Recent Posts
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
.secure applicant claims NCC stole her idea
Domain Security Company CEO Mary Iqbal claims that NCC Group took many of her ideas for a high-security .secure top-level domain following unproductive investment talks.
Iqbal is also hinting at “potential future litigation” over the issue.
The surprising claims, made in emails to DI today, follow the announcement last week that a new NCC subsidiary, Artemis Internet, will also apply to ICANN for .secure.
“NCC Group has taken many of the security measures outlined in the Domain Security Company LLC security plan and incorporated them into the NCC Group’s proposed security measures,” Iqbal said.
Artemis chief technology officer Alex Stamos, a veteran security industry technologist, has dismissed the allegations as “completely ridiculous”.
“The only reason I know she is applying is because we did some Google searches when we were putting together our announcement,” he said.
Iqbal claims she was first contacted by NCC in January this year to talk about signing up for data escrow services – one of the technical services all new gTLD applicants need.
However, she says these talks escalated into discussions about a possible NCC investment in Domain Security Company, during which she shared the company’s security and business plans.
She said in an email:
These disclosures were made based on assurances from the NCC Group that the NCC Group was not then involved with any other applications for a secure Top Level Domain. Specific assurances were also given that the NCC Group was not involved with any other potential application for a .SECURE Top Level Domain.
But Stamos said that he’s been working on .secure at NCC since late last year, and he has no knowledge of any talks about investing in Iqbal’s company.
“All I know is that she talked to one of our salespeople about escrow,” he said. “I’ve never seen a business plan or security plan.”
Emails from an NCC executive sent to Iqbal in January and forwarded to DI by Iqbal today appear to be completely consistent with a sales call.
Iqbal said she has emails demonstrating that the talks went further, but she declined to provide them “since I may have to use it in any potential future litigation”.
Stamos pointed out that if NCC was in the habit with competing with its escrow clients, it would have applied for considerably more gTLDs than just .secure.
Artemis is proposing a significant technology development as part of its .secure bid, he said: the Domain Policy Framework, which he outlines on his personal blog here.
He added that Artemis is happy to compete with other .secure applicants – he evidently expects more to emerge – but on the merits of the application rather than “spurious claims”.
Domain Security Company “already has a very troubling history of using the legal process to overcome problems that should be based on merit”, he said.
That’s a reference to the company’s almost-successful attempt to secure US trademarks on .secure and .bank, in spite of the US trademark office’s rules against granting trademarks on TLDs.
Expect more stories like this to emerge about other gTLDs after ICANN’s Big Reveal of the applicant list next month.
Whether her claims have any merit or not, Iqbal’s not the first to claim that another applicant stole her idea, and she certainly won’t be the last.
Olympics wastes more money on ICANN nonsense
International Olympic Committee lawyers have lodged an official appeal of ICANN’s latest decision to not grant it extra-extra special new gTLD protection.
![The [O]Lympic Cafe, close to both DI headquarters and the London 2012(TM) Olympic(TM) Park, which apparently found a novel solution when the IOC's lackeys came knocking.](https://i0.wp.com/domainincite.com/images/cafelympic.png)
The IOC last week filed a Reconsideration Request asking the ICANN board to rethink an April 10 decision that essentially ignored the latest batch of “.olympic” special pleading.
As previously reported, ICANN’s GNSO Council recently spent a harrowing couple of meetings trying to grant the Olympic and Red Cross trademarks even more protection than they already get.
Among other things, the recommendations would have protected strings confusingly similar to “.olympic” at the top level in the new gTLD program.
But a month ago the ICANN board of directors’ newly created, non-conflicted new gTLD program committee declined to approve the GNSO Council’s recommendations.
The committee pointed out in its rationale that the application window is pretty much closed, making changes to the Applicant Guidebook potentially problematic:
a change of this nature to the Applicant Guidebook nearly three months into the application window – and after the date allowed for registration in the system – could change the basis of the application decisions made by entities interested in the New gTLD Program
It also observed that there was still at that time an open public comment period into the proposed changes, which tended to persuade them to maintain the status quo.
The decision was merely the latest stage of an ongoing farce that I went into much more detail about here.
But apparently not the final stage.
With its Reconsideration Request (pdf), the IOC points out that changes to the Applicant Guidebook have always been predicted, even at this late stage. The Guidebook even has a disclaimer to that effect.
The standard for a Reconsideration Request, which is handled by a board committee, is that the adverse decision was made without full possession of the facts. I can’t see anything in this request that meets this standard.
