Recent Posts
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
ICANN smacks Cheapies with the ban hammer
ICANN for only the second time has suspended an accredited registrar’s ability to sell domain names.
Cheapies.com, which has roughly 12,000 gTLD domain names under management, will not be able to create new domains or accept inbound transfers until January 2, 2014, according to ICANN.
The 90-day suspension of its accreditation, longer by two months than the 30 days Alantron received last year, comes because it’s the third time this year Cheapies has been sent an ICANN breach notice.
The latest breach concerns the domain ebookvortex.com. Apparently Cheapies did not provide the registrant with the required authorization information when he initiated a transfer request.
In January, the company received breach notices related to its records-keeping and another instance of failing to abide by ICANN’s inter-registrar transfers policy.
It’s also being spanked for consistently ignoring or stonewalling ICANN’s attempts to resolve the situation.
Cheapies has the opportunity to rectify its problems to avoid losing its accreditation entirely. In the meantime, it also has to display the following notice “prominently” on its web site:
No new registrations or inbound transfers will be accepted from 4 October 2013 through 2 January 2014.
There’s a clear takeaway for fly-by-night registrars here: ignore ICANN Compliance at your peril.
Europe continues to object to .wine gTLD
The European Union is continuing to fight the proposed .wine and .vin gTLDs, even after ICANN’s Governmental Advisory Committee formally withdrew its advice on the applications.
Neelie Kroes, vice president of the European Commission, wrote to ICANN on Thursday to say that its “firm position” is:
under no circumstance can we agree having .wine and .vin and on the internet, without sufficient safeguards which efficiently protect the rights and interest of both GI [Geographic Indicator] right holders and consumers and wine and wine products
The EC believes that .wine and .vin should have special second-level protections for wine GIs — geographic indicators such as Champagne, named after the region in which it is produced.
It’s a view that has been put forward by many associations of wine producers in the EU and US for over a year. ICANN is also in receipt of letters disagreeing with the GAC from other wine producers.
The law internationally, and even in the EU, appears to be patchy on whether and how GIs are protected. They don’t generally enjoy the same uniformity of protection as trademarks.
The GAC considered the two strings in April at the Beijing meeting but failed to come to a consensus.
It wound up asking ICANN for more time and, after failing to reach agreement again in Durban this July, finally concluded last week that it was unable to find a consensus on advice.
That potentially laid the path clear for the four applications for the two strings to continue to contention resolution, contracting and eventual delegation.
However, the GAC’s all-clear arrived too late for the ICANN New gTLD Program Committee to formally consider it at its meeting last week.
According to the Kroes letter, the European Commission’s view is:
there has not been any consensus decision overruling the advice given in Beijing. We are therefore of the firm opinion that the advice provided at the GAC April meeting stands as long as there is no new consensus on the matter.
The Beijing advice, which was explicitly intended to give the GAC more time to deliberate, said that ICANN should not proceed beyond Initial Evaluation with .wine or .vin.
Kroes’ logic may or may not be consistent with the letter of the Beijing communique, but certainly not its spirit. That’s becoming an increasingly common problem with GAC advice.
It seems unlikely, however, that ICANN would put the views of one single government ahead of what the GAC as a whole has submitted as formal advice.
Her letter does not seem to have been published by ICANN yet, but you can read it in PDF format here.
Hundreds of new gTLD applicants still in GAC limbo
A little over five months after the Governmental Advisory Committee issued its controversial Beijing communique, demanding strict controls over hundreds of new gTLDs, ICANN has still not taken any action.
ICANN’s New gTLD Program Committee “accepted” a bunch of the GAC’s advice on new gTLDs during its meeting last week, but yet again punted the most crucial issue — how to handle the so-called “Category 1” strings.
In a resolution last Tuesday, published on Friday, the NGPC addressed 21 pieces of GAC advice from the July Durban meeting but took no action on the April Beijing advice.
One application was killed off as a result — Better Living Management’s bid for .thai — on geographic grounds.
Applications for .spa, .yun, .广州 (.guangzhou), and .深圳 (.shenzhen), which are all geographic strings, have been put on hold “until the agreements between the relevant parties are reached”.
