Mediocre .vote gTLD drops restrictions

The .vote and .voto gTLDs have had their registration restrictions removed in a bid to increase numbers.
Both domains were previously technically restricted to those who could show they had a legitimate connection to democratic proceedings, and were sometimes used by political campaigns.
But it appears those post-registration restrictions were lightly enforced, and now they’ve been dropped entirely.
Neither gTLD has been particularly successful — .vote has been wobbling around the 3,000-domain mark for a while, while .voto (the Spanish version) has about a tenth of that figure.
Both renew at retail for about $60 a year, but first-year regs can currently be obtained for about half that amount.
They’re both managed by Afilias.
The highest-profile .vote domain I’m aware of to date was used in the spectacularly successful Hollywood-backed campaign to keep Donald Trump out of the White House in 2016.

.bond domains could cost a grand each

Newish registry ShortDot has announced the release details for its recently acquired .bond gTLD, and they ain’t gonna be cheap.
The TLD is set to go to sunrise in a little under a month, October 17, for 33 days.
General availability begins November 19 with a seven day early access period during which the domains will be more expensive than usual but get cheaper each day.
The regular pricing is likely to see registrars sell .bond names for between $800 and $1,000 a pop, according to ShortDot COO Kevin Kopas.
There won’t be any more-expensive premium tiers, he said.
The gTLD was originally owned by Bond University in Australia, but it was acquired unused by ShortDot earlier this year.
The company hopes it will appeal to bail bondsmen, offerers of financial bonds and James Bond fans.
The business model with .bond is diametrically opposed to .icu, where names sell for under $2 a year (and renew for under $8, if indeed any of them renew).
That zone has inexplicably gone from 0 to 1.8 million names in the last 16 months, and ShortDot says it’s just crossed the two-million mark of registered names.
That second million appears to have been added in just the last three months.

MMX switches porn TLDs from Afilias to Uniregistry

Minds + Machines is moving its four porn-themed gTLDs to a new back-end provider.
MMX CEO Toby Hall confirmed to DI today that the company is ditching Afilias, which had been providing registry services for .xxx since 2011.
“We’re in the process of switching the back-ends from Afilias to Uni for the ICM portfolio,” he said.
This portfolio, which MMX acquired last year, also includes .porn, .adult and .sex. There are roughly 170,000 domains under management in total, but about half of these are sunrise-period blocks in .xxx, which could add a wrinkle to the transition.
It appears that Afilias is still providing DNS for the TLDs, but Uniregistry has been named the official tech contact.
It’s not currently clear when the handover will be complete. Hall was not immediately available for further comment.
It’s also not currently clear why Uniregistry was selected. All of MMX’s 27 other gTLDs — the likes of .vip, .work and .law — have been running on Nominet’s platform since MMX dropped its own self-hosted infrastructure a few years back.
During the same restructuring, Uniregistry took on MMX’s registrar business.
Uniregistry has also been working closely with MMX on its recently launched AdultBlock trademark blocking services, which could wind up accounting for a big chunk of MMX’s porn-related revenue.
These latest four gTLDs to switch providers are merely the latest in a game of musical chairs that has been playing out for the last several months, five years after the first new gTLDs started going live and registries shop around for better back-end deals.
Nominet picked up most of Amazon’s portfolio, replacing Neustar, earlier this year.
But Nominet has lost high-profile .blog to CentralNic, and Afilias lost a Brazilian dot-brand to Nic.br

Sixty gTLD registries not monitoring security threats

Roughly 5% of gTLD registry operators have been doing no abuse monitoring, despite contractual requirements to do so, a recent ICANN audit has found.
ICANN checked with 1,207 registries — basically all gTLDs — between November 2018 and June, and found about 60 of them “were not performing any security threat monitoring, despite having domains registered in their gTLDs”.
A further 180 (15%) were not doing security checks, but had no registered domains, usually because they were unused dot-brands. ICANN told these companies that they had to do the checks anyway, to remain in compliance.
In all cases, ICANN said, the registries remediated their oversights during the audit to bring their gTLDs back into compliance.
ICANN does not name the non-compliant registries in the summary of the audit’s results, published yesterday (pdf).
Registries under the 2012 new gTLD base registry agreement all have to agree to this:

Registry Operator will periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. Registry Operator will maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operator will maintain these reports for the term of the Agreement unless a shorter period is required by law or approved by ICANN, and will provide them to ICANN upon request.