The IOC reckons the lack of special protections “diverts resources away from the fulfillment of this unique, international humanitarian mission”, stating in its request:
The ICANN Board Committee’s failure to adopt the recommended protection at this time would subject the International Olympic Committee and its National Olympic Committees to costly and burdensome legal proceedings that, as a matter of law, they should not have to rely upon.
Forgive me if I call bullshit.
The Applicant Guidebook already protects the string “.olympic” in over a dozen languages – making it ineligible for delegation – which is more protection than any other organization gets.
But let’s assume for a second that a cybersquatter applies for .olympics (plural) which isn’t specially protected. I’m willing to bet that this isn’t going to happen, but let’s pretend it will.
Let’s also assume that the Governmental Advisory Committee didn’t object to the .olympics application, on the IOC’s behalf, for free. The GAC definitely would object, but let’s pretend it didn’t.
A “costly and burdensome” Legal Rights Objection – which the IOC would easily win – would cost the organization just $2,000, plus the cost of paying a lawyer to write a 20-page complaint.
It has already spent more than this lobbying for special protections that it does not need.
The law firm that has been representing the IOC at ICANN, Silverberg, Goldman & Bikoff, sent at least two lawyers to ICANN’s week-long meeting in Costa Rica this March.
Which client(s) paid for this trip? How much did it cost? Did the IOC bear any of the burden?
How much is the IOC paying Bikoff to pursue this Reconsideration Request? How much has it spent lobbying ICANN and national governments these last few years?
What’s the hourly rate for sitting on the GNSO team that spent weeks coming up with the extra special protections that the board rejected?
How much “humanitarian” cash has the IOC already pissed away lining the pockets of lawyers in its relentless pursuit of, at best, a Pyrrhic victory?
How NCC plans to revolutionize domain name security with .secure gTLD
The proposed .secure generic top-level domain is now officially contested, after NCC Group, best known in the domain industry for its data escrow services, announced a bid.
Newly formed NCC subsidiary Artemis Internet Inc, based in San Francisco, is the official applicant.
According to Artemis chief technology officer Alex Stamos, who co-founded security testing firm iSEC Partners and sold it to NCC for $22.8 million two years ago, this is a hard security play.
The .secure gTLD would be all about enforcing strict security policies on registrants, he said.
“Right now there are a lot of interesting security technologies out there, but they’re generally not very effective because they’re optional,” he said.
As well as premium pricing and a manual registrant verification process expected to take about two weeks – complete with mailing address confirmation and two-factor authentication tokens – Artemis plans to force registrants to adhere to certain baseline security policies.
For example, all .secure web sites would have to be completely HTTPS, Stamos said. The only permissible use of a standard port 80 URL would be to redirect to the encrypted site.
The same would go for mail servers – they’d all have to use TLS to encrypt email as standard.
“When you go to bank.secure you’ll know that the software and servers at the other end are going to make the most secure decisions possible,” Stamos said.
Artemis would scan its registrants’ sites for compliance with these baseline rules, looking out for things such as botched SSL implementations.
But Artmeis wants to take it a step further. It is also proposing a new protocol, Domain Policy Framework, which would let registrants publish their security policies in the DNS.
Stamos said the company has set up a Domain Policy Working Group to develop the spec, which it plans to submit to the IETF for standardization before the end of the year.
The other members of the working group, which promise to include some “influential” names in financial services, software and social media, will be announced in July.
DPF would work alongside the existing DNSSEC and DANE protocols to enable registrants to specify, for example, which Certificate Authorities browsers should trust when accessing their .secure domain, preventing certain types of attacks, Stamos said.
Obviously, this system is not going to work without support from browser software, but Stamos said he’s hopeful that the big vendors will embrace the DPF spec.
“The most innovative and forward-leaning browsers will support it first,” he said.
Domains in .secure would still be accessible by non-compliant browsers, he said.
ARI Registry Services has been hired to manage the back-end registry, but Artemis is also building a secondary registry system for storing the DPF records, which it plans to offer to other TLD registries.
NCC plans to invest up to £6 million ($9.7 million) in Artmeis over the next 15 months, according to a press release.
Another firm, Domain Security Company, also plans to apply for .secure.
Go Daddy applying for three new gTLDs
Go Daddy reportedly plans to apply for three new generic top-level domains, including the dot-brand .godaddy.
CEO Warren Adelman confirmed the bids to CNet’s Paul Sloan today.