Amazon’s applications for its brand in Latin and other scripts are also on hold again pending ICANN’s review of its lengthy response to the GAC’s decision to object to them in Durban.
Two applications — .date and .persiangulf — which had raised geographic concerns in Beijing have been given leave to proceed after the GAC decided not to object in Durban.
Applications for .wine, .vin, .ram and .indians appear to be safe, but it’s not 100% clear based on the NGPC’s resolution.
Category 1 strings
“Category 1” strings were those strings that the GAC deemed applicable to “Consumer Protection, Sensitive Strings, and Regulated Markets”.
The GAC wants these gTLDs, if approved, to be subject to oversight by regulatory or self-regulatory bodies and to implement strict security controls.
The Category 1 advice has been criticized by many, including members of the NGPC, for being too vague to implement and for unfairly moving the goalposts on applicants at the last minute.
In Durban, the NGPC had indicated that it was very unhappy with the Category 1 advice.
Last week, it chose to essentially ignore the Beijing communique in which the Category 1 advice was delivered, and instead “accept” the Category 1 advice from Durban, which simply stated:
The GAC will continue the dialogue with the NGPC on this issue.
The NGPC in response stated in an annex to its resolution:
The NGPC accepts this advice. The NGPC looks forward to continuing the dialogue with the GAC on this issue.
So the 500-odd applications captured by Category 1 are still in limbo, unable to sign registry contracts with ICANN, pending the outcome of these GAC-NGPC negotiations.
On the upside, it looks like ICANN is keen to get the issue resolved before ICANN’s next public meeting, which takes place in Buenos Aires in November. ICANN said:
The NGPC and staff are working with the GAC to identify a time and place for further dialogue on these items.
Community support
The NGPC also addressed the GAC’s demands relating to community support for applications. In doing so, it again deployed its tactic of “accepting” the letter of the GAC’s advice whilst plainly rejecting it in spirit.
The GAC had said in Durban:
the GAC advises the ICANN Board to consider to take better account of community views, and improve outcomes for communities, within the existing framework, independent of whether those communities have utilized ICANN’s formal community processes to date.
The GAC was basically worried about the new gTLD program not giving sufficient weight to informal objections from organizations that could be affected by applied-for strings.
The NGPC responded:
The NGPC accepts this advice. The NGPC will consider taking better account of community views and improving outcomes for communities, within the existing framework, independent of whether those communities have utilized ICANN’s formal community processes to date. The NGPC notes that in general it may not be possible to improve any outcomes for communities beyond what may result from the utilization of the AGB’s community processes while at the same time remaining within the existing framework.
In other words, due to the inclusion of the phrase “within the existing framework”, ICANN can do absolutely nothing else to address the GAC’s concerns and can still say it “accepted” the advice.
The NGPC had previously used the same tactic to avoid dealing with the GAC’s Beijing advice on giving “communities” the ability to kill off applications without going through the proper channels.
Verisign targets bank claims in name collisions fight
Verisign has rubbished the Commonwealth Bank of Australia’s claim that its dot-brand gTLD, .cba, is safe.
In a lengthy letter to ICANN today, Verisign senior vice president Pat Kane said that, contrary to CBA’s claims, the bank is only responsible for about 6% of the traffic .cba sees at the root.
It’s the latest volley in the ongoing fight about the security risks of name collisions — the scenario where an applied-for gTLD string is already in broad use on internal networks.
CBA’s application for .cba has been categorized as “uncalculated risk” by ICANN, meaning it faces more reviews and three to six months of delay while its risk profile is assessed.
But in a letter to ICANN last month, CBA said “the cause of the name collision is primarily from CBA internal systems” and “it is within the CBA realm of control to detect and remediate said systems”.
The bank was basically claiming that its own computers use DNS requests for .cba already, and that leakage of those requests onto the internet was responsible for its relatively high risk profile.
At the time we doubted that CBA had access to the data needed to draw this conclusion and Verisign said today that a new study of its own “shows without a doubt that CBA’s initial conclusions are incorrect”.
