Recent Posts
- Americans and ICANNers avoid Kigali in droves
- RDRS stats improve a little in June
- Unstoppable Domains goes down after domain hijack
- Four more gTLDs in emergency measures
- New gTLDs and ccTLDs drive domain universe growth
- Eight interesting recent dot-brand registrations
- .me premium sales down
- Pride fails to reverse gay domains decline
- Unstoppable announces another new gTLD bid
- Blockchain naming firm gets ICANN accreditation
- ICANN takes over gTLD after Whois failures
- Verisign: would-be .com contract killers are “wrong”
- Five gTLDs at risk as registry goes AWOL
- Groups make flawed case that .com is a cartel
- RDRS usage hits all-time low
- A dot-brand so unloved they killed it twice
- PorkBun hits two million domain milestone
- Crawford returns to industry to head up Com Laude
- ICANN financial data dump a damp squib?
- Unstoppable plotting manga-themed gTLDs
- Governments call for new gTLD auctions ban
- ICANN names new CEO, and it isn’t Costerton
- ICANN: We will NOT police content
- More sticker shock as new gTLD fees could top $300,000
- ICANN slashes staff and domain prices could rise
- Secret new gTLD application revealed
- WhatsApp now linkifying new gTLDs, but…
- Outrage over ICANN’s new gTLD fees
- Barrett gets second term on ICANN board
- DotMusic delays gTLD launch again
- .tm prices to skyrocket next week
- Bitcoin gTLD gets launch dates
- First metaverse gTLD is announced
- Alibaba off the naughty step
- ICANN to kill auction fund bylaws change
- The people have spoken on RDRS and they said “Meh”
- ICANN restarts work on controversial Whois privacy rules
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
DotConnectAfrica files for ICANN independent review
Failed .africa gTLD applicant DotConnectAfrica has filed an Independent Review Process appeal against ICANN, it emerged today.
The nature of the complaint is not entirely clear, but in a press release DCA said it’s related to “ICANN Board decisions and actions taken with regard to DCA Trust’s application for the .africa new gTLD”.
It’s only the third time an IRP has been filed. The first two were related to .xxx; ICM Registry won its pioneering case in 2009 and Manwin Licensing settled its followup case last year.
DCA said that it’s an “amended” complaint. It turns out the first notice of IRP was sent October 23. ICANN published it December 12, but I missed it at the time.
I’d guess that the original needed to be amended due to a lack of detail. The “Nature of Dispute” section of the form, filed with the International Center for Dispute Resolution, is just a sentence long, whereas ICM and Manwin attached 30 to 60-page legal complaints to theirs.
The revised notice, which has not yet been published, was filed January 10, according to DCA.
DCA applied for .africa in the current new gTLD round, but lacked the government support required by the Applicant Guidebook for strings matching the names of important geographic regions.
Its rival applicant, South African ccTLD registry Uniforum, which does have government backing, looks set to wind up delegated, whereas ICANN has designated DCA’s bid as officially “Not Approved”.
DCA has been alleging a conspiracy — often involving DI — at almost every juncture of the process, even before it filed its application. Read more here, here and here.
To win an IRP, it’s going to have to show that it suffered “injury or harm that is directly and causally connected to the Board’s alleged violation of the Bylaws or the Articles of Incorporation”.
Bing: domains just not that relevant to SEO
Anyone who thinks that having a exact-match keyword domain automatically promotes their web site to the top of search results is in for a rude awakening, according to a top guy at Bing.
In a blog post, Bing senior product manager Duane Forrester tried to debunk the “myth… That merely having a popular keyword in the domain will help that site, regardless of content, rank on the high volume keyword”.
Forrester wrote:
Ranking today is a result of so many signals fed into the system the words used in a domain send less and less information into the stack as a percentage of overall decision making signals.
…
There are no shortcuts. Even the new generic top level domains (gTLDs) coming out near the end of February will be treated in this manner. Domain spamming isn’t new, so sites that provide value, are relevant and that people like will rank as usual. They won’t rank “just because” they have certain words in them, and thinking that keyword stuffing a domain (think: cars.cars) will give you an edge is dangerous.
Forrester’s post is not a condemnation of keyword domains, however. He does not deny that the domain is one factor Bing takes into account in rankings, albeit one of very many.
Rather, it seems he’s trying to point out that it’s possible to get decent search traffic even when your domain has nothing to do with your content (he gives satire site The Onion as an example).
His overall message is that creating good content is the way to get good SEO, something that will come as absolutely no surprise to anyone who’s been paying attention to the pronouncements of search engine companies for the last several years.
New gTLDs top 100 as first dot-brands hit the root
There are now 107 new gTLDs live on the internet, following the latest batch of delegations.
Sixteen strings were entered into the DNS root today, including the first two dot-brands, which are Monash University’s .monash and CITIC Group’s .中信 (“.citic” in Chinese).
