Recent Posts
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
DI Leaders Roundtable #1 — How many new gTLDs will be applied for next time around?
How many new gTLDs will be applied for in the next application round?
This is the first question I put to the DI Leaders Roundtable, which you may recall I announced a couple weeks back.
As a reminder, the panel is comprised of leading thinkers in the domain name industry or ICANN community, covering as broad a cross-section of expertise as I could muster.
The question I posed each panelist this time was:
There were 1,930 applications for new gTLDs in 2012. Given everything we’ve learned over the last seven years, how many applications do you think there will be in the next round?
There seemed to be a rough consensus that it’s a little early to put any concrete predictions out there, and that perhaps I should have eased the panel in with something a little less challenging, but some very interesting — and divergent — opinions were nevertheless expressed.
Some of the participants asked me to note that they were speaking in a personal capacity rather than with them wearing a specific one of their various professional/volunteer hats. To save time, readers should just assume that every opinion being expressed below is personal to the expert concerned.
In no particular order…
Jeff Neuman, Senior VP, Com Laude
Without wanting to sound like I’m trying to avoid answering the question or hedge my bets, we have to consider this question in the context of the current landscape. The number of applications in the next round will be dependent on the outcomes of the current Subsequent Procedures PDP Working Group, alongside macroeconomic business factors. So therefore I’ll put a range on the possible answer — at the low end (if the application fee remains as is and world economies are facing significant troubles) around 1,000; at the top end (with application fee reduced to a level that operates as far less of a barrier, a fair economic wind behind us and some targeted promotion of the opportunities) there could be up to 10,000.
One thing that is clear is that many of the applications will come from brands that would like to actively use their domains. Those who were forward-thinking and have taken bold steps in the first round are the ones who are benefiting most from the new gTLD program. That’s not to say that there have not also been issues with brands. In 2012 many brands were pressured to apply for TLDs by third parties who advised them to apply for purely defensive reasons. Others gave up after the many fits and starts of the program as well as the overly lengthy period it took ICANN to evaluate the TLDs, approve Specification 13, respond to name collision, and the change of rules to temporarily disallow “closed generic” TLDs. Not surprisingly, we have seen a number of these brands drop out of the program.
However, many of the ones that have stuck it out are doing well. Some have even made transitions from their “.com” or their ccTLDs to their brand TLDs. Others have used their TLDs for marketing campaigns, corporate social responsibility programs, internal corporate intranets, job sites, geolocation tools, social media programs, events and customer service. And this is just the beginning.
What we need to ensure for the future is that application fees represent the true costs of the program and that the process is predictable, reliable and flexible enough to allow brands and others to innovate. Over-regulation due to the fear of unlikely edge cases or paranoia due to how potential applicants for purely generic open TLDs cannot be allowed to happen. All TLDs should not be painted with the same regulatory brush and the community needs to understand that we should be encouraging different business models for TLDs that do not necessarily include the unfettered ability for the public to register domain names in all TLDs. Ultimately, we need to do what is best for end users on the Internet.
Incentives should be provided for TLDs like .bank and .pharmacy to validate their registrants and ensure the safety of their end users by curbing abusive behavior. This could come in the form of reduced fees to ICANN or even ensuring that other similarly sensitive strings have similar verification requirements before allowing them to be delegated.
Finally, in order for the program to succeed, we need to stimulate growth of registries and registrars in the developing world. Support for these organizations should not only be in the form of monetary contributions, but also training programs, consulting services, legal support, and even operational support (eg., the free or low-cost use of third party DNS servers globally, security monitoring and other critical services).
Rick Schwartz, domain investor
Who cares?? Nobody in the real world. Totally meaningless except to the 1,930 applicants and a totally corrupt and out of control ICANN that needs oversight! SHAMEFUL!
Christa Taylor, CMO, MMX
“Will you walk into my parlour and tell me how many applications there will be for the next round, said a Spider to a Fly”
Oh, poor fly, good luck getting out of this one. There have been some exceptionally large volumes thrown around — 10k, 20k, but this fly would prefer to utilize data gathered from statistical surveys. Unfortunately, my workload didn’t allow me to conduct a survey this week so instead, I’ll utilize a less scientific approach and seek the same leniency ICANN received in their volume prediction used in the 2012 round.
