Recent Posts
- Could ICANN’s chair be ousted by NomCom?
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
Dot-brand gTLD guilty of domain name hijacking
Fashion retailer Mango, which owns its own dot-brand gTLD, has been found guilty of Reverse Domain Name Hijacking after allegedly doctoring evidence in a .uk cybersquatting case.
The company, which runs .mango, lost a Nominet Dispute Resolution Service complaint against New Zealand-based domain investor Garth Piesse over mango.co.uk and mango.uk.
It’s only the sixth RDNH finding in 13 years of DRS history.
Mango tried to buy the domain using a pseudonym and, when Piesse asked for “six figures”, filed the DRS instead.
Piesse claimed in what appears to have been a well-argued defense that the person attempting to buy the domain on Mango’s behalf did not identify Mango as the would-be buyer.
Further, he claimed that Mango deliberately tried to hide this fact from the DRS panel by scrubbing its negotiator’s email address from evidence it submitted.
While DRS panelist Tim Brown did not agree that this omission alone was enough to find RNDH, he agreed that Mango did not have “entirely clean hands”. He ruled:
The sequence of events in the present case appears to show that the Complainant attempted to buy
from the Respondent. When these negotiations failed the Complainant started proceedings under the DRS. As I have noted, the Complainant has relied on bare assertion and has provided a paucity of evidence to support its arguments.
Even a cursory reading of the Policy, Procedure and extensive guidance on Nominet’s website would quickly show that a matter concerning a clearly generic, dictionary term would require a higher standard of argument and evidence than is perhaps common. That the Complainant has failed to come anywhere close to providing sufficient argument or evidence is, in my view, strongly indicative that the Complainant pursued this dispute in frustration at the Respondent’s unwillingness to sellfor a price it was willing to pay, rather than because of the merits of its position in terms of the Policy’s requirements.
I conclude that the Complainant brought a speculative complaint in bad faith in an attempt to deprive the Respondent of the Domain Names. I therefore determine that the Complainant has engaged in Reverse Domain Name Hijacking.
Spain-based Mango has owned its trademarks for well over a decade, and Piesse only got his hands on the domains in question in 2013 and 2014.
Piesse, who owns about 18,000 domains, was able to show that Mango the brand is unheard of in New Zealand and that he has a track record of buying fruit-based .uk domain names.
Most ICANN new gTLD breaches were over a year ago
Almost three quarters of the security breaches logged against ICANN’s new gTLD portal occurred over a three-month period in early 2014, DI can reveal.
Almost every incident of a new gTLD applicant coming across data they weren’t supposed to see — 322 of the 330 total — happened before the end of October last year, ICANN told DI.
Most — 244 of the 330 — happened before April 30 last year.
The first breach, discovered by an independent audit of the portal, was January 22 2014.
ICANN says it was first notified of there being a problem on February 27, 2015.
The improper data disclosures were announced by ICANN last week.
As we reported, a simple configuration error by ICANN in third-party software allowed users of the Global Domains Division portal — all new gTLD applicants — to view confidential data belonging to other applicants.
Documents revealed could have included sensitive financial projections and registry technical details.
My first assumption was that the majority of the incidents — which have been deliberate or accidental — were relatively recent, but that turns out not to be the case.
In fact, if anyone did download data they weren’t supposed to see, most of them did it over a year ago.
ICANN has been notifying applicants and registries about whether their own data was compromised and expects to have told each affected applicant which other applicants could have seen their data before May 27.
Ninety-six applicants and 21 registries were affected.
.porn and .adult sunrises net around 8,000 sales
The sunrise periods for .porn and .adult netted just shy of 4,000 domains per TLD, according to ICM Registry.
The company said .porn received 3,995 registrations while .adult trailed slightly with 3,902.
Those numbers are a combination of regular Trademark Clearinghouse sunrise registrations and Sunrise B registrations.
The ICANN-mandated sunrise periods ended April 1 and were followed by unique Sunrise B periods, during which anyone who bought a .xxx block in 2011 could register the matching new gTLD names.
This time, however, Sunrise B domains actually do resolve.
I believe the the Sunrise B phases accounted for something like 1,500 names apiece.
The previous high bar for 2012-round new gTLD sunrises was .london, with just over 800 registrations.
