Recent Posts
- Americans and ICANNers avoid Kigali in droves
- RDRS stats improve a little in June
- Unstoppable Domains goes down after domain hijack
- Four more gTLDs in emergency measures
- New gTLDs and ccTLDs drive domain universe growth
- Eight interesting recent dot-brand registrations
- .me premium sales down
- Pride fails to reverse gay domains decline
- Unstoppable announces another new gTLD bid
- Blockchain naming firm gets ICANN accreditation
- ICANN takes over gTLD after Whois failures
- Verisign: would-be .com contract killers are “wrong”
- Five gTLDs at risk as registry goes AWOL
- Groups make flawed case that .com is a cartel
- RDRS usage hits all-time low
- A dot-brand so unloved they killed it twice
- PorkBun hits two million domain milestone
- Crawford returns to industry to head up Com Laude
- ICANN financial data dump a damp squib?
- Unstoppable plotting manga-themed gTLDs
- Governments call for new gTLD auctions ban
- ICANN names new CEO, and it isn’t Costerton
- ICANN: We will NOT police content
- More sticker shock as new gTLD fees could top $300,000
- ICANN slashes staff and domain prices could rise
- Secret new gTLD application revealed
- WhatsApp now linkifying new gTLDs, but…
- Outrage over ICANN’s new gTLD fees
- Barrett gets second term on ICANN board
- DotMusic delays gTLD launch again
- .tm prices to skyrocket next week
- Bitcoin gTLD gets launch dates
- First metaverse gTLD is announced
- Alibaba off the naughty step
- ICANN to kill auction fund bylaws change
- The people have spoken on RDRS and they said “Meh”
- ICANN restarts work on controversial Whois privacy rules
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
XYZ and Uniregistry acquire .car from Google, launch joint venture
XYZ.com and Uniregistry have launched a joint venture to operate a trio of car-related new gTLDs, after acquiring .car from Google.
Cars Registry Ltd is a new company. It will launch .cars, .car and .auto later this year.
Uniregistry won .cars and .auto at auction last year. Google was the only applicant for .car.
It signed its ICANN contract in January but transferred it to Cars Registry a little under a month ago.
The newly formed venture plans to launch all three TLDs simultaneously in the fourth quarter this year.
.car is currently in pre-delegation testing. The other two are already in the root.
Cars Registry does not have the the car-related domain space completely sewn up, however.
Dominion Enterprises runs .autos, albeit with a plan to launch the TLD with restrictions that may well mean it does not directly compete with the other three TLDs.
Launch details for .cars, .car and .auto have not yet been released.
Judging by the gTLDs’ web site, they will run on the Uniregistry back-end.
Barclays confirms move away from .com to new gTLD
Barclays has become one of the first major companies to explicitly confirm it will dump traditional gTLDs and ccTLDs in favor of its new dot-brands.
The $25 billion-a-year bank said it will “transfer its online assets to proprietary domain names — .barclays and .barclaycard — away from the traditional location-specific .com and .co.uk web addresses.”
The transition is a “long-term” play, but it’s started already, with “non-transactional” parts of its web site already using the two new gTLDs.
Basically, we’ve entered the brochureware phase of the dot-brand evolution.
home.barclays already mirrors barclays.com — both are simultaneously live right now — but the online banking service remains at barclays.co.uk.
In a May 11 press release that seems to have slipped under everyone’s radar last week, Barclays chief security officer Troels Oerting, until a few months ago cyber-crime chief at Europol, said:
The launch of the .barclays and .barclaycard domain names creates a simplified online user experience, making it crystal clear to our customers that they are engaging with a genuine Barclays site.
This clarity, along with the advantages of controlling our own online environment, enables us to provide an even more secure service, which we know is of utmost importance to our customers, and ultimately serves to increase trust and confidence in Barclays’ online entities.
This is precisely what advocates of dot-brands pitched as the benefits of the new gTLD program.
While many applicants stated similar plans in their gTLD applications, I think there’s been a degree of skepticism about whether they would follow through.
Barclays’ moves are happening faster than I expected — the .barclays gTLD was delegated in January — showing a degree of enthusiasm.
