Recent Posts
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
- $2 million Christmas bonus for ICANN
- Another VW car dot-brand crashes out
- Largest back-end switch EVER as GoDaddy loses deal
- Yeah, we got phished, ICANN admits after crypto hack
- ICANN hacked to promote crypto scam
- Super Bowl a bit of a dud for .com?
- More gloom predicted for .com
- These are the .gov domains Trump has deleted so far
- Did Trump just create the world’s next ccTLD?
- $3,000 to do a Whois lookup?
- PIR to join GlobalBlock, but its crown jewel won’t
- LA wildfire victims get domain deletes delay
- .free domains to finally arrive as Amazon reveals three gTLD launches
- Six more gTLDs shown the door, five may be auctioned
- Registrar terminated after ignoring Whois transition
- $10 million ICANN giveaway winners picked
- Whois officially died today
- Typo left MasterCard open to hackers for years
- Could ICANN approve an R-word gTLD?
- These are the TLD growers and shrinkers of 2024 (part two)
- GoDaddy ordered to stop lying about crappy security
- These are the TLD growers and shrinkers of 2024 (part one)
- Dead terrorist domains for sale, just without the hyphens
- ICANN eyes more price hikes as it predicts dismal year for industry
- Meet the six people battling to join ICANN’s board
- New gTLD use cases not much use
- Defensive dot-brands are renewing, making ICANN millions
- Identity Digital offers free domain trials through LinkedIn
- Antisemitic remarks cost registrar dearly
- ICANN lawyers want to keep their clients secret
- Facebook cybersquatter asks ICANN to overturn UDRP ruling
- .xxx founder Stuart Lawley has died
- The new gTLD Next Round is really happening as two ICANN programs go live
- Verisign has much to be thankful for as .com contract renewed
- Another 40,000 .ai domains registered
- RDRS usage hits new low
- A dot-brand that was actually used is shutting down
- .id joins the million-domain club
- GoDaddy’s .xxx contract renewed
- Twitter clone Bluesky has one feature domain people should like
- ICANN confirms two bans on new gTLD gaming
- eBay slogan domain no longer has a BIN price
- Will Donald Trump be .io’s white knight?
- As customers flee legacy gTLDs, .org tops 11 million names
- Company accidentally puts porn domain on kids’ toys
- eBay’s new slogan looks like a $75,000 domain it doesn’t own
- Americans are deserting .com
- Weak Q3 for the domain universe, Verisign reports
- ICANN says it WILL raise its domain taxes soon
- Senator says domain industry “enables” Russian disinfo attacks
- bit.ليبيا? Libya to get its Arabic ccTLD
- Verisign gets eight more years running the root
- Two-horse race for open ICANN board seat
- Chinese say internet not ready for single-letter gTLDs
- Unloved INTA slams ICANN over new gTLDs
- Namecheap scores win in .org price-cap lawsuit
- Some Guy wants to take over .com and .net
- Second-shot gTLD bid rules revealed
- Nominet names directors after tight election
- Lawyer ban coming to ICANN
- Identity Digital to take over .ai
- ICA teams up with WIPO on UDRP reform
- Response to sex harassment lawsuit “inadequate”, say ICANN vets
- Unstoppable tops four million names
- Amazon readying fashion and book gTLDs
- Five times ICANN deleted a ccTLD, and what it means for .io
- Future of .io domains uncertain as UK hands over Chagos islands
- .ai now has over half a million names
- UK and Israel cut ICANN funding
- Twitter now up-to-date on linkification
- Moment of truth as .music domains finally go on sale
- ICANN fixes embarrassing “What is a Domain Name?” mistake
- Another ccTLD opens up its second level
- Reporter gains first access to .io island for decades
- .io sells $40 million of domains after massive uptick
- After five years, “useless” TLD has two web sites
- Verisign agrees to .com takedown rules
- New .com contract could see ALL domain prices go up
- Investing in .ad domains may be risky
- Plurals ban policy handed to ICANN board
- Three .now domains sell at premium EAP prices
- ICANN confirms new gTLD application fee
ICANN says it WILL raise its domain taxes soon
Prices in all gTLDs will go up after ICANN told registries and registrars last week that it plans to increase the fees it charges them, sometimes called its “tax”, next year.
The extra fee ICANN takes from registrars for each new domain registration and renewal will increase from $0.18 to $0.20, according to an email sent from ICANN VP Russ Weinstein to registrars Thursday evening.
