fact, the organization says it intends to pass a formal resolution containing its position on Islamic gTLDs during its Council of Foreign Ministers meeting in early December.
ICANN chair Steve Crocker has now asked the GAC to provide further guidance before it decides whether to accept or reject the two bids.
Given that a single governmental hold-out in the GAC would be enough to kill any chance of consensus, the OIC may be right to presuppose that the GAC will not fully object.
That would leave ICANN in the tricky position, for the first time in this application round, of having to decide the fate of a gTLD without the cover of a uniform international objection.
Would it reject .islam, opening the door for other gTLDs to be killed off by minority government concerns? Or would it approve the controversial strings, potentially pissing off the Muslim world?
I expect there’s at least one NGPC member — Lebanese-born Christian ICANN CEO Fadi Chehade — who would certainly not relish having to cast a vote on such a resolution.

Over half the world’s biggest brands will be blocked in new gTLDs

Kevin Murphy, November 12, 2013, Domain Registries

More than half of the world’s most-famous brand names already stand to benefit from blocks in new gTLDs, due to the name collisions policy introduced by ICANN recently.
That’s the preliminary conclusion of a quick analysis of the 37 block-lists already published.
Using Interbrand’s list of the top 100 most valuable brands, we find that only 32 do not appear anywhere — either as strings or substrings — on the collisions lists we have today.
Fifty-nine brands are to be blocked as exact matches in at least one new gTLD. Five brands are blocked exactly in 10 or more.
Brand owners blocked in collision lists may not have to fork out for as many defensive registrations, but may also face complications when registries finally start whittling down their lists.
We present the full table of results below, for which the following explanations might be needed:

  • Brand/String — The brands have been normalized to ASCII strings, removing punctuation not compatible with the DNS protocol and converting accented characters to their unaccented equivalents (for example, “Nescafé” becomes “Nescafe”). For DI PRO subscribers, each string links to a search on the database for that string.
  • Exact Matches — The number of gTLDs (currently out of 37) in which this exact-match brand will be blocked.
  • Unique Strings — The number of strings containing this brand that appear on block-lists. In some cases this may provide misleading results due to the usual overkill you get when matching substrings. For example, two-character brands such as 3M and HP get a lot of hits, the vast majority of which do not appear to relate to the brand itself, whereas every hit for Google does in fact refer to the brand.

[table id=19 /]
The numbers will of course grow rapidly as ICANN publishes more collisions lists.
If there’s sufficient interest from DI PRO subscribers in this breakdown being kept up to date on an ongoing basis, I’ll bolt it on to to the existing collisions database.

Over 87,000 new gTLD domains now blocked

Kevin Murphy, November 12, 2013, Domain Registries

The total number of domain names to be blocked due to the risk of name collisions has topped 87,000 with the latest batch of block-lists from ICANN, published yesterday.
According to our database, 87,670 domain names, representing 75,208 unique second-level strings, are to be blocked in the 37 new gTLDs that have published collisions lists.
The string “www” is on all 37 lists, followed closely by “com”, “org” and “net”.
The most commonly blocked names include large numbers of single characters and large numbers of two-character strings matching ccTLDs (which were already banned in new gTLDs anyway).
Lots of protocol-related strings, such as “http”, “ftp”, “isatap” and “wpad” can also be found in the top 100 strings.
Gambling-related strings are also hugely, and so far inexplicably, popular blocking candidates.
Google, Yahoo, Facebook and Apple are the most frequently seen brands.
The full consolidated list of blocked strings can be searched at the DI PRO name collisions database.
The gTLD with the biggest block-list so far is .kitchen, with 13,061 strings, over half as big again as the next-longest list, which is .uno’s 8,187 names.

Over 100 new gTLD contracts now signed

Kevin Murphy, November 12, 2013, Domain Registries

The pace is stepping up as ICANN starts to lift its heels in moving more new gTLDs towards delegation.
The organization signed contracts with registries covering 34 strings over the weekend, including popular favorites such as .wiki and .ninja.
The full list of gTLDs with freshly signed Registry Agreements goes like this:

.education, .institute, .training, .international, .builders, .build, .solar, .marketing, .solutions, .academy, .company, .camp, .systems, .business, .management, .center, .repair, .red, .glass, .house, .farm, .holiday, .kaufen, .ninja, .gal, .social, .moda, .blue, .ceo, .immobilien, .wiki, .florist, .公益 and .政务.

At 34 in a week, it’s an almost 50% increase on the number of new gTLD RAs ICANN has entered into, and dangerously close to the 40-per-week rate that was originally planned.
By our reckoning, there are now 115 new gTLDs with ICANN contracts.