Recent Posts
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
GAC threat looms over ICANN Beijing
How the Governmental Advisory Committee handles its advice on new gTLD applications seems to be a big worry at the ICANN public meeting in Beijing this week.
During a session yesterday, new gTLD program vice president Christine Willett was peppered with questions about the approval process going forward, many of which related to the GAC.
There’s also a lot of gossiping about which applications the GAC is thinking about delivering the kiss of death to, and what its advice will mean to the overall program timetable.
DI is not attending the Beijing meeting in person, but here’s what I’ve learned from remote participation and talking to attendees:
Confusion over the GAC Advice standard
Judging by interactions during Willett’s session, there may be a little bit of confusion about whether GAC Advice needs to be “consensus” GAC Advice in order to halt a new gTLD application.
I think the confusion is mainly due to the way some people (Willett and myself included) use phrases such as “non-consensus GAC Advice” as shorthand for a particular paragraph of the Applicant Guidebook.
Here’s the way I understand it:
All GAC Advice — including Advice sent on issues completely unrelated to the new gTLD program — is consensus GAC Advice.
If the GAC sends written Advice to the ICANN board, it means the GAC has reached consensus to send that Advice, even if the Advice itself reflects a lack of consensus on the specifics.
Confusion in the community is arising now because the Applicant Guidebook also talks about three types of “GAC Advice on New gTLDs”, the first of which is:
The GAC advises ICANN that it is the consensus of the GAC that a particular application should not proceed. This will create a strong presumption for the ICANN Board that the application should not be approved.
That’s describing a situation where the GAC has reached a consensus that an application should be rejected. It’s going to sound the death knell for several applications, without doubt.
The second type of GAC Advice on New gTLDs in the Guidebook is:
The GAC advises ICANN that there are concerns about a particular application “dot-example.” The ICANN Board is expected to enter into dialogue with the GAC to understand the scope of concerns. The ICANN Board is also expected to provide a rationale for its decision.
The language was written by the GAC, using its consensus model, which is why it’s so badly worded.
What it means is that the GAC could not find consensus to kill off an application — some governments want it killed off, some don’t — but that the GAC as a whole reached consensus to tell ICANN that some governments do want it killed off.
So when people talk about “non-consensus” Advice, we’re referring to this second form of GAC Advice on New gTLDs, where the GAC could reached consensus to alert ICANN about “concerns” but could not reach consensus that the application should be taken outside and shot.
Which applications are going to get Advice?
The GAC stated last week that 20 applications had been put forward for specific review at the Beijing meeting.
From what I’ve been able to piece together from the GAC’s public hints, its Early Warnings, and sources in Beijing, I think I’ve identified many of these applications.
I’m pretty certain that DotConnectAfrica’s application for .africa is going to get killer Advice.
I’m not picking on DCA (disclosure: DCA accused me of being part of a racist conspiracy) but it is the only remaining applicant to comprehensively ignore ICANN’s rules on geographic names.
It’s also well-known that Amazon’s application for .amazon (and translations), and Patagonia Inc’s application for .patagonia, both of which were not captured by ICANN’s rules on geography, are unloved by Latin American governments.
The Montevideo Declaration, signed by government ministers from the continent last week, specifically condemns any new gTLDs related to Amazonia and Patagonia.
It’s difficult to see how the GAC could ignore the strength of this position, but it’s always possible that some members may have been lobbied into submission by applicants, therefore spoiling consensus.
Other geographic strings that ICANN’s rules did not identify as geographic may also face Advice.
It’s known that .persiangulf, for example, is racially/culturally divisive because the same body of water is also known as the Arabian Gulf by Arab states in the region.
The Japanese government’s Early Warning against .date (issued because there are two cities in Japan that, when translated into Latin characters, are called Date) is also believed to have been put forward for formal GAC Advice.
Outside of geographic names, I hear that .basketball and .rugby are also on the GAC’s shortlist.
These are interesting cases because the governments with the beef (Greece and the UK) are not concerned about the strings themselves. Rather, they want to make sure their preferred applicant wins.
Both gTLDs are contested, and each contention set has one applicant backed by the official world authority for the sport concerned.
If the GAC issues Advice on either, it’s putting itself in the position of picking winners and losers, which could make for some frenetic lobbying in future application rounds.
The application for .uno is believed to be under discussion in the GAC because it clashes with the acronym of an intergovernmental organization.
It also seems pretty certain that Demand Media’s applications for .navy, .army and .airforce are going to get Advice in one form or another. The US, I gather, is adamant that these bids should be rejected at all costs.
How GAC Advice affects the timetable
Willett said yesterday that ICANN expects to receive the GAC’s Advice this week, which should come as some relief to applicants given that the timing has always been a bit vague.
But it’s still not clear what form the Advice will take.
