Recent Posts
- Americans and ICANNers avoid Kigali in droves
- RDRS stats improve a little in June
- Unstoppable Domains goes down after domain hijack
- Four more gTLDs in emergency measures
- New gTLDs and ccTLDs drive domain universe growth
- Eight interesting recent dot-brand registrations
- .me premium sales down
- Pride fails to reverse gay domains decline
- Unstoppable announces another new gTLD bid
- Blockchain naming firm gets ICANN accreditation
- ICANN takes over gTLD after Whois failures
- Verisign: would-be .com contract killers are “wrong”
- Five gTLDs at risk as registry goes AWOL
- Groups make flawed case that .com is a cartel
- RDRS usage hits all-time low
- A dot-brand so unloved they killed it twice
- PorkBun hits two million domain milestone
- Crawford returns to industry to head up Com Laude
- ICANN financial data dump a damp squib?
- Unstoppable plotting manga-themed gTLDs
- Governments call for new gTLD auctions ban
- ICANN names new CEO, and it isn’t Costerton
- ICANN: We will NOT police content
- More sticker shock as new gTLD fees could top $300,000
- ICANN slashes staff and domain prices could rise
- Secret new gTLD application revealed
- WhatsApp now linkifying new gTLDs, but…
- Outrage over ICANN’s new gTLD fees
- Barrett gets second term on ICANN board
- DotMusic delays gTLD launch again
- .tm prices to skyrocket next week
- Bitcoin gTLD gets launch dates
- First metaverse gTLD is announced
- Alibaba off the naughty step
- ICANN to kill auction fund bylaws change
- The people have spoken on RDRS and they said “Meh”
- ICANN restarts work on controversial Whois privacy rules
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
.org sale officially dead
Public Interest Registry has formally announced that its proposed $1.13 billion acquisition by Ethos Capital is dead.
The company told ICANN yesterday that it is withdrawing its request for a change of control under its .org contract and that it “will not be pursuing an ICANN Request for Reconsideration or taking any other action to try to revive the Transaction”.
In a statement, CEO Jon Nevett said that PIR is no longer for sale to any other party. It will remain under the Internet Society’s control.
He also pointed out that it’s not within ICANN’s power to arbitrarily transfer .org to another registry, as some critics have called for.
“Such a transfer by ICANN is a contractual impossibility under our registry agreement,” he wrote.
ICANN rejected the change of control request after deciding it was not in the public interest for .org to pass into for-profit hands.
Following the decision, ISOC had indicated that PIR was no longer for sale.
ICANN whistleblower expects to be fired after alleging budget irregularities, bugged meetings
The chair of ICANN’s highly influential Nominating Committee expects to lose his seat after turning whistleblower to expose what he says are budgetary irregularities and process failures that could have altered the outcome of ICANN’s board-selection process.
In a remarkable March 25 letter, Jay Sudowski even accuses ICANN of secretly recording and transcribing NomCom’s confidential deliberations.
The NomCom is the secretive committee responsible for selecting people to fill major policy-making roles at ICANN, including eight members of its board of directors. It’s made up of people drawn from all areas of the community.
Because its role is essentially to conduct job interviews with board hopefuls, it’s one of the few areas of the ICANN community whose conversations are almost entirely held in private.
But Sudowski is attempting to shine a little light on what’s going on behind the scenes by filing a broad and deep request under the Documentary Information Disclosure Policy, which is ICANN’s equivalent of a freedom of information law.
In it, he accuses ICANN Org of some fairly serious stuff.
First, he claims ICANN is fudging its budget by over-reporting how many full-time equivalent (FTE) staff members are involved in NomCom work, and by denying requests for “trivial” reimbursements of as little as $47 even as NomCom cuts costs by moving to a remote-only working model.
ICANN grants NomCom a FY20 budget of $900,000, of which $600,000 is allocated to “personnel costs” related to three FTEs.
“Nowhere near 3 FTEs are allocated to NomCom. Where is this money going?” Sudowski asks, demanding under the DIDP to see records of how much ICANN actually spent supporting NomCom’s work over the last five years.
