Recent Posts
- Introducing Stringtel, my new free new gTLD tool
- GlobalBlock signs the two best deals it will ever get
- Seven registrars get terminated
- GoDaddy launches DomainMaxxing to optimize your domains
- .latino gTLD to launch soon
- Amazon readies .pay gTLD
- Nominet reveals first DNS tech funding recipients
- ICANN hit with tinfoil-hat lawsuit
- .pn relaunches — you’ll never guess what they say it means
- Unstoppable focuses on proper domains, admits crypto was “craze”
- ICANN boss: no plans to scrap Oman meeting
- China domains dip in 2026
- ICANN maps out new gTLD timeline
- War disrupts ICANN 85
- Namecheap abandons fight for .org price caps
- Identity Digital acquires another gTLD
- Seven dead registrars on the out
- Sav.com owner takes over .radio gTLD
- .com zone tops 160 million domains
- ai.com, the most-expensive domain sale ever
- .ai hits seven figures, raises prices
- Typosquatter gets two years in jail
- Epstein low-balled registrants to get his exact-match domain
- Epstein bought “mother” domains for Fergie while serving time
- Two former ICANN directors want back in
- Former ICANN director could lose control of ccTLD
- UK launches “police.ai”, but does it own the domain?
- Team Internet still in talks to sell off domains unit
- NamesCon returning to Miami in November
- “Mad Dog” politician registers nazis.us, redirects to Trump admin site
- “Lowest Price Guaranteed!” $48 .com registrar canned
- No RDAP? No accreditation
- Fifth-largest gTLD not dead after all
- Half of registrar’s domains are abusive, ICANN says
- Burr joins PIR after leaving ICANN board
- Refunds galore as gTLD losers finally bow out
- .goo terminated as search engine closes down
- GoDaddy to offer domain blocking to people who don’t have trademarks
- Happy new year expected for domain industry, says ICANN
- Salesforce to apply for a dot-brand
- Team Internet looking to break up
- Noss to leave Tucows corner office
- Rubens Kühl has died
- Sinha angry with Chapman’s firing as ICANN vice chair
- Glitch redux: ICANN screws up new gTLD security again
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
Spam is not our problem, major domain firms say ahead of ICANN 66
Eleven of the largest domain name registries and registrars have denied that spam is something they should have to deal with, unless it’s used to proliferate other types of abuse such as phishing or malware.
In a newly published “Framework to Address Abuse” (pdf), the companies attempt to define the term “DNS abuse” narrowly to capture only five (arguably only four and a half) specific types of online threat.
That abuse comprises malware, phishing, botnets, pharming and spam.
The companies agree that these are activities which registrars and registries “must” act upon.
But the document notes that not all spam is its responsibility, stating:
While Spam alone is not DNS Abuse, we include it in the five key forms of DNS Abuse when it is used as a delivery mechanism for the other four forms of DNS Abuse. In other words, generic unsolicited e-mail alone does not constitute DNS Abuse, but it would constitute DNS Abuse if that e-mail is part of a phishing scheme.
In other words, registrars and registries should not feel responsible for the billions of spams sent every day using their domains, unless the spam runs further malware, phishing, pharming or botnet abuse.
The signatories of the framework are Public Interest Registry, GoDaddy, Donuts, Tucows, Amazon Registry Services, Blacknight, Afilias, Name.com, Amazon Registrar, Neustar, and Nominet UK.
It may seem like they’ve presented a surprisingly narrow definition, but it’s in line with what current ICANN contracts dictate.
Neither the standard Registry Agreement nor Registrar Accreditation Agreement mention spam at all. Six years ago, ICANN specifically said that spam is “outside of ICANN’s scope and authority”.
Under the RA, registries have to oblige their registrars to ban registrants from “distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law”.
They also have to maintain statistical reports on the amount of “pharming, phishing, malware, and botnets” in their zones, and provide those reports to ICANN upon demand. A recent audit found that 5% of registries, mainly dot-brands, were not doing this.