The charitable Australian Cancer Research Foundation in February launched sites under its .cancerresearch (not technically a dot-brand), while Hong Kong conglomerate CITIC Group has already experimented with a shift from .com to .citic.
In related news, the non-branded .bank gTLD opened for its sunrise period today.
.sucks explains Sunrise Premium name change
Vox Populi Registry abandonment of the .sucks “Sunrise Premium” brand in favor of a new “Market Premium” service is just a renaming, designed to reduce confusion among trademark owners, according to the company.
As we reported Sunday, all mentions of Sunrise Premium — a list of .sucks domains that will always carry a recommended $2,499 a year fee — have been expunged from the Vox Pop web site.
They were replaced with references to Market Premium, which appeared to carry all the characteristics of Sunrise Premium albeit under a new name.
Now, CEO John Berard has confirmed to DI that the program has not changed.
Rather, the new name is an effort to distance it from the regular sunrise period, which is linked to the Trademark Clearinghouse.
The decision was made following last week’s International Trademark Association conference, Berard said:
It was an insight gained from talking to people at INTA15. The intellectual property people there asked us so many times about the sunrise premium list of names that we realized we had allowed a mis-perception to take hold. This is no and never has been a relationship between that list and the TradeMark ClearingHouse. It was surprising how many people thought we had access to the TMCH (we don’t) and merely cut-and-pasted its names.
That is why we renamed it. Now called Market Premium and more clearly presented as a set of names that over time have been viewed as valuable (because they have been registered before). Names on this list will carry a suggested price of $2,499 (yes, the same as was suggested in Sunrise). Given the list is of names that the market has decided has value, it is likely it will contain trademarks.
The change may also be an attempt to head off a contractual squabble with ICANN.
Last Friday, the ICANN Business Constituency told ICANN management that if the Sunrise Premium list had been populated by names drawn from the TMCH, that would have been a breach of the .sucks Registry Agreement.
.sucks threatens ICANN with defamation claim after “extortion” letters
Vox Populi Registry has threatened to sue ICANN for defamation and other alleged breaches of US law, over allegations of “extortion” made by two of its constituencies.
The registry’s outside law firm wrote to ICANN yesterday, saying that it has “has no interest in pursuing claims at this time” but adding:
if ICANN or any of its constituent bodies (or any directly responsible member thereof) engages in any further wrongful activity that prevents the company from fulfilling its contractual obligations and operating the .SUCKS registry as both ICANN and Vox Populi envisioned, the company will have no choice but to pursue any and all remedies available to it.
The letter follows claims by the Intellectual Property Constituency that .sucks and its $1,999 annual sunrise fees constitute a “predatory” “shakedown”, claims which ICANN has forwarded to US and Canadian trade regulators for their legal opinions.
The IPC letter was followed up by similar claims by the Business Constituency on Friday.
Vox Pop now wants these constituencies, and ICANN itself, to shut up.
“Rather than assuming cooler heads will prevail, it is time to tell ICANN to stop interfering in our ability to operate the registry,” CEO John Berard said in an email to reporters. “We are not taking legal action at this point but making it clear that we reserve the right if ICANN continues in its wrong-headed approach.”
The company denies that .sucks will encourage cybersquatting, noting that like all other gTLDs it is subject to the anti-cybersquatting UDRP and URS remedies.
it would seem that ICANN is not actually concerned about cybersquatting or any other illegal activity. Rather, ICANN appears concerned that registrations on the .SUCKS registry will be used to aggregate uncomplimentary commentary about companies and products — the very purpose for the registry that Vox Populi identified in the application it submitted to ICANN, and that ICANN approved
ICANN has disseminated defamatory statements about Vox Populi and its business practices aimed at depriving Vox Populi of the benefits of its contract with ICANN. These actions further violate the duty of good faith and fair dealing that is implied in every contract… in suggesting illegality without any basis whatsoever, your actions (and those of the ICANN IPC and ICANN BC) have given rise to defamation claims against ICANN. Vox Populi hereby demands that ICANN, including any and all of its subdivisions, cease any and all such activity immediately.
There’s bucketloads of irony here, of course.
