Latest news of the domain name industry

Recent Posts

Kafka turns in grave as ICANN crowbars “useless” Greek TLD into the root

Kevin Murphy, September 9, 2019, Domain Policy

ICANN has finally approved a version of .eu in Greek script, but it’s already been criticized as “useless”.
Yesterday, ICANN’s board of directors rubber-stamped .ευ, the second internationalized domain name version of the European Union’s .eu, which will be represented in the DNS as .xn--qxa6a.
There’s a lot of history behind .ευ, much of it maddeningly illustrative of ICANN’s Kafkaesque obsession with procedure.
The first amusing thing to point out is that .ευ is technically being approved under ICANN’s IDN ccTLD Fast Track Process, a mere NINE YEARS after EURid first submitted its application.
The “Fast Track” has been used so far to approve 61 IDN ccTLDs. Often, the requested string is merely the name of the country in question, written in one of the local scripts, and the TLD is approved fairly quickly.
But in some cases, especially where the desired string is a two-character code, a string review will find the possibility of confusion with another TLD. This runs the risk of broadening the scope of domain homograph attacks sometimes used in phishing.
That’s what happened to .ευ, along with Bulgaria’s Cyrillic .бг and Greece’s own .ελ, which were rejected on string confusion grounds back in 2010 and 2011.
Under pressure from the Governmental Advisory Committee, ICANN then implemented an Extended Process Similarity Review Panel, essentially an appeals process designed to give unsuccessful Fast Track applicants a second bite at the apple.
That process led to Bulgaria being told that .бг was not too similar to Brazil’s .br, and Greece being told that .ελ did not look too much like .EA, a non-existent ccTLD that may or may not be delegated in future, after all.
But the EU’s .ευ failed at the same time, in 2014. The appeals review panel found that the string was confusable with upper-case .EY and .EV.
Again, these are not ccTLDs, just strings of two characters that have the potential to become ccTLDs in future should a new country or territory emerge and be assigned those codes by the International Standards Organization, a low-probability event.
I reported at the time that .ευ was probably as good as dead. It seemed pretty clear based on the rules at the time that if a string was confusable in uppercase OR lowercase, it would be rejected.
But I was quickly informed by ICANN that I was incorrect, and that ICANN top brass needed to discuss the results.
That seems to have led to ICANN tweaking the rules yet again in order to crowbar .ευ into the root.
In 2015, the board of directors reached out to the GAC, the ccNSO and the Security and Stability Advisory Committee for advice.
They dutifully returned two years later with proposed changes (pdf) that seemed tailor-made for the European Union’s predicament.
A requested IDN ccTLD that caused confusion with other strings in only uppercase, but not lowercase (just like .ευ!!!) could still get delegated, provided it had a comprehensive risk mitigation strategy in place, they recommended.
The recommendation was quickly approved by ICANN, which then sent its implementation guidelines (again, tailor-made for EURid (pdf)) back to the ccNSO/SSAC.
It was not until February this year that the ccNSO/SSAC group got back to ICANN (pdf) to approve of its implementation plan and to say that it has already tested it against EURid’s proposed risk-mitigation plan (pdf).
Basically, the process in 2009 didn’t produce the desired result, so ICANN changed the process. It didn’t produced the desired result again in 2014, so the process was changed again.
But at least Greek-speaking EU citizens are finally going to get a meaningful ccTLD that allows them to express their EUishness in their native script, right?
WRONG!
I recently read with interest and surprise a blog post by domainer-blogger Konstantinos Zournas, in which he referred to .ευ as the “worst domain extension ever”.
Zournas, who is Greek, opened my eyes to the fact that “.ευ” is meaningless in his native tongue. It’s just two Greek letters that visually resemble “EU” in Latin script. It’s confusing by design, but with .eu, a ccTLD that EURid already manages.
While not for a moment doubting Zournas’ familiarity with his own language, I had to confirm this on the EU’s Greek-language web site.
He’s right, the Greek for “European Union” is “Ευρωπαϊκής Ένωσης”, so the sensible two-letter IDN ccTLD would be .ΕΈ (those are Greek characters that look a bit like Latin E).
That would have almost certainly failed the ICANN string similarity process, however, as .ee/EE is the current, extant ccTLD for Estonia.
In short (too late), it seems to have taken ICANN the best part of a decade, and Jesus H Christ knows how many person-hours, to hack its own procedures multiple times in order to force through an application for a TLD that doesn’t mean anything, can’t be confused with anything that currently exists on the internet, and probably won’t be widely used anyway.
Gratz to all involved!

