Latest news of the domain name industry

Recent Posts

.home, .mail and .corp could get unbanned

Kevin Murphy, May 13, 2024, Domain Tech

The would-be new gTLDs .home, .mail and .corp — which were some of the most hotly contested strings in the 2012 application round before ICANN banned them — could get a new lease of life if ICANN adopts the recommendations of a panel of security experts.

More than 20 applications for the three strings were first put on hold, and then rejected outright in 2018, due to the risk of name collisions — where a TLD in the public DNS clashes with a domain used extensively on private networks.

The three non-existent TLDs receive more than 100 million queries per day at the DNS root due to queries leaking out from private networks, creating the risk of stuff breaking or sensitive data being stolen if they were to ever be delegated.

But now ICANN has been told that it “should not reject a TLD solely based on the volume of name collisions” and that it should submit .home, .mail and .corp to a new, more nuanced “Name Collision Risk Assessment Process”.

The recommendations comes in a newly published and rather extensive final report (pdf) from the Name Collision Analysis Project Discussion Group, which has been looking into the name collisions problem for the last four years.

While NCAP says ICANN should create a Collision String List of high-risk strings that new gTLD applicants could consult, it stopped short of recommending that the Org preemptively ban strings outright with a “do not apply” list, writing:

Regarding .CORP, .HOME, and .MAIL, high query volume is not a sufficient indicator of high-risk impact. The complexity and diversity of query sources further complicate the assessment of risk and impact. It is impractical to create a pre-emptive “do-not-apply” list for gTLD strings due to the dynamic nature of the DNS and the need for real-time, comprehensive analysis.

.corp might have a relatively easier time getting unblocked. NCAP figured out that most queries for that TLD are due to one “globally dominant software package” made by Microsoft that uses .corp as a default setting. This problem would be easier to fix than .home, which sees bogus traffic from a huge range of sources.

.mail also might be safe to delegate. NCAP noted that at least six gTLDs with more pre-delegation query traffic — .network, .ads, .prod, .dev, .office and .site — were subsequently delegated and received very low numbers of collision reports from live deployment.

Instead of banning any string, NCAP instead proposes a new Name Collision Risk Assessment Framework.

Under the framework, a new Technical Review Team would be in charge of testing every applied-for gTLD not already considered high risk for collision risks and placing the high-risk ones on a Collision String List of essentially banned strings.

To do so, the applied-for gTLD string would have to be actually delegated to the live DNS root zone, under the control of the TRT rather than a registry or applicant, while data is gathered using four different methods of responding to query traffic not unlike the “controlled interruption” method currently in use.

This would be a huge break from the current system, under which gTLDs only get delegated after ICANN has contracted with a registry operator, but it would mean that IANA would be able to quickly yank a gTLD from the DNS, if it started causing serious problems, without stepping on anyone’s commercial interests or inviting legal action.

There’s little doubt that the proposed framework would add friction to the new gTLD evaluation process in the next round, but the fact that NCAP has delivered its recommendations ahead of its original schedule is good news for those hoping for no more delays to the next round actually launching.

The NCAP study was considered on the critical path to the next round. It’s already been approved by the Security and Stability Advisory Committee and is expected to be considered by ICANN’s board of directors at an upcoming meeting. Implementing the recommendations would obviously take some time, but I doubt that would delay the expected Q2 2026 opening of the next application window.

The new recommendations on .corp, .home and .mail mean those gTLDs could well come back into play in the next round, which will come as cold comfort to the applicants who had their $185,000 application fees tied up for years before ICANN finally decided to ban them in 2018, offering a full refund.

There were seven applicants for .mail, six for .corp, and a whopping 11 for .home. Applicants included GoDaddy, Google, Amazon, and Identity Digital.

According to ICANN’s web site, Google never actually withdrew its applications for .home, .corp and .mail, and Amazon never withdrew its application for .mail. If that’s accurate, it could lead to some interesting disputes ahead of the 2026 application round.