He also claims that the NomCom process may have been compromised by allowing non-voting members to participate in decision-making meetings during the 2017 cycle, writing:
ICANN Org potentially allowed the NomCom to violate ICANN Bylaws by allowing nonvoting members of the NomCom to participate in outcome determinate components of the assessment and selection process that may have fundamentally alerted [I believe this is a typo for “altered”] the outcome of the 2017 NomCom process.
The non-voting members of the NomCom are the board-appointed chair and chair-elect, as well as appointees from the Root Server System Advisory Committee, Security and Stability Advisory Committee and Governmental Advisory Committee.
The board members appointed by NomCom in 2017 were Avri Doria and Sarah Deutsch. NomCom also picked members of the GNSO Council, ccNSO Council and At-Large Advisory Committee.
Sudowski, whose day job is running a data center company in Colorado, further claims that the ICANN board has been instructed by the Org to refuse to communicate with NomCom members.
“In recent years, ICANN Org has secretly recorded and transcribed confidential deliberations of the NomCom,” he adds.
He wants evidence of all of this to be released under the DIDP, under a nine-point list of documentation requests.
It’s unfortunate that I am forced to make this request in such a public manner, but when there is controversy over a $47 expense to support a NomCom member, I can only come to the conclusion that ICANN Org is unable and unwilling to provide necessary “administrative and operational support” for the NomCom.
He also expects retribution:
I also expect that the Board, which has been instructed to not communicate with me, will remove me from my role as Chair of the NomCom, given the nature of the concerns noted in this letter. Frankly, if this comes to pass, my removal is a clear and direct attack on the autonomy and authority of the entire NomCom.
So far, his request has not been answered.
Under the DIDP, ICANN has a maximum of 30 days to reply to such requests. In reality, this has always been treated as a minimum, with both request and response typically published on the same day, exactly 30 days after the original filing.
Its responses are typically links to information already in the public record and a list of excuses why no more info will be released.
But so far, neither request nor response has been published in the usual place, 42 days after Sudowski sent his letter. ICANN has missed its deadline by almost two weeks.
The only reason the DIDP (pdf) is in the public domain at all is that Sudowski copied it to the mailing list of the Empowered Community, ICANN’s community-based oversight body. Thanks to George Kirikos for posting the link to Twitter last week.
It is a pretty extensive request for information, that presumably would take some time to collate, so I’d be hesitant to cry “cover-up” just yet.
But the fact that the request exists at all serves to highlight the shocking lack of trust between ICANN and one of its most powerful committees.
UPDATE: Sudowski has said that his request was withdrawn. There’s no particular reason it could not be refiled by somebody else, however, as DIDP is open to all.
I actually withdrew the request. Org and the Board have been very helpful and responsive in meeting the needs of the NomCom since the original request was submitted. It’s water under the bridge as far as I’m concerned.
— Jay Sudowski (@HNJaySuds) May 1, 2020
The .org deal may be dead and buried, but calls remain for PIR to lose its contract
The Internet Society has revealed that the .org registry operator PIR is no longer for sale.
The news came in a statement from ISOC chair Andrew Sullivan late Friday, less than 24 hours after ICANN withheld its consent for the proposed $1.13 billion acquisition by private equity firm Ethos Capital.
ICANN had held the door open for Ethos and ISOC to resubmit a change of control request, and Ethos had said Thursday that it was evaluating its options, but it appears the decision has been made to keep PIR under ISOC’s wing.
In his statement, Sullivan expressed his dismay that ICANN had acted as a “regulator” by evaluating the deal using a public interest test rather than simply rubber-stamping it as it has in all other cases of registry acquisitions. He wrote:
It should concern the Internet community that ICANN has shown itself to be much more susceptible to political pressure than its limited mandate would recommend.
…
Now that we know that ICANN believes its remit to be much larger than we believe it is, we can state this clearly: neither PIR nor any of its operations are for sale now, and the Internet Society will resist vigorously any suggestion that they ought to be.
But who would want to, or could afford to, buy it? While ICANN has made it clear that PE firms are welcome to acquire other TLDs, it wants .org to remain in non-profit hands.
During the last few months of controversy, one other embryonic effort to take over .org was announced, led by founding ICANN chair Esther Dyson.
