Recent Posts
- Salesforce to apply for a dot-brand
- Team Internet looking to break up
- Noss to leave Tucows corner office
- Rubens Kühl has died
- Sinha angry with Chapman’s firing as ICANN vice chair
- Glitch redux: ICANN screws up new gTLD security again
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
Verisign targets bank claims in name collisions fight
Verisign has rubbished the Commonwealth Bank of Australia’s claim that its dot-brand gTLD, .cba, is safe.
In a lengthy letter to ICANN today, Verisign senior vice president Pat Kane said that, contrary to CBA’s claims, the bank is only responsible for about 6% of the traffic .cba sees at the root.
It’s the latest volley in the ongoing fight about the security risks of name collisions — the scenario where an applied-for gTLD string is already in broad use on internal networks.
CBA’s application for .cba has been categorized as “uncalculated risk” by ICANN, meaning it faces more reviews and three to six months of delay while its risk profile is assessed.
But in a letter to ICANN last month, CBA said “the cause of the name collision is primarily from CBA internal systems” and “it is within the CBA realm of control to detect and remediate said systems”.
The bank was basically claiming that its own computers use DNS requests for .cba already, and that leakage of those requests onto the internet was responsible for its relatively high risk profile.
At the time we doubted that CBA had access to the data needed to draw this conclusion and Verisign said today that a new study of its own “shows without a doubt that CBA’s initial conclusions are incorrect”.
Since the publication of Interisle Consulting’s independent review into root server error traffic — which led to all applied-for strings being split into risk categories — Verisign has evidently been carrying out its own study.
While Interisle used data collected from almost all of the DNS root servers, Verisign’s seven-week study only looked at data gathered from the A-root and J-root, which it manages.
According to Verisign, .cba gets roughly 10,000 root server queries per day — 504,000 in total over the study window — and hardly any of them come from the bank itself.
Most appear to be from residential apartment complexes in Chiba, Japan, where network admins seem to have borrowed the local airport code — also CBA — to address local devices.
About 80% of the requests seen come from devices using DNS Service Discovery services such as Bonjour, Verisign said.
Bonjour is an Apple-created technology that allows computers to use DNS to automatically discover other LAN-connected devices such as printers and cameras, making home networking a bit simpler.
Another source of the .cba traffic is McAfee’s antivirus software, made by Intel, which Verisign said uses DNS to check whether code is virus-free before executing it.
While error traffic for .cba was seen from 170 countries, Verisign said that Japan — notable for not being Australia — was the biggest source, with almost 400,000 queries (79% of the total). It said:
Our measurement study reveals evidence of a substantial Internet-connected infrastructure in Japan that lies beneath the surface of the public-facing internet, which appears to rely on the non-resolution of the string .CBA.
This infrastructure appear hierarchical and seems to include municipal and private administrative and service networks associated with electronic resource management for office and residential building facilities, as well as consumer devices.
One apartment block in Chiba is is responsible for almost 5% of the daily .cba queries — about 500 per day on average — according to Verisign’s letter, though there were 63 notable sources in total.
ICANN’s proposal for reducing the risk of these name collisions causing problems would require CBA, as the registry, to hunt down and warn organizations of .cba’s impending delegation.
Verisign reiterates the point made by RIPE NCC last month: this would be quite difficult to carry out.
But it does seem that Verisign has done a pretty good job tracking down the organizations that would be affected by .cba being delegated.
The question that Verisign’s letter and presentation does not address is: what would happen to these networks if .cba was delegated?
If .cba is delegated, what will McAfee’s antivirus software do? Will it crash the user’s computer? Will it allow unsafe code to run? Will it cause false positives, blocking users from legitimate content?
Or will it simply fail gracefully, causing no security problems whatsoever?
Likewise, what happens when Bonjour expects .cba to not exist and it suddenly does? Do Apple computers start leaking data about the devices on their local network to unintended third parties?
Or does it, again, cause no security problems whatsoever?
Without satisfactory answers to those questions, maybe name collisions could be introduced by ICANN with little to no effect, meaning the “risk” isn’t really a risk at all.
