Latest news of the domain name industry

Recent Posts

Verisign: would-be .com contract killers are “wrong”

Verisign has responded to the campaign to have the US government cancel its contract to run .com and open the agreement to competitive bidding, saying it is “wrong” and “based on a fundamental misunderstanding” of the deal.

The American Economic Liberties Project, the Demand Progress Education Fund, and the Revolving Door Project put their names to letters last week calling the .com deal between ICANN and Verisign a “de facto cartel” that competition authorities should dismantle.

But, as others have also pointed out, Verisign says that removing the US government from the trilateral agreement would not have the effect the letter-writers believe it would.

In a regulatory filing, Verisign said:

The campaign, and the letters, assert that the 32-year-old Cooperative Agreement between the Department of Commerce (Department) and Verisign involving the .com top-level domain registry can be terminated by the Department on August 2, 2024, and, if it is, the management of .com can be transferred after a competitive bidding process. This assertion is wrong: If the Department chooses to sunset the Cooperative Agreement, which Verisign does not seek, the .com registry will continue to be managed pursuant to the terms of Verisign’s and the Internet Corporation for Assigned Names and Numbers’ (ICANN) valid, enforceable Registry Agreement

In other words, if the US government butts out, all that’s left to regulate .com pricing is ICANN, and ICANN is institutional averse to regulating pricing, believing it would open it up to genuine concerns about cartel-like behavior.

The Cooperative Agreement (pdf) states:

upon expiration or termination of the Cooperative Agreement, neither party shall have any further obligation to the other and nothing shall prevent Verisign from operating the .com TLD pursuant to an agreement with ICANN or its successor

Five gTLDs at risk as registry goes AWOL

The chance of five new gTLDs themed around the Middle East ever going live has substantially decreased after the registry seemed to disappear and got hit by a third ICANN breach notice.

The registry is Istanbul-based Asia Green IT System, which goes by AGIT or AgitSys, and the five gTLDs are .nowruz (Iranian New Year), .pars (refers to Persia/Iran), .shia (a branch of Islam), .tci (an outsourced dot-brand for the Telecommunication Company of Iran) and .همراه (.xn--mgbt3dhd, means “comrade” in Persian).

According to ICANN, the company is failing to provide Whois, data escrow and has not filed its monthly transaction reports since February. It is also past due with its ICANN fees, according to the breach notice.

The turnaround for the breach notice was incredibly fast. ICANN appears to have noticed that the Whois failures met the “RDAP-RDDS emergency threshold” — which is 24 hours of downtime in a single week — on Friday, called the registry the same day, and issued the breach notice on Monday.

The technical breaches may or may not be related to the fact that the company appears to have disappeared from the internet. None of its NIC sites resolve for me today, and its agitsys.com company web site returns a 404.

These things were also true in 2019, when AGIT received its first breach notice, which was later resolved. It received a second notice a year ago, which it also later resolved.

Only .nowruz, the only one of the five to launch, appears to have any third-party registrations in its zone file, counting in the single figures and all apparently defensive. I could get one of them to resolve, so the DNS appears to be functional.

AGIT used CoCCA as its back-end. CoCCA said that it terminated its contract with AGIT after a “breach” earlier this year and has been turning off features ever since.

RDAP, WHOIS, Reporting and Escrow deposits have been disabled by CoCCA incrementally.

ICANN has given AGIT until the end of the month to come back into compliance or risk having its contracts terminated.

This article was updated July 8 with comment from CoCCA.

Groups make flawed case that .com is a cartel

Three pressure groups in the US have called on the government to strip Verisign of its .com contract, saying the company is operating as a “de facto cartel” with ICANN that has allowed its shareholders to milk the public for billions.

But their argument has a pretty significant hole in it, based on an apparent misunderstanding of how Verisign funds ICANN.

The American Economic Liberties Project, the Demand Progress Education Fund, and the Revolving Door Project have written to the Department of Justice and National Telecommunications and Information Administration to demand that they “cut off” Verisign.

The NTIA is the third party in the triumvirate with ICANN and Verisign that controls who gets to run the immensely powerful .com TLD. It’s the NTIA that gets to decide whether Verisign is able to raise its registry fees, how often and by how much.

The Obama administration froze the fee for its last six-year run, but the caps were lifted under Trump, giving Verisign four 7% increase options over the current six-year deal, all of which it has chosen to exercise.

The price of a .com registration or renewal has gone up from $7.85 in 2018 to $10.26 later this year. Verisign enjoys some of the highest profit margins of any public company in the US as a result, with much of its cashflow diverted into share buybacks.