Unstoppable to apply for Women in Tech gTLD

Unstoppable Domains and Women in Tech Global have announced that they plan to apply for a new gTLD when ICANN opens the next application round.

They want .witg, which Unstoppable has already launched on its blockchain-based naming system. They cost $10 a pop.

Unstoppable says the names come with some social networking features, as well as the usual ability to address cryptocurrency wallets.

The company has also recently announced gTLD application partnerships with POG Digital for .pog, Clay Nation for .clay and Pudgy Penguin for .pudgy.

Unstoppable is mainly competing here with D3 Global, which is also recruiting blockchain businesses that want to embrace the DNS when the next round opens.

D3 announces seventh blockchain gTLD client

Kevin Murphy, May 2, 2024, Uncategorized

D3 Global has announced yet another likely new gTLD applicant from the blockchain space.

The specialist consultancy said it has partnered with MAKE and the Casper Foundation, a software developer and its non-profit backer respectively, to apply for .cspr when ICANN opens its long-awaited next round of new gTLD applications in a couple years.

It’s the seventh such deal D3, which says it can help blockchain companies link their alternative namespaces to the DNS, has announced since its launch late last year.

It is also working with partners to apply for .ape, .core, .vic, .near, .gate, and .shib.

A million “free” .music domains up for grabs

Kevin Murphy, April 15, 2024, Domain Registries

The new .music gTLD registry says it will give away up to one million first-year domains over the next five weeks as part of its launch program, but there are of course plenty of catches.

DotMusic says the domains are available to what it calls “Music Community Member Organizations” — think record labels and the like — until May 24 or it reaches a million names, whichever comes first.

With not much more than a month to get on board and a fairly complex, multi-layered registration and verification process, it seems more likely that the promo will time out before it hits seven figures.

.music is a “community” gTLD only available to entities with a nexus to the music industry. The names are only available as exact matches of music performers or professionals or the organizations they belong to.

They’re also only resolvable after the registrants verify their identities via DotMusic’s sister company, ID.music, which costs $1.99 per domain during the promotion.

It’s not exactly “free”, but compared to the usual price of defensively registering during sunrise periods, it’s an absolute bargain. DotMusic’s regular, ICANN-mandated sunrise period ended a few months ago, with dozens of domains registered by the usual suspects — the likes of Apple and Amazon.

More details on the promotion can be found here. General availability begins June 25.

ICANN content policing power grab may be dead

Kevin Murphy, April 3, 2024, Domain Policy

A move by ICANN to grant itself more formal “content policing” powers may be dead, after the community was split on the issue and governments failed to back the move.

The Governmental Advisory Committee yesterday sent comments essentially opposing, for now at least, the idea of ICANN reforming its bylaws to give it more powers over internet content, making it very unlikely that ICANN would be able to get such amendments approved by its community overseers.

The comments came a few days after ICANN extended the deadline for responses to a December 2023 consultation on whether applicants in the next new gTLD round should be able to sign up to so-called Registry Voluntary Commitments that regulate content in their zones.

RVCs would be an appendix to ICANN Registry Agreements which would commit a registry to, for example, ban certain types of registrant or certain types of content from domains in their gTLDs.

They’re basically a rebadged version of the Public Interest Commitments found in RAs from the 2012 round, in which the likes of .sucks agreed to ban cyberbullying and .music agreed to ban piracy.

But they’ve got ICANN’s board and lawyers worried, because the Org’s bylaws specifically ban it from restricting or regulating internet content. They’re worried that the RVCs might not be enforceable and that ICANN may wind up in litigation as a result.

ICANN has therefore proposed a framework (pdf) in which RVCs would be enforced by ICANN only after an agreed-upon third-party auditor or monitor found that a registry was out of compliance.

The board sent out several pages of questions to all of its Supporting Organizations and Advisory Committees in December, asking among other things whether the bylaws needed to be amended to clarify ICANN’s role, but the responses were split along traditional lines.