Sure, there’s bound to be some bits of Advice that call out specific applications for death-by-board, but there may also be Advice that addresses certain “categories” of application.
If that happens, and the GAC does not explicitly state which applications fall into which category, there’s the potential for mass confusion following the Beijing meeting.
I raised this specter last week, and it cropped up again during Willett’s session in Beijing yesterday.
What I forgot about last week, and what Willett was quizzed about yesterday, is that the Guidebook gives applicants with GAC Advice 21 days to respond to it before the ICANN board acts.
“I’m concerned that whereby the GAC Advice is such that it is all-encompassing and non-exhaustive that therefore all applicants must respond and all applicants are waiting another 21 days,” ARI Registry Services CEO Adrian Kinderis asked. “No applicant can proceed, because they’re all impacted.”
“If that hypothetical situation occurs, I think that’s possible,” Willett responded.
I other words, if the GAC delivers broad advice this week that does not name specific applications, it’s possible that every applicant would have 21 days to tell ICANN’s board why they’re not affected.
That would completely balls up ICANN’s plan to sign its first registry agreements on April 23.
Cops say new gTLDs shouldn’t launch without a Big Brother RAA
Law enforcement agencies are not happy with the proposed 2013 Registrar Accreditation Agreement, saying it doesn’t go far enough to help them catch online bad guys.
Europol and the FBI told ICANN’s Governmental Advisory Committee yesterday that people need to have their full identities verified before they’re allowed to register domain names.
They added that new gTLDs shouldn’t be allowed to launch until a tougher RAA is agreed to and signed by registrars.
The draft 2013 RAA would force registrars to validate their customers’ email addresses or phone numbers after selling them a domain, but law enforcement thinks this is not enough.
“We need a bit more in this area,” Troels Oerting, head of Europol’s European Cybercrime Centre, told the GAC during a Sunday session. “We need a bit more to be verified in addition to the phone or email.”
“It’s very, very important that we are able to identify perpetrators able, to identify the originators, and it’s not enough that you just put in the email or phone,” he said.
He added that there should also be re-verification procedures and ongoing compliance monitoring from ICANN, and said that only registrars signing the 2013 RAA should be allowed to sell new gTLD domains.
Europol has sent a letter to ICANN (not yet published, it seems) outlining four areas it wants to see the RAA “improved”, Oerting said.
Given that many GAC members, including the US, seem to support this position, it’s yet another threat to ICANN’s new gTLD launch timetable, not to mention privacy and anonymous speech in general.
The law enforcement recommendations are not new, of course. They’ve been in play and GAC-endorsed for many years, but were watered down during ICANN’s RAA talks with registrars.
Verisign’s security angst no reason to delay new gTLDs, says expert
Potential security vulnerabilities recently disclosed by Verisign and PayPal are well in hand and not a reason to delay the launch of new gTLDs, according to the chair of ICANN’s security committee.
Patrick Falstrom, chair of the Security and Stability Advisory Committee, said today that the risk of disastrous clashes between new gTLDs and corporate security certificates has been taken care of.
Talking to the GNSO Council at the ICANN public meeting in Beijing, he gave a definitive “no” when asked directly if the SSAC would advise ICANN to delay the delegation of new gTLDs for security reasons.
Falstrom had given a presentation on “internal name certificates”, one of the security risks raised by Verisign in a paper last week.
These are the same kinds of digital certificates given out by Certificate Authorities for use in SSL transactions on the web, but to companies for their own internal network use instead.
The SSAC, judging by Falstrom’s presentation, had a bit of an ‘oh-shit’ moment late last year when a member raised the possibility of new gTLDs clashing with the domain names on these certificates.
Consider the scenario:
A company has a private namespace on its LAN called .corp, for example, where it stores all of its sensitive corporate data. It uses a digital certificate, issued by a reputable CA, to encrypt this data in transit.
But today we have more than a few applicants for .corp that would use it as a gTLD accessible to the whole internet.
Should .corp get delegated by ICANN — which of course is by no means assured — then there could be the risk of CAs issuing certificates for public domains that clash with private domains.
That might enable, for example, a hacker on a Starbucks wifi network to present his evil laptop as a secured, green-padlocked, corporate server to an unlucky road warrior sitting in the same cafe.
According to Falstrom, at least 157 CAs have issued certificates that clash with applied-for new gTLDs. The actual number is probably much higher.
This risk was outlined in Verisign’s controversial security report to ICANN, which recommended delay to the new gTLD program until security problems were resolved, two weeks ago.
But Falstrom told the GNSO Council today that recent secretive work by the SSAC, along with ICANN security staff and the CA/Browser Forum, a certificate industry authority, has mitigated this risk to the point that delay is not needed.
Falstrom said that after the SSAC realized that there was a potential vulnerability, it got it touch with the CA/Browser Forum to share its concerns. But as it turned out, the Forum was already on the case.