While .porn and .adult may be record breakers for this round, sales were just a twentieth of the levels seen when .xxx launched in 2011 — about 80,000 names were defensively registered back then.
Later this week, ICM will kick off another launch phase — Domain Matching — during which anyone who owned a .xxx domain prior to April 30 can get their matching .porn and .adult names.
General availability is scheduled for June 4.
Dumb ICANN bug revealed secret financial data to new gTLD applicants
Secret financial projections were among 330 pieces of confidential data revealed by an ICANN security bug.
Over the last two years, a total of 19 new gTLD applicants used the bug to access data belonging to 96 applicants and 21 registry operators.
That’s according to ICANN, which released the results of a third-party audit this afternoon.
Ashwin Rangan, ICANN’s new chief information and innovation officer, confirmed to DI this afternoon that the data revealed to unauthorized users included private financial and technical documents that gTLD applicants attached to their applications.
It would have included, for example, documents that dot-brand applicants reluctantly submitted to demonstrate their financial health.
But Rangan said it was not clear whether the glitch had been exploited deliberately or accidentally.
While saying the situation was “very deeply regrettable”, he added that applicant data deemed confidential when it was submitted back in 2012 may not be considered as such today.
The vulnerability was in ICANN’s Global Domains Division Portal, which was taken offline for three days at the end of February and early March after the bug was reported by a user.
Two outside consulting firms were brought in to scan access logs going back to the launch of the new gTLD portal back in April 2013.
What they found was that any user of the portal could access any attachment to any application, whether it belonged to them or a third-party applicant, simply by checking a radio button in the advanced search feature.
It was a misconfiguration by ICANN of the Salesforce.com software used by GDD, rather than a coding error, Rangan said.
“The public/private data sharing setting can be On or Off and here it was set to On,” he said.
On 330 occasions, starting “in earliest part of when the portal first became available” two years ago, these 19 users would have been exposed to data they were not supposed to be able to see.
The audit has been unable to determine whether the users actually downloaded confidential data on those occasions.
What’s confirmed is that only new gTLD applicants were able to use the glitch. No third-party hackers were involved.
The 19 users who, whether they meant to or not, exploited this vulnerability are now going to be sent letters asking them to explain themselves. They’ll also be asked to delete anything they downloaded and to not share it with third parties.
Before May 27, ICANN will also contact those applicants whose secret data was exposed, telling them which rival applicants could have seen it.
Rangan said that there have been almost 600,000 GDD sessions in the last two years, and that only 36 of them revealed data to unauthorized users.
“It’s a small fraction,” he said. “The question is whether they just stumbled across something they were not even aware of… Looking at the log files it is not clear what is the case.”
ICANN seems to be giving the 19 users the benefit of the doubt so far, but still wants them to explain their actions.
As CIO, Rangan was not able to comment on whether the breach exposes ICANN or applicants to any kind of legal liability.
It’s not the first time sensitive applicant data has been exposed. Back in 2012, DI discovered that the home addresses of the directors of applicants had been published, despite promises that they would remain private.
At the time of the original GDD portal misconfiguration, ICANN had noted security expert Jeff “The Dark Tangent” Moss as its chief security officer.
Earlier this week, ICANN’s board of directors authorized expenses of over $500,000 to carry out security audits of ICANN’s code.
.xyz dismisses own ads as “puffery”
XYZ.com has dismissed its own claim that .xyz is the “next .com” as “mere opinion or puffery”, in an attempt to resolve a false advertising lawsuit filed by Verisign.
Attempting to get the lawsuit resolved without going to the expense of a full trial, the registry has filed with the court a lengthy, rather self-deprecating deconstruction of its own marketing.
It says among other things that the blog posts and videos at issue are “not statements of fact but rather mere puffery, hyperbole, predictive, or assertions of opinion”.
Verisign sued XYZ and its CEO, Daniel Negari, in December, claiming that the video embedded below reflects “a strategy to create a deceptive message to the public that companies and individuals cannot get the .COM domain names they want from Verisign, and that XYZ is quickly becoming the preferred alternative.”
Last week XYZ filed a motion asking the court to rule on the pleadings only, meaning it would not go to trial. It appears to be an effort by the smaller company to avoid any more unnecessary legal fees.
“Verisign is attempting to litigate XYZ out of business complaining about a vanity video, website blog posts, and opinions stated to a reporter,” the motion says.