Registries and registrars were aligned: there’s no need for a bylaws change, because ICANN should not allow RVCs that regulate content into its contracts at all.

“ICANN should maintain its existing bylaws which exclude content from its mission, and allowing any changes to this could be a slippery slope opening ICANN to becoming a broader ‘content police’,” the Registrars Stakeholder Group said in its response, giving this amusing example:

An example of a content restriction is provided in the proposed implementation framework for .backyardchickens (e.g. no rooster-related content). Restricting rooster-related content would require a significant amount of policing, and could even prohibit valuable content that would benefit such a TLD. For example, a backyard hen farmer might want to promote the pedigree lineage of the roosters that helped sire the hens, show pictures of the roosters that were the fathers, etc. All of this could in theory be prohibited,but would also require review and subjective analysis. This would be a very slippery slope for ICANN, and a substantial departure from its mission. Restricting rooster content would then put ICANN in the place of enforcing laws that prohibit backyard roosters, rather than relying upon the competent government authorities charged with overseeing residential animal husbandry.

The Non-Commercial Stakeholders Group was more strident in its tone, even raising the possibility of legal action if ICANN went down the content policing route, saying “the best way for the Board to address content-related PICs and RVCs is to make it clear that it will reject them categorically.” It added:

The prohibition on content regulation in ICANN’s mission is extremely important and very clear. Mission limitations were a critical part of the accountability reforms that were required before ICANN would be released from US government control in 2016… NCSG will mount a legal challenge to any attempt to dilute this part of the mission.

The opposing view was held by the Business Constituency, the Intellectual Property Constituency, and the At-Large Advisory Committee, which is tasked with representing the interests of ordinary internet users.

They all said that ICANN should be able to allow content-related RVCs in registry contracts, but the IPC and BC said that no bylaws amendment is needed because the bylaws already have a carve-out that enables the Org to enforce PICs in its agreements. The ALAC said a bylaws amendment is needed.

“There is a distinction between ICANN regulating, i.e imposing ‘rules and restrictions on’ services and content, versus the registry operator voluntarily proposing and submitting to such rules and restrictions,” the IPC wrote.

“There is also a distinction between ICANN directly enforcing such rules and restrictions on third parties, i.e. registrants, versus ICANN holding a registry operator to compliance with the specifics of a contractual commitment,” it added.

The last community group to submit a response, fashionably late, was the GAC, which filed its response yesterday having reviewed all the other responses submitted so far. The GAC arguably has the loudest voice at ICANN, but its comments were probably the least committed.

The GAC said that ICANN should only go ahead with a bylaws amendment if it has community backing, but that the community currently lacks consensus. It said, “at this stage there are not sufficient elements to justify commencing a fundamental bylaws amendment to explicitly enable the enforcement of content-related restrictions”.

However, the GAC still thinks that RVCs “will continue to serve as tools for addressing GAC concerns pertaining to new gTLD applications during the next round” and that it wants them to be enforceable by ICANN, with consequences for registries found in breach.

The GAC said that it “will continue to explore options to address this important question”.

This all means that ICANN is a long way from getting the community support it would need to push through a bylaws amendment related to content policing. That’s considered one of the “Fundamental Bylaws” and can only be changed with substantial community support.

Such amendments require the backing of the Empowered Community. That’s the entity created in 2016 to oversee ICANN after it severed ties with the US government. It comprises individuals from five groups — the GAC, the GNSO, the ccNSO, the ALAC and the Address Supporting Organization.

For a fundamental bylaws amendment to get over the line, at least three of these groups must approve it and no more than one must object.

With the GNSO, given its divisions, almost certainly unable to gather enough affirmative votes, the GAC seemingly on the fence, and the ASO and ccNSO recusing themselves so far, only the ALAC looks like a clear-cut yes vote on a possible future bylaws amendment.

Perhaps that’s why ICANN chair Tripti Sinha has written to the ASO and ccNSO in the last few days to ask them whether they’d like to think again about ducking out of the consultation, giving them an extra two weeks to submit comments after the original March 31 deadline.