A multitude of variables may impact the volume of applications including: notice period, application fees, auctions and delegation rates with each factor being additive to the prior factor.
- Base volume: 2,000 applications is utilized as the initial value. While the type of applications may change, the overall volume is a logical starting point especially when considering the last round was in 2012.
- Notice period: A longer notice period on when the application period will begin will allow for more applicants to apply. Assuming a notice period of four months with a 10% increase in application volume for each additional four-month period. i.e. if there is a six month notice until application window opens, volume will increase by 100 (2,000 x 10% x (6-4/4)). Our total volume of applications is now 2,100.
- Application fee: The new gTLD program is expected to operate on a ‘revenue neutral’ basis. As such, the application fee should decrease from the 2012 fee of $185k. Since the volume of applications is inversely related to the fee, increasing the volume by say, 15% for every $10k less than $150k. For example, if the actual application fee is $125k, the volume of applications will increase by approximately ~800 (15% x 2,100 x ($150k – $125k/$10k) for a total of 2,900 applications.
- Auctions: One of the most significant items that could drive the volume of applications if auctions and other related resolution mechanisms. The windfalls from ‘losing’ in auctions are well-known and while other options have been discussed – Vickrey auctions, draws, etc. some applications will be submitted for financial gains. Additionally, the potential to gain from ‘losing’ in contention sets combined with reduced application fees and delegation rates (detailed below) will again impact the volume of applications. As such, the number of applications will increase similar to application fees but would suggest that for every $5k less than $150k application fee, the volume of applications will increase by 10%. If the application fee is $125k, the volume will increase by 1,250 (10% x 2,888 x ($150k-$125k/$5k) for a combined volume of 4,150 applications.
- Delegation rate: The final factor in this unscientific, simplistic volume projection is the delegation rate. In 2010, a rate of 1,000 per year was provided to minimize security and stability risks. If the delegation rate remains relatively the same, the processing of applications could take years and thereby, encourage potential applicants to apply knowing it will take years before their application is delegated. Additionally, a reduced application fee minimizes an applicant’s risk if they decide to withdraw at a later date. Applying another broad brushstroke of 5% per year for the length of time it will take for all applications to be delegated, excluding objections. If it is expected to take three years to process the subsequent round of applications, add in another ~750 applications (5% x 3 years X 4,150) for a total volume of 4,900, rounding to 5,000 applications.
“And take a lesson from this tale of the Spider and the Fly” — gather real data to project application volumes and escape these impossible questions.
Ref: Howitt, Mary. The Spider and the Fly. (1829)
Michele Neylon, CEO, Blacknight
It’s not one that’s easy to answer — I think we all got it terribly wrong the last time round.
I suspect, though I could be completely wrong, that there will be at least 1,000 applications if there is a new round. Of course, that number is not based on anything other than just a gut instinct. I don’t think there will be as many distributed retail TLDs in a next round. Apart from a couple of outliers the bulk of new TLDs haven’t been as big of a success as their backers expected.
I can imagine that some cities would pitch for a TLD in the next round but it’d be more of a play in terms of tourism rather than commercial gain.
Some would have us believe that a “lot” of brands want to apply for a TLD in a next round, but I do wonder how much of that demand is “real” and comes from brands and how much of it is being pushed by those who stand to gain from applications. Of course, there could be a lot of brands out there that feel a desire to get their own TLD, but it’s also very clear that many of the brands that got one the last time round haven’t done a lot with them (with a few notable exceptions)
It’s a very good question to ask, but until there’s more clarity about the rules and the costs we’re all going to be guessing.
Jon Nevett, CEO, Public Interest Registry
Check back with me in 2022 when we may know the application fee; how contention resolution would work (i.e. will there be speculative applications); and the role of the GAC in reviewing applications.
Dave Piscitello, Partner, Interisle Consulting Group
While I can’t speculate how many, I truly hope that we have fewer “generics” that only serve to create a larger set of TLDs that will be offered in bulk at fees as low as 1 yen to organized spam gangs or botnet operators. ICANN hasn’t provided a scientifically valid economic study that demonstrates a need for more of these; in fact, ICANN’s own DAAR data shows that nearly half of the abused or criminally-used domain names have migrated to the piddling 10-12% share of the total gTLD delegated (and resolving) domain names that the new TLDs represent.