Who really uses IDNs? [Guest Post]

Stéphane Van Gelder, November 19, 2012, Domain Tech

Are Internationalised Domain Names really useful, or just a way for an ASCII-focused internet governance community to feel better about itself?
Beyond all the hoopla about ICANN’s 2009 program to enable countries to operate their own non-Latin script internet suffixes (aka the “IDN ccTLD Fast Track”), what should really matter is the Internet user.
Yes, those sitting in ICANN meeting rooms at the time, listening to the hyperbole about how the internet was now going truly global probably felt like they were feeding the hungry and bringing peace to the world. But do people actually use IDNs?
I will admit that at the time, I was dubious. Of course, saying so in ICANN circles would have been akin to wearing a “Camembert is bad” t-shirt in the streets of Paris: poor form! But still, I couldn’t help ask myself if having a single one-language system unite the world was actually such a bad thing?
“How would you like it if the Internet had been invented in China and you had to use their alphabet,” was the usual rebuke I got if I ever dared to doubt out loud. And there really is no arguing with that. If the internet was Chinese, I’d want the Mandarin version of ICANN to roll out IDNs pretty sharpish.
Nonetheless, can the usefulness of IDNs still be questioned?
Facebook in Latin
Talking to a local internet expert whilst attending last week’s excellent Domain Forum in Sofia, Bulgaria, the answer would seem to be a surprising yes.
“Why would kids in this country use IDNs,” I was told when I suggested that, surely, Bulgaria must be excited about the prospect of natural language web addresses. “What worries the authorities here is the fact that kids are using Latin scripts so much on social media sites that they don’t even know how to write in Cyrillic anymore! So even if they could use IDN web and email addresses, why would they? They want to communicate like everyone else does on Facebook.”
In truth, Bulgaria’s view may be skewed by the horrible experience it’s had with ICANN’s IDN Fast Track. The country was refused its own IDN country code due to a perceived similarity with another TLD that no-one in Bulgaria really feels is warranted. But not all potential IDN users feel they are useless. Neighbors in Russia tell of a different IDN experience.
The Russian registry saw stunning initial take-up when it opened the IDN .РФ (.RF for Russian Federation) to general consumption on November 11, 2010. Registration volumes were explosive, with almost 600,000 names registered in the first month. Strong growth continued for a year, hitting a peak of 937,913 registered names in December 2011.
No profit
But the following month, that number fell off a cliff. Total registrations dropped to 844,153 in January 2012. “Initial registrations were driven in part by speculators,” explains ccTLD .RU’s Leonid Todorov. “But when people saw they couldn’t make huge profits on the domains, they started letting them go.”
Even so, .РФ remains a real success. Although November 2012 figures show a year on year decline of 8.63%, the TLD still sports a whopping 845,037 names.
At 66%, .РФ has a slightly lower renewal rate than ASCII Russian equivalent .ru (73%), probably because of those day-one speculators, but it remains widely used. Current delegation figures (i.e. the number of domain names that are actually used for email or websites) stand at a commendable 70% and have not stopped rising since .РФ opened in 2010 with a 45% delegation rate.
The Cyrillic Russian domain sees a vast predominance of personal use, with 77% percent of domains being registered by individuals. “Russians care deeply about their national identity,” says my Bulgarian friend when I suggest that IDNs do seem to matter in some Cyrillic-using countries. “To them, Dot RF is a matter of national pride.”
National pride
So IDNs may not really be all that different from ASCII domain names, with take-up depending on perceived use or value. Europe’s IDN experience seems to confirm this, as European registry EURid’s Giovanni Seppia explained in Sofia.
He revealed that since EURid introduced IDNs on December 11, 2009, registrations reached a peak of around 70,000 (a mere fraction of the 3.7 million names currently registered in the .eu space) before dropping off quite sharply.
Why? Well .eu IDNs may not hold much potential for real use or investment value for Europeans. Although web use is possible with IDNs, software primarily designed for an ASCII-only world does not always make it easy.
Email capability would be a real boost, but so far only the Chinese seem to have enabled it for their local script domains. The Chinese registry recently announced this, without giving details on how the use of all-Chinese character email addresses has been implemented or which email clients support IDNs.
Whatever the technology, countries which combine national pride and a character set far removed from our own probably see more desire for IDNs. With two years of hindsight, Russia obviously loves its IDN. And as other countries like China bring more elaborate IDN capabilities online, demand should grow and force even this IDN skeptic to recognize the new character(s) of the internet.
This is a guest post written by Stéphane Van Gelder, strategy director for NetNames. He has served as chair of the GNSO Council and is currently a member of ICANN’s Nominating Committee.