It’s possible to keep tabs on abuse by monitoring domain blocklists such as SpamHaus, SURBL and PhishTank. Some such lists are freely available, others carry hefty licensing fees.
ICANN itself monitors these lists through its Domain Abuse Activity Reporting project, so it’s able to work out the differences between the levels of abuse registries report and what the empirical data suggests.
Registries typically either use these lists via in-house tools or license products provided by vendors such as Neustar, RegistryOffice, Knipp, CSC, DOTZON, Afnic, AusCERT, Shadowserver, Telefonica, Secure Domain Foundation and Netcraft, ICANN said.
Perhaps unsurprisingly, there’s a bit of disagreement between ICANN and some registries about how the somewhat vague obligations quote above are be interpreted.
ICANN thinks registries should have to provide information about specific domains that were identified as abusive and what remediation actions were taken, but some registries think they only have to provide aggregate statistical data (which would be my read of the language).
The contracts also don’t specify how frequently registries much carry out security reviews.
Of the 80% (965) of registries already in compliance, 80% (772) were doing daily abuse monitoring. Others were doing it weekly, monthly, or even quarterly, ICANN found, all of which appear to be in line with contractual requirements.

Bumper batch of dot-brands off themselves for Friday 13th

It’s Friday 13th tomorrow, and to celebrate the occasion no fewer than 13 dot-brands have opted to take the easy way out and self-terminate.
ICANN has published a bumper list of contracted brand registries that have informed the organization that they no longer wish to run their gTLDs.
Adding themselves to the dot-brand deadpool are: .ladbrokes, .warman, .cartier, .piaget, .chrysler, .dodge, .mopar, .srt, .uconnect, .movistar, .telefonica, .liason and .lancome.
That brings the total of self-terminated new gTLDs to date to 66.
The imminent demise of .cartier and .piaget is perhaps notable, as it means luxury goods maker Richemont has now abandoned ALL of the nine dot-brands it originally applied for.
Richemont, an enthusiastic early adopter of the new gTLD concept, applied for 14 strings in total back in 2012.
The only ones it has left are generics — .watches along with the the Chinese translation .手表 and the Chinese for “jewelry”, .珠宝, none of which have been launched and in all likelihood are being held defensively.
It’s the same story with L’oreal, the cosmetics company. It also applied for 14 gTLDs, mostly brands, but abandoned all but .lancome prior to contracting.
With .lancome on its way out, L’oreal only owns the generics .skin, .hair, .makeup and .beauty, at least one of which is actually being used.
Also of note is the fact the car company Chrysler is dumping five of its six gTLDs — .chrysler, .dodge, .mopar, .srt and .uconnect — leaving only .jeep (unused) still under contract.
Clearly, Chrysler is not as keen on dot-brands as some of its European competitors, which have been among the most prolific users.
Telefonica’s abandonment of .movistar and .telefonica also means it’s out of the gTLD game completely now, although its Brazilian subsidiary still owns (and uses) .vivo.
Betting company Ladbrokes only ever owned .ladbrokes, though it did unsuccessfully apply for .bet also.
Rounding off the list is .warman, a brand of — and I’m really not making this up — industrial slurry pumps. The pumps are made by a company called Weir, which uses global.weir as its primary web site. So that’s nice.
As far as I can tell, none of the gTLDs that are being killed off had ever been used, though each registry will have paid ICANN six-figure fees since they originally contracted.