Since the publication of Interisle Consulting’s independent review into root server error traffic — which led to all applied-for strings being split into risk categories — Verisign has evidently been carrying out its own study.
While Interisle used data collected from almost all of the DNS root servers, Verisign’s seven-week study only looked at data gathered from the A-root and J-root, which it manages.
According to Verisign, .cba gets roughly 10,000 root server queries per day — 504,000 in total over the study window — and hardly any of them come from the bank itself.
Most appear to be from residential apartment complexes in Chiba, Japan, where network admins seem to have borrowed the local airport code — also CBA — to address local devices.
About 80% of the requests seen come from devices using DNS Service Discovery services such as Bonjour, Verisign said.
Bonjour is an Apple-created technology that allows computers to use DNS to automatically discover other LAN-connected devices such as printers and cameras, making home networking a bit simpler.
Another source of the .cba traffic is McAfee’s antivirus software, made by Intel, which Verisign said uses DNS to check whether code is virus-free before executing it.
While error traffic for .cba was seen from 170 countries, Verisign said that Japan — notable for not being Australia — was the biggest source, with almost 400,000 queries (79% of the total). It said:
Our measurement study reveals evidence of a substantial Internet-connected infrastructure in Japan that lies beneath the surface of the public-facing internet, which appears to rely on the non-resolution of the string .CBA.
This infrastructure appear hierarchical and seems to include municipal and private administrative and service networks associated with electronic resource management for office and residential building facilities, as well as consumer devices.
One apartment block in Chiba is is responsible for almost 5% of the daily .cba queries — about 500 per day on average — according to Verisign’s letter, though there were 63 notable sources in total.
ICANN’s proposal for reducing the risk of these name collisions causing problems would require CBA, as the registry, to hunt down and warn organizations of .cba’s impending delegation.
Verisign reiterates the point made by RIPE NCC last month: this would be quite difficult to carry out.
But it does seem that Verisign has done a pretty good job tracking down the organizations that would be affected by .cba being delegated.
The question that Verisign’s letter and presentation does not address is: what would happen to these networks if .cba was delegated?
If .cba is delegated, what will McAfee’s antivirus software do? Will it crash the user’s computer? Will it allow unsafe code to run? Will it cause false positives, blocking users from legitimate content?
Or will it simply fail gracefully, causing no security problems whatsoever?
Likewise, what happens when Bonjour expects .cba to not exist and it suddenly does? Do Apple computers start leaking data about the devices on their local network to unintended third parties?
Or does it, again, cause no security problems whatsoever?
Without satisfactory answers to those questions, maybe name collisions could be introduced by ICANN with little to no effect, meaning the “risk” isn’t really a risk at all.
Answering those questions will of course take time, which means delay, which is not something most applicants want to hear right now.
Verisign’s study targeted CBA because CBA singled itself out by claiming to be responsible for the .cba error traffic, not because CBA is a client of rival registry Afilias.
The bank can probably thank Verisign for its study, which may turn out to be quite handy.
Still, it would be interesting to see Verisign conduct a similar study on, say, .windows (Microsoft), .cloud (Symantec) or .bank (Financial Services Roundtable), which are among the 35 gTLDs with “uncalculated” risk profiles that Verisign promised to provide back-end registry services for before it decided that new gTLDs were dangerous.
You can read Verisign’s letter and presentation here. I’ve rotated the PDF to make the presentation more readable here.
.sex and two other gTLD pass evaluation
Three new gTLD applications passed Initial Evaluation this week, including one of the two applications for .sex.
The approved .sex bid belongs to Internet Marketing Solutions, which is competing with .xxx operator ICM Registry.
The other applications passing IE this week are .leclerc, a French dot-brand, and .aquitaine, a French geographic region.
There are only 20 applications left without results, almost all of which — apart from a generic bid for .bar and Google’s controversial “dotless” .search — appear to be dot-brands.
Eight more new gTLD contracts signed, six by Donuts
ICANN has brought up its number of contracted new gTLDs to 32 with the signing of eight new Registry Agreements yesterday.
Six belong to Donuts:: .graphics, .technology, .reviews, .gallery, .guide and .construction.