However, ICANN’s Domain Abuse Activity Reporting system, an effort to provide some transparency into how gTLDs are being abused, does in fact track spam. It does not track pharming, which is a fairly obscure and little-used form of DNS attack.
The DAAR report for September shows that spam constituted 73% of all tracked abuse.
The ICANN board of directors today identified DAAR as one of a few dozen priorities for the coming year.
Similarly, the cross-community working group known as the CCT Review Team, which was tasked with looking into how the new gTLD program has impacted competition and consumer trust, had harsh words for spam-friendly registries, and provided a definition of “DNS Security Abuse” that specifically included “high volume spam”.
The review recommended that ICANN introduce more measures to force contracted parties to deal with this type of abuse. This could include incentives for registries to clean up their zones and abuse volume thresholds that would automatically trigger compliance actions.
The new framework document comes in the context of an ongoing debate within the ICANN community about what “DNS abuse” is.
Two partners at Interisle, a security consultancy that often works for ICANN, recently guest-posted on DI to say that this term has become meaningless and should be abandoned in favor of “security threat”.
They argued that the definition should include not only spam, but also stuff like IP infringement, election interference, and terrorism.
But the main threat to contracted parties probably comes from the Governmental Advisory Committee, backed by law enforcement, which is pushing for stronger rules covering abusive content.
During a webinar last week, the US Federal Trade Commission, the FBI, and Europol argued that registries and registrars should be obliged to do more to combat abuse, specifically including spam.
“Whether or not you call it phishing or spam or whether it has a malware payload or not, ultimately it’s all email, and email remains the most common tool of cybercriminals to ensnare their victims, and that’s why we in law enforcement care about the domains used to send emails,” said Gabriel Andrews of the FBI’s Cyber Initiative Resource Fusion Unit, on the call.
Registries and registrars countered, using the same language found in the new framework, that generic spam is a content issue, and outside of their remit.
The two sides are set to clash again at ICANN’s annual general meeting in Montreal next month, in a November 6 face-to-face session.
While 11 entities signed the new framework, it’s arguably only nine companies. Name.com is owned by Donuts and both Amazon firms obviously have the same parent.
But it does include the two largest registrars, and registries responsible for running several hundred commercial gTLDs, dot-brands and ccTLDs.
While none of the signatories of the framework have a particular reputation for being spam-friendly, other companies in the industry — particularly some of the newest and cheapest new gTLDs — tend to attract spammers like flies to a turd.
Some of the signatories are perhaps surprising, given their past or ongoing behavior to tackle content-based abuse in their own zones.
Nominet, notably, takes down tens of thousands of domains ever year based on little more than police assurances that the domains are being used to sell counterfeit merchandise or infringe copyright.
The .uk registry also preemptively suspends domains based on algorithms that guess whether they’re likely to be seen as encouraging sexual violence or could be used in phishing attacks.
Donuts also has a trusted notifier relationship with the movie and music industries that has seen it take down dozens of names being used for mass copyright infringement.
PIR has previous endorsed, then unendorsed, the principal of a “UDRP for copyright”, a method of giving Big Content a way of going through due process to have domains taken or suspended.
Outside the spam issue, while the new registry-registrar framework says that registries and registrars should not get involved in matters related to web site content, it also says they nevertheless “should” (as opposed, one assumes based on the jargon usually found in internet standards, to “must”) suspend domains when they’re being used to distribute:
(1) child sexual abuse materials (“CSAM”); (2) illegal distribution of opioids online; (3) human trafficking; and (4) specific and credible incitements to violence.
These are exceptions because they constitute “the physical and often irreversible threat to human life”, the framework says.
Ultimately, this all boils down to a religious debate about where the line is drawn between “DNS” and “content”, it seems to me.
The contracted parties draw the line at threats to human life, whereas others want action on other forms of abuse largely because registries and registrars are in the best position to help.
Google quietly launches .new domains sunrise
Google Registry will allow trademark owners to register domains matching their marks in the .new gTLD from tomorrow.