Another victory for Amazon as ICANN rejects Colombian appeal

Amazon’s application for .amazon has moved another step closer to reality, after ICANN yesterday voted to reject an appeal from the Colombian government.
The ICANN board of directors voted unanimously, with two conflict-related abstentions, to adopt the recommendation of its Board Accountability Mechanisms Committee, which apparently states that ICANN did nothing wrong when it decided back in May to move .amazon towards delegation.
Neither the board resolution nor the BAMC recommendation has been published yet, but the audio recording of the board’s brief vote on Colombia’s Request for Reconsideration yesterday can be found here.
As you will recall, Colombia and the seven other governmental members of the Amazon Cooperation Treaty Organization have been trying to stymie Amazon’s application for .amazon on what you might call cultural appropriation grounds.
ACTO governments think they have the better right to the string, and they’ve been trying to get veto power over .amazon’s registry policies, something Amazon has been strongly resisting.
Amazon has instead offered a set of contractual Public Interest Commitments, such as giving ACTO the ability to block culturally sensitive strings, in the hope of calming the governments’ concerns.
These PICs, along with Amazon’s request for Spec 13 dot-brand status, will likely be published for 30 days of public comment this week, Global Domains Division head Cyrus Namazi told the board.
Expect fireworks.
After comments are closed, ICANN will then make any tweaks to the PICs that are necessary, before moving forward to contract-signing with Amazon, Namazi .said.

Sorry, you still can’t sue ICANN, two-faced .africa bidder told

Failed .africa gTLD applicant DotConnectAfrica appears to have lost its lawsuit against ICANN.
A California judge has said he will throw out the portions of DCA’s suit that had not already been thrown out two years ago, on the grounds that DCA was talking out of both sides of its mouth.
DCA applied for .africa in 2012 but lost out to rival applicant ZA Central Registry because ZACR had the backing of African governments and DCA did not.
It filed an Independent Review Process complaint against ICANN in 2013 and won in 2015, with the IRP panel finding that ICANN broke its own bylaws by paying undue deference to Governmental Advisory Committee advice.
It also emerged that ICANN had ghost-written letter of government support on behalf of the African Union, which looked very dodgy.
DCA then sued ICANN in 2016 on 11 counts ranging from fraud to breach of contract to negligence.
The Los Angeles Superior Court decided in 2017 that five of those charges were covered by the “covenant not to sue”, a broad waiver that all new gTLD applicants had to sign up to.
But the remaining six, relating to ICANN’s alleged fraud, were allowed to go ahead.
ICANN relied in its defense on a principle called “judicial estoppel”, where a judge is allowed to throw out a plaintiff’s arguments if it can be shown that it had previously relied on diametrically opposed arguments to win an earlier case.
The judge has now found that estoppel applies here, because DCA fought and won the IRP in part by repeatedly claiming that it was not allowed to sue in a proper court.
It had made this argument on at least seven occasions during the IRP, Judge Robert Broadbelt found. He wrote in his August 22 ruling (pdf):

DCA’s successfully taking the first position in the IRP proceeding and gaining significant advantages in that proceeding as a result thereof, and then taking the second position that its totally inconsistent in this lawsuit, presents egregious circumstances that would result in a miscarriage of justice if the court does not apply the doctrine of judicial estoppel to bar DCA from taking the second position in this lawsuit. The court therefore exercises its discretion to find in favor of ICANN, and against DCA, on ICANN’s affirmative defense of judicial estoppel and to bar DCA from bringing or maintaining its claims against ICANN alleged in the [First Amended Complaint] in this lawsuit.

In other words, ICANN’s won.
The case is not yet over, however. DCA still has an opportunity to object to the ruling, and there’s a hearing scheduled for December.

