Recent Posts
- ICANN boss: no plans to scrap Oman meeting
- China domains dip in 2026
- ICANN maps out new gTLD timeline
- War disrupts ICANN 85
- Namecheap abandons fight for .org price caps
- Identity Digital acquires another gTLD
- Seven dead registrars on the out
- Sav.com owner takes over .radio gTLD
- .com zone tops 160 million domains
- ai.com, the most-expensive domain sale ever
- .ai hits seven figures, raises prices
- Typosquatter gets two years in jail
- Epstein low-balled registrants to get his exact-match domain
- Epstein bought “mother” domains for Fergie while serving time
- Two former ICANN directors want back in
- Former ICANN director could lose control of ccTLD
- UK launches “police.ai”, but does it own the domain?
- Team Internet still in talks to sell off domains unit
- NamesCon returning to Miami in November
- “Mad Dog” politician registers nazis.us, redirects to Trump admin site
- “Lowest Price Guaranteed!” $48 .com registrar canned
- No RDAP? No accreditation
- Fifth-largest gTLD not dead after all
- Half of registrar’s domains are abusive, ICANN says
- Burr joins PIR after leaving ICANN board
- Refunds galore as gTLD losers finally bow out
- .goo terminated as search engine closes down
- GoDaddy to offer domain blocking to people who don’t have trademarks
- Happy new year expected for domain industry, says ICANN
- Salesforce to apply for a dot-brand
- Team Internet looking to break up
- Noss to leave Tucows corner office
- Rubens Kühl has died
- Sinha angry with Chapman’s firing as ICANN vice chair
- Glitch redux: ICANN screws up new gTLD security again
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
Registries propose PKI-based new gTLD sunrises
Neustar and ARI Registry Services have come up with an alternative to ICANN’s proposed new gTLDs sunrise period process, based on a secure Public Key Infrastructure.
The concept was outlined in a draft paper published today, following an intensive two-day tête-à-tête between domain companies and Trademark Clearinghouse providers IBM and Deloitte last month.
It’s presented as an alternative to the implementation model proposed by ICANN, which would use unique codes and was criticized for being inflexible to the needs of new gTLD registries.
The PKI-based alternative from Neustar and ARI would remove some of the cost and complexity for registries, but may create additional file-management headaches for trademark owners.
Under the ICANN model, which IBM and Deloitte are already developing, each trademark owner would receive a unique code for each of their registered trademarks and each registry would be given the list of codes.
If a trademark owner wanted a Sunrise registration, it would submit the relevant code to their chosen registrar, which would forward it to the registry for validation against the list.
One of the drawbacks of this method is that registries don’t get to see any of the underlying trademark data, making it difficult to restrict Sunrise registrations to certain geographic regions or certain classes of trademark.
If, for example, .london wanted to restrict Sunrise eligibility to UK-registered trademarks, it would have no easy way of doing so using the proposed ICANN model.
But IP interests participating in the development of the Trademark Clearinghouse have been adamant that they don’t want registries and registrars getting bulk access to their trademark data.
They’re worried about creating new classes of scams and have competitive concerns about revealing their portfolio of trademarks.
Frankly, they don’t trust registries/rars not to misuse the data.
(The irony that some of the fiercest advocates of Whois accuracy are so concerned about corporate privacy has not been lost on many participants in the TMCH implementation process.)
The newly proposed PKI model would also protect trademark owners’ privacy, albeit to a lesser extent, while giving registries visibility into the underlying trademark data.
The PKI system is rather like SSL. It used public/private key pairs to digitally sign and verify trademark data.
Companies would submit trademark data to the Clearinghouse, which would validate it. The TMCH would then sign the data with its private key and send it back to the trademark owner.
If a company wished to participate in a Sunrise, it would have to upload the signed data — most likely, a file — to its registrar. The registrar or registry could then verify the signature using the TMCH’s public key.
Because the data would be signed, but not encrypted, registrars/ries would be able to check that the trademark is valid and also get to see the trademark data itself.
This may not present a privacy concern for trademark owners because their data is only exposed to registries and registrars for the marks they plan to register as domains, rather than in bulk.
