Three applicants qualify for cheapo gTLDs

Three organizations have been given ICANN’s approval to apply for new gTLDs next year at a deeply discounted rate.

All three are non-profit or nongovernmental organizations, ICANN said. Two come from the Asia-Pacific region and one comes from Europe.

The identities of the applicants have not and will not be disclosed — to publish their names would likely tip the applicants’ hands in terms of what strings they intend to apply for, inviting competition.

The Applicant Support Program offers non-profit entities worldwide or small businesses in non-developed nations a discount of 75% to 85% on the base $227,000 application fee, along with a selection of other benefits.

As of today, there are 45 active applications, ICANN said. Seven come from Africa, 14 from Asia-Pac, five from Europe, two from Latin America, and 12 from North America. Another five haven’t said where they’re based yet.

According to July 23 stats, only five applications — three of which presumably have now been approved — had been fully submitted and were in review.

In the 2012 round, there were only three ASP applications and only one, from the company that now runs .kids, was successful in obtaining the discount.

The window for ASP applications closes in November.

Blockchain crisis looming for new gTLD next round

New gTLD applicants could face more of a threat from blockchain-based alternative naming systems next year than perhaps they first thought.

ICANN is coming under pressure to give additional rights to the owners of top-level strings that act like TLDs on blockchains, potentially adding friction — and six figures of extra costs — to applications for matching strings.

In the recently closed public comment period on the current draft Applicant Guidebook, two blockchain naming firms focused on the risk posed from name collisions should a gTLD get delegated that matches a blockchain TLD.

More importantly, ICANN’s influential Security and Stability Advisory Committee expressed the same views.

Alexander Urbelis, general counsel and CISO of Ethereum Name Service, said in his comments that many operators of alt-TLDs will apply for their DNS matches in next year’s application round, adding:

ICANN should consider that a new gTLD, for which an identical string already exists in an alternative name space, should be considered a compromised asset, and that delegating such gTLDs may subject ICANN, and applicants, to substantial liability. In addition to the technical issues posed by name collision, such delegations could also result in consumer confusion, difficulties with resolving queries (particularly as access to alternative names is increasingly integrated into mainstream web browsers), security risks, and broken authentication systems

Shifting gears, Urbelis then goes on to espouse the exactly opposite view to what you might expect from an operator of a blockchain naming system:

We urge ICANN to ensure that operators of strings in alternative names spaces are not given preferential treatment in the upcoming new gTLD application round, either deliberately or inadvertently. Such operators should not be rewarded for choosing to operate outside of ICANN governance and policies, particularly when the results of such preferential treatment could be so devastating for the stability of the DNS, as well as consumer trust in the new gTLD program and the DNS itself.

However, he concludes that alt-TLDs should be considered during the application process, specifically when ICANN’s evaluators conduct the String Similarity Evaluation.

we note that the string similarity evaluation does not appear to account for strings that may exist in alternative name spaces that are not under ICANN governance. Given the proliferation of such strings and alternative name spaces in recent years, ICANN should not ignore their existence by considering string similarity within only the ICANN-governed DNS, particularly due to the technical issues outlined above in connection with name collision.

Currently, this evaluation stage only looks at similarity to existing TLDs, some strings blocked by policy, and other applied-for strings.

If Urbelis’ advice were taken on board, an application for .clown, for example, could find itself ruled similar to alt-TLD .down, which is on the Handshake naming system and available at some registrars.

ENS runs .eth as a blockchain TLD. While the company claims over 1.6 million names registered there, .eth can never make it to the consensus DNS because ETH is the protected three-letter code for Ethiopia and therefore blocked by a Guidebook policy that is pretty much locked-in.

Unstoppable Domains, which markets dozens of alt-TLDs, focused on name collisions in its brief comment to ICANN, seeking extra clarity in how the collision assessors will decide whether a string is “high risk”.