.CLUB Domains, Luxury Partners and Plan Bee became freshly-minted registries with the delegations of .club, .luxury and .build while legacy gTLD registry Afiias added .red, .pink and .shiksha to its roster.
Uniregistry added five new gTLDs to the two it had delegated in an earlier batch: .gift, .guitars, .link, .photo and .pics.
The delegation of .photo means the root now has its first singular/plural clash; Donuts already owns .photos.
Finally, I-REGISTRY added .rich to its .onl and China’s CNNIC had .网络 (“.network”) and .公司 (“.company”) delegated.
UPDATE (Jan 22): This post originally overlooked the delegation of .公司. It has been updated accordingly.
Right Of The Dot partners with Heritage for hybrid auctions
Domain sales consultancy Right Of The Dot and collectibles auctioneer Heritage Auctions have made a deal to bring hybrid live/online auctions to the new gTLD space.
According to a ROTD press release, such services will be made available for new gTLD contention set resolution and premium second-level domain sales.
Heritage is pretty new to the domain name space, but its IP division is headed by Aron Meystedt, current owner of symbolics.com, the world’s oldest .com domain.
LogicBoxes customers get registry pre-pay “wallet”
LogicBoxes has launched a new “wallet” service for its registrar clients, designed to make it easier for them to manage payments to the rapidly growing number of TLD registries.
The new Registry Wallet product — bundled in at no extra charge for existing customers — is a way for registrars to consolidate the process of managing pre-paid registry accounts.
Instead of managing accounts with dozens of registries for potentially hundreds of new gTLDs, LogicBoxes customers will be able to use the Wallet as a buffer and single management interface.
Many existing registries require registrars to fund an account in advance that gradually gets chipped away as more domains are sold to registrants. During quiet periods, the money sits dormant.
While some new gTLD registries are planning to allow credit card or post-payment options, others are sticking to the old ways and the legacy TLDs show no sign of changing, according to LogicBoxes senior marketing associate Vivek Desai.
“This service also aims at simplifying the invoicing and reconciliation process,” he said. “Imagine registrars having to reconcile statements and invoices with 30 or 40 or even more providers. Having one place to manage everything, will make things simpler.”
The company said it uses “pattern recognition algorithms” to predict usage, with manual oversight. It also features “threshold reminders, emergency credits and deactivation protection”, LogicBoxes said.
Eight more new gTLDs delegated
Donuts and United TLD had a combined total of eight new gTLDs added to the DNS root zone today.
Donuts subsidiaries saw .zone, .agency, .cheap and .marketing go live, while United TLD (Demand Media/Rightside) got .dance, .democrat, .moda (Spanish for “fashion/style”) and .social.
The nic.[tld] domains all appear to be resolving, albeit to the registries’ web sites in other TLDs.
There are now 91 new gTLDs live in the root, more than five times the number of legacy gTLDs. It seems likely that we’re going to pass 100 this week.
TLDH opens up list of 70,000 premium names for all new gTLDs
Top Level Domain Holdings has ramped up its new gTLD pre-registration effort with a new database service that enables registries to automatically collate and price their premium names.
The new OpenDB.co service builds on the Online Priority Enhanced Names system we reported on during the ICANN meeting in Buenos Aires a couple months ago.
TLDH chairman Fred Krueger told DI today that new gTLD registry operators will be able to automatically generate a list of up to 70,000 premium names — with associated prices — for their TLD(s).
It works using a proprietary taxonomy of strings in 500 categories, put together by about 30 people working for TLDH, and baseline .com pricing estimates calculated by various online tools such as Estibot.
If you’re the registry for .web, for example, you might decide that all premium .web domains are worth 50% of the .com price, and you could create your premium names list accordingly with just a few clicks.
But if you’re the registry for a narrower, niche gTLD, you might want to assign values by category, subcategory or individual name.
If you’re .poker, you might decide that names in the OpenDB “gambling” category are worth 300% of .com, due to the affinity between the TLD and the second level, and that “sports” names are worth 50%, but everything else is worth just 1% of the corresponding .com name.
A possible drawback of the system might be that the algorithmic .com price estimates underlying it are just that — estimates, based on factors such as Google search volume and Adwords cost-per-click.
Online tools that do this kind of price estimation are quite often criticized or mocked for under- or over-pricing names in existing TLDs.
Another drawback might be that while 70,000 is certainly a lot of strings, it might not dive deeply enough into the potential premium pool for very niche gTLDs.
If the service catches on, I expect it will wind up competing with consultancies that offer expertise-based pricing, such as Right Of The Dot, and brokerage platforms such as Sedo.
So far only PeopleBrowsr (.ceo, .best) has openly committed to use the system.