The Forum decided in February, a couple of weeks after an SSAC briefing, that member CAs should stop issuing internal name certificates that clash with new gTLDs within 30 days of ICANN signing a registry contract for that gTLD.
It has also decided to revoke any already-issued internal domain certificate that clashes with a new gTLD within 120 days of contract signing.
This means that the vulnerability window will be much shorter, should the vulnerability start getting exploited in wild.
But only if all CAs conform to the CA/Browser Forum’s guidelines.
Much of this is detailed in a report issued by SSAC last month (pdf). The CA/Browser Forum’s guidance is here (pdf). Falstrom’s PowerPoint is available here (pdf)
Trademark Clearinghouse to get tested out on three existing TLDs
Three already-live TLDs are going to use the Trademark Clearinghouse to handle sunrise periods, possibly before the first new gTLDs launch.
BRS Media is set to use the TMCH, albeit indirectly, in its launch of third-level domains under .radio.am and .radio.fm, which it plans to launch soon as a budget alternative to .am and .fm.
The company has hired TM.Biz, the trademark validation firm affiliated with EnCirca, to handle its sunrise, and TM.biz says it will allow brand owners to leverage Clearinghouse records.
Trademark owners will be able to submit raw trademarks for validation as in previous sunrises, but TM.Biz will also allow them to submit Signed Mark Data (SMD) files, if they have them, instead.
Encrypted SMD files are created by the TMCH after validation, so the trademarks and the strings they represent are pre-validated.
There’ll presumably be some cost benefit of using SMD files, but pricing has not yet been disclosed.
Separately, Employ Media said today that it’s getting ready to enter the final stage of its .jobs liberalization, opening up the gTLD to essentially any string and essentially any registrant.
The company will also use the TMCH for its sunrise period, according to an ICANN press release, though the full details and timing have not yet been announced.
Unusually, .jobs is a gTLD that hasn’t already had a sunrise — its original business model only allowed vetted company-name registrations.
The TMCH is already accepting submissions from trademark owners, but it’s not yet integrated with registries and registrars.
Right Of The Dot gets legal opinion: new gTLD auctions not illegal
Right Of The Dot, one of the companies hoping to offer contention set resolution services to new gTLD applicants, has published a legal opinion arguing that auctions are not inherently illegal.
The document was issued in response to Uniregistry’s claim that the US Department of Justice has refused to give auctions a green light under antitrust law.
ROTD hired the law firm Lewis Brisbois Bisgaard & Smith, including a partner with DoJ experience, to draft the statement.
It’s aimed at lawyers, primarily, but the gist of it is that simply participating in an auction is not illegal in and of itself — participants would have to collude in some other way too.
It states:
The finding of an antitrust violation necessarily would depend on a showing that the private auction unreasonably restrained interstate trade or commerce.
The question comes down to the conduct of the parties to an auction, be it a private auction or an ICANN Last Resort Auction.
If the parties to an auction, engage in collusion such as price fixing and/or bid rigging, it constitute per se violations of Section 1 of the Sherman Act.
It’s not the auction provider that creates a violation it’s the action of the parties to an auction and those actions can take place in an ICANN Last Resort auction.
In other words, there’s no difference between an ICANN-run auction, in which ICANN gets paid, and a private auction in which the participants and the auctioneer get paid, according to these lawyers.
Uniregistry’s argument as I understand it, on the other hand, is that simply participating in an action that could constitute illegal collusion, because ICANN ends up out of pocket.
Who’s right? Who’s wrong?
I think the only person who could answer that, in light of the DoJ’s refusal to intervene, would be a judge. We’re unlikely to get an answer unless somebody sues somebody.
ANA calls for new gTLDs delay, again
The Association of National Advertisers has seized upon Verisign’s recent report into the security risks of ICANN’s new gTLD timetable to call for delays to the program.
In a blog post yesterday, ANA vice president Dan Jaffe said ICANN’s dismissal of the surprising Verisign letter is “like the Captain of the Titanic before the crash saying that the dangers of icebergs had been discussed for years.”
The post highlights the lack of finalized Trademark Clearinghouse specs as “one of the greatest concerns”, saying “millions of customers are the ones who will face harm”.
That’s not strictly true, of course. New gTLD registries are contractually unable to launch until the TMCH is ready, so the risk of registrants being harmed by the lack of specs today is a non-starter.
The ANA also points to ongoing concerns about proposed TLDs such as .corp and .home, which run the risk of clashing with existing private TLDs used on internal corporate and ISP networks.
It’s on much firmer ground here. If a user tries to access a LAN resource on a .corp domain while roaming, what’s to stop them sending sensitive data to a third-party web site instead?
I’ve yet to see a compelling reason why this is not a problem, but it’s not yet known whether the many applications for .corp, .home and similar strings have passed their ICANN technical evaluations.