Answering those questions will of course take time, which means delay, which is not something most applicants want to hear right now.
Verisign’s study targeted CBA because CBA singled itself out by claiming to be responsible for the .cba error traffic, not because CBA is a client of rival registry Afilias.
The bank can probably thank Verisign for its study, which may turn out to be quite handy.
Still, it would be interesting to see Verisign conduct a similar study on, say, .windows (Microsoft), .cloud (Symantec) or .bank (Financial Services Roundtable), which are among the 35 gTLDs with “uncalculated” risk profiles that Verisign promised to provide back-end registry services for before it decided that new gTLDs were dangerous.
You can read Verisign’s letter and presentation here. I’ve rotated the PDF to make the presentation more readable here.
.sex and two other gTLD pass evaluation
Three new gTLD applications passed Initial Evaluation this week, including one of the two applications for .sex.
The approved .sex bid belongs to Internet Marketing Solutions, which is competing with .xxx operator ICM Registry.
The other applications passing IE this week are .leclerc, a French dot-brand, and .aquitaine, a French geographic region.
There are only 20 applications left without results, almost all of which — apart from a generic bid for .bar and Google’s controversial “dotless” .search — appear to be dot-brands.
Eight more new gTLD contracts signed, six by Donuts
ICANN has brought up its number of contracted new gTLDs to 32 with the signing of eight new Registry Agreements yesterday.
Six belong to Donuts:: .graphics, .technology, .reviews, .gallery, .guide and .construction.
Two IDN registries have also signed contracts: .我爱你 (Tycoon Treasure), which means “I love you” in Chinese, and .集团 (Eagle Horizon), which means “group” or “conglomerate” in Chinese.
The prioritization numbers for the 32 newly contracted application ranges from eight to 496. Almost all of the non-ASCII strings with contracts to date belong to Donuts.
Four more new gTLDs, including .sexy, get contracts
ICANN signed four more new gTLD contracts with four different registries yesterday.
The lucky recipients of Registry Agreements are:
- .uno (Dot Latin LLC) — a general-purpose, open gTLD aimed primarily at Spanish and Italian speakers.
- .menu (Wedding TLD2, LLC) — also open, though the registry plans to run second-level portals corresponding to types of food (italian.menu, etc).
- .sexy (Uniregistry Corp) — signing a Registry Agreement with boring old ICANN doesn’t strike me as particularly sexy, but Uniregistry went ahead and did it anyway.
- .世界 (Stable Tone Ltd) — this Chinese string means “.world”. It will also be open and obviously targeted primarily at Chinese-speaking registrants.
The deals mean ICANN has now signed contracts covering 26 new gTLD applications. It’s slow going so far, but the pace is definitely picking up.
As of last week, DI PRO Application Tracker allows you to search for only gTLDs that have signed contracts, along with 23 other search criteria.
Wine gTLDs get a pass as GAC fails to agree
Applicants for wine-related gTLDs will no longer be opposed by the Governmental Advisory Committee, it has emerged.
Writing to ICANN chair Steve Crocker this week, GAC chair Heather Dryden said that the GAC had failed to reach an agreement on whether to issue formal Advice against the applications.
Three .wine applicants and one .vin applicant are affected.
Some governments are concerned about strings at the second level because quite often a word many people associate primarily with a type of wine is also the protected name of the wine-producing region.
Champagne is probably the best-known example of this.
Nevertheless, the GAC couldn’t reach agreement on whether to provide formal advice to ICANN on this topic, so the applications will be free to proceed along the new gTLD program’s track.
Donuts signs three more new gTLD contracts
Donuts today signed Registry Agreements covering the new gTLDs .land, .plumbing and .contractors, according to ICANN.
The deals mean ICANN now has contracts covering 40 gTLDs, 22 of them as a result of the new gTLD program and 16 of which are to be managed by Donuts.
Like all the gTLDs Donuts applied for, they’re to be operated with an “open” registration policy.
It’s therefore ironic that the company should become the contracted registry for .plumbing and .contractors — both regulated industries where I come from — on the same day we find out that it can’t have .architect because architecture is a licensed profession.