GAC demands appeal of IDN ccTLD bans

Kevin Murphy, July 2, 2012, Domain Policy

The Governmental Advisory Committee has slammed ICANN’s decisions to reject at least three non-Latin ccTLDs because they might pose security risks.
Remarkably, the GAC has also asked ICANN to “urgently reconsider” the rulings, which were made to mitigate the risk of phishing attacks and other types of domain name abuse.
In its official post-Prague communique, published over the weekend, the GAC tells ICANN that the way it decides whether to approve IDN ccTLDs has been “too conservative”.
While the letter does not single out any specific ccTLDs, I understand that the advice was formulated primarily at the behest of the European Union and Greece, which have both had IDN ccTLD applications rejected on the grounds of confusing similarity.
The Prague communique (pdf) states:

The GAC is of the view that decisions may have erred on the too-conservative side, in effect applying a more stringent test of confusability between Latin and non-Latin scripts than when undertaking a side by side comparison of Latin strings.

It goes on to ask ICANN to publish its criteria for evaluating the similarity of IDN ccTLDs, to create an appeals process, to publish its rationales for rejecting bids, and to revisit old decisions.
The communique states, as formal GAC Advice:

Recently refused IDNs, particularly those nominated by public or national authorities should be urgently re-considered in light of the above considerations.

This request instantly loses the GAC credibility points, in my view, casting it as little more than another special interest group focused on the goals of its members first and internet security second.
To be clear, the GAC is appealing ICANN decisions that were designed to prevent phishing.
Greece’s application for .ελ,was rejected by ICANN last year due to its visual similarity with .EA, a non-existent – but potential future – ccTLD.
While there’s not much on the public record about the European case, I understand Eurid’s bid for a Greek version of .eu was blocked because it looks too much like Estonia’s EE.
Bulgarian IDN supporters have also been very vocal the last couple of years in opposition to ICANN’s decision to forbid .бг due to its alleged resemblance to Brazil’s .br.
While decent arguments can and have been made that some of these rulings were a little on the silly side, it’s hard to argue that they were made without the best of intentions.
The GAC has promised to write to ICANN with “further reflections on the methodology that should be followed when evaluating two character IDNs”.
The GAC as a technical regulator? That letter should make for some interesting reading.

Did Kazakhstan just screw up somebody’s new gTLD plans?

Kevin Murphy, February 10, 2012, Domain Registries

ICANN has approved a new country-code top-level domain for the nation of Kazakhstan.
The new .қаз, which is “kaz” is Cyrillic, will be delegated to the “Association of IT companies of Kazakhstan”, according to a resolution passed by ICANN’s board of directors this week.
But did this move just cause problems for a new gTLD applicant?
One cultural/geographic gTLD that was proposed back in 2009 is .kab, for the Kabylia region of Algeria and the Kabyle language and people.
It’s easy to see how kab/KAB and .қаз could be considered confusing during a string similarity review, though ICANN’s laughable Sword tool only gives them a visual similarity score of 49%.
The .kab application currently has a dead web site, so it’s quite possibly one of the many new gTLD projects that fizzled out during ICANN’s repeated delays launching the program.

Bulgaria told to forget about .бг

Kevin Murphy, December 1, 2011, Domain Policy

ICANN CEO Rod Beckstrom has advised Bulgarians to admit defeat in their ongoing campaign to have .бг approved as a local-script top-level domain to match .bg.
The country’s application for the Cyrillic label was rejected by ICANN’s IDN ccTLD Fast Track program last year because it was found to look too similar to Brazil’s .br.
Nevertheless, the local government and domain name groups have continued to press for the right of appeal, and have indicated they may apply again.
But in an interview with Novinite published today, Beckstrom says:

I would advise the Bulgarians to go for something else. The initial application for .бг was unsuccessful.
The job of ICANN, the organization, is to implement the policies that are developed by the global communities. Those communities did not allow the initial application to go through because of potential visual confusion. So I think the Bulgarians can go back and they can choose what they want to apply for.
The Bulgarians can apply for a three-character name, they can apply for .българия in Cyrillic, it’s really up to the local community.

He goes on to say that Bulgarians could wait for a change in policies then apply again, they could change their desired string, or they could abandon their plans altogether.
However, surveys have found little appetite among the Bulgarian public for alternative strings such as .бгр, .българия, .бя or .бъл.
It’s a tricky problem for ICANN, which is first and foremost tasked with ensuring DNS stability and security.
Confusingly similar TLDs lend themselves to security risks such as phishing, and my understanding is that if .бг were to be approved it would face opposition from interests in Brazil.
The Novinite interview also touches on the possibilities of .софия and .Пловдив, to represent the Bulgarian cities of Sofia and Plovdiv.
The .бг issue was the subject of some apparently heated discussion during the recent Domain Forum new gTLDs conference in Sofia, but I understand Beckstrom had left before that part of the agenda.
You can now watch the entire Domain Forum, including Beckstrom’s introductory keynote, for free on YouTube.