The ccNSO handles policy for country-code domains and the ASO for IP addresses. Both have previously told ICANN that gTLD policy is none of their business, but Sinha has urged them both to chip in anyway, because “the ICANN Bylaws govern us all”.

Internet could get one-letter gTLDs (but there’s a catch)

Kevin Murphy, March 21, 2024, Domain Policy

ICANN is set to loosen up its restrictions on single-character gTLDs in the 2026 application round, according to draft Applicant Guidebook language.

But the exemption to the usual rule applies only to gTLDs written in one script — Han, which is used in Chinese, Japanese and Korean.

Applied-for Latin-script strings must be three characters and over (because two-letter strings are reserved for ccTLDs) and internationalized domain names in other, non-Han scripts have a minimum of two characters.

The exemption for Han is being put in place because it’s an ideographic script, where a single character can have a meaning that other, alphabetic scripts would require an entire string to express. Google tells me the Chinese for “water” is 水, for example.

The 2012 gTLD application round did not feature the Han carve-out, and no IDN gTLDs currently in the DNS have fewer than two characters.

The draft rules governing IDNs are expected to be part of the next batch of AGB components that ICANN releases for public comment. The comment period on the first batch ended this week with no particularly controversial issues emerging.

Microsoft moving its cloud apps from .com to .microsoft

Kevin Murphy, March 15, 2024, Domain Registries

Microsoft is planning to move all of its Microsoft 365 apps off a multitude of .com domains and consolidate them all under .microsoft, its dot-brand gTLD.

The company says it will move Teams, Outlook, and Microsoft 365 web apps to the cloud.microsoft domain. They currently use domains such as outlook.office.com, teams.microsoft.com and microsoft365.com.

It first announced the move in April last year and this week reminded developers of apps that use its cloud platform that they need to support the new domain.

Explaining the move to the dot-brand last year, the company wrote:

Consolidating authenticated user-facing Microsoft 365 experiences onto a single domain will benefit customers in several ways. For end users, it will streamline the overall experience by reducing sign-in prompts, redirects, and delays when navigating across apps. For admins, it will drastically reduce the complexity of the allow-lists required to help your tenant stay secure while enabling users to access the apps and services they need to do their work.

Microsoft plans to launch the teams.cloud.microsoft domain in June but run the two domain schemes in parallel for a while, so as to not unnecessarily break apps in its developer ecosystem.

It’s not going to dump microsoft.com altogether, saying that it plans to use it for “non-product experiences such as marketing, support, and e-commerce.”

The cloud.microsoft domain is already one of the more visible dot-brand names out there, ranking in the top 20 most-visited, according to Majestic rankings.

Hat tip: The Register.

Governments back down on new gTLD next round delay

Kevin Murphy, March 13, 2024, Domain Policy

ICANN’s Governmental Advisory Committee has decided not to force the Org to pay for a independent cost/benefit analysis of the new gTLD program, removing the potential for timeline friction ahead of the planned 2026 next-round launch.

In its latest communique, published following the ICANN 79 meeting in Puerto Rico last week, the GAC has essentially told ICANN that it broke its bylaws by not following eight-year-old GAC advice, but meh, whatever, just don’t do it again.

As I reported last week, governments had grown concerned that ICANN had not delivered the “objective and independent analysis of costs and benefits” of the new gTLD program that the GAC had asked for in 2016. Such an analysis was supposed to be a prerequisite for the next round going ahead.

What ICANN had delivered instead was a relatively hastily prepared summary of the next round’s policy recommendations, Org’s analysis of these recommendations, and the community-led review of competition, consumer protection and trust issues, the CCT review.

The Puerto Rico communique says that this response “cannot be considered to constitute a cost-benefit analysis, nor to be objective and independent” but that the GAC does not wish to throw up a road-block to the next round going ahead on schedule. It reads:

The GAC recognizes that the Community (with involvement of the GAC) is taking forward the next round of new gTLDs and has set a corresponding timeline. The GAC, therefore, believes that conducting further analysis at this stage would not serve the intended purpose.