The company says it is standing up for its future registrants’ rights to free speech, but wants its own critics gagged today.
Read the letter as a PDF here.
Has .sucks abandoned its Sunrise Premium program?
Vox Populi Registry has done away with the “Sunrise Premium” part of its .sucks launch strategy, if only in name.
The pricing page of the company’s web site no longer makes any reference to Sunrise Premium, the controversial, trademark-heavy list of .sucks domains that would cost over $2,000 a year to register and renew.
Instead, there are two new categories of names: Registry Premium and Market Premium.
Registry Premium appears to be what it was previously just calling “Premium” — individually priced high-value domains such as divorce.sucks and life.sucks. That’s in tune with standard registry practice.
The new Market Premium category appears to be the replacement for Sunrise Premium. The web site describes it like this:
In General Availability, dotSucks has created a list of domains called Market Premium names. These are names that the market over time have designated as having a high value.
Previously, Vox Pop CEO John Berard told DI and other reporters that the Sunrise Premium list had been compiled from names registered or blocked in previous sunrise periods in other TLDs.
It was characterized as an additional protection against cybersquatting, but intellectual property interests saw it as a shakedown.
It’s not obvious from the updated Vox Pop web site whether Market Premium is a ground-up rethink of the Sunrise Premium concept, or is merely an empty re-branding.
The name “Sunrise Premium” was confusing, given that such domains are not actually available during the formal sunrise period. Also, the name inextricably suggested that it was a list of trademarks.
Market Premium names are priced exactly the same as Sunrise Premium — that is, $1,999 at the registry level, with a suggested retail price of $2,499.
Market Premium names will also not be eligible for the discounted “Block” service but will “likely” be eligible for the Consumer Subsidy program. That’s no change from the policies governing the Sunrise Premium incarnation.
The registry web site now also states that purchasers of the Block service, which carries a $149 registry fee, will be able to unblock their domains if they wish to actively use them, but doing so will convert the domain into a $1,999 Market Premium name.
Defensive blocking could therefore have the eventual effect of stuffing the Market Premium list with trademarks anyway (assuming any trademark holders with blocks wish to activate their .sucks names, which seems unlikely).
I’ve put in a request for clarification about Market Premium with the registry and will provide updates when I get them.
Other updates on the .sucks price list include a removal of the $9.95 suggested retail price for Consumer Subsidy names.
Consumer Subsidy names are supposedly going to be run by a third party consumer advocacy group from Everything.sucks, but that group has not been identified by Vox Pop yet.
The fact that the registry seemingly had no deal in place but already knew the price suggested to many that Everything.sucks would just be another shell company managed by Vox Pop owner Momentous. Berard reportedly denied this publicly at the INTA 2015 conference last week.
The Vox Pop web site now states “dotSucks is hopeful that this will bring the individual consumer price below 10 dollars.”
Dot-brand gTLD guilty of domain name hijacking
Fashion retailer Mango, which owns its own dot-brand gTLD, has been found guilty of Reverse Domain Name Hijacking after allegedly doctoring evidence in a .uk cybersquatting case.
The company, which runs .mango, lost a Nominet Dispute Resolution Service complaint against New Zealand-based domain investor Garth Piesse over mango.co.uk and mango.uk.
It’s only the sixth RDNH finding in 13 years of DRS history.
Mango tried to buy the domain using a pseudonym and, when Piesse asked for “six figures”, filed the DRS instead.
Piesse claimed in what appears to have been a well-argued defense that the person attempting to buy the domain on Mango’s behalf did not identify Mango as the would-be buyer.
Further, he claimed that Mango deliberately tried to hide this fact from the DRS panel by scrubbing its negotiator’s email address from evidence it submitted.
While DRS panelist Tim Brown did not agree that this omission alone was enough to find RNDH, he agreed that Mango did not have “entirely clean hands”. He ruled:
The sequence of events in the present case appears to show that the Complainant attempted to buy
from the Respondent. When these negotiations failed the Complainant started proceedings under the DRS. As I have noted, the Complainant has relied on bare assertion and has provided a paucity of evidence to support its arguments.
