Governments erect bulk-reg barrier to new gTLD next round
No new gTLDs should be added to the internet until ICANN develops policies addressing the abuse of bulk domain name registrations, according to the Governmental Advisory Committee.
The GAC this afternoon drafted formal Advice for the ICANN board stating that policy work on bulk regs should get underway before ICANN 84, which takes place in Muscat, Oman in late October.
While the wording still may change before it is sent to ICANN, the current draft advice reads:
The GAC advises the board: To urge the GNSO Council to undertake all necessary preparation prior to ICANN84 towards enabling targeted and narrowly scoped Policy Development Processes (PDPs) on DNS Abuse issues, prioritizing the following: to address bulk registration of malicious domain names; and the responsibility of registrars to investigate domains associated with registrar accounts that are the subject of actionable reports of DNS Abuse.
The advice on bulk regs is fairly self-explanatory: the GAC has become aware that spammers typically shop around for the cheapest TLDs then register huge amounts of domains on the assumption that some will start getting blocked quite quickly.
The second part of the advice probably needs some explanation: under the current ICANN contracts, registrars have to deal with abuse reports concerning domains they sponsor, but they’re under no obligation to investigate other domains belonging to the registrants of those domains.
So, if a scumbag registers 100 domains for a spam campaign and only one of them is reported as abusive, the registrar can comply with its contract by simply suspending that one domain. The GAC thinks it should be obliged to proactively investigate the other 99 names too.
The advice seems to have been inspired by two sources: NetBeacon’s recent Proposal for PDPs on DNS Abuse (pdf) and data from Interisle Consulting.
Both pieces of advice obviously could have an impact on registrars’ top and bottom lines. They could lose revenue if they currently make a lot of money from bulk regs, and their costs could be increased with new obligations to investigate abuse.
An added wrinkle comes in the GAC’s rationale for its advice, which suggests that dealing with bulk regs and abuse probes should be a gating factor for the next round of new gTLDs going ahead. It reads:
Before new strings are added to the DNS as a result of the next round, further work on DNS Abuse is needed to stem the increasing cost to the public of phishing, malware, botnets, and other forms of DNS Abuse.
The core text of the advice was compiled in furtive huddles on the edges of sessions at ICANN 83, and I believe Switzerland held the pen, but it seems the US government was the driving force behind the push to make abuse a barrier to the next round.
As I reported on Monday, the US GAC rep said that “in light of the global phishing problem… and similar concerns the United States is of the view that we should not expand the DNS too broadly”.
Little interest in cheapo gTLD program
ICANN’s program to offer heavily discounted new gTLD application fees to certain organizations has so far seen little uptake, and some governments are not happy about it.
The Applicant Support Program offers up to 45 qualified applicants a discount of up to 85% on their application fees. That’s worth almost $200,000 each. ICANN will also hook applicants up with pro-bono application consultants and help out with auctions if necessary.
While 40 applications are in the process of being drafted, according to ICANN’s latest monthly stats, only four finalized applications have been submitted and there’s no way of telling whether the other 40 will convert to full applications.
The low number has members of ICANN’s Governmental Advisory Committee concerned, partly because of a deal it struck with ICANN last year that would encourage a change of strategy if it turned out some regions were more represented than others.
The arrangement saw ICANN promise to refocus its outreach efforts on under-served regions after tallying up the home nations of the first 20 submitted applications. With the 12-month program application window now well past the half-way mark, the GAC is worried that by the time the 20th bid is logged, it will be too late to course-correct.
It now seems likely that the GAC’s formal Advice from the ongoing ICANN 83 meeting in Prague will see language included saying ICANN should conduct its review of the applications now, while there’s still time to adjust the strategy.
Currently, the stats show a strange and surprising mix of geographies.
North America has the most applications in draft at 15. This is weird because entities based in the US and Canada don’t qualify for the discount, ICANN doesn’t count Mexico as North American, and the only other economies in the region are US island territories like Puerto Rico and Guam.
Meanwhile, the whole of Latin America and the Caribbean region, with all its half a billion citizens, has just two applications in draft. That’s the just one more than Europe, which has just a handful of qualifying nations.
Africa and Asia-Pacific both have seven applications in draft, and Asia-Pac also has three fully submitted bids.
Based on the current stats, you’d have to assume ICANN would need beef up its outreach in Latin America if it wanted to rebalance the numbers. Europe probably doesn’t need as much love because so few countries there qualify.