Domain.com owner files for $400m IPO, to spend $110m buying Directi
Endurance International, owner of Domain.com and HostGator, plans to raise up to $400 million in a Nasdaq IPO, and said it will spend up to $110 million of that buying Directi, India’s largest domain registrar.
As part of the proposed acquisition, Endurance has also agreed to bankroll Directi’s new gTLD auctions to the tune of $62 million.
The acquisition is not final, and appears to depend on a number of targets related to the IPO and Directi’s revenue performance. Endurance’s S-1 filing with the US Securities and Exchange Commission reads:
In August 2013, we entered into a master share purchase agreement to acquire all of the outstanding capital stock of Directi from Directi Holdings, the seller, for an amount we estimate will be between $100 million and $110 million in cash or, at the election of the seller, a combination of cash and shares of our common stock, subject to the satisfaction or waiver of specified customary closing conditions and the achievement of specified financial targets.
The acquisition would close in the fourth quarter this year.
As well as running a top-ten registrar (and a few dozen others), Directi subsdiary Radix Registry has 29 active new gTLD applications, 26 of which are contested.
Endurance proposes to help Radix win these contention sets. On new gTLD auctions, the S-1 says:
in connection with our proposed acquisition of Directi, we entered into agreements with entities affiliated with Directi Holdings related to participation in the auction of new top level domain extensions and domain monetization activities, pursuant to which, among other things, we may be obligated to make aggregate cash payments of up to a maximum of approximately $62 million, subject to specified terms, conditions and operational contingencies.
Endurance is a complicated company. Its most familiar brands include Domain.com, iPage, FatCow, Homestead, Bluehost, HostGator, A Small Orange, iPower and Dotster.
But since December 2011 it has been controlled and majority owned by Warburg Pincus and Goldman Sachs, which paid a reported $975 million.
Its annual revenue for the last three calendar years has been $87.8 million, $190.3 million and $292.2 million. It’s currently not profitable, recording a net loss of $139.2 million in 2012.
It has seven million domains under management and had 3.4 million customers at the end of June 2013.
Judging by the S-1, the company has over a billion dollars of debt. Directi acquisition excluded, most of its IPO proceeds would go towards paying off some of that debt.
Trademark+50 coming in October
The controversial “Trademark+50” anti-cybersquatting service for new gTLDs is set to go live October 11 or thereabouts, ICANN announced last night.
Trademark+50 is the name given to a function of the Trademark Clearinghouse that enables trademark owners to obtain protection for strings that they’ve previously won at UDRP proceedings.
The service will be limited to 50 strings per trademark, with the total number of strings only limited by the total number of trademarks submitted.
ICANN said:
Rights holders may submit these domain name labels for association with existing Clearinghouse records as early as 11 October 2013. Once previously-abused labels have been verified, they will be integrated into the Trademark Claims service. ICANN expects this to occur by 18 October 2013, ahead of the earliest anticipated new gTLD Claims period.
In July at ICANN’s meeting in Durban, an IBM rep said that a Trademark+50 launch would be “difficult to reach before the middle of September”, which seems to have proven correct.
Pricing for Trademark+50, which we assume will entail a great degree of manual validation, does not appear to have been published yet.
Strings added to the IBM-run TMCH database under Trademark+50 will be eligible for Trademark Claims notifications, but not Sunrise periods, when new gTLDs launch.
Critics have repeatedly raised Trademark+50 as an example of ICANN going outside of its usual community-based policy-development processes in order to push through an unpopular mechanism.
Non-commercial users have criticized the system because it assumes that all strings won at UDRP are inherently cybersquatty, whereas the UDRP itself also requires the domain to have been used in bad faith.
Trademark owners have been able to submit their marks to the TMCH for several months, but Trademark+50 was a later addition to the new gTLD program’s rights protection mechanisms.
Angry Birds backing two Chinese-language gTLDs
The Finnish/Irish new gTLD applicant TLD Registry Ltd has signed two ICANN Registry Agreements, covering the Chinese strings .在线 (.online) and .中文网 (a phrase meaning “Chinese language website”).