The current AGB says evaluators will look at both quantitative data — measurements of traffic for non-existent TLDs to the root servers for example — and unspecified “qualitative” factors. Unstoppable’s head of operations Michael Campagnolo wrote:

If ICANN wants to help applicants to assess their risk pre-application submission, examples and sources of qualitative evidence should be described and made available to applicants prior to, and in a reasonable amount of time before the opening of the application window, similar to the quantitative information.

The subtext here, it appears, is that Unstoppable wants to know if non-DNS qualitative factors, such as the existence of an alt-TLD matching an applied-for string, will be taken into account.

That’s a good question, and as the AGB currently stands it appears to be up to the Technical Review Team that will conduct the name collision evaluation on each application.

The Name Collision Analysis Project working group, which came up with most of the current name collision rules, seemed to have mostly ignored alt-TLDs in its work due to difficulty and timing.

Unstoppable points out that applicants with strings deemed at high risk of collisions could incur extra fees of $100,000 to $150,000, on top of the $227,000 standard application fee, so the extra clarity on the rules could avoid applicants having to reach deeper into their pockets.

While ICANN is adept at ignoring or merely paying lip service to self-serving public comments filed by commercial entities, it is bound by its bylaws to take the advice of its Advisory Committees seriously.

Comments filed by the 17-member SSAC will carry more weight, and SSAC is warning that collisions between DNS and non-DNS naming systems could raise security risks, promote instability, and create user confusion.

SSAC’s SAC130 (pdf) — formal Advisory Committee advice — makes four recommendations related to name collisions. One is:

The AGB should explicitly state that the TRT is allowed to include evaluating potential collisions with known, widely used alternative naming systems and other external sources, as these can create foreseeable security and stability risks for DNS users.

If ICANN adopts the SSAC recommendations, it seems the TRT will be encumbered with the heavy burden of figuring out how, when and why an alt-TLD and an applied-for gTLD create risks so unacceptable that the applied-for string should be blocked.

Another question that has been raised in recent weeks is whether alt-TLD operators should be able to use mechanisms such as Community Priority Evaluation and Community Objection to secure their TLDs or disrupt other applications.

Could Unstoppable, for example, claim that its cohort of .wallet alt-TLD registrants constitute a protected “community” and thus get a priority approval?

The company could certainly try, but experts in the policy-making community and ICANN staff seem to think the point-based CPE mechanism is designed in such a way to make such a claim incredibly difficult to back up.

ICANN will consider all of the public comments over the coming weeks and months before making changes, if any, to the AGB.

There are hundreds of thousands of alt-TLDs out there — over 6,000 are even carried by a handful of ICANN-accredited registrars — but it’s not clear how many are actually used.

With that in mind, should ICANN offer additional protections to blockchain-based alt-TLDs, many new gTLD applicants would face the very real risk of additional friction and huge extra costs.

Wine producers worried about new gTLDs

American vintners are worried that someone might steal their protected regional names in the next new gTLD round.

The Napa Valley Vintners has written to ICANN to “express strong opposition to the creation of any generic top-level domain
(gTLDs) that uses our distinctive name.”

The trade association asks that the names of wine-producing areas of the States be added to the Reserved Names List in the new gTLD program’s Applicant Guidebook.

That list currently is limited to the names of intergovernmental organizations, NGOs, and Red Cross/Crescent related entities.

The NVV points out that the names of wine-producing regions are protected by US law — you can’t say your wine comes from Napa unless it was in fact made there.

According to Wikipedia, there are 276 protected American Viticultural Areas in 34 states. More than half are in California.

Some of these names actually have a small degree of protection already, but only accidentally. The string “Napa” would be considered a protected geographic string until the current AGB rules, for example, but only if somebody wanted to run .napa as a city-gTLD.

The issue of protecting wine-related geographic indicators has come up at ICANN before. While it was processing the applications for .wine and .vin in 2014, there was a protracted bust-up in the Governmental Advisory Committee about whether they should go ahead.