As well as encouraging ICANN to analyse its number immediately, the GAC is also considering text that would connect applicants in drafting with their local governments, to see if they need any assistance getting over the final hurdle.
US government opposes most new gTLDs
The US government has come out against most of the new gTLDs likely to be applied for in next year’s application round, saying they will contribute to the “global phishing problem”.
The eyebrow-raising revelation came during an intervention from Susan Chalmers, the country’s senior representative on the Governmental Advisory Committee, at the ICANN 83 meeting in Prague this afternoon.
Chalmers said the US is not opposed to the next round in general, but “has some reservations” that the expansion could make DNS abuse worse and that ICANN should “consider how to limit the expansion appropriately”.
Here are her remarks in full:
The United States has some reservations about the next round of new gTLDs. Specifically we have concerns that expanding the DNS too broadly can lead to more spam and DNS abuse for everyone on the internet. Our concerns are not for a next round in general to be clear. We see value in certain categories of applications such as for geo-TLDs and for internationalized domain names. In some cases it makes sense to add new strings to the DNS, but in light of the global phishing problem (which we will learn more about tomorrow) and similar concerns the United States is of the view that we should not expand the DNS too broadly. As the GAC did in 2013 we must consider how to limit the expansion appropriately to take into account public interest impacts.
The US, which has at least five civil servants attending the GAC meetings in Prague, was the only government to openly oppose new gTLDs during this afternoon’s session.
The position puts the US at odds with likely the majority of next-round new gTLD applicants, which could be a cause for concern.
While there will no doubt be some worthy geographic TLDs and IDNs applied for, if 2026 is anything like the 2012 round most applications will be commercial in nature, with as broad an appeal as possible.
Sadly, no doubt some applicants will be the kind of chancers who want to make their millions selling disposable domains for a buck apiece to spammers.
While Chalmers’ remarks may be somewhat surprising, the US position under Trump isn’t a million miles away from the Obama administration’s position in the run-up to the 2012 round.
Back then, the US tried successfully to strong-arm ICANN into giving the GAC more powers over which gTLDs could and could not enter the root. Those powers have been grandfathered in to the rules for next year’s round.
But the political landscape was different back then. ICANN was still a US government contractor, which irked other governments. Some nations wanted ICANN’s powers to be expatriated and given to a body like the International Telecommunications Union. The US was keen to keep the Org under its jurisdiction, and thought a beefed-up GAC was the way to do it.
It seems unlikely that the US could derail the next round entirely. Technically, it would have to win over the full GAC to produce a consensus against the expansion, but one of the hallmarks of the Trump administration so far has been its refusal to play nicely or respect multilateralism, so who knows what might happen.
The US could also use ICANN’s own rules to object to individual new gTLD applications it deems risky or unworthy.
A GAC consensus advice objection against an applications has historically been enough to kill it dead, but any nation can also choose to go it alone by issuing a so-called GAC Early Warning.
An Early Warning is a unilateral notice to an applicant that a government doesn’t like their application and may try to get it rejected or changed in some way. Applicants are free to ignore such warnings, but are encouraged to engage with the government in question to resolve their concerns.
Could Chalmers’ remarks today be the first early warning?
Nova announces $45 million of new gTLD applications
Nova Registry, which runs .link, has announced it plans to apply for 200 new gTLDs when ICANN opens up the next application window about a year from now.
It’s the first time in this round a company has announced plans to build a huge TLD portfolio. It would cost around $45.4 million in application fees alone, if ICANN’s guide price of $227,000 stays true.
It would make Nova the second-largest applicant by gTLD count to date, dwarfed only by the over 300 Donuts applied for in 2012. It would be about twice as large as the 101 Google applied for last time.
In the 2026 round, only Unstoppable Domains has announced a large number of applications — more than 50 — but those are all with partners that would presumably eventually become the contracted registry.
It’s not entirely clear from today’s announcement whether Nova is financing this project, which it calls SuperNova200, alone, or whether it’s looking for business partners.
“We will apply for 200 new Generic Top-Level Domains (gTLDs),” the registry says. “A new breed of gTLDs to drive innovation, competition, and consumer choice while enhancing the utility of the DNS.”
Nova entered the market in 2022 when it acquired .link from UNR. It appears to be ultimately owned by domainer Yonatan Belousov and is managed by ICM Registry alum Vaughn Liley.
