Latest news of the domain name industry

Recent Posts

Blind auditions underway for ICANN’s supreme court

Kevin Murphy, October 27, 2022, Domain Policy

An ICANN volunteer committee says it is close to picking a slate of judges for what amounts to ICANN’s much-delayed “supreme court”, but it’s doing so without knowing the identities of the candidates.

The Independent Review Process Community Representatives Group said in a blog post that it expects to wrap up its work — picking at least seven members of an IRP Standing Panel — by the end of the year, though it views the deadline as “challenging”.

The group said that it’s currently reviewing applications for the posts, but with the identities of the candidates redacted, and expects to start interviewing shortly. The members wrote:

While we only see information about various applicants’ qualifications, gender and ICANN regional residency, we do not at this point know the identity of the candidates. These are data points to assist our winnowing process and our endeavor to achieve cultural, linguistic, gender and legal diversity. Diversity by geographic region is indicated in ICANN’s Bylaws.

The skill-set mandated for panelists by ICANN’s bylaws is pretty rarefied — requiring knowledge of international law, arbitration, the DNS and ICANN itself — so it seems likely that LinkedIn and Google could be useful to identity candidates, if CRG members were so inclined.

The CRG said it has a wealth of qualified candidates “a sizeable group of individuals with impressive and suitable backgrounds”, making the selection process “difficult”.

The Standing Panel is envisaged as a kind of supreme court for ICANN. Whenever somebody challenges an ICANN decision with an Independent Review Process complaint, three members of the panel would be selected to hear the case.

The idea is that IRP should become more consistent, objective and speedy, retaining more institutional knowledge, with a stable set of rotating panelists. The current system has ICANN and complainants select their panelist.

ICANN’s bylaws have been calling for the creation of a Standing Panel since April 2013, but ICANN is ICANN and the panel has been delayed by years of foot-dragging and red tape. The CRG was only created to audition candidates in February 2022.

Many IRP cases over the last near-decade have been complicated and delayed by the absence of the panel, even resulting in a lawsuit.

This is great for lawyers who bill by the hour, not so great for complainants and ICANN’s credibility as an accountable organization.

The CRG has seven members drawn from the GNSO, ALAC, ccNSO and GAC, including government representatives of Iran and Nigeria. It’s chaired by Verisign’s David McAuley.

You can’t appeal a UDRP appeal, ICANN Ombudsman says

Kevin Murphy, October 24, 2022, Domain Policy

ICANN’s independent Ombudsman has called an Indian vaccine maker’s second Request for Reconsideration over a failed UDRP case a “misuse” of the Org’s appeals process.

Zydus Lifesciences lost its UDRP over the domain zydus.com earlier this year, with a finding of Reverse Domain Name Hijacking, then used the RfR process to try to get ICANN’s board of directors to overturn the WIPO decision.

The Board Accountability Mechanisms Committee dismissed the complaint because Reconsideration is designed for challenging ICANN’s actions and WIPO is not ICANN.

Zydus immediately filed a second RfR, calling WIPO “an extension of ICANN itself” and that BAMC’s inaction on the first RfR meant the case was now subject to the board’s jurisdiction.

In a rare intervention, Ombudsman Herb Waye poo-poos that notion, writing: “Decisions by the WIPO Panel in a domain name dispute are not sufficient basis for an RfR (hence the BAMC had no ‘jurisdiction’ other than the jurisdiction necessary to dismiss the Request).”

I feel that [the second RfR] has placed the BAMC in the awkward position of policing itself; hence perhaps, its hesitancy to summarily dismiss a Request concerning its own actions. A clear attempt by the requestor to appeal the decision in [the first RfR]. An unfortunate situation that, to me, amounts to misuse of this accountability mechanism.

He concluded that for the BAMC to consider the complaint would be a “waste of resources” and that it should be dismissed.

Zydus will still be able to appeal the UDRP in court, but that of course will be much more expensive.

Unstoppable Domains stops over 116,000 domains as alt-root TLD goes dark

Kevin Murphy, October 20, 2022, Domain Registries

Blockchain alt-root provider Unstoppable Domains has taken a huge credibility hit with its decision to essentially turn off one of its TLDs, rendering over 116,000 domains pretty much useless.