Having said this, I do believe that there are some success stories that point would-be applicants to modestly profitable ventures. City TLDs for the most part have remained free of abuse or criminal misuse. A portfolio of these might be interesting. I think that brands still don’t really know how to use their TLD or migrate to these in a way that alters the threat landscape.
Ben Crawford, CEO, CentralNic
Our focus today at CentralNic is supporting the growth of existing ccTLD and gTLD registries. However there is no company more prepared for the next round than us, and based on our discussions with potential applicants, we expect more applications in this nTLD round that the last.
Generic TLD applicants obviously gravitate towards CentralNic Registry Solutions as the natural home of TLDs seeking meaningful growth. We are not only the market leaders with more registrars actively selling our nTLD domains than any other backend, but we have as many domains under management as the number 2, 3 and 4 players combined.
Brand owners are also very keen to sign up with BrandShelter as a low cost and flexible one-stop shop that can handle application, backend, registrar and domain management services under a single contract with a money back guarantee. They particularly like that we have the best value support for dot-brands that do want to actively use their TLDs (like .DVAG, .ALLFINANZ and .MINI) while we don’t employ pushy sales people to hassle our clients happy with a defensive strategy to “activate” their TLDs.
Milton Mueller, Professor, Georgia Tech
Is a negative number an acceptable answer? Will some of the past 1,930 be allowed to bring their TLDs back to the store for a refund? What exactly is ICANN’s return policy, is it as good as TJ Maxx’s? More seriously, I would expect quite a few less applications this time around. I’d be surprised if it exceeded 500. We don’t see any smashing successes from the first round.
Spam is not our problem, major domain firms say ahead of ICANN 66
Eleven of the largest domain name registries and registrars have denied that spam is something they should have to deal with, unless it’s used to proliferate other types of abuse such as phishing or malware.
In a newly published “Framework to Address Abuse” (pdf), the companies attempt to define the term “DNS abuse” narrowly to capture only five (arguably only four and a half) specific types of online threat.
That abuse comprises malware, phishing, botnets, pharming and spam.
The companies agree that these are activities which registrars and registries “must” act upon.
But the document notes that not all spam is its responsibility, stating:
While Spam alone is not DNS Abuse, we include it in the five key forms of DNS Abuse when it is used as a delivery mechanism for the other four forms of DNS Abuse. In other words, generic unsolicited e-mail alone does not constitute DNS Abuse, but it would constitute DNS Abuse if that e-mail is part of a phishing scheme.
In other words, registrars and registries should not feel responsible for the billions of spams sent every day using their domains, unless the spam runs further malware, phishing, pharming or botnet abuse.
The signatories of the framework are Public Interest Registry, GoDaddy, Donuts, Tucows, Amazon Registry Services, Blacknight, Afilias, Name.com, Amazon Registrar, Neustar, and Nominet UK.
It may seem like they’ve presented a surprisingly narrow definition, but it’s in line with what current ICANN contracts dictate.
Neither the standard Registry Agreement nor Registrar Accreditation Agreement mention spam at all. Six years ago, ICANN specifically said that spam is “outside of ICANN’s scope and authority”.
Under the RA, registries have to oblige their registrars to ban registrants from “distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law”.
They also have to maintain statistical reports on the amount of “pharming, phishing, malware, and botnets” in their zones, and provide those reports to ICANN upon demand. A recent audit found that 5% of registries, mainly dot-brands, were not doing this.
However, ICANN’s Domain Abuse Activity Reporting system, an effort to provide some transparency into how gTLDs are being abused, does in fact track spam. It does not track pharming, which is a fairly obscure and little-used form of DNS attack.
The DAAR report for September shows that spam constituted 73% of all tracked abuse.
The ICANN board of directors today identified DAAR as one of a few dozen priorities for the coming year.
Similarly, the cross-community working group known as the CCT Review Team, which was tasked with looking into how the new gTLD program has impacted competition and consumer trust, had harsh words for spam-friendly registries, and provided a definition of “DNS Security Abuse” that specifically included “high volume spam”.
The review recommended that ICANN introduce more measures to force contracted parties to deal with this type of abuse. This could include incentives for registries to clean up their zones and abuse volume thresholds that would automatically trigger compliance actions.
The new framework document comes in the context of an ongoing debate within the ICANN community about what “DNS abuse” is.