Registries would be able to make sure the trademark fits within their Sunrise eligibility policy, and would be able to include some trademark data in the Whois, if that’s part of their model.
It would require more file management work by trademark owners, but it would not require a unique code for each gTLD that they plan to defensively register in.
The Neustar/ARI proposal suggests that brand-protection registrars may be able to streamline this for their clients by enabling the bulk upload of trademark Zip files.
The overall PKI concept strikes me as more elegant than the ICANN model, particularly because it’s real-time rather than using batch downloads, and it does not require the TMCH to have 100% availability.
ICANN is understandably worried that about the potentially disastrous consequences for the new gTLD program if it creates a TMCH that sits in the critical registration path and it goes down.
The PKI proposal for Sunrise avoids this problem, as registries and registrars only need a stored copy of the TMCH’s public key in order to do real-time validation.
Using PKI for the Trademark Claims service — the second obligatory rights protection mechanism for new gTLD launches — is a much trickier problem if ICANN is to stick to its design goals, however.
ARI and Neustar plan to publish their Trademark Claims proposal later this week. For now, you can read the Sunrise proposal in PDF format here.
What the hell happened to Go Daddy last night?
Thousands — possibly millions — of Go Daddy customers suffered a four-hour outage last night, during a suspected distributed denial of service attack.
The company has not yet revealed the cause of the downtime, which started at 1725 UTC last night, but it bears many of the signs of DDoS against the company’s DNS servers.
During the incident, godaddy.com was inaccessible. DI hosts with Go Daddy; domainincite.com and secureserver.net, the domain Go Daddy uses to provide its email services, were both down.
The company issued the following statement:
At 10:25 am PT, GoDaddy.com and associated customer services experienced intermittent outages. Services began to be restored for the bulk of affected customers at 2:43 pm PT. At no time was any sensitive customer information, such as credit card data, passwords or names and addresses, compromised. We will provide an additional update within the next 24 hours. We want to thank our customers for their patience and support.
Several Go Daddy sites I checked remained accessible from some parts of the world initially, only to disappear later.
Others reported that they were able to load their Go Daddy webmail, but that no new emails were getting through.
This all points to a problem with Go Daddy’s DNS, rather than with its hosting infrastructure. People able to view affected sites were likely using cached copies of DNS records.
Close to 34 million domains use domaincontrol.com, Go Daddy’s primary name server, for their DNS. The company says it has over 10 million customers.
Reportedly, Go Daddy started using Verisign’s DNS for its home page during the event, which would also point to a DNS-based attack.
The outage was so widespread that the words “GoDaddy” and “DNS” quickly became trending topics on Twitter.
The web site downforeveryoneorjustme.com, which does not use Go Daddy, also went down as thousands of people rushed to check whether their web sites were affected.
Some outlets reported that Anonymous, the hacker group, had claimed credit for the attack via an anonymous (small a) Twitter account.
Companies the size of Go Daddy experience DDoS attacks on a daily basis, and they build their infrastructure with sufficient safeguards and redundancies to handle the extra traffic.
This leads me to believe that either yesterday’s attack was either especially enormous, or that somebody screwed up.
The fact that the company has not yet confirmed that external malicious forces were at work is worrying.
Either way it’s embarrassing for Go Daddy, which is applying for three new gTLDs which it plans to self-host.
Several reports have already speculated that the attack could be revenge for one or more of Go Daddy’s recent PR screw-ups.
The company has promised an update later today.
ICANN dragging its feet on new gTLD refunds?
Former new gTLD applicants are having to wait for months to have their deposits refunded by ICANN, according to two companies that withdrew applications before Reveal Day.
One company withdrew four applications and requested a refund on May 7, some weeks before the TLD Application System closed to new applicants, according to the consultancy Sedari.
But the company, a Sedari client, is still waiting for the return of its $20,000 TAS access fee over four months later, according to Sedari.
Another applicant, GJB Partners, filed a complaint with the California Attorney General in July after waiting for over a month for the refund of a $185,000 application fee.
According to the complaint, the application was withdrawn June 6, a week before Reveal Day, after the company had TAS password problems and suspected foul play.
The company eventually received its refund July 11, shortly after filing the AG complaint.