The other two strings were not revealed, presumably because they could still be contested.
Yesterday, Demand Media, owner of Go Daddy’s primary registrar competitor eNom, revealed an $18 million investment in the new gTLD program, suggesting it has more ambitious plans.
Like Demand, Go Daddy subsidiaries have a history of adverse UDRP decisions, which could complicate the background checks ICANN plans to conduct on all applicants.
ICANN not done with TAS bug analysis
Despite sending out hundreds of notifications to new gTLD applicants today, it looks rather like ICANN’s analysis of the TLD Application System bug is not yet complete.
(MAY 10 UPDATE — in a statement today, ICANN provided significantly more information about the notification process, rendering much of the speculation originally in this post moot. Read it here.)
TAS to reopen May 22. Big Reveal on for Prague?
ICANN’s bug-plagued TLD Application System will reopen on May 22 and close on May 30, according to a statement just issued by chief operating officer Akram Atallah.
The dates, which are only “targets”, strongly suggest that that the Big Reveal of all new gTLD applications is going to happen during the public meeting in Prague in late June.
If ICANN still needs two weeks to collate its application data before the reveal, we’re looking at June 14, or thereabouts, as the earliest possible reveal date.
But that’s just ten days before ICANN 44 officially kicks off, and I think it’s pretty unlikely ICANN will want to be distracted by a special one-off event while it’s busy preparing for Prague.
For the Big Reveal, my money is on June 25.
Atallah also said this morning that all new gTLD applicants have now been notified whether they were affected by the TAS bug, meaning ICANN has “met our commitment to provide notice to all users on or before 8 May”.
That said, some applicants I spoke to this morning, hours after it was already May 9 in California, said they had not received the promised notifications. But who’s counting?
The results of ICANN’s analysis of the bug appear to show that no nefarious activity was going on.
“We have seen no evidence that any TAS user intentionally did anything wrong in order to be able to see other users’ information,” Atallah said.
ICANN has also discovered another affected TAS user, in addition to the 50 already disclosed, according to Atallah’s statement.
Demand Media mum on $18m new gTLDs investment
Demand Media has invested $18 million in new generic top-level domains, but it won’t disclose whether it has spent all of the money on application fees.
The company, which owns number two domain name registrar eNom, held its first-quarter earnings conference call this evening, during which it revealed the investment.
A roughly $18 million investment could mean as many as 100 new gTLD applications, but Demand executives refused to elaborate on its plans.
CFO Charles Hilliard said that new gTLDs are seen as a “significant strategic growth opportunity” and that Demand would provide more details upon the closure of ICANN’s application window.
As Mike Berkens has already suggested tonight on TheDomains, a massive investment in application fees seems to be the most plausible use for the money.
The fact that the whole of the investment appears to have been made in April would support this view.
But CEO Richard Rosenblatt also confirmed during the call that the company has now also entered into the registry services provider business, providing the back-end for other applicants.
It does not appear to have been particularly successful attracting clients. Rosenblatt said that Demand has created a back-end platform and “signed our first two strategic customers”.
Just two clients would put Demand at the low end of the registry service provider rankings in this first new gTLD round.
I’m aware of at least one applicant that changed its mind about partnering with the company for its application.
ICANN’s background checks on new gTLD applicants include probes into, among other things, adverse cybersquatting decisions under the UDRP.
Demand Media, as a massive domain registrant, gets hit by UDRP complaints fairly regularly, and some have said it’s lost enough to be disqualified from running a registry under ICANN’s rules.
As far as I’m aware, it’s currently an open question whether hiding UDRP losses and applications behind subsidiaries will be enough to evade these background checks.
But if Demand is prepared to pump $18 million into applications, it must have a pretty good inkling that it won’t tumble at the first hurdle.
ICANN affirms full refunds for pissed-off gTLD applicants, silent on new CEO
ICANN’s board of directors has approved full refunds for any new gTLD applicant that asks for one – something that the organization has already been offering for over a month.
At its two-day retreat in Amsterdam this weekend, the board’s New gTLD Program Committee resolved:
to offer to applicants a full refund of the New gTLD Application fee actually paid to ICANN if the applicant wishes to withdraw its application prior to the date that ICANN publicly posts the identification of all TLD applications.
The date of the Big Reveal, when the names of every applicant and every applied-for gTLD will be publicly posted and the refunds will no longer be available, has not yet been set.