Two partners at Interisle, a security consultancy that often works for ICANN, recently guest-posted on DI to say that this term has become meaningless and should be abandoned in favor of “security threat”.
They argued that the definition should include not only spam, but also stuff like IP infringement, election interference, and terrorism.
But the main threat to contracted parties probably comes from the Governmental Advisory Committee, backed by law enforcement, which is pushing for stronger rules covering abusive content.
During a webinar last week, the US Federal Trade Commission, the FBI, and Europol argued that registries and registrars should be obliged to do more to combat abuse, specifically including spam.
“Whether or not you call it phishing or spam or whether it has a malware payload or not, ultimately it’s all email, and email remains the most common tool of cybercriminals to ensnare their victims, and that’s why we in law enforcement care about the domains used to send emails,” said Gabriel Andrews of the FBI’s Cyber Initiative Resource Fusion Unit, on the call.
Registries and registrars countered, using the same language found in the new framework, that generic spam is a content issue, and outside of their remit.
The two sides are set to clash again at ICANN’s annual general meeting in Montreal next month, in a November 6 face-to-face session.
While 11 entities signed the new framework, it’s arguably only nine companies. Name.com is owned by Donuts and both Amazon firms obviously have the same parent.
But it does include the two largest registrars, and registries responsible for running several hundred commercial gTLDs, dot-brands and ccTLDs.
While none of the signatories of the framework have a particular reputation for being spam-friendly, other companies in the industry — particularly some of the newest and cheapest new gTLDs — tend to attract spammers like flies to a turd.
Some of the signatories are perhaps surprising, given their past or ongoing behavior to tackle content-based abuse in their own zones.
Nominet, notably, takes down tens of thousands of domains ever year based on little more than police assurances that the domains are being used to sell counterfeit merchandise or infringe copyright.
The .uk registry also preemptively suspends domains based on algorithms that guess whether they’re likely to be seen as encouraging sexual violence or could be used in phishing attacks.
Donuts also has a trusted notifier relationship with the movie and music industries that has seen it take down dozens of names being used for mass copyright infringement.
PIR has previous endorsed, then unendorsed, the principal of a “UDRP for copyright”, a method of giving Big Content a way of going through due process to have domains taken or suspended.
Outside the spam issue, while the new registry-registrar framework says that registries and registrars should not get involved in matters related to web site content, it also says they nevertheless “should” (as opposed, one assumes based on the jargon usually found in internet standards, to “must”) suspend domains when they’re being used to distribute:
(1) child sexual abuse materials (“CSAM”); (2) illegal distribution of opioids online; (3) human trafficking; and (4) specific and credible incitements to violence.
These are exceptions because they constitute “the physical and often irreversible threat to human life”, the framework says.
Ultimately, this all boils down to a religious debate about where the line is drawn between “DNS” and “content”, it seems to me.
The contracted parties draw the line at threats to human life, whereas others want action on other forms of abuse largely because registries and registrars are in the best position to help.
Google quietly launches .new domains sunrise
Google Registry will allow trademark owners to register domains matching their marks in the .new gTLD from tomorrow.
While the company hasn’t made a big public announcement about the launch, the startup dates it has filed with ICANN show that its latest sunrise period will run from October 15 to January 14.
As previously reported, .new is a bit of a odd one. Google plans to place usage restrictions that require registrants to use the domains in the pursuit of “action generation or online contention creation”.
In other words, it wants registrants to use .new in much the same way as Google is today, with domains such as docs.new, which automatically opens up a fresh Google Docs word processing document when typed into a browser address bar.
From January 14, all the way to July 14, Google wants to run a Limited Registration Period, which will require wannabe registrants to apply to Google directly for the right to register a name.
During that period, registrants will have to that they’re going to use their names in compliance with .new’s modus operandi. It’s Google’s hope that it can seed the space with enough third-party content for .new’s value proposition to become more widely known.
If you’re wanting to pick up a .new domain in general availability, it looks like you’ve got at least nine more months to wait.
Hindu god smites Chrysler gTLD
Car-maker Chrysler has withdrawn its application for the .ram dot-brand gTLD more than six years after receiving a government objection on religious grounds.
Ram is a brand of pickup trucks manufactured by Chrysler, but it’s also a variant spelling of Rama, an important deity in the Hindu pantheon.