The document goes to great lengths to argue that the video, blog posts and interviews given by Negari are not “statements of fact”, but rather mere “hyperbole”.
It even goes to the extent of arguing that its ads make Verisign look good:
XYZ’s claim to be “the next .com” could not plausibly harm Verisign’s commercial interest because the claim reinforces that Verisign’s .COM is the most-popular, most-successful domain. Perhaps consumers think that since .XYZ is the next .COM, they should not buy other new domains. Perhaps consumers buy more .COM domains because XYZ has promoted Verisign as the market leader. But Verisign suffering any injury as a result of XYZ’s statements is implausible.
…
Some might view the old Honda in the video with the “COM” license plate as trusty and reliable, and the Audi sports car with “XYZ” as high maintenance, impracticable, and too trendy.
Verisign may or may not win the lawsuit, but it does seem to have succeeded in getting XYZ to cut the balls off of its own marketing.
Verisign has not yet filed a response to XYZ’s motion, which will be heard in court May 8.
You can download the PDF of the motion here.
.xyz helps CentralNic double its revenue
CentralNic’s revenue almost doubled in 2014, helped by the launch of new gTLDs.
The UK-based registry today reported annual operating profit of £497,000 ($759,000), down from £694,000 ($1.05 million) in 2013, on the back of revenue up 99% at £6.06 million ($9.25 million).
Billings– money taken but not yet recorded as revenue — was up a whopping 154% at £9.89 million ($15.1 million).
Part of the reason for the growth was the launch of new gTLDs last year.
CentralNic acts as the registry back-end for eight TLDs that launched last year, including runaway volume leader .xyz, which has about 880,000 domains in its zone file today.
Another big contributor was Internet.bs, the Bahamas-based registrar that CentralNic acquired for $7.5 million last year.
The registrar had about 400,000 legacy gTLD domains under management at the end of the year, according to DI’s records.
Both new gTLDs and Internet.bs started contributing to revenue in the second half of the year.
CentralNic also said that its new “enterprise” division, which sells premium domains and offers consulting and software, was a growth factor.
CEO Ben Crawford told the markets that the new gTLD opportunity has so far been “softer” than expected.
Only a small number of retailers received their accreditations from ICANN to sell domains under the new TLDs in 2014, and a lack of public awareness pending the launches of the “superbrand TLDs” such as .google, .apple and .sony, meant that the market for new TLDs in 2014 was softer than had been projected by ICANN and other industry experts. It was essentially limited to domain investors and other early adopters.
Opinion in split in the industry on how much reliance can be put on what Crawford calls “super-brands” to do the heavy lifting when it comes to public awareness of new gTLDs.
.hiv reserve set at $200,000, revenue so far $83,000
The soon-to-be-auctioned new gTLD .hiv has a reserve price of $200,000, but the registry reckons it’s worth as much as $700,000.
That’s according to auction documents provided by dotHIV Registry to DI today.
The documents also reveal that .hiv has made a profit revenue of $83,000 in its first seven months.
UPDATE: Germany-based dotHIV says now that the reference to “net income” in its prospectus was a translation error. The $83,000 refers to revenue — the top line, not the bottom line. The company intends to update its auction documents “instantly”.
Earlier today we reported that the gTLD is to go under the hammer with Innovative Auctions on June 3/4.
We reported that the gTLD had about 2,000 registrations, but it turns out that number includes about 1,700 registry-reserved names.
The actual number, as of March 31, is 410, of which 345 pay the $179 annual registry fee. Another 63 domains were given away for free to HIV charities for a three-year period.
While this generated a net income revenue of $83,000, registry CEO Carolin Silbernagl confirmed to DI that its contract with ICANN is supposed to require “all” of its profits to be donated to HIV causes.
According to the documents:
Public Interest Commitment binds the TLD to non-profit operations. All excess profit, after the deduction of all thinkable costs and investments, is to be donated to a charitable cause of the owner’s choice.
…
We have founded and built the .hiv TLD as a tool for positive social impact. To safeguard this vision, the voluntary PIC in the .hiv Registry Agreement binds the owner to invest all excess profit in the projects that support the fight against AIDS.
All this comes at no risk for the registry: Operational costs are covered first. No one expects you to donate if there is no surplus. Costs include the purchase price of the TLD in this auction.
The registry’s documents affirm that the key reason to buy .hiv would be to boost your public image due to “corporate social responsibility”.