New gTLD use cases not much use
ICANN has come in for periodic criticism over the last decade or so for not being sufficiently enthusiastic in public about its new gTLD program, but this time around it’s trying to do something about it.
New gTLD program participants have said that ICANN should have thrown more of its substantial resources into marketing the program, raising the profile of both the application period and the availability of new gTLDs when they go live.
But, under community guidance for the 2026 application window, Org started promoting the program earlier this year, with the publication of a “Next Round Champion’s Toolkit” web site containing ready-made marketing materials that consultants and gTLD service providers are free to use to reach out to their respective communities or sales prospects.
The latest component of this effort is a batch of 13 “use case” documents, each covering a specific gTLD from the 2012 round, compiled by ICANN, “each providing a compelling example of how different types of organizations use gTLDs”.
ICANN was wise to avoid calling them “case studies”. They’re pretty lightweight, with not [m]any particularly useful insights or actionable nuggets of advice. A cynic might summarize the 13 documents thus:
Hey, did you know .CEO/.SECURITY/.BANK exists? It really does! Here’s barely 500 words of elevator-pitch fluff from the registry’s PR folk, presented in the format of one of those glossy, double-sided, one-page inserts you find in a conference schwag bag and toss into your hotel room trash can unread when trying to reduce the weight of your carry-on.
Six out of the 13 use cases are generics run by XYZ Registry. Five are big-C “Community” gTLDs (including the geographic/linguistic niche offerings .gal, .lat and .bzh). Microsoft is the only dot-brand registry represented.
Notably, given how much emphasis ICANN has been putting on its goal to expand outreach efforts in under-served regions (op-eds and press releases have started popping up in places like India and Nigeria recently), there are no IDN gTLD use cases yet. And all the use cases are in English.
Still, I expect the use cases could be useful to Next Round “Champions” in some scenarios, certainly not as later-stage decision support but rather as part of an arsenal of foot-in-the-door introductory materials aimed at prospects utterly unaware that new gTLDs exist.
ICANN confirms two bans on new gTLD gaming
ICANN’s board of directors has just voted to approve two bans on practices in the new gTLD program that could be considered “gaming”.
It’s banned applicants for the same string from privately paying each other to drop out of contention, such as via private auctions, and has banned singular and plural versions of the same string from coexisting.
The plurals ban means that if, for example, one company applies for .podcast and another applies for .podcasts, they will go into the same contention set and only one will ultimately go live.
It also means that you can’t apply for the single/plural equivalent of an already-existing gTLD. So if you were planning to apply for, oh I dunno, .farms for example, you’re out of luck.
The move should mean that lazy applicants won’t be able to rely on piggybacking on the marketing spend of their plural/singular rivals, or on purely defensive registrations. I will also reduce end-user confusion.
The ban on private contention resolution means that contention sets will largely be resolved via an ICANN-run “auction of last resort”, in which ICANN gets all the money.
In the 2012 application round, private resolution was encouraged, and some companies made tens of millions of dollars from their rivals by losing auctions and withdrawing their applications.
Both bans had been encouraged by ICANN’s Governmental Advisory Committee and received the unanimous support of the board (excluding conflict-related abstentions) at the Org’s AGM in Turkiye this afternoon.
Chinese say internet not ready for single-letter gTLDs
Several major Chinese tech organizations have urged ICANN not to lift its ban on single-character gTLDs, saying the risk of confusion is too great.
Allowing single-character gTLDs in Han script was the most objected-to part of the draft Applicant Guidebook in ICANN’s just-closed public comment period, with the objections all coming from China.
Han script is used in Chinese, Japanese and Korean languages. A single character can convey the same semantic impact as a whole multi-character word in European languages.
But the commenters warned that a single character can have multiple meanings, increasing the risk of confusion.
Rui Zhong of the Internet Society of China said for example that the Han character “新” can mean “new” but is also the abbreviation for the Chinese province of Xinjiang and the nation of Singapore.
Lang Wang of CNNIC warned: “the similarities in pronunciation, form, and meaning of Han script single-character gTLD could lead to the risks of phishing, homophone attacks, intellectual property disputes, etc”.
It seems the issue may be a bit more complex than visually identical words having multiple definitions in other languages, with multiple commenters saying that single-character words do not reflect the reality of modern Chinese usage.