The GAC encourages the Board to ensure that GAC advice, which the Board has accepted, is effectively implemented and its implementation is communicated to the GAC.

GAC chair Nicolas Caballero of Paraguay summarized it as the committee telling the ICANN board “we’re not aiming by no means at stopping the next round or anything like that, but that we want to be taken seriously”.

The original draft of the communique, drafted by Denmark, the US, the UK and Switzerland delegations, also contained text noting that the analysis ICANN provided was written by staff or community stakeholders, who were neither independent nor objective, but this was removed during a drafting session last week after objections from Iran, whose rep said it sounded too critical of the multistakeholder process.

It seems ICANN, and others who stand to make a lot of money from the new gTLD program, have dodged a bullet here, with the GAC essentially backing away and backing down from its potentially delay-causing previous demands.

Private auctions could be banned in new gTLD next round

Kevin Murphy, March 4, 2024, Domain Policy

ICANN is “sympathetic” to the view that private auctions between competing new gTLD applicants are a Bad Thing that should be discouraged in the next application round.

Director Alan Barrett told the GNSO Council at ICANN 79 today that the board of directors, following Governmental Advisory Committee advice, has hired a consultant and is looking at ways to design an ICANN-run “last resort” auction in a way that “disincentivizes” the use of private auctions.

In the 2012 round, many contention sets were settled with private auctions, with tens of millions of dollars changing hands. Losing auctions was a real money-spinner for several portfolio applicants. When ICANN conducted the auctions, ICANN got the money.

Last June, the GAC advised ICANN to “ban or strongly disincentivize private monetary means of resolution of contention sets, including private auctions”, and Barrett said ICANN is considering how to fulfill that advice.

“We don’t know the answers yet, but what I can say is that we are looking at it and we are sympathetic to the idea of disincentivizing private auctions,” Barrett said.

He added that ICANN is looking at how it might discourage competing applicants from settling their contention sets using joint ventures “in a bad faith kind of way”.

“There’s the risk that applicants might use a joint venture in a bad faith kind of way, as a way of transferring money from one applicant to another, in much the same way as private actions could have done,” he said. “We want to figure out a way of allowing good-faith joint ventures.”

My sense is that whatever ICANN comes up with will have to have a substantial carrot component, or an equally big stick. The domain industry can be incredibly devious at times, and if there’s a way to make a big chunk of change filing unsuccessful new gTLD applications, somebody will figure it out.

GoDaddy to start selling graphic.design domains

In an unusual diversification into third-level domains, GoDaddy Registry seems to be planning to sell names under .graphic.design.

The company filed a request with the Public Suffix List yesterday, asking for the domain to be included on the list, so it will be recognized around the internet as a space where third-level names are registerable.

“GoDaddy Registry will be opening graphic.design to individual registrations, through a global network of authorised Registrars, similar to a standard open gTLD,” the request states.

“This inclusion in the PSL is to ensure the correct operation of the zone as an open TLD, such that providers including website, email and Certificate Authorities recognise the individual ownership of the registered domains within the graphic.design DNS zone,” it says.

The request goes on to say the company expects “5,000 to 10,000+” domains to be registered there.

The PSL is used widely by software such as browsers to determine ownership of domains for security purposes, allowing them to recognize, for example, that example1.graphic.design and example2.graphic.design are two different sites with potentially two different owners.

Registries launching third-level spaces is unusual but not unheard of. It happens much more often in the ccTLD space, where some countries have a baffling number of third-level options. In the gTLD space, the trend if anything is in the opposite direction, with third-levels being de-emphasized in favor of second-levels.

GoDaddy acquired .design from Top Level Design in 2021, a part of its massive expansion in the registry business. It’s not doing badly as new gTLDs go, with about 119,000 domains under management at the last count.