Unstoppable said Tuesday that it has stopped selling .coin domains and would immediately stop supporting their resolution. The names would no longer work with the over 500 cryptocurrency wallets, apps and services that integrate with Unstoppable, the company said.

“As of today, we’ve disabled .coin resolution in our libraries and services. Unstoppable domains are self-custodied NFTs, so you still own your .coin domain, but it won’t work with our resolution services or integrations,” Unstoppable said in a blog post.

According to AltRoots.com, there were almost 117,000 .coin domains at the time they were turned off.

That’s about the same size as Identity Digital’s .email gTLD, and the shutdown is the equivalent of ID telling its registrants that they can keep their domains, but it’s deleting the .email zone file.

The decision drew immediate critical reaction on social media, with many users pointing out that the Unstoppable system doesn’t sound particularly “decentralized” or censorship-resistant any more.

“Doesn’t sound too decentralized or empowering. Hopefully this will wake people up,” one Twitter user wrote.

“So many people literally just had to change their identity due to incompetency. Basically like visa saying you can keep the card but it wont work anywhere anymore,” wrote another.

Users also criticized the company’s decision to offer compensation in the form of store credit — three times what they paid for the domains they return — instead of a cash refund.

Unstoppable said the decision was made after it discovered another blockchain project, Emercoin, has been selling .coin domains since 2014, whereas its own .coin was launched in 2021.

“We’re committed to protecting our customers from the risk of functional collision,” Unstoppable said. “The Emercoin team are pioneers in our industry and we regret that we weren’t aware of this naming collision earlier.”

Name collisions are of course a big deal in the regular DNS, but cohesion around a single consensus root allows risk to be managed and mitigated, as we saw in ICANN’s 2012 new gTLD roll-out.

And in the ICANN system, a TLD would not simply be shut off overnight. Rather, it would transition to an emergency back-end operator for three years until it is either taken over by another permanent registry or wound down in an orderly fashion.

As Domain Name Wire notes, Unstoppable is currently trying to get the operator of a competing .wallet blockchain alt-root TLD shut down in court on the basis of the name collision, and it would have been hypocritical to continue offering its own colliding TLD.

[Guest Post] Hey ICANN: Reporters are not the enemy

Kevin Murphy, October 17, 2022, Uncategorized

This is a guest post by Emmy award-winning former reporter Brad White, who, from 2009 until 2021, was ICANN’s director of global media affairs and later director of communications for North America

It seems like ICANN utters the phrase “accountability and transparency” about every third sentence. And with good cause, since it is a vital foundation upon which the organization was built. But there are indications that foundation is severely cracked.

Unfortunately, ICANN’s leadership too often seems to adopt the position that its commitment to accountability and transparency only extends to its interaction with its community. The news media and by extension – the public – are generally not prioritized.

Journalists and bloggers (who also inform the public) who reach out to the org with questions or interview requests are too often viewed in hostile terms.

The default position of ICANN executives generally appears to be to not talk with journalists unless they must. My sense is that they should adopt the opposite attitude. Specifically, that ICANN leadership should almost always speak with journalists.

In my experience, at various points in the past, ICANN execs even forbade anyone on the communications team from talking to select journalists or bloggers. I was reminded of Richard Nixon’s famous “enemy’s list.”

The very first ICANN Board Chair, Esther Dyson had a good grasp on transparency with the news media when she said, “What I’m thinking about more and more these days is simply the importance of transparency, and Jefferson’s saying that he’d rather have a free press without a government than a government without a free press.”

I worked 12 years at ICANN, before leaving in January 2021 to work as an independent communications consultant. A large part of my job during my tenure was to interact with the news media. Having spent most of my career as a journalist, I enjoyed that aspect of my work, and felt it a vital component of the org’s oft-stated commitment to “accountability and transparency.” But over the years, I witnessed a shift in the way the organization wanted me to perform that function.

During my early days, when a news reporter would reach out with a question and/or seek an interview, I would research the issue the journalist was asking about and then after consulting the appropriate people, pass along the answers and perhaps set up an interview with the appropriate ICANN subject matter expert. And, that was the end of it.