This fee is typically passed on explicitly and directly to registrants in their registrar’s shopping cart.
Less-visible charges on registries will also go up. The fixed quarterly fee will go from $6,250 per quarter ($25,000 per year) to $6,450 per quarter ($25,800 per year) and the per-transaction fee will go up from $0.25 per year to $0.258 per year.
The registry fee changes will take effect January 1, but the registrar fee changes will not take effect until July 1, 2025, the start of ICANN’s next fiscal year, according to ICANN.
“After more than a decade of no changes to registry-level and registrar-level fees, ICANN would like to increase the fees it charges to both parties,” Weinstein wrote.
The two cents tax increase is big in percentage terms — about 11% — while the registry fee is more in line with US inflation at 3.20%.
The fixed registrar accreditation fee is to stay the same at $4,000 per year, while the variable accreditation fee, which is divided between registrars based on their transaction volume, is going up from a total of $3.42 million to $3.8 million per year.
The increases come as ICANN struggles to fill a $10 million hole in its budget — a situation that has already led to layoffs — and some back-of-the-envelope calculations suggest the combined fee increases are designed to raise annual revenue in that ball-park.
Due to the differences between the standard Registry Agreement and Registrar Accreditation Agreement, ICANN can push through the registry fee increases fairly quickly and unilaterally, while the registrar changes have some red tape.
The two-cent tax increase will be part of ICANN’s usual budget process, which includes a public comment period and consideration by the board of directors, while the variable fee increase will be subject to a registrar vote.
Note: an early, unfinished draft of this post was inadvertently published on Friday, for which I can only apologize.
Verisign agrees to .com takedown rules
Verisign has agreed to take down abusive .com domains under the next version of its registry contract with ICANN.
The proposed deal, published for public comment yesterday, could have financial implications for the entire domain industry, but it also contains a range of changes covering the technical management of .com.
Key among them is the addition of new rules on “DNS Abuse” that require Verisign to respond to abuse reports, either by referring the domain to its registrar or by taking direct action
Abuse is defined with the now industry-standard “malware, botnets, phishing, pharming, and spam (when spam serves as a delivery mechanism for the other forms of DNS Abuse listed in this definition)”.
The language is virtually identical to the strengthened DNS abuse language in the base Registry Agreement that almost all other gTLD registries have been committed to since their contracts were updated this April. It reads:
Where Registry Operator reasonably determines, based on actionable evidence, that a registered domain name in the TLD is being used for DNS Abuse, Registry Operator must promptly take the appropriate mitigation action(s) that are reasonably necessary to contribute to stopping, or otherwise disrupting, the domain name from being used for DNS Abuse. Such action(s) shall, at a minimum, include: (i) the referral of the domains being used for the DNS Abuse, along with relevant evidence, to the sponsoring registrar; or (ii) the taking of direct action, by Registry Operator, where Registry Operator deems appropriate.
The current version of the .com contract only requires Verisign to publish an abuse contact on its web site. It doesn’t even oblige the company to respond to abuse reports.
In domain volume terms, .com is regularly judged one of the most-abused TLDs on the internet, though newer, cheaper gTLDs usually have worse numbers in terms of the percentage of registrations that are abusive.
Verisign will also get an obligation that other registries don’t have — to report to ICANN “any cyber incident, physical intrusion or infrastructure damages” that affects the .com registry.
ICANN won’t be able to reveal the details of such incidents publicly unless Verisign gives its permission, but in a side deal (pdf) the two parties promise to work together on a process for public disclosure.
Verisign will also have to implement two 20-year-old IETF standards on “Network Ingress Filtering” that describe methods of mitigating denial-of-service attacks by blocking traffic from forged IP addresses.
The contract is open for public comment.
GoDaddy’s next .xxx contract may not be a done deal
ICANN has published what could be the next version of GoDaddy’s .xxx registry contract, and is framing it as very much open to challenge.
The proposed Registry Agreement would scrap the “sponsored” designation from .xxx, substantially reduce GoDaddy’s ICANN fees, and implement the strictest child-protection measures of any gTLD, as well as make ICANN Compliance’s job a lot easier by standardizing terms on the new gTLD program’s Base RA.
But, as eager as ICANN usually is to shift legacy, pre-2012 gTLDs to the Base RA, this time it’s published the contract for public comment as if it’s something GoDaddy is unilaterally proposing.
It’s “ICM’s proposal”, according to ICANN’s public comment announcement, referring to GoDaddy subsidiary ICM Registry, and “ICM has requested to use the Base Registry Agreement form, as well as to remove the sponsorship designation of the .XXX TLD”.