This has to stop, and the .com contract should be open for bidders, the three groups said in their letters:

Ending this contract will force the initiation of a competitive open-bidding process, ultimately bringing down costs for those who must register a domain name. ICANN and VeriSign function as a de facto cartel and the NTIA should stop sanctioning the “incestuous legal triangle” that serves as a shield to deflect overdue antitrust scrutiny into their otherwise likely illegal collusive relationship.

While the letters raise many good points, they’re the same good points that have been raised every few years for the last quarter century. The US government response seems to depend entirely on whether the current occupant of the White House wears a blue tie or a red tie.

Where the argument is flawed is in the statement: “ICANN has a vested interest in VeriSign making as much money as possible, as VeriSign pays ICANN for each annual domain name registration.”

This is not quite correct, as ICANN’s current financial problems can attest.

In reality, while it is true that Verisign is by far the biggest contributor to ICANN’s budget, the dollar value is tied not to how much money Verisign makes, but to how many registrations and renewals it processes.

ICANN gets a quarter for every domain-year, basically, regardless of whether Verisign charges $7.85 or $10.26, so ICANN’s vested interest is in Verisign selling as many domain-years as possible, not its bottom line. If .com shrinks, so does ICANN’s budget.

And that’s exactly what has happened over the last couple of years. As Verisign’s prices have gone up, volume has started to go down, first in China and more recently in the US.

While I don’t believe the company has explicitly linked its volume decline to its price hikes, it’s said that a solution to the problem is new promotional activities later this year, so draw your own conclusions.

ICANN’s budget has taken a hit as a result. The Org said in April that it was looking at an $8 million shortfall and last month said it was laying off 7% of its staff to try to save $10 million.

The fact that it’s just canned 33 staff is pretty decent argument against the cartel claim, and I expect it to form part of ICANN’s response.

The three groups’ letters may be on more solid ground with its claim that ICANN has enjoyed a “$20 million cash bonus” that they describe as a share of Verisign’s “ill-gotten rent to maintain its market power.”

That’s a reference to the $5 million a year for five years additional payment that Verisign agreed to when it renegotiated its registry contract with ICANN in 2020.

Nominally to help fund ICANN’s DNS “security and stability” efforts, the optics of this side deal have always been terrible, the granularity of the accounting transparency has been criticized as lacking, and I’ve frequently referred to the payment as a “bung”.

But that payment is strictly bilateral and not part of Verisign’s deal with NTIA.

The NTIA arrangement has presumptive renewal of six-year terms, but NTIA can revoke it with 120 days notice. That means it will have to act before August 2 if it decides to terminate Verisign’s contract.

You can read the letters in full here.

RDRS usage hits all-time low

Kevin Murphy, June 27, 2024, Domain Services

Usage of ICANN’s Registration Data Request Service, which lets people submit Whois queries to registrars, hit a new low in May, six months after its launch.

RDRS was used to submit 156 requests for private Whois data in the period, the lowest number to date. In December, there were 173 requests; the peak was 290 the following month.

While requests from law enforcement held at 46, requests from IP holders, which had peaked at 117 in February, dipped a little between April and May, going from 43 to 37.

The mix between approved and denied requests was pretty much unchanged — about 20% of requests get approved and about 70% get denied.

The number of RDRS queries (domain lookups that don’t necessarily result in a request) was also at at all-time monthly low, at 1,393, from a December peak of 2,349 and April’s 1,435. Only a quarter of queries were for supported domains, down from 30% in April.

The wait time for approval shortened a little, having topped out at a massive 14 days in April, to an average of 11.34 days. Denials took on average 9.77 days.

Three more registrars joined the voluntary service in May, and none left. One of the newcomers was a second Alibaba accreditation, which brought in 3.5 million domains and raised the overall service coverage from 57% to 59% of all gTLD domains.

One way of spinning the numbers would be to say that RDRS users have become disillusioned with the service, another would be to say they are done kicking the tires and seeing what they can get away with, have discovered its limitations, and are now using it as intended.

A dot-brand so unloved they killed it twice

Indian consumer goods firm Dabur has told ICANN to turn off its dot-brand for the second time, having had second thoughts a few years ago.

The company, which mainly sells Ayurvedic alternative medicine products, had originally asked for its registry contract for .dabur to be terminated in 2021, but changed its mind shortly before ICANN actually pulled the trigger.

As I noted at the time, dabur.com popped up a prominent fraud warning when people visit the site, urging people to only trust dabur.com to source its products.