The buyer would also get free marketing support from the German ad agency thjnk and free data escrow from NCC Group until July 2017, along with a bunch of software dotHIV uses to manage the TLD.
According to dotHIV, there were 14,000 pre-registrations with registrars prior to launch. Most balked at the high registration fee and did not convert into buyers.
The registry says the new owner could capitalize on some of this interest, growing volumes, by reducing its registry fee.
There are 47 registrars accredited to sell .hiv domains, including Go Daddy.
Premium names sold so far, for between $1,500 and $5,000, include: treat.hiv, test.hiv, cure.hiv, prevent.hiv, magazin.hiv, hivanswers.hiv, prävention.hiv, prep.hiv, vorsorge.hiv.
If dotHIV makes a profit from selling the gTLD, it says it will donate it to HIV charities.
.hiv to auction with “no profiting” catch
Don’t all rush to your checkbooks at once.
The live TLD .hiv is going to be among the next batch of new gTLDs auctioned off by Innovative Auctions, but the contract comes with a no-profit clause.
Innovative and dotHIV Registry announced the sale yesterday.
.hiv is an unsuccessful gTLD so far. It had just over 2,000 registered names at the end of 2014, according to registry reports, but never more than 423 the names have been present in the DNS.
Registry CEO Carolin Silbernagl said:
In the eight months since our launch we have gained a lot of insight about what it needs to reach this. The reason why we are offering .hiv for sale is because we see how successful it can be. However, we realized that dotHIV is not the right vehicle for the next phase – the TLD needs a bigger and more international home to truly spread its wings.
It went to general availability last August, with an innovative but risky business model based around charitable micro-donations to HIV/AIDS causes.
Of the $200 annual retail fee, dotHIV put $120 into a pool reserved for charities. Every visit to a .hiv that was participating in a “Click Counter” service would cause a small amount of that money to actually be donated.
Judging by visits to a few .hiv domains this morning, just €862 — less than $1,000 — has been donated so far, based on fewer than 133,000 clicks.
This donation model is “just one of many possible uses” and not a contractual requirement, according to Silbernagl.
There is, however, a binding Public Interest Commitment that obliges the registry to give “all excess profits” to HIV causes. The PIC reads:
Registry Operator commits to implementing and performing the following protections for the TLD: Registry Operator, as a social enterprise, is driven by its sole mission to support the global HIV response. Therefore, Registry Operator will reinvest all excess profits in projects serving this mission.
Not it’s not exactly an attractive investment opportunity, in terms of pure cash ROI.
But Innovative said there’s another reason to buy: “Approaching .hiv as a corporate philanthropic engagement could have positive effects on public image and employee satisfaction for the buyer.”
.hiv is due to be part of the June 3/4 live gTLD auction, which also includes .promo.
New gTLD zones top five million names
There are now more than five million new gTLD domain names live in the DNS.
That’s according to zone files collated by ICANN, which I’m told show 5,002,252 names across the 597 new gTLD registries providing data.
That works out to a mean of 8,378 domains per TLD, a median of 1,254.
The largest zone file is .xyz, with 877,450 names. There’s at least 100 new gTLDs with only one domain in their zones.
Due to the way ICANN’s Centralized Zone Data Service works (or doesn’t work) with access rights expiring on a pretty much daily basis, it’s virtually impossible for a third party such as DI to count up zone file numbers across every new gTLD with 100% daily accuracy.
Today, DI PRO reports a count of 4,999,024 names.
The total number of zone file domains in this post was provided by ICANN, which does not have the same CZDS restrictions as the rest of us.
As .stream is won, ICANN’s auction list empties
.stream has become the latest new gTLD contention set to be settled prior to its ICANN auction, leaving ICANN’s auction schedule looking barren.
Famous Four Media beat Hughes Satellite Systems to the string, which was due to auction May 27.
The four strings scheduled for bidding April 29 — .living, .fun, .map and .search — were also recently settled.
All that remains on ICANN’s schedule is the controversial .game/.games contention set, which will employ a unique process designed for contention sets created by inconsistent singular/plural string confusion rulings.
The five .game applicants and one .games applicant (Donuts) are still due to hit the block May 20.
A couple dozen other gTLDs are still pending ICANN auction but do not have set dates due to various challenges and disputes.
Recent Comments