Back in 2013, ICANN’s Governmental Advisory Committee forwarded an objection from majority-Hindu India, later saying: “The application for .ram is a matter of extreme sensitivity for the Government of India on political and religious considerations.”
In a 19-page response (pdf), Chrysler said that Ram vehicles had been around for 75 years without offending Hindus, and that .ram was to be a restricted dot-brand that could not be used by third parties to post offensive content.
The objection appeared at a time when the GAC was not obliged to show its thinking and often deliberately obfuscated its advice. But ICANN placed .ram on hold anyway, where it has remained ever since.
Over the intervening time, Chrysler has rethought its dot-brand strategy, and last month called on ICANN to cancel five of the six gTLDs it already owns (but does not use) — .chrysler, .dodge, .mopar, .srt and .uconnect.
It’s still contracted to run .jeep, weirdly.
Radix acquires another gTLD
Radix has added the 10th new gTLD to its portfolio with an acquisition last month, bringing its total TLD stable to 11.
The company has acquired .uno from Missouri-based Dot Latin LLC for an undisclosed amount.
.uno, which of course means “one” in Spanish, has been around for over five years but has struggled to grow.
It’s current ranked as the 131st largest new gTLD, with 16,271 domains in its zone file. It peaked at about 22,000 about three years ago.
That said, it appears to have rather strong renewals, at least by Radix standards, with no evidence of relying on discounts or throwaway one-year registrations for growth.
.uno names can currently be obtained for roughly $12 to $20 per year.
Radix said its expects to migrate the TLD off its current Neustar back-end onto long-time registry partner CentralNic by “early 2020”.
The company appears to be excited that its only the second three-letter TLD in its portfolio.
It already runs .fun, along with the likes of .website, .tech and .online. It also runs .pw, the repurposed ccTLD for Palau.
.uno was Dot Latin’s only gTLD, though affiliated entity Dot Registry LLC signed its ICANN registry agreement for .llp (for “Limited Liability Partnership”) in August. That TLD has yet to launch.
.whoswho survives!
The registry running the failing new gTLD .whoswho has managed to avoid having its contract terminated by ICANN.
According to an update on the ICANN web site, Who’s Who Registry came back into compliance with its obligations earlier this week, meaning it can continue operating.
It had been under a cloud of uncertainty since January, when ICANN Compliance sent off a breach notice saying the company was overdue with its $25,000-a-year fees.
Who’s Who originally had until a date in February to pay up, but this deadline has been extended repeatedly over the course of the year.
Registry CEO John McCabe had told ICANN last November that the fee is “onerous” and “the single largest item in .whoswho’s budget”.
ICANN later rejected his request for a fee reduction.
.whoswho, which seeks to replicate the once-popular biography compilation books of the same name, has fewer than 100 real registrations to its name, most of which appear to be defensive, despite being live for five years.
At about $70 a pop, that’s still not nearly enough to cover ICANN fees, never mind other operating costs.
It sold barely a dozen names in the first half of this year.
I thought it was a goner for sure.
But it looks like it’s been saved from the axe for now, so maybe there’s time to turn things around.
Mediocre .vote gTLD drops restrictions
The .vote and .voto gTLDs have had their registration restrictions removed in a bid to increase numbers.
Both domains were previously technically restricted to those who could show they had a legitimate connection to democratic proceedings, and were sometimes used by political campaigns.
But it appears those post-registration restrictions were lightly enforced, and now they’ve been dropped entirely.
Neither gTLD has been particularly successful — .vote has been wobbling around the 3,000-domain mark for a while, while .voto (the Spanish version) has about a tenth of that figure.
Both renew at retail for about $60 a year, but first-year regs can currently be obtained for about half that amount.
They’re both managed by Afilias.
The highest-profile .vote domain I’m aware of to date was used in the spectacularly successful Hollywood-backed campaign to keep Donald Trump out of the White House in 2016.
.bond domains could cost a grand each
Newish registry ShortDot has announced the release details for its recently acquired .bond gTLD, and they ain’t gonna be cheap.
The TLD is set to go to sunrise in a little under a month, October 17, for 33 days.
General availability begins November 19 with a seven day early access period during which the domains will be more expensive than usual but get cheaper each day.
The regular pricing is likely to see registrars sell .bond names for between $800 and $1,000 a pop, according to ShortDot COO Kevin Kopas.
There won’t be any more-expensive premium tiers, he said.