Sedari’s client has yet to received its refunds, according to the company.
Are any other readers experiencing similar problems?
Secret ICANN briefing fuels IGO new gTLDs debate
The Universal Postal Union, newly installed .post registry manager, has launched a withering attack on ICANN for protecting some intergovernmental organizations and not others.
Its salvo follows the release of briefing materials — previously redacted — that ICANN’s board was given when it approved the new gTLD program at the Singapore meeting in June 2011.
The UPU says that the documents show that ICANN engaged in “ex post facto attempts at justifying legally-flawed decisions” when it decided to give extra protection to the Olympics and Red Cross/Red Crescent movements.
As you may recall, these protections were granted by the ICANN board when the program was approved, following lobbying of the Governmental Advisory Committee by both organizations.
In the current round, nobody was allowed to apply for gTLDs such as .redcross or .olympic, or translations in dozens of languages. There are also ongoing talks about extending this protection to the second level.
Some have argued that this would lead to a “slippery slope” that would resurrect the problematic Globally Protected Marks List, something ICANN and the GAC have denied.
They have maintained that the IOC/RC/RC movements are unique — their marks are protected by international treaty and many national laws — and no other groups qualify.
Other IGOs disagree.
Almost 40 IGOs, including the United Nations and International Telecommunications Union, are lobbying for an additional 1,108 strings to be given the same protection as the Olympics.
If they get what they want, four applied-for gTLDs could be rejected outright and dozens of others would be put at risk of failing string similarity reviews.
According to the UPU’s latest letter, ICANN’s newly disclosed rationale for giving only the IOC/RC/RC organizations special privileges was based on a flawed legal analysis:
most of the recommendations contained in documents such as the Unredacted Paper seem to reflect, in an unambiguous way, ex post facto attempts at justifying legally-flawed decisions in order to narrow even further the necessary eligibility “criteria” for protection of certain strings, apparently so that only two organizations would merit receiving such safeguards under the new gTLD process.
In other words, according to the UPU and others, ICANN found itself in a position in June 2011 where it had to throw the GAC a few bones in order to push the new gTLD program out of the door, so it tried to grant the IOC/RC/RC protections in such a way that the floodgates were not opened to other organizations.
You can read the unredacted ICANN briefing materials here. The UPU letter, which deconstructs the document, is here.
It’s worth noting that the Applicant Guidebook already gives IGOs the explicit right to file Legal Rights Objections against new gTLD applications, even if they don’t have trademark protection.
Big brands ask US for published list of known cybersquatters, other stuff
A public, published list of repeat cybersquatters was among the demands that the trademark lobby took to a meeting with the US government in Washington DC yesterday.
The summit, hosted by the Department of Commerce, was the latest stage in the US government’s response to the campaign for more new gTLD rights protection mechanisms kicked off by the Association of National Advertisers a little over a year ago.
About 30 big brand owners, along with several trade associations and campaign groups, took part.
The Internet Commerce Association somehow managed to blag an invitation too, and was the only representative of domain registrants, according to a blog post by ICA counsel Phil Corwin.
The companies, which included tech companies such as Microsoft, Facebook, AOL, Yahoo and eBay and offline brand owners such as Nike, Coca-Cola, Time Warner and News Corp, met in early June to formulate a set of recommendations to take to Commerce.
These recommendations are outlined in an August 29 letter (pdf), a copy of which DI has obtained.
Notably, the companies asked for a published list of “bad actors” who have repeatedly lost Uniform Rapid Suspension cases. The letter states:
Recidivist bad actors should be tracked via a list of common Respondents and that list should be published and publicly available.
However, we understand that this request is a low-priority item, discussed only briefly yesterday, and that Commerce representatives did not immediately embrace it.
The bulk of the discussions related to tweaks trademark owners want to see in the Trademark Claims service — which alerts them and the registrant when somebody tries to register a potentially infringing domain name — and the URS.
The brand owners want Trademark Claims, which new gTLD registries are only obliged to offer for the first 60 days of general availability, extended for a longer period, possibly up to three years.
On the face of it, this is among the most reasonable longstanding demands from the IP crowd, but ICANN has resisted it to date as it’s worried about creating a monopoly in the pre-existing market for trademark monitoring services.