There was a dot-brand business case right there, but evidently Dabur couldn’t find it. The fraud pop-up still appears today, three years later.

The gTLD did have a few registered domains, but my records show no zone file activity since 2017.

ICANN financial data dump a damp squib?

Kevin Murphy, June 24, 2024, Domain Policy

It was supposed to be a means for ICANN to improve the transparency of its financials, but the latest output of a decade-long accountability project appears to be a damp squib, perhaps not even meeting community requirements.

But a newly published document appears to reveal one vendor that was paid almost $2 million in a single year, that ICANN has mysteriously not previously disclosed a relationship with.

Org has published its first “Annual Disclosure of Payments to Suppliers” (pdf), covering its fiscal 2022, but it weighs in at just one page of rather vague information, most of which was already in the public domain, printed in a font size I didn’t need my glasses to read.

The published data is less granular than what ICANN already reveals on its published tax forms, and it’s arguably less informative as a result.

The document shows that ICANN has at least 10 suppliers that received over $500,000 from the Org in FY22, and that if you aggregate all its insurance providers and landlords together each grouping also crosses that threshold.

There are three line items for payments over $2 million — the aforementioned landlords in aggregate, along with the law firm Jones Day and the software developer Architech Solutions.

Disclosing that these two companies were paid “above $2 million”, rather than the actual dollar value, is odd considering that we already know from ICANN’s 2022 tax form (pdf) that Jones Day was paid $5,164,603 and Architech was paid $2,857,500.

At the next tier down, we discover that ICANN paid IT consulting firm SHI International between $1.5 million and $2 million during the period.

This is arguably the most interesting stat on the page, as SHI doesn’t appear on ICANN’s 2022 tax return or the tax returns for 2021 and 2023, despite apparently meeting the criteria for being one of its “five highest compensated independent contractors”.

It doesn’t appear ICANN has ever publicly mentioned the firm before, but SHI is a large, decades-old IT services provider.

Paid between $1 million and $1.5 million were insurance providers in the aggregate, along with IT firms Outsource Technical and Zensar Technologies, both of which appear on the FY22 tax return with the precise dollar value they were paid.

On the lowest rung of the disclosure, each accounting for between $500,000 and $1 million in the period, are two HR outsourcing companies, two companies providing services for ICANN’s public meetings, and escrow provider NCC.

NCC was paid $800,798 in FY22, the lowest-paid of the top five contractors, according to the tax return, so we can assume the other four firms were paid less than that.

ICANN is making the disclosures in response to one of the over 100 recommendations of Work Stream 2 (WS2) of the Cross-Community Working Group on Enhancing ICANN Accountability, which were issued in 2018 after four years of community discussions, but it’s debatable whether they live up to what the community wanted.

CCWG-Accountability had issued implementation guidance stating:

In the first year of implementation ICANN should publish a register of all suppliers (name of supplier, country or origin and actual annual amount) it pays 500,000$US or more per fiscal year broken down by categories (e.g., computer equipment, software, telecommunication services, contracting etc.).

Note the references to “country or [sic] origin” and “actual annual amount”, two data points that do not seem to appear in the newly published document.

The group also said that the minimum reporting threshold should drop to $250,000 in the second reported year, so the FY23 document could be much larger. ICANN had 130 suppliers receiving six-figure payments in FY22, according to its tax return.

Unstoppable plotting manga-themed gTLDs

Another two likely new gTLD applications have emerged from the blockchain world.

Unstoppable Domains yesterday announced it’s planning to apply for ICANN for .manga and .anime Kintsugi Global, which already operates the two namespaces on a blockchain.

The two domains currently sell via Unstoppable for $80.

Governments call for new gTLD auctions ban

Kevin Murphy, June 17, 2024, Domain Policy

Governments have upped the stakes in their opposition to new gTLDs being auctioned off privately, now calling for an outright prohibition on the practice.

ICANN’s Governmental Advisory Committee today published its formal advice coming out of last week’s public meeting in Kigali, calling for ICANN to “prohibit the use of private auctions in resolving contention sets in the next round of New gTLDs”.

It’s a strengthening of previous language from last year’s Washington DC meeting which called for ICANN to “ban or strongly disincentivize private monetary means of resolution of contention sets, including private auctions”.

Private auctions were the most-common way that contests between new gTLD applicants with matching strings were resolved in the 2012 application round. Many tens of millions of dollars changed hands, with the losing bidders pocketing the winning bids.