While the company hasn’t made a big public announcement about the launch, the startup dates it has filed with ICANN show that its latest sunrise period will run from October 15 to January 14.
As previously reported, .new is a bit of a odd one. Google plans to place usage restrictions that require registrants to use the domains in the pursuit of “action generation or online contention creation”.
In other words, it wants registrants to use .new in much the same way as Google is today, with domains such as docs.new, which automatically opens up a fresh Google Docs word processing document when typed into a browser address bar.
From January 14, all the way to July 14, Google wants to run a Limited Registration Period, which will require wannabe registrants to apply to Google directly for the right to register a name.
During that period, registrants will have to that they’re going to use their names in compliance with .new’s modus operandi. It’s Google’s hope that it can seed the space with enough third-party content for .new’s value proposition to become more widely known.
If you’re wanting to pick up a .new domain in general availability, it looks like you’ve got at least nine more months to wait.
Hindu god smites Chrysler gTLD
Car-maker Chrysler has withdrawn its application for the .ram dot-brand gTLD more than six years after receiving a government objection on religious grounds.
Ram is a brand of pickup trucks manufactured by Chrysler, but it’s also a variant spelling of Rama, an important deity in the Hindu pantheon.
Back in 2013, ICANN’s Governmental Advisory Committee forwarded an objection from majority-Hindu India, later saying: “The application for .ram is a matter of extreme sensitivity for the Government of India on political and religious considerations.”
In a 19-page response (pdf), Chrysler said that Ram vehicles had been around for 75 years without offending Hindus, and that .ram was to be a restricted dot-brand that could not be used by third parties to post offensive content.
The objection appeared at a time when the GAC was not obliged to show its thinking and often deliberately obfuscated its advice. But ICANN placed .ram on hold anyway, where it has remained ever since.
Over the intervening time, Chrysler has rethought its dot-brand strategy, and last month called on ICANN to cancel five of the six gTLDs it already owns (but does not use) — .chrysler, .dodge, .mopar, .srt and .uconnect.
It’s still contracted to run .jeep, weirdly.
Radix acquires another gTLD
Radix has added the 10th new gTLD to its portfolio with an acquisition last month, bringing its total TLD stable to 11.
The company has acquired .uno from Missouri-based Dot Latin LLC for an undisclosed amount.
.uno, which of course means “one” in Spanish, has been around for over five years but has struggled to grow.
It’s current ranked as the 131st largest new gTLD, with 16,271 domains in its zone file. It peaked at about 22,000 about three years ago.
That said, it appears to have rather strong renewals, at least by Radix standards, with no evidence of relying on discounts or throwaway one-year registrations for growth.
.uno names can currently be obtained for roughly $12 to $20 per year.
Radix said its expects to migrate the TLD off its current Neustar back-end onto long-time registry partner CentralNic by “early 2020”.
The company appears to be excited that its only the second three-letter TLD in its portfolio.
It already runs .fun, along with the likes of .website, .tech and .online. It also runs .pw, the repurposed ccTLD for Palau.
.uno was Dot Latin’s only gTLD, though affiliated entity Dot Registry LLC signed its ICANN registry agreement for .llp (for “Limited Liability Partnership”) in August. That TLD has yet to launch.
.whoswho survives!
The registry running the failing new gTLD .whoswho has managed to avoid having its contract terminated by ICANN.
According to an update on the ICANN web site, Who’s Who Registry came back into compliance with its obligations earlier this week, meaning it can continue operating.
It had been under a cloud of uncertainty since January, when ICANN Compliance sent off a breach notice saying the company was overdue with its $25,000-a-year fees.
Who’s Who originally had until a date in February to pay up, but this deadline has been extended repeatedly over the course of the year.
Registry CEO John McCabe had told ICANN last November that the fee is “onerous” and “the single largest item in .whoswho’s budget”.
ICANN later rejected his request for a fee reduction.
.whoswho, which seeks to replicate the once-popular biography compilation books of the same name, has fewer than 100 real registrations to its name, most of which appear to be defensive, despite being live for five years.