Second-shot gTLD bid rules revealed
ICANN has published the first, early draft of rules for new gTLD applicants that want to change their applied-for strings at the thirteenth hour.
In a shock move last month, ICANN’s board of directors said that applicants would be able to nominate a second-choice gTLD, as a means to reduce the number of contention sets and potentially increase the number of approved TLDs.
The decision, which has yet to be formally approved by the board, arguably raised more questions than it answered, and has been criticized for being a top-down imposition and introducing much more complexity into the application process.
But the poor Org staffers tasked with turning the idea into reality have now published a first draft of the proposed rules, which could eventually make it into the final Applicant Guidebook, that may answer some of those questions.
But I’m not convinced the idea has been sufficiently thought through yet. Here’s my take.
There’s going to be two Reveal Days
In 2012, Reveal Day was the day ICANN published the applicant names and applied-for strings of all 1,930 new gTLD applications. It was a simple one-time info dump, letting all applicants know who they were competing against.
As host of a Reveal Day panel discussion, I’d been given a hard copy of the spreadsheet in advance and virtually had to fight off applicants wanting a sneak peek with a dirty stick, despite the reveal being mere minutes away.
This time around, giving applicants the option of a pre-selected back-up string complicates matters, so there would be two reveals: Preliminary Reveal Day and Final Reveal Day.
On Preliminary Reveal Day, ICANN would publish the list of applicants along with their primary and secondary desired strings. Applicants would instantly know whether they were in contention, and get a rough idea of of what their second-chance options were.
They would then have a Replacement Period, currently penciled in at [14 days] to decide whether to stick to their first choice or switch their entire application over to their back-up.
If you’re a tiny podcast aggregator who suddenly finds your .podcasts application facing a contention resolution auction against Amazon, Spotify and Joe Rogan, you might want to switch to .knittingpodcasts or something.
Pick a crappy string
I present the example of .knittingpodcasts only half jokingly — the way the rules are currently drafted appears to actively encourage the selection of crappy back-up strings.
ICANN staffers told community members at two implementation meetings this month that applicants should pick second-choice strings “unlikely to be picked up by somebody else as their alternate”.
The whole point of allowing replacement strings is to reduce the number of contention sets. Applicants will not be allowed to switch to a string that is another applicant’s primary or secondary string. The draft text reads:
Applicants must be aware that they will be prevented from using their replacement string in cases where a designated replacement string is identical to another replacement string or applied-for primary string, as this would increase the risk of new instances of contention being created or existing instances being increased.
So, unless you’re hoping to get very lucky indeed, you’d be mad to apply for .crypto and nominate .blockchain as your back-up, as you’d be prevented from switching to your second-choice, which is very likely to be already contested.
Your best chance of avoiding contention would be to pick a string just crappy enough that nobody else is likely to apply for it, but not crappy enough that it doesn’t make business sense to apply for.
Avoid plurals, dummy
It now seems incredibly likely that ICANN is going to ban single/plural equivalents from coexisting, so choosing the plural of your primary string as your back-up (or vice-versa) would probably be an exercise in futility.
If the ban is approved, plural/singular matches will be placed in the same contention set anyway, so picking .podcasts as your alternate for .podcast will in most cases not avoid contention. There are some edge cases here, which I’ll get to below.
There’s no going back
Once you’ve opted to switch to your secondary string, you can’t later change your mind and switch back, even if all your original competitors have dropped out of the race and you’d have a free run at your primary.
The draft rules currently state: “Applicants who opt for their replacement string will be unable to revert to their original primary string at any stage during the program.”
They later state: “Applicants should note that if all applicants for a given string opt for their respective replacement strings, it is possible that there may be no remaining active application for the primary applied-for string.”
War-gaming undesirable consequences
I think we can all agree that .podcast is a more desirable gTLD than .podcasts.
Spotify says there are something like six million podcasts in its library. Selling a .podcast domain to a fraction of those podcasters could be a very lucrative business and provide millions of registrants with cool domains.
But how many entities would feel a .podcasts domain is more appropriate for their businesses? A handful of podcast aggregators, maybe? Certainly a substantially smaller number. The .podcasts registry would have to sell at a huge premium price to make up for the loss of volume.
So, let’s say Company A and Company B both apply for .podcast as their primary string. Company A selects .knittingpodcast as its back-up, while Company B selects .fishingpodcast.