Why you should never let a pizza joint apply for your billion-dollar dot-brand

A multi-billion dollar telecoms company has lost its two dot-brand gTLDs after apparently hiring a failed pizza restaurant to manage them.
For reals.
Several times a year, my friends at other domain news blogs will post cautionary tales about companies losing their domains after falling out with the consultant or developer who originally registered the names on their behalf.
I believe this story is the first example of the same thing happening at the top level, with two valuable dot-brand gTLDs.
It concerns the Saudi Arabian telco Etihad Etisalat, which does business as Mobily. It’s publicly traded, with millions of subscribers and 2018 revenue of the equivalent of $3.14 billion.
The two gTLDs we’re concerned with are .mobily and موبايلي. (.xn--mgbb9fbpob), the Arabic version of the brand.
Back in 2012, a Bahrain company called GreenTech Consultancy Company applied for both of these TLDs. The applications made it explicit that they were to be single-registrant dot-brands to be used by Mobily.
Quite what the relationship between Mobily and GreenTech was — if there even was one — isn’t particularly clear.
GreenTech’s shareholders were Anwar Ahmed and Asma Malik, two Pakistani nationals living in Bahrain, according to Bahrain business records.
Its web site is an laughable mess of broken English, shameful grammar, irrelevant and impenetrable technobabble (much of which appears verbatim on several other South Asian tech companies’ web sites), and a suggestion that the company is primarily in the business of selling satellite modems.
The site just stinks of bogosity. It looks like a dirt-cheap developer threw the site together during his lunch break for beer money.
Bahrain company records show that GreenTech shared a registration with a company called Greentech Pizzeria Restaurant. Same two directors, same address, same company number.
The consultancy company was formed in February 2012 — during the ICANN application window — and the pizza joint opened a bit over a year later.
Why a multi-billion dollar telecommunications company would entrust its brands to these guys, if that is in fact what happened, is a bit of a mystery.
From information that has recently emerged, which I’ll get to shortly, it appears that the true applicant was a Los Angeles-based gTLD consultancy called WiseDots, which in 2011 was co-founded by recently departed ICANN CFO Kevin Wilson and Herman Collins.
WiseDots employees Collins, Wael Nasr and Alan Bair were all at some point listed as primary or secondary contacts for the two applications, as was domain lawyer Mike Rodenbaugh of Rodenbaugh Law.
Wilson left WiseDots in May 2012 and rejoined three years later as CEO after a stint at Donuts. He’s currently listed as the Admin contact for both Mobily gTLDs in the IANA records.
It appears that Mobily signed a letter of intent with WiseDots on April 9, 2012, just three days before the ICANN application window closed, and that was later formalized into a contract in 2014, six months before GreenTech signed its contracts with ICANN.
Both applications made it through ICANN’s evaluation process with apparently no trouble — there were no objections on trademark or any other grounds — and the Registry Agreements were signed in December 2014.
It’s worth noting that neither contract contains Specification 13, which is required for a registry to operate as a dot-brand. If you want to run a dot-brand, you have to show ICANN that you own a trademark matching the string you’ve applied for.
GreenTech did actually submit requests for Spec 13 approval (pdf) — a week after the contracts were already signed — but at a later date both were either withdrawn or rejected by ICANN for reasons unknown.
Both requests include what appear to be scans of Saudi trademark certificates, but they’re both in Arabic and I’ve no idea who they’re assigned to. Presumably, Mobily, which may explain why GreenTech couldn’t get its Spec 13.
After the contracts were signed, it took exactly one full year — the maximum delay permitted by ICANN — before they were delegated and entered the DNS root.
A year after that, in December 2016, ICANN whacked GreenTech with a breach-of-contract notice (pdf), after the company apparently failed to pay its ICANN fees.
The fees had been “past due” for at least six months. It seems quite possible GreenTech had never paid its fees after delegation.
The breach was later escalated to termination, and the two parties entered mediation.
According to Nasr, in a letter to ICANN, Mobily had promised to pay the ICANN fees, but had reneged on its promise, causing the breach.
The issue was resolved, with GreenTech apparently agreeing to some “confidential” terms with ICANN, in November 2017.
It has now transpired, from Nasr’s letter and attached confidential joint-venture agreement, that GreenTech, WiseDots, Collins, Ahmad, Nasr and yet another consultant — an Egyptian named Ahmed El Oteify, apparently with Varkon Group — made a pact in August 2016 whereby the two gTLDs would be transferred into the control of a new jointly owned Bahrain company to be called MobileDots WLL, which in turn would be owned by a new jointly owned Delaware company called MobileDots LLC.
The TLD contracts would then be transferred to Mobily, according to Nasr.
“GreenTech and the two Mobiledots companies were intended to be intermediate conduits for the future transfer of the two Mobily licenses to Mobily as their eventual Registered Operator,” he wrote.
“At no point in time was GreenTech ever contemplated as the true operator of the ‘Mobily’ gTLD licenses. Indeed, GreenTech ran a defunct pizza restaurant, and was long ago de-registered by the Bahraini government for its numerous payments and filing defaults,” he wrote.
The Delaware company was created, but there does not appear to be an official record of the Bahrain company being formed.
According to Nasr, after Mobily stopped paying its ICANN dues the joint venture partners fell out with each other over how to finance the registries. This led to GreenTech asking ICANN to terminate its contracts, which I blogged about in May.
As is customary when a brand registry self-terminates, ICANN made a preliminary decision not to transfer the GreenTech contracts to a third party and opened it up to public comments.
Nasr’s letter is the first example of anyone ever actually using that public comment opportunity.
He argued that because of the JV agreement, ICANN should instead transfer .mobily and the Arabic version to MobileDots.
ICANN declined, saying “it is not within the remit of ICANN org to transfer the TLDs to a specific successor Registry Operator (such as Mobiledots L.L.C., as Mr. Nasr requests) through this termination process”.
As a further twist in the tale, on August 23 this year, just four days before the contract terminations were due to become effective, GreenTech withdrew its requests for reasons unknown.
But it seems ICANN has had enough.
Last Thursday, it told GreenTech (Wilson and Ahmed) that it is terminating its registry contracts anyway, “invoking certain provisions set forth in the previously agreed-upon confidential terms between ICANN org and GreenTech”.
Its termination notices do not reveal what these “confidential terms” are.
But, given that GreenTech stopped existing as a legal entity in February (according to Bahrain company records) it appears it would have been on fairly solid grounds to terminate anyway.
ICANN’s decision is not open for comment this time around, and IANA has been asked to delete both TLDs from the root as soon as possible.
The upshot of all this is that a massive Saudi telco has lost both of the dot-brands it may or may not have wanted, and a whole mess of gTLD consultants appear to be out of pocket.
And the moral of this story?
Damned if I know. Something to do with pizzas, probably.