If the Trademark Clearinghouse is alerting you every time somebody registers a domain name with your brand in it, why pay MarkMonitor or Melbourne IT for the same service?
The letter also says that Trademark Claims should cover brand+keyword registrations, and domains containing registered trademarks, rather than just exact matches.
The worrisome aspect of this request is that there’s quite a high risk of false positives due to run-on words, very short trademarks, acronyms and dictionary words.
Non-commercial ICANN stakeholders dislike this due to the possibility of a chilling effect on free speech, while registries and registrars don’t like anything that puts unnecessary obstacles in the registration path.
With URS, the trademark owners want a full loser-pays system, though they acknowledge that it could raise the filing fee, which is something they don’t want.
To keep costs down, they want a lower filing fee for cases where the registrant does not respond and a URS panelist is not appointed, which seems like a reasonable idea.
The idea of ICANN (and, ultimately, registrants) subsidizing URS fees has also been put forward.
Finally, the trademark owners want registries to implement defensive blocking systems with one-time fees, modeled on the Sunrise B process that ICM Registry used with the launch of .xxx.
Some of the ideas — such as lower filing fees for uncontested URS cases — seem fairly reasonable and I can see them gaining traction.
Others, such as the brand+keyword protections, seem harder to implement and less likely to pass through ICANN unchallenged.
So what happens next? According to ICA’s Corwin:
For their part, the hosts of the meeting [Commerce] listened politely but did not to endorse any of the suggestions, although they did commit to follow-up interagency discussions. It was pointed out that some of the proposals have been raised before and went nowhere within ICANN, and questions were raised about what process would be utilized to place them before the broader ICANN community and its Board. It was also indicated that the U.S. would be reluctant to undertake any unilateral communications on these matters to ICANN’s Board.
Given this reluctance, I wouldn’t be surprised to see some of these ideas bubbling up through the Governmental Advisory Committee instead, as ideas from the US trademark lobby are wont to do.
As with every ICANN meeting, expect to see further discussions in Toronto next month.
Seventh new gTLD bid withdrawn
ICANN has now received seven requests to withdraw new gTLD applications, according to documentation published today.
While we learned today that Google and KSB AG are behind four of the junked bids, the identities of the other three are not yet known.
ICANN has said that it will not reveal the withdrawing applications until all the formalities, such as refunds, have been finalized.
The updated stats came in a slide deck (pdf) set to be used in an ICANN webinar scheduled for noon UTC today.
The slides also reveal the aggregate status of applications’ progress through Initial Evaluation.
As you can see from the slide below, over a quarter of applications have had their String Similarity Review already. Just 65 have had their Geographic Names Review, while 127 and 141 have had their technical and financial evaluations respectively.
ICANN also states that there have been 57 requests for changes to applications — up from 49 at the last count — and that so far nobody has filed a formal objection against any bid.
ICANN’s seven-point test for borked new gTLD bids
ICANN has published a set of seven criteria for judging whether new top-level domain applicants should be allowed to change the details of their applications.
The test is designed to enable applicants to correct stupid errors in — or make more substantial changes to — the original applications.
ICANN had received 49 such requests at the last count.
It is believed that at least three applicants — Verisign, DotConnectAfrica and Kerry Logistics — have requested changes to typos in the applied-for string itself.
Others are thought to have asked for permission to correct copy-paste errors, when they’ve applied for multiple gTLDs.
These are the factors ICANN will use to determine whether a change will be allowed:
Explanation – Is a reasonable explanation provided?
Evidence that original submission was in error – Are there indicia to support an assertion that the change merely corrects an error?
Other third parties affected – Does the change affect other third parties materially?
Precedents – Is the change similar to others that have already been approved? Could the change lead others to request similar changes that could affect third parties or result in undesirable effects on the program?
Fairness to applicants – Would allowing the change be construed as fair to the general community? Would disallowing the change be construed as unfair?
Materiality – Would the change affect the evaluation score or require re-evaluation of some or all of the application? Would the change affect string contention or community priority consideration?