After Preliminary Reveal Day, both applicants become afraid that their rival is better-funded and more committed to their application, so to avoid an auction decide to switch to their secondary string.
Remember, ICANN is bent on banning private resolution of contention sets, and while language has yet to be published or finalized, the current thinking is that private resolution would also be banned during the Replacement Period. The rules might even go so far as to ban non-monetary resolution, or communication between competing applicants.
So Company A and Company B, both fearful of the other’s financial clout, switch to their back-ups and a year or two down the line the internet has a .fishingpodcast gTLD and a .knittingpodcast gTLD, but no .podcast gTLD.
Let’s say instead that Company B ignored ICANN advice and named the plural .podcasts as its back-up, and both applicants switched. Now, not only would the more desirable singular .podcast not get delegated, but the single/plural ban would mean it would never be delegated.
Is that a desirable outcome? Populating the DNS with second-choice gTLDs nobody wants? (.com fanboys feel free to leave a comment below).
I can’t help but feel that a lot of this stuff is going to need much more intensive war-gaming, possibly involving top psychologists and game theorists, before the rules are finalized and approved.
ICANN fixes embarrassing “What is a Domain Name?” mistake
Good news, everyone! ICANN knows what a domain name is!
The Org has quietly corrected a slide deck, designed as a high-level introduction to the new gTLD program’s Next Round, that seemed to mislabel the components of a domain name.
When it was first published in early September, the offending slide looked like this:
When I saw it, for a few moments I was genuinely worried I’d had another stroke or, worse, been wrong for a quarter century. Surely ICANN, the organization that oversees the global DNS, knew more about this stuff than I do?
Rather than call an ambulance immediately, I tweeted a screengrab on Twitter to get the reassurance of the four people still on that platform that I had not lost my mind.
Now, in the same ICANN deck (pdf), apparently updated September 19, the slide looks like this:
The deck is part of a “Champions Toolkit”, a bunch of freebie marketing materials made available for people who want to market the Next Round, particularly in under-served regions, on ICANN’s behalf.
New gTLD application fee rises by thousands after collision call
ICANN has upped its expected new gTLD application fee after approving a costly new plan to tack name collisions.
The baseline price of applying for a single string, most recently pegged at $220,000, is now expected to go up by $5,000, according to a recent resolution of the ICANN board of directors.
The board earlier this month approved the Name Collision Analysis Project Study 2 Final Report, which proposed a way to prevent new gTLDs seriously interfering with existing non-standard TLD use on private networks.
Strings applied for successfully in the 2012 round had to agree to a 90-day post-launch period of “controlled interruption”, during which the entire gTLD was wildcarded with information to help affected parties fix their DNS configuration.
So if a company had been using .horse on its internal network, and a suddenly-delegated .horse gTLD started causing leakages to the public DNS, the company was quickly alerted to what the problem was.
Under the now-approved NCAP 2 plan, ICANN will take over responsibility for controlled interruption. Applied-for strings will be tested in the live DNS before a registry has even been contracted.
The results would be assessed by a Technical Review Team and applicants for strings considered at high risk of collisions would be able to submit mitigation plans for evaluation before having their registry contracts approved.
While approving NCAP 2 will generate more confidence that the Next Round will in fact go ahead in the second quarter of 2026, this extra stage of course will add friction and cost to the evaluation process.
ICANN estimates it will add $500,000 to its program implementation budget and $6.9 million to the application processing budget, increasing the application fee by $5,000 per application. That seems to assume 1,500 applications being submitted.
The likely increase has been flagged up for months, so is unlikely to surprise potential applicants, but will not appease those already grumbling that the fee has gone up so sharply from the $185,000 charged in the 2012 round.
It’s also bad news for companies that applied for .home, .corp or .mail in 2012, which were rejected due to the high risk of collisions.
The ICANN board rejected NCAP 2’s recommendation that these three gTLDs should be submitted to the new Name Collision Risk Assessment Process, potentially reawakening their applications from their Not Approved status.
Under the latest board action, anyone who applied for .home, .corp or .mail in 2012 will have no preferential treatment if they apply for the same strings again in 2026, according to the resolution.
Affected applicants were already offered a full refund for their rejected bids, with only deep-pocketed Amazon and Google so far not exercising that option. Now they have no excuse.
Recent Comments