The ICANN application form asked applicants to disclose potential operational problems such as these, but some applicants that were very familiar with the problem decided not to do so.
But the ANA’s main concern is its belief that new gTLDs will increase cybersquatting and increase the cost of defensive registrations, of course.
“Adequate steps have not been taken to protect Internet users, and we are headed toward uncharted waters with major danger to consumers, brandholders, and the Internet itself,” Jaffe wrote.
“The only prudent action for ICANN now is to delay this arbitrary domain name roll-out until it has fixed these very serious problems.”
NameJet and Afternic sign another gTLD launch
NameJet and Afternic will provide launch auctions and premium name distribution for the .build gTLD, should it be approved, the two companies have announced.
The deal was inked with applicant Plan Bee LLC, which is affiliated with Minardos Group, a construction company.
The two companies will handle auctions under the sunrise and landrush phases, according to a press release.
It’s the second such deal to be announced by the Afternic/Namejet partnership to date, after WhatBox’s .menu. The companies are also working with Directi’s .pw registry.
Plan Bee has also applied for .expert and .construction, but these are both contested so there’s less certainty that they’ll end up approved.
The applicant reckons it will be able to bring .build to market in the fourth quarter of this year.
With a prioritization number of 1,049 in ICANN’s queue, this may prove optimistic, depending on how the remaining portions of the program — such as predelegation testing and contracting — pan out.
ICANN selects new gTLD backup providers
Neustar, Nominet and CNNIC have been picked to provide backup registry services for new gTLDs that fail.
ICANN has named the three companies as Emergency Back-End Registry Operators for the new gTLD program.
They’ll be responsible for taking over the management of any new gTLD that goes out of business, putting registrants at risk of losing DNS resolution and registry functions.
The idea is that the EBERO(s) would be paid out of funds placed in escrow by gTLD applicants, in order to gracefully wind down any failed TLD over the space of a few years.
In reality, I doubt there’s going to be much call for their services; M&A activity is a more likely outcome for gTLDs that fail to meet their sales expectations.
ICANN highlighted the geographic diversity of the three companies (Nominet is British, Neustar American and CNNIC Chinese) as a stability benefit of its selections.
The three were chosen from 14 respondents to an RFI published last year.
The absence of an EBERO was one of the shortfalls of the new gTLD program highlighted by Verisign in its recent letter warning ICANN about perceived security and stability risks.
While ICANN has acknowledged that the EBEROs are unlikely to be ready to roll before the first new gTLDs start to launch, it has noted that they don’t need to be.
If any new gTLD catastrophically fails during the first few months of launch, it will reflect extremely poorly on the financial and technical evaluations applicants have been undergoing for the last nine months.
First seven TMCH agents approved
The Trademark Clearinghouse has listed its first seven approved trademark submission agents.
These are the companies that are able to secure bulk discounts for submitted marks to the TMCH.
The first seven are NetNames, Corporation Service Company, SafeNames, MailClub, Key-Systems, Net-Chinese, which are all domain registrars too, and the Law Offices of S.J. Christine Yang, which isn’t.
Holders of large trademark portfolios are also allowed to become agents in their own right, but most TMCH submissions are expected to be carried out via these third parties.
The full list is here.
The cost of submitting trademarks, if you’re an agent, can be worked out using the TMCH Cost Calculator.
ICANN tones down power grab in new gTLD contract
ICANN has published a new version of its Registry Agreement for new gTLD operators that waters down the controversial unilateral right to amend provisions.
The revised RA, available for review here, makes it harder for ICANN to force new rules on registries without their consent, at least when compared to the version published in February.
The Special Amendment process is designed to allow ICANN to change the contract when it’s in the public interest.
DI outlined the changes to the process last week.
While most of the changes we described have in fact made it to the published RA, we were wrong on one count: despite what we reported, ICANN directors with conflicts of interest will not be able to vote.
That means representatives of registries and registrars won’t get a say when the board discusses their contracts.
A couple of other significant changes are apparent:
- Concessions to dot-brand registries. It would now be harder for ICANN to redelegate a dot-brand to another operator if the registry abandons its gTLD. ICANN has never had any intention of doing so, of course, but the relative lack of safeguards have been making dot-brand applicants nervous for years. Now, existing intellectual property rights would be taken into consideration during redelegation decisions.
- More secrecy. There’s a new section on “confidential information”, along with references to it sprinkled throughout, designed to protect trade secrets registries may disclose to ICANN.
ICANN CEO Fadi Chehade is expected to play hard-ball on these changes, according to recent reports.
Because registries get a perpetual right of renewal, and because it’s uncertain how the power balance will hang in policy-making, ICANN believes it would be irresponsible to sign an RA that does not give it the right to step in an protect the public interest in future.
Recent Comments