But the practice came in for criticism from groups such as the GAC and the At-Large Advisory Committee, partly because it made it harder for non-commercial or less well-financed developing-world applicants to get a foothold in the gTLD space.

“The 2012 round was basically a game for millionaires,” ALAC chair Johnathon Zuck told the GAC at a meeting between the two groups last week. “There were many things that made the last round kind of a joke… but this was the very big thing that made the community look bad.”

Discussions with the ALAC, which wanted to issue joint advice with the GAC, seems to be at least partly responsible for the GAC aligning around advising a full-on ban on private auctions.

ICANN’s board of directors is broadly in favor of “discincentivizing” private auctions, but has stopped short of advocating for a full prohibition, according to directors’ public statements and board resolutions.

The Org commissioned a study from a New York company called NERA Economic Consulting, published shortly before the Kigali meeting, to look into ways to dissuade applicants from private auctions and encourage them towards ICANN’s “last resort” auctions — where ICANN gets all the money — or into joint ventures.

While it did not come up with any recommendations as such, the study did lay out some possible mechanisms — such as forcing applicants into last-resort auctions, or making them pay an extra fee if they want to resolve their contention sets privately.

Separately, ICANN has told the GAC it intends to reject another piece of its advice related to contention sets. The GAC had told ICANN last year:

To take steps to avoid the use of auctions of last resort in contentions between commercial and non-commercial applications; alternative means for the resolution of such contention sets, such as drawing lots, may be explored

But ICANN reckons a lottery might be illegal under California law. That’s pretty much what it said before it came up with “Digital Archery” during the last application round, and it turned out to not be completely correct.

It also disagrees with the GAC that non-commercial applicants in contention sets should be treated preferentially, with the board wary about having to pick winners and losers in the next round.

The board has therefore triggered the part of its bylaws that require it to hold formal negotiations with the GAC to see if they can come to a compromise before the advice is rejected.

ICANN names new CEO, and it isn’t Costerton

Kevin Murphy, June 10, 2024, Domain Policy

ICANN has picked industry veteran Kurt Erik “Kurtis” Lindqvist to take over as president and CEO.

He will replace interim CEO Sally Costerton, who has been serving since Goran Marby’s resignation in December 2022, but not until December 5 this year.

Since 2019 he’s been CEO of the London Internet Exchange, LINX, and has to served out his notice while a replacement is found. He announced his resignation a few days ago.

ICANN said Lindqvist has also been CEO of .no operator Netnod worked for the Internet Architecture Board, RIPE and the Internet Engineering Task Force.

ICANN received 100 applications for the gig from 20 countries and drew up an interview shortlist of seven — three of whom were female, ICANN noted — and three finalists were interviewed by the full board of directors.

Lindqvist will be based in ICANN’s Geneva, Switzerland regional office but “will spend significant time” in the ICANN Los Angeles HQ.

ICANN: We will NOT police content

Kevin Murphy, June 10, 2024, Domain Policy

ICANN seems to have killed off the idea of content-restricting Registry Voluntary Commitments being included in registry contracts, judging by a conversation today between its board of directors and Governmental Advisory Committee.

Speaking moments ago at a session at ICANN 80 in Rwanda, director Becky Burr said the board took legal advice and decided that the Org’s bylaws do not allow it to enforce contractual commitments that involve content regulation.

“The board was looking at the legal issues there to determine whether under our bylaws we were permitted to accept and enforce Registry Voluntary Commitments related to the restriction of content… on Saturday at our board meeting the board has resolved that we can’t,” Burr said.

“We will not accept into the contracts the new registry commitments that involve the restriction of content,” she said.

The RVC-like Public Interest Commitments found in 2012-round gTLDs are grandfathered in the current bylaws and will not be affected by the RVCs decision, she said.

Registries will be free to make RVC-like commitments outside of their ICANN contracts, but ICANN will not enforce them, she said. She also said the board has ruled out hiring a third party enforcer, citing US case law and the First Amendment to the US constitution.

Burr said that if an Independent Review Process panel struck down a single RVC it would risk invalidating all of the RVCs in all registry contracts.

The board’s resolution will be published later this week, but its legal advice will remain confidential, she said.

The decision is a win for registries and registrars, which earlier this year responded to an ICANN consultation by saying it should not permit RVCs that regulate content. The Non-Commercial Stakeholders Group had even raised the possibility of legal action if ICANN went ahead with RVCs.

The opposing view was put forth by the Business Constituency, the Intellectual Property Constituency, and the At-Large Advisory Committee, all of which are now presumably feeling bummed out by the board’s latest decision.