Even a cursory reading of the Policy, Procedure and extensive guidance on Nominet’s website would quickly show that a matter concerning a clearly generic, dictionary term would require a higher standard of argument and evidence than is perhaps common. That the Complainant has failed to come anywhere close to providing sufficient argument or evidence is, in my view, strongly indicative that the Complainant pursued this dispute in frustration at the Respondent’s unwillingness to sellfor a price it was willing to pay, rather than because of the merits of its position in terms of the Policy’s requirements.
I conclude that the Complainant brought a speculative complaint in bad faith in an attempt to deprive the Respondent of the Domain Names. I therefore determine that the Complainant has engaged in Reverse Domain Name Hijacking.
Spain-based Mango has owned its trademarks for well over a decade, and Piesse only got his hands on the domains in question in 2013 and 2014.
Piesse, who owns about 18,000 domains, was able to show that Mango the brand is unheard of in New Zealand and that he has a track record of buying fruit-based .uk domain names.
Most ICANN new gTLD breaches were over a year ago
Almost three quarters of the security breaches logged against ICANN’s new gTLD portal occurred over a three-month period in early 2014, DI can reveal.
Almost every incident of a new gTLD applicant coming across data they weren’t supposed to see — 322 of the 330 total — happened before the end of October last year, ICANN told DI.
Most — 244 of the 330 — happened before April 30 last year.
The first breach, discovered by an independent audit of the portal, was January 22 2014.
ICANN says it was first notified of there being a problem on February 27, 2015.
The improper data disclosures were announced by ICANN last week.
As we reported, a simple configuration error by ICANN in third-party software allowed users of the Global Domains Division portal — all new gTLD applicants — to view confidential data belonging to other applicants.
Documents revealed could have included sensitive financial projections and registry technical details.
My first assumption was that the majority of the incidents — which have been deliberate or accidental — were relatively recent, but that turns out not to be the case.
In fact, if anyone did download data they weren’t supposed to see, most of them did it over a year ago.
ICANN has been notifying applicants and registries about whether their own data was compromised and expects to have told each affected applicant which other applicants could have seen their data before May 27.
Ninety-six applicants and 21 registries were affected.
.porn and .adult sunrises net around 8,000 sales
The sunrise periods for .porn and .adult netted just shy of 4,000 domains per TLD, according to ICM Registry.
The company said .porn received 3,995 registrations while .adult trailed slightly with 3,902.
Those numbers are a combination of regular Trademark Clearinghouse sunrise registrations and Sunrise B registrations.
The ICANN-mandated sunrise periods ended April 1 and were followed by unique Sunrise B periods, during which anyone who bought a .xxx block in 2011 could register the matching new gTLD names.
This time, however, Sunrise B domains actually do resolve.
I believe the the Sunrise B phases accounted for something like 1,500 names apiece.
The previous high bar for 2012-round new gTLD sunrises was .london, with just over 800 registrations.
While .porn and .adult may be record breakers for this round, sales were just a twentieth of the levels seen when .xxx launched in 2011 — about 80,000 names were defensively registered back then.
Later this week, ICM will kick off another launch phase — Domain Matching — during which anyone who owned a .xxx domain prior to April 30 can get their matching .porn and .adult names.
General availability is scheduled for June 4.
Dumb ICANN bug revealed secret financial data to new gTLD applicants
Secret financial projections were among 330 pieces of confidential data revealed by an ICANN security bug.
Over the last two years, a total of 19 new gTLD applicants used the bug to access data belonging to 96 applicants and 21 registry operators.
That’s according to ICANN, which released the results of a third-party audit this afternoon.
Ashwin Rangan, ICANN’s new chief information and innovation officer, confirmed to DI this afternoon that the data revealed to unauthorized users included private financial and technical documents that gTLD applicants attached to their applications.
It would have included, for example, documents that dot-brand applicants reluctantly submitted to demonstrate their financial health.
But Rangan said it was not clear whether the glitch had been exploited deliberately or accidentally.
While saying the situation was “very deeply regrettable”, he added that applicant data deemed confidential when it was submitted back in 2012 may not be considered as such today.
The vulnerability was in ICANN’s Global Domains Division Portal, which was taken offline for three days at the end of February and early March after the bug was reported by a user.