The deals were signed yesterday, but the news is set to be formally announced in Beijing on Tuesday by the Finnish prime minister, Jyrki Katainen, who’s on a state visit to the country.
He’ll be joined by Peter Vesterbacka, chief marketing officer of Angry Birds maker Rovio Entertainment, which is supporting TLD Registry as the first announced member of its “founders program”.
The two new agreements mean ICANN has now contractual powers over more new gTLDs (19) than legacy ones (18).
TLD Registry CEO Arto Isokoski told DI this morning that 在线 and 中文网 are already extremely well-known and widely-used phrases on the Chinese internet.
“在线” is the direct translation of “online” and “中文网” is what Chinese web users instinctively type when they’re searching for the Chinese-language version of a foreign brand’s web site, he said.
“It surprises me as well that these were not contested,” Isokoski said. “These are the strings that Chinese users type in when they’re looking for web sites online.”
Both TLDs will be open to registrants anywhere in the world, though .中文网 seems to be particularly suited for brands from the ASCII parts of the world, looking to improve SEO in the country.
Isokoski said that the company hopes to take .在线 and .中文网 to market early next year. If the strings are delegated in early November, then general availability could start in mid-January, he said.
Depending on ICANN delays, the launch schedule may have to be moved back to February or March in order to avoid the “dead period” around Chinese New Year, which starts in late January, he said.
The most directly competitive gTLD would be .网址, an arguably superior string meaning roughly “website”, which is now out of contention and likely to sign its own contract soon.
Two other Chinese gTLDs, both owned by Donuts, have ICANN contracts already — .游戏 (games) and .企业 (business).
Isokoski said that TLD Registry hopes to have about 20 members of its founders program (included Rovio, which is Finnish but makes games wildly popular in China) and about 20 launch registrars.
Like other IDN gTLD registries, the company is hoping that its first-to-market advantage will give its marketing a lift due to the extra media interest.
TLD Registry is based in Ireland, near its back-end provider Afilias, but was founded by Finns. Afilias alum Pinky Brand is managing registrar relationships for the company.
Famous Four says that Demand Media’s .cam should be rejected
Demand Media’s application for .cam should be rejected because it lost a String Confusion Objection filed by .com registry Verisign, according to rival applicant Famous Four Media.
“The process in the applicant guidebook is now clear: AC Webconnecting and dot Agency Limited proceed to resolve the contention set, and United TLD’s application cannot proceed,” chief legal officer Peter Young told DI.
dot Agency is Famous Four’s applicant for .cam, which along with AC Webconnecting survived identical challenges filed by Verisign. United TLD is the applicant subsidiary of Demand Media.
Serious questions were raised about the SCO process after two International Centre for Dispute Resolution panelists reached opposition conclusions in the three .cam/.com cases last month.
Demand Media subsequently called for an ICANN investigation into the process, with vice president Statton Hammock writing:
String confusion objections are meant to be applicant agnostic and have nothing to do with the registration or use of the new gTLD.
However, Famous Four thinks it has found a gotcha in a letter (pdf) written by a lawyer representing Demand which opposed consolidation of the three .cam cases, which stated:
Consolidation has the potential to prejudice the Applicants if all Applicants’ arguments are evaluated collectively, without regard to each Applicant’s unique plan for the .cam gTLD and their arguments articulating why such plans would not cause confusion.
In other words, Demand argued that the proposed usage of the TLD should be taken into account before the ICDR panel ruled against it, and now it saying usage should not have been taken into account.
Famous Four’s Young said:
Whether or not one ascribes to the view that usage should not be taken into account, and we believe that it should (otherwise we would not have argued it), the fact is that United TLD were very explicit prior to the publication that usage should indeed be taken into account.
The SCO debate expanded yesterday when the GNSO Council spent some time discussing .cam and other SCO discrepancies during its regular monthly meeting.
Concerns are such that the Council intends to inform the ICANN board of directors and its New gTLD Program Committee that it is looking into the issue.
The NGPC, has “Update on String Similarity” on its agenda for a meeting on Tuesday, which will no doubt try to figure out what, if anything, needs to be done.
Recent Comments