Called the Cooperative Corporation of dot-org Registrants (CCOR), it had no intention of handing over a billion dollars for .org, it simply wanted ICANN to assign the contract to its control.
It still wants that, or something like that. In a statement Saturday, CCOR said it “calls upon ICANN to proceed with the established multi-stakeholder led open request for proposals for stewardship of the dot-org domain”.
Unless it can be shown that PIR has seriously broken the terms of its Registry Agreement, the chances of ICANN randomly opening up .org to tender is pretty much zero.
CCOR goes on to say that it is still worried about .org falling into private hands and that it will lobby for legally binding policies “including the preservation of privacy, diversity and human rights, and freedom from censorship”.
“Dangerous precedent” as ICANN rejects $1.13 billion .org buyout
In a decision that will shock many, ICANN won’t let Ethos Capital buy Public Interest Registry from the Internet Society.
Its board of directors yesterday voted to reject PIR’s request for a change of control of the .org contract, saying that “the public interest is better served in withholding consent”.
Ethos responded angrily almost immediately, saying the decision “sets a dangerous precedent with broad industry implications” and that it is “evaluating its options”.
The ICANN resolution, which was published overnight, is justified by setting out the case that .org is a unique case: a large legacy gTLD with a mandate to serve non-profit entities.
The Board was presented with a unique and complex situation – a request to approve a fundamental change of control over one of the longest-standing and largest registries, that also includes a change in corporate form from a viable not-for-profit entity to a for-profit entity with a US$360 million debt obligation, and with new and untested community engagement mechanisms relying largely upon ICANN contractual compliance enforcement to hold the new entity accountable to the .ORG community. ICANN is being asked to agree to contract with a wholly different form of entity; instead of contracting with the mission-based not-for-profit that has responsibly operated the .ORG registry for nearly 20 years, with the protections for its own community embedded in its mission and status as a not-for-profit entity. If ICANN were to consent, ICANN would have to trust that the new proposed for-profit entity that no longer has the embedded protections that come from not-for-profit status, which has fiduciary obligations to its new investors and is obligated to service and repay US$360 million in debt, would serve the same benefits to the .ORG community.
Essentially, ICANN is holding ISOC to the by-and-for non-profits commitment that it made when it inherited the registry from Verisign back in 2002. You may recall I went into some depth on the history of .org back in December.
While noting the broad criticism from various parties — which included domainers and non-profits — about the proposed acquisition, the resolution makes specific reference to the investigation by the office of the California attorney general, which had made vague threats of legal action against ICANN.
Some commentators, including Jonathan Zuck and Michele Neylon — are worried that the AG’s influence now means ICANN has a new boss, and that special interest groups in future need only lobby his office in order to override community-built consensus.
But ICANN did not single out one reason for its decision, saying withholding consent was “reasonable in light of the balancing of all of the circumstances”.
Ethos, while not calling out the AG directly, made the broader claim that ICANN has acted outside its mandate by succumbing to lobbying by outside parties.
Its statement, which I think contains hints at future legal action, reads in full:
Today’s decision by ICANN sets a dangerous precedent with broad industry implications. ICANN has overstepped its purview, which is limited to ensuring routine transfers of indirect control (such as the sale of PIR) do not impact the registry’s security, stability and reliability. Today’s action opens the door for ICANN to unilaterally reject future transfer requests based on agenda-driven pressure by outside parties. It allows ICANN to base its decisions on a subjective interpretation of what it deems to be relevant in these transactions, rather than following its own clear and specified legal directive.
This decision will suffocate innovation and deter future investment in the domain industry. ICANN has empowered itself to extend its authority into areas that fall well outside of its legal mandate in acting as a regulatory body. Today’s decision also creates an uncertain and unpredictable business environment, where the enforceability and value of the ICANN contract itself may be called into question now that the rules of transferring ownership are open to influence by outside interests. Ethos is evaluating its options at this time.
In the same statement, PIR called the decision “a failure to follow its bylaws, processes, and contracts” and ISOC said ICANN “has acted as a regulatory body it was never meant to be”.
While the decision could be chalked up as a win for domain investors and civil libertarians that had challenged the acquisition, it has implications that may not entirely please them.