Two IDN registries have also signed contracts: .我爱你 (Tycoon Treasure), which means “I love you” in Chinese, and .集团 (Eagle Horizon), which means “group” or “conglomerate” in Chinese.
The prioritization numbers for the 32 newly contracted application ranges from eight to 496. Almost all of the non-ASCII strings with contracts to date belong to Donuts.
Four more new gTLDs, including .sexy, get contracts
ICANN signed four more new gTLD contracts with four different registries yesterday.
The lucky recipients of Registry Agreements are:
- .uno (Dot Latin LLC) — a general-purpose, open gTLD aimed primarily at Spanish and Italian speakers.
- .menu (Wedding TLD2, LLC) — also open, though the registry plans to run second-level portals corresponding to types of food (italian.menu, etc).
- .sexy (Uniregistry Corp) — signing a Registry Agreement with boring old ICANN doesn’t strike me as particularly sexy, but Uniregistry went ahead and did it anyway.
- .世界 (Stable Tone Ltd) — this Chinese string means “.world”. It will also be open and obviously targeted primarily at Chinese-speaking registrants.
The deals mean ICANN has now signed contracts covering 26 new gTLD applications. It’s slow going so far, but the pace is definitely picking up.
As of last week, DI PRO Application Tracker allows you to search for only gTLDs that have signed contracts, along with 23 other search criteria.
Wine gTLDs get a pass as GAC fails to agree
Applicants for wine-related gTLDs will no longer be opposed by the Governmental Advisory Committee, it has emerged.
Writing to ICANN chair Steve Crocker this week, GAC chair Heather Dryden said that the GAC had failed to reach an agreement on whether to issue formal Advice against the applications.
Three .wine applicants and one .vin applicant are affected.
Some governments are concerned about strings at the second level because quite often a word many people associate primarily with a type of wine is also the protected name of the wine-producing region.
Champagne is probably the best-known example of this.
Nevertheless, the GAC couldn’t reach agreement on whether to provide formal advice to ICANN on this topic, so the applications will be free to proceed along the new gTLD program’s track.
Register.com hit by breach notice over 62,232 domains
Register.com, a Web.com business that is one of the top ten registrars by domains under management, has been hit by an ICANN compliance notice covering 62,232 domain names.
It’s a weird one.
ICANN says that the company has failed to provide records documenting the ownership trail of the domains in question, which all currently belong to Register.com itself.
The notice names 000123.net, 0011pp.com, 00h4.com, 010fang.net, 01rabota.com, 02071988.com and 020tong.com, but it seems that these are merely the first in a alphabetical list that is much, much longer.
Judging by DomainTools’ Whois history, these domains all appear to have been originally registered at various times by individuals in China and India, then allowed to expire, then registered by Register.com to itself.
The only common link appears to be that they were kept by Register.com after they expired, for whatever reasons registrars usually hoard their customers’ expired domains.
According to the compliance notice, ICANN wants the registrar to:
Provide a detailed explanation to ICANN how 62,232 domains in which Register.com itself is the registrant are used for the purposes of Registrar Services, as defined by Section 1.11 of the RAA;
The Registrar Accreditation Agreement says registrars have to keep registrant agreement records, except for a limited class of cases where the domain is owned by the registrar itself and used for registrar-related stuff.
Register.com, one of the original five oldest competitive registrars, has been given until October 2 to come up with the requested information for face losing its accreditation.
The registrar has almost three million gTLD domains under management. Combined with its Web.com sister registrars, which include Network Solutions, the number is closer to 10 million.
Donuts signs three more new gTLD contracts
Donuts today signed Registry Agreements covering the new gTLDs .land, .plumbing and .contractors, according to ICANN.
The deals mean ICANN now has contracts covering 40 gTLDs, 22 of them as a result of the new gTLD program and 16 of which are to be managed by Donuts.
Like all the gTLDs Donuts applied for, they’re to be operated with an “open” registration policy.
It’s therefore ironic that the company should become the contracted registry for .plumbing and .contractors — both regulated industries where I come from — on the same day we find out that it can’t have .architect because architecture is a licensed profession.
Recent Comments