By the time I left, with increasing frequency, when a reporter contacted ICANN, the request ended up going to at least two or three senior executives, the legal department and sometimes the CEO. Too often, the collective decision was to say nothing, if at all possible. When answers were afforded to the journalist, they were too often non-responsive or they merely “pointed” the reporter to a previously published blog or announcement. There were of course exceptions to this approach, but they were few.

What is perhaps most troubling, is that the organization doesn’t seem to feel an obligation to speak with journalists as part of its core value of transparency and accountability, instead the determining factor as to whether to grant an interview was too often — “are they going to screw us?” It was not “we have an obligation to be open to talk to all, including reporters and bloggers, because we believe in accountability and transparency.”

Some years ago, I was asked to conduct media training for ICANN’s top executives so they would better understand journalists and also learn how to better interact with them. But in the immediate years preceding my departure, the media training program appears to have been terminated. In fact, word often went out that “no one should talk to the media.”

Shortly before I left, I was asked to write a report on “ICANN’s Media Strategy.” After submitting an initial draft, it seemed to have gone into a black hole. I was never questioned about the report. I never received a red-lined draft, excluding or including elements, nor was I asked to write a subsequent draft.

Given the apparent efforts to curtail interactions with journalists and bloggers, it was difficult to not interpret the shelving of the media strategy paper because of one of its major points was — “Reporters are not the enemy.”

My sincere hope is that the new Board leadership and the community will re-commit the organization towards maximum accountability and transparency, and that includes talking to journalists, bloggers, and anyone else who can help in implementing the vital checks, balances and accountability that are the foundation of ICANN’s work. It is critical in helping the world understand ICANN and its mission.

Is ICANN toothless in the face of DNS abuse?

Kevin Murphy, October 12, 2022, Domain Policy

Concerns have been raised that ICANN may lack the tools to tackle DNS abuse using its contracts with registries and registrars.

The new report from the GNSO’s “small team” on abuse has highlighted two “gaps” in the current Compliance regime that may be allowing registrars to get away with turning a blind eye to abusive customers.

The current version of the standard Registrar Accreditation Agreement calls for registrars to maintain an abuse contact email and to “take reasonable and prompt steps to investigate and respond appropriately to any reports of abuse.”

The problem, the small team report finds, is that ICANN Compliance doesn’t seem to have a standard definition of “reasonable”, “prompt”, and “appropriately”. The contract doesn’t require any specific remediations from the registrar.

“Members of the small team are concerned that this interpretation may allow DNS abuse to remain unmitigated, depending upon the registrar’s specific domain name use and abuse policies,” the report states.

Judging by conversations at ICANN 75 last month, it’s apparently the first time Compliance has gone on the record about how it enforces this part of the contract.

It’s quite rare for ICANN to issue a public breach notice to a registrar over its failure to respond to abuse reports and when it does, it tends to relate to the registrar’s failure to keep records showing how it responded.

I can’t find any instances where Compliance has canned a registrar for allowing abusive domains — typically defined as those hosting malware, phishing, botnets, pharming and some spam — to remain active after an abuse report.

The small team’s report also thinks there’s a blind spot in ICANN’s standard Registry Agreement, which in turn requires registries to include, in their Registry-Registrar Agreements, provisions requiring anti-abuse terms in the registrars’ Registration Agreements.

This complex chain of contractual provisions doesn’t seem to be enforced, the small team notes, saying “further consideration may need to be given to what Registries are doing to ensure the text is indeed included in the Registration Agreement (ie Registries enforcing their own Registry-Registrar Agreements”.

The small team recommends that contracted parties talk further with ICANN about possible contract changes or best practices documents before going ahead with policy-making. The GNSO Council will address the recommendations later this month.

ICANN to mull bulk registration ban

Kevin Murphy, October 12, 2022, Domain Policy

ICANN policymakers are to take a look at banning bulk domain registrations in ongoing efforts to combat DNS abuse.

While in the very early stages of discussion, the GNSO Council is being urged to start gathering data “to further explore the role that bulk registrations play in DNS Abuse” and “to consider whether further action on bulk registrations is deemed necessary”

The recommendation is among several in a newly published report of a cross-constituency GNSO “small team”, which may lead to “tightly focused and scoped policy development”.