Assuming the deal stays dead, PIR is no longer promising to only increase prices by 10% a year. It will be able to raise its registry fee arbitrarily, whenever it likes, subject to notice periods and the usual uniform pricing rules.
Domainers will have to hope there’s no sour grapes at ISOC, or they could be looking at big price hikes before long.
And for those interested in censorship, remember PIR is no longer committing to a Stewardship Council that would help protect free speech in .org domains.
The ICANN decision came in spite of a last-minute plea from former chair and ISOC co-founder Vint Cerf, who in a letter (pdf) described the deal as a “wedge issue” that could be leverage to force ICANN into an existential crisis, with outside interests such as the ITU pushing itself as a replacement.
ICANN also received eleventh-hour submissions from the German government (which was against the deal) and German trade group Eco (which was vague but appeared to be for the deal).
ICANN may scrap its $0.18 reg tax in coronavirus “solidarity”
ICANN is thinking about whether to temporarily waive the $0.18 it charges registrars (and therefore registrants) whenever a gTLD domain name is registered.
Execs said the idea was being considered during a conference call explaining ICANN’s new budget this afternoon.
The idea was floated by GoDaddy policy head James Bladel during the call, and supported by others, but it appears it had already also occurred to ICANN.
Bladel suggested that it might not make a big impact on registrants’ wallets, but that it would be a show of “solidarity” with registrars and registries that have waived domain recovery fees to help registrants that have been hit by coronavirus.
ICANN said it was looking at the idea but did not commit one way or the other.
Should such a waiver come into effect, it’s not clear whether it would be uniformly passed on to registrants.
Domain industry likely to suffer from coronavirus as ICANN slashes budget by 8%
ICANN is predicting a miserable time for the domain name industry due to the coronavirus pandemic, today announcing that it’s slashing its revenue outlook for the next year by 8%.
The organization expects to receive revenue of $129.3 million for the fiscal year beginning July 1. That’s $11.1 million lower than its previous estimate, which was made in December.
ICANN’s budget is based on projections based on previous industry performance and its accountants’ conversations with registries and registrars, so this is another way of saying that it expects the industry to suffer due to the pandemic.
ICANN said in its newly revised budget:
ICANN org funding may be impacted because the economic crisis stemming from the pandemic has the potential to impact the funding from domain name registrations and contracted parties through the end of FY20 and into the first months of FY21. ICANN org also anticipates there may be long-lasting effects of such impacts. At the time this document is published, the impact cannot yet be quantified.
The drill-down is not great, showing that ICANN expects registries and registrars in both legacy and new gTLDs to be hit.
New gTLDs are predicted to be hit hardest, with revenue from registry transaction fees dropping by a full 33% from its FY20 forecast. That’s a drop from $6.7 million to $4.5 million.
Extrapolating from its $0.25 registry fee, that means ICANN thinks there will be 8.8 million fewer billable transactions — registrations, renewals and transfers in new gTLDs with over 50,000 names — for the year ending June 30, 2021.
Expected revenue from registrars selling new gTLDs has also been slashed by a third, down from $5.3 million this year to $3.5 million next year.
Legacy gTLDs are expected to fare a little better.
ICANN predicts transaction revenue from legacy gTLDs to decrease over the period, down to $47.7 million in FY21 from $49 million in FY20. Registrars selling legacy gTLDs are expected to bring in revenue of $29.7 million, down from $33.3 million.
That also represents shrinkage measured in the millions of domains.
It gets worse. ICANN is also expecting the number of registries and registrars to decrease even faster over the course of the next year.
It thinks it will end June with 1,174 fee-paying registries, but for this to decrease by 62 in FY21. It decreased by 29 in FY20. Many of these will probably be unused dot-brands having their contracts cancelled.
On the registrar side, it expects to lose 380 accreditations in FY21, compared to a loss of 104 this fiscal year, to end FY21 with 1,977 registrars.
ICANN does not expect its voluntary contributions from ccTLDs and Regional Internet Registries to decrease, but it does expect to lose a few hundred thousand bucks from the absence of sponsorship of its in-person meetings.