AusRegistry chalks up third Arabic domain win

AusRegistry International has announced it has been picked to provide the back-end registry for عمان., the Arabic-script internationalized domain name for Oman.
It’s the company’s third IDN ccTLD contract in the region, following on from Qatar’s forthcoming قطر. and the United Arab Emirates’ already-live امارات.
The company’s press release suggests to me that it’s a software/support deal, rather than a full-blown hosted back-end registry solution.
AusRegistry said it will “provide Domain Name Registry Software and supporting services for the establishment of a new Domain Name Registry System”.
It has previously announced back-end deals for ASCII ccTLDs including .qa and .ae, and manages Australia’s .au, which recently passed the two million domains milestone.
The deal with Oman, which AusRegistry said was competitively bid, also encompasses .om, the nation’s regular ccTLD.
While ICANN approved Oman’s chosen string under its IDN ccTLD Fast Track program back in October, it has not yet been delegated to the DNS root zone.
With the approval of Ukraine’s Cyrillic ccTLD last week, 25 territories have had their choice of local-script ccTLD given the nod under the program.

ICANN rejects Bulgarian IDN info request

Kevin Murphy, January 3, 2011, Domain Registries

A Bulgarian domain name association has had its request for information about ICANN’s rejection of the domain .бг itself rejected.
As I blogged last month, Uninet had filed a Documentary Information Disclosure Policy request with ICANN, asking it to publish its reasons for rejecting the Cyrillic ccTLD.
The organization wants to run .бг, which is broadly supported in Bulgaria, despite the fact that ICANN has found it would be confusingly similar to Brazil’s .br.
Uninet believes it needs more information about why the string was rejected, in advance of a planned appeal of its rejection under the IDN ccTLD Fast Track process.
But the group has now heard that its request “falls under multiple Defined Conditions of Nondisclosure set forth in the DIDP” because it covers internal communications and “trade secrets”, among other things.
ICANN’s response suggests instead that Uninet contact the Bulgarian government for the information.
I’m told that Uninet may now file a Reconsideration Request in order to get the data it needs, although I suspect that’s probably optimistic.
Ironically, neither Uninet’s request nor the ICANN response (pdf) have been published on its DIDP page.

Another top staffer quits ICANN

Kevin Murphy, January 2, 2011, Domain Policy

Tina Dam, senior director of internationalized domain names at ICANN, has quit.
The news appears to have been broken on Twitter by Adrian Kinderis, CEO of AusRegistry, which does quite a bit of work with IDNs in the middle-east.
It’s my understanding that Dam may have actually resigned almost a month ago, during ICANN’s meeting in Cartagena.
Her move comes at an awkward time for ICANN, which is in the middle of revamping its IDN ccTLD Fast Track program, which Dam headed.
Dam has been with ICANN for many years, and is widely well-regarded by the community.
Overseeing the IDN program is a highly specialized and, one imagines, quite stressful position. Finding a qualified replacement will not be trivial.
Her name is added to the list of senior ICANN staffers to either quit or get fired over the last year, which currently numbers at least half a dozen.

Bulgarians step up ICANN protest

Kevin Murphy, December 2, 2010, Domain Policy

A domain name registrar association from Bulgaria is laying the groundwork to appeal ICANN’s rejection of the country’s proposed Cyrillic top-level domain.
Uninet has filed a Documentary Information Disclosure Policy request, asking ICANN to publish its reasons for turning down the .бг (.bg) application and the criteria it used.
The domain, which had the backing of the Bulgarian government and people, was rejected in May on the grounds that it is “confusingly similar to an existing TLD”, believed to be Brazil’s .br.
In order to prepare for a future appeal, the Uninet organization wants ICANN to release:

1. The DNS Stability panel working criteria (or parts of it) that were applied to evaluate and subsequently reject the Bulgarian application.
2. The decision of the DNS Stability panel, used to reject the Bulgarian application.

While the ICANN panel’s decision isn’t exactly a state secret (even I have a copy), there seems to be a feeling in Bulgaria that ICANN may not have released all of its reasoning.
The document does not, for example, specify which TLD .бг is confusingly similar to.
It does, however, reveal just how strict ICANN is when it comes to evaluating IDN domains, including a default assumption that any two-letter string is confusing.

We note that two-character strings consisting of Unicode code points in the Latin, Greek, and Cyrillic script blocks are intrinsically confusable with currently defined or potential future country code TLD

We therefore apply a very conservative standard in our assessment of applied-for strings that consist of two Greek, Cyrillic, or Latin characters, including a default presumption of confusability to which exceptions may be made in specific cases.

Uninet said that the Bulgarian government plans to challenge the .бг decision if and when ICANN revises its existing IDN ccTLD Fast Track program to create an appeals process. It wrote:

Many people have criticized the lack of transparency and appeal options in this process, but after the ongoing public comment period we hope that it would be amended by the ICANN Board and the Bulgarian government (as a requester) will have the chance to apply for a re-evaluation of the proposed string.

In the meantime, the Bulgarian government’s IT ministry today started encouraging its citizens to write to ICANN to demand that its application is re-evaluated.
Several already have.