While the resolution refers to the TLD Application System data leakage bug, the refund does not appear to be restricted to directly affected applicants. Anyone can claim it.
However, as regular DI readers know, ICANN had been offering full refunds to applicants that withdraw before the Big Reveal for weeks before the TAS bug emerged.
ICANN customer services reps told DI and at least one gTLD applicant in March that: “Applications withdrawn prior to the posting of the applied-for strings are qualified for a $180000 refund”.
ICANN said in a statement today:
We recognize that this represents an increase of only US $5000 over the refund that withdrawing applicants would otherwise receive, but we believe it is an important part of fulfilling our commitment to treat applicants fairly.
Under the terms of the Applicant Guidebook, the maximum refund available after the Reveal is $148,000.
In other news from Amsterdam…
The ICANN board has decided to let director Thomas Narten join the New gTLD Program Committee, which comprises all of the board members without new gTLD conflicts of interest.
Narten had been barred from the recently formed committee because he worked for IBM, which planned to apply for one or more new gTLDs.
But the board said he has now “mitigated the previously-identified conflict of interest with respect to the New gTLD Program”, so he gets to join the committee as a non-voting liaison.
It’s not clear from the weekend’s resolution why Narten is no longer conflicted. Two obvious possibilities spring to mind.
There was no news from Amsterdam on ICANN’s CEO hunt.
Incumbent Rod Beckstrom intends to “hand the baton” to his successor at the Prague meeting in late June, and the board already has a favored candidate lined up to replace him.
I understand that this candidate did attend the Amsterdam board retreat, albeit under a veil of secrecy lest his or her identity leak out before official confirmation.
But I also understand that the board has decided to move super-cautiously on the CEO decision, in order to avoid repeating the mistakes of the past.
ICANN expects up to 2,305 new gTLD applications
After months of speculation, ICANN has finally revealed how many new generic top-level domain applications it expects to receive.
The lowest amount appears to be 2,091.
That’s the number of applications in the TLD Application System when it was taken offline due to the data leakage bug on April 12, ICANN said.
Another 214 applications had been registered but not yet paid for.
That’s a potential total of 2,305 applications.
ICANN has $350 million in application fees in the bank as a result.
How many of the unpaid bids convert to full applications will be key in deciding how many evaluation batches the first gTLD round will have.
Closer to 2,091, and it’s likely to be four batches. Closer to 2,305, and we may see a fifth batch.
With Initial Evaluation expected to take five months per batch, with a possible 11 months after that for the final Extended Evaluations and string contention resolution, it could be June 2015 before the first new gTLD round is completely processed.
It remains to be seen how many unique strings have been applied for, and how many applications will be successful, but with ICANN only planning to delegate 200 to 300 new gTLDs per year, the first round is likely going to last a loooong time.
Is .xxx really that crappy?
It’s not a huge secret that the new .xxx gTLD isn’t doing as well, five months after launch, as ICM Registry would have hoped, but how does it shape up against other top-level domains?
Domain Name News earlier this week published an analysis of the top one million most-trafficked web sites, according to Alexa rankings, and found that .xxx had just 61 entries.
Per DNN reporter Mike Cohen:
We would not have thought that only 61 domains in total would be ranking inside the top 1,000,000 most visited sites in the world. That number was suppose to be exponentially higher by all accounts even a few month’s in, which we now are well into 2012, however reality says otherwise.
I’m not sure what “all accounts” DNN is referring to — possibly ICM’s marketing hype — but I thought the analysis was interesting so I thought I’d try to replicate it.
This morning I parsed today’s Alexa top million sites list and came up with the following (sortable) table.
[table id=7 /]
These are quick and dirty numbers, based on Alexa data, and my code might be wonky, so please don’t place too much faith in them.
I only looked at the “new” gTLDs introduced since 2001, as well as two mass-market ccTLDs (.co and .me) introduced over the same period.
The .co numbers do not include third-level domains under .com.co and the ccTLD’s other legacy extensions.
The “Months Active” column is the number of months since the TLD was delegated into the DNS root, measured by the date of the first registry report it filed with ICANN or the IANA (re)delegation date, not the date of general availability.
The fourth column is the number of domains divided by the number of months. It’s a fairly arbitrary measure, presented merely to give you an idea of the “success” of the TLD over time.
You could possibly, loosely, think of it as “how many domains a TLD can expect to get into the Alexa 1 Million per month”.
By that measure, .xxx isn’t doing too badly.
It’s even beating .jobs and .tel in absolute terms.
Recent Comments