This overall predicted decrease in funding has led to a matching decrease in planned expenditure, with ICANN saying it will operate with “increased prudence, frugality, and with heightened conditions of necessity”.
It’s going to save 20% less on travel — $12.4 million — due to coronavirus-related restrictions, but seems to still be planning to take the industry to Hamburg in October for ICANN 69 (even though Munich has cancelled Oktoberfest this year).
ICANN also plans to delay some projects and to reduce its average headcount by 15 to 395.
The lower budget projections come even as some registries —including CentralNic, which looks after some very large new gTLDs — have said they expect the financial impact of coronavirus to be minimal.
The revised budget is published here and ICANN’s board may approve it as early as next week.
Decision on .org deal may come sooner than you think
If you’re against the acquisition of .org and are thinking about an objection or spot of lobbying at the eleventh hour, be aware: this is the eleventh hour.
The deal, which would see Ethos Capital buy Public Interest Registry from the Internet Society for over a billion dollars, is on the agenda for a meeting of the ICANN board of directors this Thursday.
ICANN and Ethos have agreed to a May 4 deadline for a decision, but is whispered that the board plans to give the deal the nod, or not, at the Thursday meeting.
Given how long it usually takes for ICANN to post the results of its board meetings, typically a few days, there’s a decent chance that PIR, Ethos and ISOC could be given formal approval before any opponents have time to react to the resolution.
I think it could go either way.
The one thing I have a fairly high degree of confidence in is that I do not expect a unanimous vote.
While I think ICANN’s institutional instincts are to approve, the breadth and depth of the outrage over the deal may be difficult for some directors to ignore.
If it were only domain investors objecting, approval would be a slam dunk. But here we also have non-profits, civil liberties groups and governments crying foul.
Perhaps most importantly, there’s the objection of the California attorney generalobjection of the California attorney general to consider.
He has power over ICANN because it’s a non-profit registered in his state, and he’s said “will take whatever action necessary to protect Californians and the nonprofit community”.
His last letter to ICANN is believed to have caused the board to remove the .org deal from the agenda at its last meeting and seek a deadline extension from PIR.
One plausible interpretation of that chain of events is that the board was ready to give Ethos the nod, but the AG’s letter gave it pause.
ICANN meeting got “Zoombombed” with offensive material
An ICANN meeting held over the Zoom conferencing service got “Zoombombed” by trolls last month.
According to the organization, two trolls entered an ICANN 67 roundup session for Spanish and Portuguese speakers on March 27 and “shared inappropriate and offensive audio and one still image” with the legitimate participants.
The session was not password protected (rightly) but the room had (wrongly) not been configured to mute participants or disable screen-sharing, which enabled the offensive material to be shared.
The trolls were quickly kicked and the loopholes closed, ICANN said in its incident report.
ICANN appears to have purged the meeting entirely from its calendar and there does not appear to be an archive or recording, so I sadly can’t share with you the gist of the shared content.
Zoombombing has become an increasingly common prank recently, as the platform sees many more users due to the coronavirus-related lockdowns worldwide.
Coronavirus could cause “high risk of widespread outages”, ICANN says
There’s a “high risk of widespread outages” in the DNS if ICANN can’t get enough people in the same room for its next root DNSSEC ceremony because of the coronavirus pandemic.
That’s according to ICANN’s own board of directors, which yesterday published a contingency plan that — in the worst case scenario — could see parts of the internet come to a screeching halt in July.
The problem is with the elaborate “ceremonies” that ICANN and its IANA/PTI unit uses to make sure the internet can support DNSSEC — the secure version of the DNS protocol — all the way from the root servers down.
Every quarter, ICANN, Verisign and a select few “Trusted Community Representatives” from all over the world meet in person at one of two secure US-based facilities to generate the public Zone Signing Keys for the root.
In addition to the complex cryptographic stuff happening in the computers, there’s a shedload of physical security, such as retinal scans, PIN-based locks, and reinforced walls.
And the “secret key-holders”, memorably fictionalized in a US spy drama a few years ago, actually have physical keys that they must bring to these ceremonies.
The events are broadcast live and archived on YouTube, where they typically get anything from a few hundred to a few thousand views.