At about $70 a pop, that’s still not nearly enough to cover ICANN fees, never mind other operating costs.
It sold barely a dozen names in the first half of this year.
I thought it was a goner for sure.
But it looks like it’s been saved from the axe for now, so maybe there’s time to turn things around.
Mediocre .vote gTLD drops restrictions
The .vote and .voto gTLDs have had their registration restrictions removed in a bid to increase numbers.
Both domains were previously technically restricted to those who could show they had a legitimate connection to democratic proceedings, and were sometimes used by political campaigns.
But it appears those post-registration restrictions were lightly enforced, and now they’ve been dropped entirely.
Neither gTLD has been particularly successful — .vote has been wobbling around the 3,000-domain mark for a while, while .voto (the Spanish version) has about a tenth of that figure.
Both renew at retail for about $60 a year, but first-year regs can currently be obtained for about half that amount.
They’re both managed by Afilias.
The highest-profile .vote domain I’m aware of to date was used in the spectacularly successful Hollywood-backed campaign to keep Donald Trump out of the White House in 2016.
.bond domains could cost a grand each
Newish registry ShortDot has announced the release details for its recently acquired .bond gTLD, and they ain’t gonna be cheap.
The TLD is set to go to sunrise in a little under a month, October 17, for 33 days.
General availability begins November 19 with a seven day early access period during which the domains will be more expensive than usual but get cheaper each day.
The regular pricing is likely to see registrars sell .bond names for between $800 and $1,000 a pop, according to ShortDot COO Kevin Kopas.
There won’t be any more-expensive premium tiers, he said.
The gTLD was originally owned by Bond University in Australia, but it was acquired unused by ShortDot earlier this year.
The company hopes it will appeal to bail bondsmen, offerers of financial bonds and James Bond fans.
The business model with .bond is diametrically opposed to .icu, where names sell for under $2 a year (and renew for under $8, if indeed any of them renew).
That zone has inexplicably gone from 0 to 1.8 million names in the last 16 months, and ShortDot says it’s just crossed the two-million mark of registered names.
That second million appears to have been added in just the last three months.
MMX switches porn TLDs from Afilias to Uniregistry
Minds + Machines is moving its four porn-themed gTLDs to a new back-end provider.
MMX CEO Toby Hall confirmed to DI today that the company is ditching Afilias, which had been providing registry services for .xxx since 2011.
“We’re in the process of switching the back-ends from Afilias to Uni for the ICM portfolio,” he said.
This portfolio, which MMX acquired last year, also includes .porn, .adult and .sex. There are roughly 170,000 domains under management in total, but about half of these are sunrise-period blocks in .xxx, which could add a wrinkle to the transition.
It appears that Afilias is still providing DNS for the TLDs, but Uniregistry has been named the official tech contact.
It’s not currently clear when the handover will be complete. Hall was not immediately available for further comment.
It’s also not currently clear why Uniregistry was selected. All of MMX’s 27 other gTLDs — the likes of .vip, .work and .law — have been running on Nominet’s platform since MMX dropped its own self-hosted infrastructure a few years back.
During the same restructuring, Uniregistry took on MMX’s registrar business.
Uniregistry has also been working closely with MMX on its recently launched AdultBlock trademark blocking services, which could wind up accounting for a big chunk of MMX’s porn-related revenue.
These latest four gTLDs to switch providers are merely the latest in a game of musical chairs that has been playing out for the last several months, five years after the first new gTLDs started going live and registries shop around for better back-end deals.
Nominet picked up most of Amazon’s portfolio, replacing Neustar, earlier this year.
But Nominet has lost high-profile .blog to CentralNic, and Afilias lost a Brazilian dot-brand to Nic.br
Sixty gTLD registries not monitoring security threats
Roughly 5% of gTLD registry operators have been doing no abuse monitoring, despite contractual requirements to do so, a recent ICANN audit has found.
ICANN checked with 1,207 registries — basically all gTLDs — between November 2018 and June, and found about 60 of them “were not performing any security threat monitoring, despite having domains registered in their gTLDs”.