This is not the language ICANN usually uses when it publishes RA renewals for public comment. Normally, the proposed contracts are presented as the result of bilateral negotiations. In this case, ICANN and ICM have been in renewal discussions for at least three years, but the contract is being presented as something GoDaddy alone has asked for.
The new RA would remove almost all references to sponsorship and to IFFOR, the pretty much toothless “sponsor” organization ICM created to get its .xxx application over the line under the rules of the Sponsored TLD application round that kicked off back in 2003.
Instead, it loads a bunch of Public Interest Commitments, aimed at replicating some of the safeguards IFFOR oversight was supposed to provide, into the Base RA.
GoDaddy would have to ban and proactively seek out and report child sexual abuse material. It would also prohibit practices that suggest the presence of CSAM, such as the inclusion of certain unspecified keywords in .xxx domains or in the corresponding web site’s content or meta-content.
(ICANN notes that these PICs may become unenforceable, depending on the outcome of current discussions about its ability to enforce content-related terms of its contracts).
GoDaddy and IFFOR have both submitted letters arguing that sponsorship is no longer required. The existence of sister gTLDs .adult, .sex, and .porn as unsponsored gTLDs, also in the GoDaddy Registry stable, proves the extra oversight is not needed, they say. Registrants polled do not object to the changes, they say.
GoDaddy’s cost structure would also change under the new deal. Not only would it save $100,000 a year by cutting off IFFOR, but it would also inherit the Base RA’s 50,000-domain threshold for paying ICANN transaction fees.
This likely means it won’t pay the $0.25 transaction fee for a while — .xxx was at about 47,500 domains under management and shrinking at the last count. It hasn’t reported DUM over 50,000 since January 2023.
While the renewal terms may seem pragmatic and not especially unreasonable, they’ve already received at least one public objection.
Consultant Michael Palage, who was on the ICANN board for the first three years of .xxx’s agonizing eight-year path to approval, took to the mic at the ICANN 79 Public Forum earlier this month to urge the board to reject GoDaddy’s request.
Palage said there have been “material violations of the Registry Agreement” that he planned to inform ICANN Compliance about. He added that approving the new deal would set a bad precedent for all the other “community” registries ICANN has contracts with.
The situation has some things in common with the controversy over the proposed acquisition of Public Internet Registry and .org a few years ago, in that the proposal entails ignoring promises made by a registry two decades ago.
Whether .xxx will attract the same level of outrage is debatable — this deal doesn’t involve nearly as many domains and does not talk to the price registrants pay — but it could attract noise from those who believe ICANN should not throw out its principles for the sake of a quieter life.
One place we might look for comment is the Governmental Advisory Committee, which was the biggest reason .xxx took so long to get approved in the first place.
But the timing of the comment period opening is interesting, coming a week after ICANN 79 closed. It will end April 29, about six weeks before the full GAC next meets en masse, at ICANN 80.
It’s not impossible that the new contract could be approved and signed before the governments get a chance to publicly haul ICANN’s board over the coals.
ICANN approves domain takedown rules
ICANN’s board of directors has formally approved amendments to its standard registry and registrar contracts aimed at forcing companies to take action against domains involved in DNS abuse.
At its meeting last weekend, the board passed a resolution amending the Registrar Accreditation Agreement and Base gTLD Registry Agreement to include tougher rules on tackling abuse.
Registrars must now “promptly take the appropriate mitigation action(s) that are reasonably necessary to stop, or otherwise disrupt, the Registered Name from being used for DNS Abuse” when provided with evidence of such abuse.
Registries have a similar obligation to take action, but the action might be to refer the abusive domain to the appropriate registrar.
The rules follow the now industry-standard definition of DNS abuse: “malware, botnets, phishing, pharming, and spam (when spam serves as a delivery mechanism for the other forms of DNS Abuse listed)”.
The changes were crafted by ICANN along with registries and registrars and voted through late last year by a hefty majority of both camps.
The two contracts are now in the hands of the ICANN CEO and her lawyers for final action before becoming enforceable.
Registries and registrars vote ‘Yes’ to new DNS abuse rules
ICANN’s contracted registries and registrars have voted to accept new rules requiring them to take action on DNS abuse.
The new rules come after a vote lasting a few months with some quite high thresholds for success.
The current Registrar Accreditation Agreement merely requires registrars to “take reasonable and prompt steps to investigate and respond appropriately to any reports of abuse”, which is pretty vague and barely enforceable.