Several European governments pressed ICANN to ban or delay .wine, now an Identity Digital gTLD, until promises were made about protecting names like “Champagne” and “Rioja” at the second level.

France in particular got very pissed off, but ultimately objections were dropped after the registry made some kind of deal with the wine-makers.

The NVV letter is cc’d to the federal government’s Alcohol and Tobacco Tax and Trade Bureau, presumably to send the message that the group is not messing about.

The letter (pdf) is addressed to “The Honorable Sally Costerton”, under the apparent assumption that she’s still ICANN’s acting CEO. That hasn’t been true for the last eight months. Also, as lovely as she is, I’m not sure she qualifies for that particular honorific.

Loads of firms flunk out of next-round gTLD back-end program

A surprising number of would-be back-end registry service providers have already been eliminated from ICANN’s Registry Service Provider Evaluation Program for not submitting their applications in time.

Program statistics for May recently published reveal that 19 potential RSPs were in the system but failed to submit their required information before the application window closed May 20.

That leaves a total of 46 RSPs still in the system (pretty much in line with expectations) with 26 of those still waiting to clear their background checks. Another 15 have fully submitted their bids, though none have yet been approved.

The stats, which are broken down by geographic region, means that a maximum of one RSP from the Latin America and Caribbean region and one from Africa will be pre-approved to provide back-end services when the next new gTLD application window opens next year.

But wannabe RSPs will be able to apply again, simultaneously with their clients gTLD applications.

Asia-Pacific has 15 live applications, Europe 17 and North America 12.

The RSP program gives new gTLD applicants the chance to tick the technical services questions box by simply signing up with an already-approved provider. Being preapproved gives a pretty strong competitive advantage to RSPs in the 2026 round.

One of the dumbest gTLDs just switched back-ends

Why does .blockbuster still exist, seriously?

Old-timers such as your humble correspondent will recall Blockbuster as the once world-conquering video rental chain that spectacularly failed to adapt to adapt to the era of Netflix and streaming and went almost completely out of business.

I say almost because, as was widely reported a few years back, there’s still one branch of Blockbuster open. It’s in Bend, Oregon and has sidelines as a tourist destination and, more lucratively, selling ironic merch mocking its own inexplicable existence.

So that’s a whole dot-brand gTLD essentially for a single retail outlet. Possibly the only smaller, dumber gTLD is .richardli, which is a dot-brand representing just one dude, Hong Kong billionaire Richard Li.

The Bend store is a franchisee, so it pays Dish DBS, owner of the brand, a licensing fee to use its trademark. But the gTLD is unused. Blockbuster has a holding page at blockbuster.com while the Bend store uses bendblockbuster.com.

Why mention this at all? Well, Dish has just changed the back-end registry services provider for .blockbuster and all of its other dormant dot-brands from Identity Digital to Tucows, indicating that it has no plans to terminate its ICANN registry contracts just yet.

.sling, .dish, .latino, .dot, .ott, .ollo, .mobile, .dtv, .dvr, .phone, and .data, none of which have any registered domains (but several of which would surely prove attractive to an acquiring portfolio registry) have also made the move to Tucows.

(Actually, .ollo may be an even dumber dot-brand given that the brand doesn’t exist and seemingly never has existed. Dish filed for a trademark on the string in 2011 but never used it.)

Running a gTLD isn’t free. The current ICANN fee alone is $25,800 a year per string. While Dish had $10.6 billion in revenue last year, its parent, EchoStar, is currently circling the drain-hole of Chapter 11 bankruptcy protection.

Ironically, EchoStar faces the dire choice because the US Federal Communications Commission is threatening to revoke some of its 5G spectrum licenses because the company acquired the licenses then didn’t use them.

Governments erect bulk-reg barrier to new gTLD next round

No new gTLDs should be added to the internet until ICANN develops policies addressing the abuse of bulk domain name registrations, according to the Governmental Advisory Committee.

The GAC this afternoon drafted formal Advice for the ICANN board stating that policy work on bulk regs should get underway before ICANN 84, which takes place in Muscat, Oman in late October.