While acknowledging “there are also examples in which bulk registrations are used for legitimate purposes”, the report states:

The small team recommends that the GNSO Council requests the Registrar Stakeholder Group and others (for example, ICANN org, the RySG and the DNSAI) to further explore the role that bulk registrations play in DNS Abuse as well as measures that Registrars may have already put in place to address this vector. Based on the feedback received, the GNSO Council will consider whether further action on bulk registrations is deemed necessary.

The report is to be considered later this month at the GNSO Council’s monthly meeting. Any actual policy outcome, if any, will be years away.

ICANN dodges bullet as American elected to ITU top job

Kevin Murphy, October 3, 2022, Domain Policy

The International Telecommunications Union has elected Doreen Bogdan-Martin as Secretary-General, comfortably defeating a Russian candidate who could have caused serious problems for ICANN’s legitimacy.

She won 139 votes out of 172 cast at the agency’s plenipotentiary in Bucharest, the ITU said.​​ She only needed 83. Rashid Ismailov of the Russian Federation, the only other candidate, received 25 votes.

A couple of weeks ago, ICANN CEO Göran Marby took a rare political stance against the Russian’s platform, warning that it could lead to a fragmented internet and the death of ICANN.

Ismailov would have pushed for multilateral internet governance, with the ITU absorbing the functions of ICANN and other multistakeholder organizations.

Bogdan-Martin is American and much more amenable to the status quo.

Paraguay to chair the GAC

Kevin Murphy, October 3, 2022, Domain Policy

Paraguayan government official Nicolas Caballero has been elected as the next chair of ICANN’s Governmental Advisory Committee.

He ran unopposed, in an election that had to extend its nomination period because nobody put themselves forward in time for the original August deadline.

He will replace Egypt’s Manal Ismail, who will leave the chair following ICANN’s meeting in Cancun next March.

The role comes with a non-voting liaison position on ICANN’s board of directors.

Caballero, a technical advisor in Paraguay’s Office of the President, has been on the GAC for about 10 years.

He’s the first GAC chair from South America.

ICANN approves ccTLD-killer policy

Kevin Murphy, September 28, 2022, Domain Policy

ICANN has formally adopted a policy that would enable it to remove ccTLDs from the DNS root when their associated countries cease to exist, raising the possibility of the Soviet Union’s .su being deleted.

Last Thursday at ICANN 75 in Kuala Lumpur, the board of directors rubber-stamped the ccNSO Retirement of ccTLDs Policy, which sets out how ccTLDs can be deleted in an orderly fashion over the course of several years.

The policy calls for ICANN and the ccTLD registry to form a “Retirement Plan” when the ccTLD’s string is removed from the ISO 3166-1 Alpha-2 standard, which defines which two-letter strings are reserved for which countries.

Strings are typically removed from this list when a country changes its name (such as Timor-Leste) or breaks up into smaller countries (such as the Netherlands Antilles).

The Retirement Plan would see the ccTLD removed from the root five years after ISO made the change, though this could be extended if the registry asks and ICANN agrees.

In February, I set out the case for why the policy may allow ICANN to retire .su, the thriving ccTLD for the Soviet Union, three decades after that nation was dismantled.

ICANN returning to Puerto Rico

Kevin Murphy, September 28, 2022, Domain Policy

ICANN has put Puerto Rico back on its list of future meeting venues after cancelling this year’s trip to San Juan due to the pandemic.

The Org will summon the true believers to the Puerto Rico Convention Center from March 2 to March 7, 2024, for ICANN 79, it announced this week.

That’s two years after the cancelled meeting from this March, which ultimately went ahead online only.

It will be six years after ICANN last visited the island, in the wake of Hurricane Maria.

It will be ICANN’s third visit to the country, a US territory. It first held a meeting there in 2007.

ICANN was forced to cancel a Puerto Rico visit in 2016 due to an outbreak of the Zika virus (remember that?).

Of the in-person meetings canceled due to the Covid-19 pandemic, now all have been rescheduled or have already taken place.