Two outside consulting firms were brought in to scan access logs going back to the launch of the new gTLD portal back in April 2013.
What they found was that any user of the portal could access any attachment to any application, whether it belonged to them or a third-party applicant, simply by checking a radio button in the advanced search feature.
It was a misconfiguration by ICANN of the Salesforce.com software used by GDD, rather than a coding error, Rangan said.
“The public/private data sharing setting can be On or Off and here it was set to On,” he said.
On 330 occasions, starting “in earliest part of when the portal first became available” two years ago, these 19 users would have been exposed to data they were not supposed to be able to see.
The audit has been unable to determine whether the users actually downloaded confidential data on those occasions.
What’s confirmed is that only new gTLD applicants were able to use the glitch. No third-party hackers were involved.
The 19 users who, whether they meant to or not, exploited this vulnerability are now going to be sent letters asking them to explain themselves. They’ll also be asked to delete anything they downloaded and to not share it with third parties.
Before May 27, ICANN will also contact those applicants whose secret data was exposed, telling them which rival applicants could have seen it.
Rangan said that there have been almost 600,000 GDD sessions in the last two years, and that only 36 of them revealed data to unauthorized users.
“It’s a small fraction,” he said. “The question is whether they just stumbled across something they were not even aware of… Looking at the log files it is not clear what is the case.”
ICANN seems to be giving the 19 users the benefit of the doubt so far, but still wants them to explain their actions.
As CIO, Rangan was not able to comment on whether the breach exposes ICANN or applicants to any kind of legal liability.
It’s not the first time sensitive applicant data has been exposed. Back in 2012, DI discovered that the home addresses of the directors of applicants had been published, despite promises that they would remain private.
At the time of the original GDD portal misconfiguration, ICANN had noted security expert Jeff “The Dark Tangent” Moss as its chief security officer.
Earlier this week, ICANN’s board of directors authorized expenses of over $500,000 to carry out security audits of ICANN’s code.
.xyz dismisses own ads as “puffery”
XYZ.com has dismissed its own claim that .xyz is the “next .com” as “mere opinion or puffery”, in an attempt to resolve a false advertising lawsuit filed by Verisign.
Attempting to get the lawsuit resolved without going to the expense of a full trial, the registry has filed with the court a lengthy, rather self-deprecating deconstruction of its own marketing.
It says among other things that the blog posts and videos at issue are “not statements of fact but rather mere puffery, hyperbole, predictive, or assertions of opinion”.
Verisign sued XYZ and its CEO, Daniel Negari, in December, claiming that the video embedded below reflects “a strategy to create a deceptive message to the public that companies and individuals cannot get the .COM domain names they want from Verisign, and that XYZ is quickly becoming the preferred alternative.”
Last week XYZ filed a motion asking the court to rule on the pleadings only, meaning it would not go to trial. It appears to be an effort by the smaller company to avoid any more unnecessary legal fees.
“Verisign is attempting to litigate XYZ out of business complaining about a vanity video, website blog posts, and opinions stated to a reporter,” the motion says.
The document goes to great lengths to argue that the video, blog posts and interviews given by Negari are not “statements of fact”, but rather mere “hyperbole”.
It even goes to the extent of arguing that its ads make Verisign look good:
XYZ’s claim to be “the next .com” could not plausibly harm Verisign’s commercial interest because the claim reinforces that Verisign’s .COM is the most-popular, most-successful domain. Perhaps consumers think that since .XYZ is the next .COM, they should not buy other new domains. Perhaps consumers buy more .COM domains because XYZ has promoted Verisign as the market leader. But Verisign suffering any injury as a result of XYZ’s statements is implausible.
…
Some might view the old Honda in the video with the “COM” license plate as trusty and reliable, and the Audi sports car with “XYZ” as high maintenance, impracticable, and too trendy.
Verisign may or may not win the lawsuit, but it does seem to have succeeded in getting XYZ to cut the balls off of its own marketing.
Verisign has not yet filed a response to XYZ’s motion, which will be heard in court May 8.
You can download the PDF of the motion here.
Recent Comments