While the wording still may change before it is sent to ICANN, the current draft advice reads:

The GAC advises the board: To urge the GNSO Council to undertake all necessary preparation prior to ICANN84 towards enabling targeted and narrowly scoped Policy Development Processes (PDPs) on DNS Abuse issues, prioritizing the following: to address bulk registration of malicious domain names; and the responsibility of registrars to investigate domains associated with registrar accounts that are the subject of actionable reports of DNS Abuse.

The advice on bulk regs is fairly self-explanatory: the GAC has become aware that spammers typically shop around for the cheapest TLDs then register huge amounts of domains on the assumption that some will start getting blocked quite quickly.

The second part of the advice probably needs some explanation: under the current ICANN contracts, registrars have to deal with abuse reports concerning domains they sponsor, but they’re under no obligation to investigate other domains belonging to the registrants of those domains.

So, if a scumbag registers 100 domains for a spam campaign and only one of them is reported as abusive, the registrar can comply with its contract by simply suspending that one domain. The GAC thinks it should be obliged to proactively investigate the other 99 names too.

The advice seems to have been inspired by two sources: NetBeacon’s recent Proposal for PDPs on DNS Abuse (pdf) and data from Interisle Consulting.

Both pieces of advice obviously could have an impact on registrars’ top and bottom lines. They could lose revenue if they currently make a lot of money from bulk regs, and their costs could be increased with new obligations to investigate abuse.

An added wrinkle comes in the GAC’s rationale for its advice, which suggests that dealing with bulk regs and abuse probes should be a gating factor for the next round of new gTLDs going ahead. It reads:

Before new strings are added to the DNS as a result of the next round, further work on DNS Abuse is needed to stem the increasing cost to the public of phishing, malware, botnets, and other forms of DNS Abuse.

The core text of the advice was compiled in furtive huddles on the edges of sessions at ICANN 83, and I believe Switzerland held the pen, but it seems the US government was the driving force behind the push to make abuse a barrier to the next round.

As I reported on Monday, the US GAC rep said that “in light of the global phishing problem… and similar concerns the United States is of the view that we should not expand the DNS too broadly”.

Little interest in cheapo gTLD program

ICANN’s program to offer heavily discounted new gTLD application fees to certain organizations has so far seen little uptake, and some governments are not happy about it.

The Applicant Support Program offers up to 45 qualified applicants a discount of up to 85% on their application fees. That’s worth almost $200,000 each. ICANN will also hook applicants up with pro-bono application consultants and help out with auctions if necessary.

While 40 applications are in the process of being drafted, according to ICANN’s latest monthly stats, only four finalized applications have been submitted and there’s no way of telling whether the other 40 will convert to full applications.

The low number has members of ICANN’s Governmental Advisory Committee concerned, partly because of a deal it struck with ICANN last year that would encourage a change of strategy if it turned out some regions were more represented than others.

The arrangement saw ICANN promise to refocus its outreach efforts on under-served regions after tallying up the home nations of the first 20 submitted applications. With the 12-month program application window now well past the half-way mark, the GAC is worried that by the time the 20th bid is logged, it will be too late to course-correct.

It now seems likely that the GAC’s formal Advice from the ongoing ICANN 83 meeting in Prague will see language included saying ICANN should conduct its review of the applications now, while there’s still time to adjust the strategy.

Currently, the stats show a strange and surprising mix of geographies.

North America has the most applications in draft at 15. This is weird because entities based in the US and Canada don’t qualify for the discount, ICANN doesn’t count Mexico as North American, and the only other economies in the region are US island territories like Puerto Rico and Guam.

Meanwhile, the whole of Latin America and the Caribbean region, with all its half a billion citizens, has just two applications in draft. That’s the just one more than Europe, which has just a handful of qualifying nations.

Africa and Asia-Pacific both have seven applications in draft, and Asia-Pac also has three fully submitted bids.