Obviously, with the key-holders dotted all over the globe and most under some form of coronavirus-related lockdown, getting a quorum into the same facility at the same time — originally, Culpeper, Virginia on April 23 — isn’t going to be possible.
So IANA has made the decision to instead move the ceremony to the facility in El Segundo, California, within easy driving distance of ICANN’s headquarters, and have it carried out almost entirely by ICANN staff, wrapped in personal protective equipment and keeping their distance from each other.
The TCRs for El Segundo live in Mauritius, Spain, Russia, Tanzania, Uruguay and on the east-coast of the US, according to ICANN.
Four of these key-holders have mailed their keys to different IANA staff “wrapped in opaque material” and sealed in “tamper-evident bags”. These IANA employees will stand in for the TCRs, who will be watching remotely to verify that nothing fishy is going on.
Verisign and the independent auditors will also be watching remotely.
That’s the current plan, anyway, and I’ve no reason to believe it won’t go ahead, but ICANN’s new contingency plans do provide four alternatives.
It’s already discarded the first two options, so if the current, third, plan for the ceremony can’t go ahead before June 19 for some reason, all that would be left is the nuclear option.
Option D: Suspend signing of the DNS root zone
This is the final option if there is no conceivable way to activate the KSK and perform signing operations. There would need to be a massive education campaign at short notice to have resolver operators disable DNSSEC validation. There is a high risk of widespread outages as it is not possible to ensure global implementation, and high risk this will fatally compromise trust in DNSSEC in general as a technology.
This is considered highly unlikely, but nonetheless the final option. Without exercising the option, in the absence of a successful key signing ceremony, DNSSEC validation would be unsuccessful starting in July 2020.
The reason for this scenario is that DNSSEC keys have a finite time-to-live and after that period expires they stop functioning, which means anyone validating DNSSEC on their network may well stop resolving the signed zones.
ICANN typically generates the keys one quarter in advance, so the current key expires at the start of July.
However, the planned April 23 ceremony will generate three quarters worth of keys in advance, so the root should be good until the end of March 2021, assuming everything goes according to plan.
Clearly, the idea that half the planet might be on the verge of lockdown wasn’t taken into consideration on February 12, the last ceremony, when ICANN’s biggest problem was that it couldn’t get into one of its safes.
If you’re interested in more about the ceremony and the coronavirus-related changes, info can be found here.
Free domains registrar gets FOURTH breach notice
OpenTLD, the company that offers free and at-cost domain names under the Freenom brand, has received its fourth public breach of contract notice from ICANN.
The alleged violation concerns a specific expired domain — tensportslive.net — which was until its expiration last November hosting a Pakistani cricket blog.
ICANN claims OpenTLD failed to hand over copies of expiration notices it sent to the former registrant of the name, which expired November 12, despite repeated requests.
The blogger seems to have been royally screwed over by this situation.
ICANN first started badgering OpenTLD for its records on December 23, presumably alerting the company to the fact that its customer had a problem, when the domain had expired but was still recoverable.
ICANN contacted the registrar four more times about the domain before February 1, when it dropped and was promptly snapped up by DropCatch.com.
The public breach notice (pdf) was published February 27. OpenTLD has apparently since provided ICANN with data, which is being reviewed.
But it’s the fourth time the registrar has found itself in serious trouble with ICANN.
It got a breach notice in March 2015 after failing to file compliance paperwork.
Later that year, ICANN summarily suspended its accreditation — freezing its ability to sell domains — after the Dutch company was found to have been cybersquatting rival registrars including Key-Systems and NetEarth in order to poach business away from them.
That suspension was fought in an unprecedented arbitration case, but ICANN won and suspended the accreditation again that August.
It got another breach notice in 2017 for failing to investigate Whois accuracy complaints, which ICANN refers to in its current complaint.
OpenTLD/Freenom is perhaps best known as the registry for a handful of African ccTLD and Tokelau’s .tk, which is the second-largest TLD after .com by volume of registered domains.
Its business model is to give the names away for free and then monetize them after they expire or are deleted for abuse. In the gTLD space, it says it offers domains at the wholesale cost.
According to SpamHaus, over a third of .tk domains it sees are abusive.
Recent Comments