TLDH says that it will start offering any names in OpenDB via its affiliated Minds + Machines registrar, with a 20% markup.
There’s also an OpenDB API that registrars can use to add these premium names to their own storefronts, Krueger said.
You snooze, you lose new gTLD sunrise coming soon
Trademark attorneys and brand management executives take note: January 21 will see the launch of the first first-come, first-served sunrise period we’ve seen in a new TLD in a long time.
FCFS means that domain names will be allocated to participants immediately, rather than at the end of the sunrise period.
For those responsible for acquiring domain names for mark owners — many of whom are accustomed to waiting to the last minute before submitting sunrise applications — this is a change of pace.
You snooze, you lose.
To date only Regiodot’s German geographic gTLD, .ruhr, has officially confirmed (pdf) that it intends to use a FCFS policy during its mandatory sunrise period.
That’s due to kick off on January 21.
The precise time that the sunrise will begin — important when you’re looking at a FCFS policy — does not appear to have been published yet.
UPDATE: the time has been published (see comments below this post) and it’s 1000 UTC.
Under ICANN rules, to use FCFS registries need a “Start Date” sunrise, which runs for 30 days but requires a 30-day notice period before it begins. Regiodot told ICANN about its sunrise dates December 18.
The alternative “End Date” sunrises run for 60 days, have no notice period, and domains are only allocated to mark owners — usually using auctions to settle contention — after the 60 days are over.
Other than .ruhr, only PeopleBrowsr’s .ceo has said it wants to run a Start Date sunrise. However, PeopleBrowsr will not run its sunrise on a FCFS basis, preferring the end-date allocation/auction method instead.
Controlled interruption as a means to prevent name collisions [Guest Post]
This is a guest post written by Jeff Schmidt, CEO of JAS Global Advisors LLC. JAS is currently authoring a “Name Collision Occurrence Management Framework” for the new gTLD program under contract with ICANN.
One of JAS’ commitments during this process was to “float” ideas and solicit feedback. This set of thoughts poses an alternative to the “trial delegation” proposals in SAC062. The idea springs from past DNS-related experiences and has an effect we have named “controlled interruption.”
Learning from the Expired Registration Recovery Policy
Many are familiar with the infamous Microsoft Hotmail domain expiration in 1999. In short, a Microsoft registration for passport.com (Microsoft’s then-unified identity service) expired Christmas Eve 1999, denying millions of users access to the Hotmail email service (and several other Microsoft services) for roughly 20 hours.
Fortunately, a well-intended technology consultant recognized the problem and renewed the registration on Microsoft’s behalf, yielding a nice “thank you” from Microsoft and Network Solutions. Had a bad actor realized the situation, the outcome could have been far different.
The Microsoft Hotmail case and others like it lead to the current Expired Registration Recovery Policy.
More recently, Regions Bank made news when its domains expired, and countless others go unreported. In the case of Regions Bank, the Expired Registration Recovery Policy seemed to work exactly as intended – the interruption inspired immediate action and the problem was solved, resulting in only a bit of embarrassment.
Importantly, there was no opportunity for malicious activity.
For the most part, the Expired Registration Recovery Policy is effective at preventing unintended expirations. Why? We call it the application of “controlled interruption.”
The Expired Registration Recovery Policy calls for extensive notification before the expiration, then a period when “the existing DNS resolution path specified by the Registrant at Expiration (“RAE”) must be interrupted” – as a last-ditch effort to inspire the registrant to take action.
Nothing inspires urgent action more effectively than service interruption.
But critically, in the case of the Expired Registration Recovery Policy, the interruption is immediately corrected if the registrant takes the required action — renewing the registration.
It’s nothing more than another notification attempt – just a more aggressive round after all of the passive notifications failed. In the case of a registration in active use, the interruption will be recognized immediately, inspiring urgent action. Problem solved.
What does this have to do with collisions?
A Trial Delegation Implementing Controlled Interruption
There has been a lot of talk about various “trial delegations” as a technical mechanism to gather additional data regarding collisions and/or attempt to notify offending parties and provide self-help information. SAC062 touched on the technical models for trial delegations and the related issues.
Ideally, the approach should achieve these objectives:
- Notifies systems administrators of possible improper use of the global DNS;
- Protects these systems from malicious actors during a “cure period”;
- Doesn’t direct potentially sensitive traffic to Registries, Registrars, or other third parties;
- Inspires urgent remediation action; and
- Is easy to implement and deterministic for all parties.
Like unintended expirations, collisions are largely a notification problem. The offending system administrator must be notified and take action to preserve the security and stability of their system.
One approach to consider as an alternative trial delegation concept would be an application of controlled interruption to help solve this notification problem. The approach draws on the effectiveness of the Expired Registration Recovery Policy with the implementation looking like a modified “Application and Service Testing and Notification (Type II)” trial delegation as proposed in SAC62.