Based on the current stats, you’d have to assume ICANN would need beef up its outreach in Latin America if it wanted to rebalance the numbers. Europe probably doesn’t need as much love because so few countries there qualify.

As well as encouraging ICANN to analyse its number immediately, the GAC is also considering text that would connect applicants in drafting with their local governments, to see if they need any assistance getting over the final hurdle.

US government opposes most new gTLDs

The US government has come out against most of the new gTLDs likely to be applied for in next year’s application round, saying they will contribute to the “global phishing problem”.

The eyebrow-raising revelation came during an intervention from Susan Chalmers, the country’s senior representative on the Governmental Advisory Committee, at the ICANN 83 meeting in Prague this afternoon.

Chalmers said the US is not opposed to the next round in general, but “has some reservations” that the expansion could make DNS abuse worse and that ICANN should “consider how to limit the expansion appropriately”.

Here are her remarks in full:

The United States has some reservations about the next round of new gTLDs. Specifically we have concerns that expanding the DNS too broadly can lead to more spam and DNS abuse for everyone on the internet. Our concerns are not for a next round in general to be clear. We see value in certain categories of applications such as for geo-TLDs and for internationalized domain names. In some cases it makes sense to add new strings to the DNS, but in light of the global phishing problem (which we will learn more about tomorrow) and similar concerns the United States is of the view that we should not expand the DNS too broadly. As the GAC did in 2013 we must consider how to limit the expansion appropriately to take into account public interest impacts.

The US, which has at least five civil servants attending the GAC meetings in Prague, was the only government to openly oppose new gTLDs during this afternoon’s session.

The position puts the US at odds with likely the majority of next-round new gTLD applicants, which could be a cause for concern.

While there will no doubt be some worthy geographic TLDs and IDNs applied for, if 2026 is anything like the 2012 round most applications will be commercial in nature, with as broad an appeal as possible.

Sadly, no doubt some applicants will be the kind of chancers who want to make their millions selling disposable domains for a buck apiece to spammers.

While Chalmers’ remarks may be somewhat surprising, the US position under Trump isn’t a million miles away from the Obama administration’s position in the run-up to the 2012 round.

Back then, the US tried successfully to strong-arm ICANN into giving the GAC more powers over which gTLDs could and could not enter the root. Those powers have been grandfathered in to the rules for next year’s round.

But the political landscape was different back then. ICANN was still a US government contractor, which irked other governments. Some nations wanted ICANN’s powers to be expatriated and given to a body like the International Telecommunications Union. The US was keen to keep the Org under its jurisdiction, and thought a beefed-up GAC was the way to do it.

It seems unlikely that the US could derail the next round entirely. Technically, it would have to win over the full GAC to produce a consensus against the expansion, but one of the hallmarks of the Trump administration so far has been its refusal to play nicely or respect multilateralism, so who knows what might happen.

The US could also use ICANN’s own rules to object to individual new gTLD applications it deems risky or unworthy.

A GAC consensus advice objection against an applications has historically been enough to kill it dead, but any nation can also choose to go it alone by issuing a so-called GAC Early Warning.

An Early Warning is a unilateral notice to an applicant that a government doesn’t like their application and may try to get it rejected or changed in some way. Applicants are free to ignore such warnings, but are encouraged to engage with the government in question to resolve their concerns.

Could Chalmers’ remarks today be the first early warning?

GoDaddy loses last Amazon business to Identity Digital

GoDaddy appears to have lost the last remnants of its Amazon back-end registry services deal.

IANA records show that GoDaddy was recently replaced by Identity Digital as the technical contact for all of the remaining 12 gTLDs it was serving.

The gTLDs in question are: .coupon, .song, .zero and the IDNs .ストア, .セール, .家電, .クラウド, .食品, .ファッション, .書籍, .ポイント and .通販, which are generic terms for things like “fashion” and “books”.

Five of the IDNs have actually launched and have been generally available for years, but they’re been phenomenally unsuccessful — the largest zone has just 146 domains in it. The remaining seven are dormant, unlaunched.