The amendments, which still need to be rubber-stamped by the ICANN board, make it much clearer what registrars are expected to do in which circumstances. A new paragraph is added that reads:
3.18.2 When Registrar has actionable evidence that a Registered Name sponsored by Registrar is being used for DNS Abuse, Registrar must promptly take the appropriate mitigation action(s) that are reasonably necessary to stop, or otherwise disrupt, the Registered Name from being used for DNS Abuse. Action(s) may vary depending on the circumstances, taking into account the cause and severity of the harm from the DNS Abuse and the possibility of associated collateral damage.
For registries, the new text for the base gTLD Registry Agreement is similar, but with a little more wiggle-room:
Where a Registry Operator reasonably determines, based on actionable evidence, that a registered domain name in the TLD is being used for DNS Abuse, Registry Operator must promptly take the appropriate mitigation action(s) that are reasonably necessary to contribute to stopping, or otherwise disrupting, the domain name from being used for DNS Abuse. Such action(s) shall, at a minimum, include: (i)the referral of the domains being used for the DNS Abuse, along with relevant evidence, to the sponsoring registrar; or (ii) the taking of direct action, by the Registry Operator, where the Registry Operator deems appropriate. Action(s) may vary depending on the circumstances of each case, taking into account the severity of the harm from the DNS Abuse and the possibility of associated collateral damage.
In both cases, DNS abuse is defined by the now industry standard line: “malware, botnets, phishing, pharming, and spam (when spam serves as a delivery mechanism for the other forms of DNS Abuse listed in this Section)”.
There are a few other quality of life updates, such as the requirement for registrars to acknowledge receipt of abuse reports and to have their abuse reporting mechanism “conspicuously and readily accessible from” their home pages.
ICANN needed registrars representing over 90% of registered gTLD domains (adjusted slightly to make GoDaddy’s voice less powerful). That threshold was passed last week, with 94% of domains voting in favor of the amendments.
For registries, ICANN required a simple majority of registries (counted by contract rather than company) and for all registries voting in favor to have been responsible for two thirds of all registry fees paid last year.
Judging by the financial thresholds, .com and .net, which are not on the base RA, were not involved.
Everyone hates Verisign’s new .net deal
The public has commented: Verisign’s .net registry contract should not be renewed in its currently proposed form.
ICANN’s public comment period for the renewal closed yesterday and attracted 57 submissions, most of which either complained about Verisign being allowed to raise its prices or expressed fears about domains being seized by governments.
The proposed contract retains the current pricing structure, in which Verisign is allowed to raise the price of a .net domain by 10% a year. They currently cost $9.92, meaning they could reach $17.57 by the time the contract ends.
The Internet Commerce Association, some of its supporters, Namecheap, the Registrars Stakeholder Group, the Cross-Community Working Party on ICANN and Human Rights (CCWP-HR), and TurnCommerce all oppose the price increases.
The RrSG said the price provisions “are without sufficient justification or an analysis of its potentially substantial impact on the DNS”.
These commenters and others who did not directly oppose the increases, including the At-Large Advisory Committee and consultant Michael Palage, called for ICANN to conduct an economic analysis of the domain name market.
The Business Constituency was the only commenter to openly support the increases, though its comment noted that it is opposed in principle to ICANN capping prices at all.
The Intellectual Property Constituency did not express a view on pricing, but called for greater transparency into the side-deal that sees ICANN get an extra $4 million a year for unspecified security-related work. ICANN has never revealed publicly how this money is spent.
In terms of the number of submissions, the biggest concern people seem to have is that the proposed contract contains language obliging Verisign to take down domains to comply with “applicable law, government rules or regulations, or pursuant to any legal order or subpoena of any government, administrative or governmental authority, or court of competent jurisdiction”.
This language is already in the .com contract, but before ICANN clarified this on April 26 several concerned registrants had made comments opposing its inclusion.
Notably, the founder of the controversial troll forum kiwifarms.net, which has been kicked out of registrars after being linked to suicides, submitted his own “ICANN should be destroyed” comment.
Several commenters also noted that the definition of “security and stability” in the .net contract differs to the Base Registry Agreement that almost all other registries have signed in such a way that it is feared that Verisign would not have to abide by future ICANN Consensus Policies under certain circumstances.
As several commenters note, the usual protocol following an ICANN public comment period is for ICANN to issue a summary report, pay lip service to having “considered” the input, and then make absolutely no changes at all.