Timing – Does the timing interfere with the evaluation process in some way? ICANN reserves the right to require a re-evaluation of the application in the event of a material change. This could involve additional fees or evaluation in a subsequent application round. (AGB §1.2.7.)
It’s not yet clear who makes the decision — whether it’s ICANN staff or its board of directors. I’ve asked ICANN for clarification and will update this post when I find out.
All changes will be published in a public change log and subject to 30 days of public comment, according to ICANN’s announcement this morning.
Google junks three of its new gTLD applications
The identities of the first four new gTLD applications to be withdrawn have been revealed by ICANN.
Google has, as predicted, dropped its bids for .and, .are and .est, because they’re protected three-letter country-codes listed in the ISO 3166 alpha-3 standard.
An application for .ksb, by the KSB, a German maker of “pumps, valves and related liquid transportation systems”, has also been withdrawn, though the reasons are less clear.
KSB is not a protected geographic string, nor has .ksb received any negative public comments. I’m guessing the application was an unnecessary defensive move.
With Google expected to lose 30% of its application fees for the three withdrawn applications ($165,000) I can’t help but wonder why ICANN allowed it to apply for the strings in the first place.
The ban on ISO 3166 alpha-3 codes in the Applicant Guidebook appears to be hard and non-negotiable. The strings essentially enjoy the same degree of exact-match protection as Reserved Names such as .iana and .example.
However, while the TLD Application System was hard-coded to reject attempts to apply for Reserved Names, banned geographic strings did not get the same safeguards.
There’s one other application for an ISO 3166 alpha-3 string — .idn — which does not appear to have been withdrawn yet.
There are at least 16 other applications for protected geographic words that may require government support — but are not outright prohibited — according to our DI PRO study.
According to ICANN, six applications have been withdrawn to date. The change in status only shows up on ICANN’s web site after the refunds have been processed, however.
Google, which applied as Charleston Road Registry, has 98 new gTLD applications remaining.
ICANN comms chief quits
ICANN vice president of communications Barbara Ann Clay has resigned, DI has learned.
Clay was appointed to the role in 2010 under Rod Beckstrom, and the fact that she is leaving now, while the CEO role is in transition, will come as little surprise to ICANN watchers.
As head of comms, Clay presided over a new gTLD outreach program that managed to result in 1,930 applications but which was criticized by some for not focusing enough on the developing world.
A generally low-profile executive, the only time DI has had cause to mention Clay’s name was when she complained to the government of Senegal about a crappy hotel.
She’s the second senior executive with responsibility over the new gTLD program — the third if you include Beckstrom — to leave ICANN since Reveal Day.
Program director Michael Salazar resigned in June at about the same time digital archery was getting killed off.
Clay’s last day on the job is believed to be September 14.
Melbourne IT holding new gTLD trademarks summit
Melbourne IT will hold a half-day conference on trademark protection in new gTLDs next month in Washington DC.
Google, Microsoft, Donuts, and the Association of National Advertisers are among those expected to take part in the discussion.
The meeting follows on from Melbourne IT’s recent anti-cybersquatting proposal, which calls for stronger protections for brands that are frequent targets of trademark infringement.
The panel includes many familiar faces from ICANN meetings. Applicant interests are represented, albeit by a minority of the panelists.
It will be moderated by Melbourne IT chief strategy officer (and ICANN vice-chair) Bruce Tonkin. Here’s the full line-up:
Andrew Abrams, Trademark Counsel, Google
James L. Bikoff, Partner, Silverberg, Goldman & Bikoff
Steve DelBianco, Executive Director, NetChoice and Vice Chair Policy Coordination, ICANN GNSO Commercial Business Users Constituency
Dan Jaffe, Group EVP Government Relations, Association of National Advertisers
Jon Nevett, Co-Founder, Donuts
Russell Pangborn, Associate General Counsel – Trademarks, Microsoft
Craig Schwartz, General Manager – Registry Programs, BITS/The Financial Services Roundtable
Brian J. Winterfeldt, Partner, Steptoe & Johnston and ICANN GNSO Counselor (Intellectual Property Constituency)
The event starts at 1.30pm local time at the Capital Hilton in DC on September 18. An RSVP is needed. There’s no official word on remote participation yet.
Recent Comments