Amazon originally used GoDaddy (then Neustar) for all 54 of the gTLDs it successfully applied for back in the 2012 gTLD application round, but it switched all but 12 of them to Nominet back in 2019, where they remain today.

.med is a deeply weird gTLD, but it wants to be more normal

Medistry, the .med registry with a really strange business model, is looking to normalize its practices and start competing with the cluster of healthcare-related gTLDs already on the market.

The gTLD launched in 2016 and had almost 42,000 domains under management at the last count, which may sound like a pretty decent showing for a 2012-round niche registry (comparable to the likes of .beauty and .chat).

But there are a few caveats. For starters, only one non-registry .med domain has been indexed by Google, and it redirects to a .com web site.

Delve into the .med zone file, and you’ll discover that almost all of those 42,000 domains are 12 characters long and each comprises entirely numbers and hyphens. Doesn’t sound very sexy, does it?

Furthermore, delve into the Whois, and you’ll discover that all of those domains are registered via the registry’s in-house registrar, Name Share, to an entity affiliated with the registry itself.

A couple of years ago, having not sold more than a handful of .med domain names (I’ll get to the reasons for that in a moment), Medistry seems to have decided to reinvent .med as a directory for medicines.

In the US, all human medicines approved by the Food and Drug Administration are given a National Drug Code, a 10-digit unique identifier that the manufacturers are required to print on the packaging.

So, the domain name 55150-250-50.med refers to a bupivacaine hydrochloride injection, a surgical anaesthetic made by Eugia US LLC. Almost all .med domains follow this three-part NDC structure.

The domains seem to have been registered in service of Trust.med, another entity affiliated with the registry, which says it offers supply chain management services to the US healthcare industry.

Why the DNS is the best place to store this NDC information isn’t clear to me. All the .med names I checked came back NXDOMAIN and were marked as pendingDelete in the Whois despite being months away from expiration.

So… Plan C? Sell .med domains to any Tom, Dick or Harry who wants one, on a first-come, first-served basis.

Medistry says that, as of now:

A registrant of a .med domain name can be an individual or organization. All available domain names in .med are approved for registration on a first come, first serve basis through .med accredited registrars. .med domain names can also be purchased in the domain name aftermarket.

That’s hell and gone from the mission outlined in Medistry’s 2012 new gTLD application and its current Registry Agreement with ICANN, both of which outline some of the harshest registration restrictions of any TLD.

Its current ICANN contract states, in the Public Interest Commitments:

The lone method of domain name allocation in the TLD will be by Request for Proposal (RFP) under guidelines, rules and criteria as set forth by the Advisory Board in its sole discretion.

RFP for domain name registration in the TLD will be reviewed for approval by the Advisory Board, in its sole discretion, independent of Registry Operator.

PICs are enforceable by ICANN Compliance under the rarely used PIC Dispute Resolution Process, should there be a view that a registry is violating the contract.

Could Medistry be heading into stormy waters with Compliance? The company does have form in that regard — it’s owned by the same people who run .jobs registry Employ Media.

Employ Media got into a protracted fight with ICANN in 2012 over a service called Universe.jobs, which saw it register 40,000 generic .jobs domains to a close partner in order to turn the gTLD into a structured taxonomical jobs board.

ICANN thought the service was a breach of the .jobs RA and the two parties ended up in arbitration. ICANN eventually let Universe.jobs go ahead but it fizzled out a few years later when Employ Media came to blows with its partner.

Is history repeating itself with .med’s sudden change of business model?

Medistry says that full general availability for .med names will begin on September 2, but it’s telling registrars (pdf) they can “Pre-Register any domain to guarantee registration beginning on September 2” by emailing them a list of names.

It’s also looking to on-board more registrars. As of the end of January, the only registrars to ever sell a .med domain were owned by the registry. It uses Nominet as its back-end.

.med would compete against the likes of .doctor, .surgery, .health and .clinic.