A further 180 (15%) were not doing security checks, but had no registered domains, usually because they were unused dot-brands. ICANN told these companies that they had to do the checks anyway, to remain in compliance.
In all cases, ICANN said, the registries remediated their oversights during the audit to bring their gTLDs back into compliance.
ICANN does not name the non-compliant registries in the summary of the audit’s results, published yesterday (pdf).
Registries under the 2012 new gTLD base registry agreement all have to agree to this:
Registry Operator will periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. Registry Operator will maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operator will maintain these reports for the term of the Agreement unless a shorter period is required by law or approved by ICANN, and will provide them to ICANN upon request.
It’s possible to keep tabs on abuse by monitoring domain blocklists such as SpamHaus, SURBL and PhishTank. Some such lists are freely available, others carry hefty licensing fees.
ICANN itself monitors these lists through its Domain Abuse Activity Reporting project, so it’s able to work out the differences between the levels of abuse registries report and what the empirical data suggests.
Registries typically either use these lists via in-house tools or license products provided by vendors such as Neustar, RegistryOffice, Knipp, CSC, DOTZON, Afnic, AusCERT, Shadowserver, Telefonica, Secure Domain Foundation and Netcraft, ICANN said.
Perhaps unsurprisingly, there’s a bit of disagreement between ICANN and some registries about how the somewhat vague obligations quote above are be interpreted.
ICANN thinks registries should have to provide information about specific domains that were identified as abusive and what remediation actions were taken, but some registries think they only have to provide aggregate statistical data (which would be my read of the language).
The contracts also don’t specify how frequently registries much carry out security reviews.
Of the 80% (965) of registries already in compliance, 80% (772) were doing daily abuse monitoring. Others were doing it weekly, monthly, or even quarterly, ICANN found, all of which appear to be in line with contractual requirements.
Bumper batch of dot-brands off themselves for Friday 13th
It’s Friday 13th tomorrow, and to celebrate the occasion no fewer than 13 dot-brands have opted to take the easy way out and self-terminate.
ICANN has published a bumper list of contracted brand registries that have informed the organization that they no longer wish to run their gTLDs.
Adding themselves to the dot-brand deadpool are: .ladbrokes, .warman, .cartier, .piaget, .chrysler, .dodge, .mopar, .srt, .uconnect, .movistar, .telefonica, .liason and .lancome.
That brings the total of self-terminated new gTLDs to date to 66.
The imminent demise of .cartier and .piaget is perhaps notable, as it means luxury goods maker Richemont has now abandoned ALL of the nine dot-brands it originally applied for.
Richemont, an enthusiastic early adopter of the new gTLD concept, applied for 14 strings in total back in 2012.
The only ones it has left are generics — .watches along with the the Chinese translation .手表 and the Chinese for “jewelry”, .珠宝, none of which have been launched and in all likelihood are being held defensively.
It’s the same story with L’oreal, the cosmetics company. It also applied for 14 gTLDs, mostly brands, but abandoned all but .lancome prior to contracting.
With .lancome on its way out, L’oreal only owns the generics .skin, .hair, .makeup and .beauty, at least one of which is actually being used.
Also of note is the fact the car company Chrysler is dumping five of its six gTLDs — .chrysler, .dodge, .mopar, .srt and .uconnect — leaving only .jeep (unused) still under contract.
Clearly, Chrysler is not as keen on dot-brands as some of its European competitors, which have been among the most prolific users.
Telefonica’s abandonment of .movistar and .telefonica also means it’s out of the gTLD game completely now, although its Brazilian subsidiary still owns (and uses) .vivo.
Betting company Ladbrokes only ever owned .ladbrokes, though it did unsuccessfully apply for .bet also.
Rounding off the list is .warman, a brand of — and I’m really not making this up — industrial slurry pumps. The pumps are made by a company called Weir, which uses global.weir as its primary web site. So that’s nice.
As far as I can tell, none of the gTLDs that are being killed off had ever been used, though each registry will have paid ICANN six-figure fees since they originally contracted.
Recent Comments