The gTLD was originally owned by Bond University in Australia, but it was acquired unused by ShortDot earlier this year.
The company hopes it will appeal to bail bondsmen, offerers of financial bonds and James Bond fans.
The business model with .bond is diametrically opposed to .icu, where names sell for under $2 a year (and renew for under $8, if indeed any of them renew).
That zone has inexplicably gone from 0 to 1.8 million names in the last 16 months, and ShortDot says it’s just crossed the two-million mark of registered names.
That second million appears to have been added in just the last three months.
MMX switches porn TLDs from Afilias to Uniregistry
Minds + Machines is moving its four porn-themed gTLDs to a new back-end provider.
MMX CEO Toby Hall confirmed to DI today that the company is ditching Afilias, which had been providing registry services for .xxx since 2011.
“We’re in the process of switching the back-ends from Afilias to Uni for the ICM portfolio,” he said.
This portfolio, which MMX acquired last year, also includes .porn, .adult and .sex. There are roughly 170,000 domains under management in total, but about half of these are sunrise-period blocks in .xxx, which could add a wrinkle to the transition.
It appears that Afilias is still providing DNS for the TLDs, but Uniregistry has been named the official tech contact.
It’s not currently clear when the handover will be complete. Hall was not immediately available for further comment.
It’s also not currently clear why Uniregistry was selected. All of MMX’s 27 other gTLDs — the likes of .vip, .work and .law — have been running on Nominet’s platform since MMX dropped its own self-hosted infrastructure a few years back.
During the same restructuring, Uniregistry took on MMX’s registrar business.
Uniregistry has also been working closely with MMX on its recently launched AdultBlock trademark blocking services, which could wind up accounting for a big chunk of MMX’s porn-related revenue.
These latest four gTLDs to switch providers are merely the latest in a game of musical chairs that has been playing out for the last several months, five years after the first new gTLDs started going live and registries shop around for better back-end deals.
Nominet picked up most of Amazon’s portfolio, replacing Neustar, earlier this year.
But Nominet has lost high-profile .blog to CentralNic, and Afilias lost a Brazilian dot-brand to Nic.br
Sixty gTLD registries not monitoring security threats
Roughly 5% of gTLD registry operators have been doing no abuse monitoring, despite contractual requirements to do so, a recent ICANN audit has found.
ICANN checked with 1,207 registries — basically all gTLDs — between November 2018 and June, and found about 60 of them “were not performing any security threat monitoring, despite having domains registered in their gTLDs”.
A further 180 (15%) were not doing security checks, but had no registered domains, usually because they were unused dot-brands. ICANN told these companies that they had to do the checks anyway, to remain in compliance.
In all cases, ICANN said, the registries remediated their oversights during the audit to bring their gTLDs back into compliance.
ICANN does not name the non-compliant registries in the summary of the audit’s results, published yesterday (pdf).
Registries under the 2012 new gTLD base registry agreement all have to agree to this:
Registry Operator will periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. Registry Operator will maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operator will maintain these reports for the term of the Agreement unless a shorter period is required by law or approved by ICANN, and will provide them to ICANN upon request.
It’s possible to keep tabs on abuse by monitoring domain blocklists such as SpamHaus, SURBL and PhishTank. Some such lists are freely available, others carry hefty licensing fees.
ICANN itself monitors these lists through its Domain Abuse Activity Reporting project, so it’s able to work out the differences between the levels of abuse registries report and what the empirical data suggests.
Registries typically either use these lists via in-house tools or license products provided by vendors such as Neustar, RegistryOffice, Knipp, CSC, DOTZON, Afnic, AusCERT, Shadowserver, Telefonica, Secure Domain Foundation and Netcraft, ICANN said.
Perhaps unsurprisingly, there’s a bit of disagreement between ICANN and some registries about how the somewhat vague obligations quote above are be interpreted.
ICANN thinks registries should have to provide information about specific domains that were identified as abusive and what remediation actions were taken, but some registries think they only have to provide aggregate statistical data (which would be my read of the language).
The contracts also don’t specify how frequently registries much carry out security reviews.
Of the 80% (965) of registries already in compliance, 80% (772) were doing daily abuse monitoring. Others were doing it weekly, monthly, or even quarterly, ICANN found, all of which appear to be in line with contractual requirements.
Recent Comments