More than 1,000 new gTLDs a year? Sure!

There’s no particular reason ICANN shouldn’t be able to add more than 1,000 new gTLDs to the DNS every year, according to security experts.
The Security and Stability Advisory Committee has informed ICANN (pdf) that the cap, which was in place for the 2012 application round, “has no relevance for the security of the root zone”.
Back then, ICANN had picked the 1,000-a-year upper limit for delegations more or less out of thin air, as a straw man for SSAC, the root server operators, and those who were opposed to new gTLDs in general to shake their sticks at. It was concluded that 1,000 should present no issues.
As it turned out, it took two and a half years for ICANN to add the first 1,000 new gTLDs, largely due to the manual elements of the application process.
SSAC is now reiterating its previous advice that monitoring the rate of change at the root is more important than how many TLDs are added, and that there needs to be a way to slam the brakes on delegations if things go titsup.
The committee is also far more concerned that some of the 2012 new gTLDs are being quite badly abused by spammers and the like, and that ICANN is not doing enough to address this problem.

.blog registry handover did NOT go smoothly

The transition of .blog between registry back-end providers ended up taking six times longer than originally planned, due to “a series of unforeseen issues”.
Registry Knock Knock Whois There today told registrars that the move from Nominet to CentralNic took 18 hours to complete, far longer than the two to three hours anticipated.
An “unexpected database error” was blamed at one point for the delay, but KKWT said it is still conducting a post-mortem to figure out exactly what went wrong.
During the downtime, .blog registrations, renewals, transfers and general domain management at the registry level would not have been possible.
DNS resolution was not affected, so registrants of .blog domains would have been able to use their web sites and email as usual.
The migration, which covered roughly 200,000 domains, wrapped up at around 0800 UTC this morning. It seems engineers at the two back-end providers, both based in the UK, will have been working throughout the night to fix the issues.
KKWT reported the new CentralNIC EPP back-end functioning as expected but that several days of “post-migration clean-up” are to be expected.
Eighteen hours is more than the acceptable 14 hours of monthly downtime for EPP services under ICANN’s standard Registry Agreement, but below the 24 hours of weekly downtime at which emergency measures kick in.
CentralNic already handles very large TLDs, including .xyz, but I believe this is the largest incoming migration it’s handled to date.
KKWT is owned by Automattic, the same company as WordPress.com.