But instead of responding with pointers to application layer listeners, the authoritative nameserver would respond with an address inside 127/8 — the range reserved for localhost. This approach could be applied to A queries directly and MX queries via an intermediary A record (the vast majority of collision behavior observed in DITL data stems from A and MX queries).
Responding with an address inside 127/8 will likely break any application depending on a NXDOMAIN or some other response, but importantly also prevents traffic from leaving the requestor’s network and blocks a malicious actor’s ability to intercede.
In the same way as the Expired Registration Recovery Policy calls for “the existing DNS resolution path specified by the RAE [to] be interrupted”, responding with localhost will hopefully inspire immediate action by the offending party while not exposing them to new malicious activity.
If legacy/unintended use of a DNS name is present, one could think of controlled interruption as a “buffer” prior to use by a legitimate new registrant. This is similar to the CA Revocation Period as proposed in the New gTLD Collision Occurrence Management Plan which “buffers” the legacy use of certificates in internal namespaces from new use in the global DNS. Like the CA Revocation Period approach, a set period of controlled interruption is deterministic for all parties.
Moreover, instead of using the typical 127.0.0.1 address for localhost, we could use a “flag” IP like 127.0.53.53.
Why? While troubleshooting the problem, the administrator will likely at some point notice the strange IP address and search the Internet for assistance. Making it known that new TLDs may behave in this fashion and publicizing the “flag” IP (along with self-help materials) may help administrators isolate the problem more quickly than just using the common 127.0.0.1.
We could also suggest that systems administrators proactively search their logs for this flag IP as a possible indicator of problems.
Why the repeated 53? Preserving the 127.0/16 seems prudent to make sure the IP is treated as localhost by a wide range of systems; the repeated 53 will hopefully draw attention to the IP and provide another hint that the issue is DNS related.
Two controlled interruption periods could even be used — one phase returning 127.0.53.53 for some period of time, and a second slightly more aggressive phase returning 127.0.0.1. Such an approach may cover more failure modes of a wide variety of requestors while still providing helpful hints for troubleshooting.
A period of controlled interruption could be implemented before individual registrations are activated, or for an entire TLD zone using a wildcard. In the case of the latter, this could occur simultaneously with the CA Revocation Period as described in the New gTLD Collision Occurrence Management Plan.
The ability to “schedule” the controlled interruption would further mitigate possible effects.
One concern in dealing with collisions is the reality that a potentially harmful collision may not be identified until months or years after a TLD goes live — when a particular second level string is registered.
A key advantage to applying controlled interruption to all second level strings in a given TLD in advance and at once via wildcard is that most failure modes will be identified during a scheduled time and before a registration takes place.
This has many positive features, including easier troubleshooting and the ability to execute a far less intrusive rollback if a problem does occur. From a practical perspective, avoiding a complex string-by-string approach is also valuable.
If there were to be a catastrophic impact, a rollback could be implemented relatively quickly, easily, and with low risk while the impacted parties worked on a long-term solution. A new registrant and associated new dependencies would likely not be adding complexity at this point.
Request for Feedback
As stated above, one of JAS’ commitments during this process was to “float” ideas and solicit feedback early in the process. Please consider these questions:
- What unintended consequences may surface if localhost IPs are served in this fashion?
- Will serving localhost IPs cause the kind of visibility required to inspire action?
- What are the pros and cons of a “TLD-at-once” wildcard approach running simultaneously with the CA Revocation Period?
- Is there a better IP (or set of IPs) to use?
- Should the controlled interruption plan described here be included as part of the mitigation plan? Why or why not?
- To what extent would this methodology effectively address the perceived problem?
- Other feedback?
We anxiously await your feedback — in comments to this blog, on the DNS-OARC Collisions list, or directly. Thank you and Happy New Year!
NamesCon will be biggest new gTLD show yet
The inaugural NamesCon new gTLDs conference, set to run for three days in Las Vegas next week, has attracted roughly 525 registrations, making it the largest such event to date.
Organizers are speculating that the final tally of attendees could pass 600, despite the fact that early bird pricing ended last night and tickets went up $200 to $599.
All of the previous new gTLD conferences I’m aware of — .nxt, gTLD World Congress, newdomains.org and a handful of smaller ones — have struggled to get half that number of delegates.
I suspect that the relatively low cost of tickets, hotel rooms and flights will have something to do with the relatively high participation for an as-yet unproven event.
According to organizers, there are about 100 speakers/panelists and 30 sessions over the two full days of the conference.
With just 45 minutes scheduled for most sessions, and five speakers on many of the panels, moderators will have their work cut out making sure discussions are balanced yet focused.
I will be on two panels, “Meet the industry Press” and “Important Tools of the Industry”, both of which are on Wednesday afternoon.
Recent Comments