This time, some commenters held out some hope that ICANN’s new, surprisingly sprightly and accommodating leadership may have a different approach.
The comments can be read here.
ICANN signs Whois’ death warrant in new contracts
Whois as we have known it for decades will be phased out of gTLDs over the next couple of years, after ICANN approved changes to its contracts at the weekend.
The board of directors signed off on amendments to the base Registry Agreement and Registrar Accreditation Agreement after they were approved by the requisite majority of registries and registrars earlier this year.
The changes outline how registries and registrars must make the move away from Whois, the technical specification, toward the functionally similar RDAP, the Registration Data Access Protocol.
After the amendments go into effect, contracted parties will have about 18 months to make the migration. They’ll be allowed to run Whois services in parallel if they wish after the transition.
People will in all likelihood carry on referring to such services as “Whois”, regardless, rather than the official replacement term “Registration Data Directory Services” or RDDS.
The RAA amendment will also require registrars to provide full RDAP output, rather than relying on “thick” registries to do it for them.
None of the changes affect how much personal information is returned for domain ownership lookups.
Verisign’s .net contract up for public comment
ICANN intends to renew Verisign’s contract to run the .net gTLD and has opened the revised deal for public comment.
At first glance, there doesn’t appear to be anything massively controversial about the proposed changes, so we probably shouldn’t expect the same kind of outrage similar contract renewals have solicited in the past.
A great deal of the changes relate to the sunsetting of the Whois protocol and its replacement with the functionally similar RDAP, something set to become part of all gTLD contracts, legacy and new, soon.
The only money-related change of note is the agreement that Verisign will pay pro-rated portions of the $0.75 annual ICANN transaction fee when it sells its Consolidate service, which allows registrants to synchronize their expiry dates for convenience.
That provision is already in the .com contract, and Verisign has agreed to back-date the payments to May 1, 2020, around about the same time the .com contract was signed.
The controversial side-deal under which Verisign agreed to pay ICANN $4 million a year for five years is also being amended, but the duration and amount of money do not appear to be changing.
The new Registry Agreement also includes Public Interest Commitments for the first time. Verisign has agreed to two PICs common to all new gTLD RAs governing prohibitions on abusive behaviors.
The deal would extend Verisign’s oversight for six years, to June 30, 2029. It’s open for public comment until May 25.
Abuse crackdown likely in next gTLD registrar contract
ICANN and its accredited registries and registrars have formally kicked off contract renegotiations designed to better tackle DNS abuse.
The aim is to create a “baseline obligation” for contracted parties to “take reasonable and appropriate action to mitigate or disrupt malicious registrations engaged in DNS Abuse”, according to recent correspondence.
This may close the loophole in the contracts identified this year that hinder ICANN Compliance’s ability to take action against registrars that turn a blind eye to abuse.
The current contracts require registrars to “take reasonable and prompt steps to investigate and respond appropriately to any reports of abuse”, which lacks clarity because there’s no agreement on what an appropriate response is.
The registries and registrars stakeholder groups (RySG and RrSG) note that there won’t be an expansion of the term “DNS abuse” to expand into web site content, nor will the talks cover Whois policy.
As is the norm for contract negotiations, they’ll be bilateral between ICANN and a select group of representative contracted parties, and conducted in private.
Talks are expected to take three to six months and the resulting amendments to the Registrar Accreditation Agreement and base Registry Agreement will be published for 30 days of public comment.
It’s been almost 10 years since the RAA was last updated.
New ICANN contracts chart the death throes of Whois
Whois is on its death bed, and new versions of ICANN’s standard contracts put a timeline to its demise.
The Org has posted proposed updates to its Registrar Accreditation Agreement and Registry Agreement, and most of the changes focus on the industry-wide transition from the Whois standard to the newer Registration Data Access Protocol.
We’re only talking about a change in the technical spec and terminology here. There’ll still be query services you can use to look up the owner of a domain and get a bunch of redactions in response. People will probably still even refer to it as “Whois”.
But when the new RAA goes into effect, likely next year, registrars and registries will have roughly 18 months to make the transition from Whois to RDAP.
Following the contract’s effective date there’ll be an “RDAP Ramp-up Period” during which registrars will not be bound by RDAP service-level agreements. That runs for 180 days.
After the end of that phase, registrars will only have to keep their Whois functioning for another 360 days, until the “WHOIS Services Sunset Date”. After that, they’ll be free to turn Whois off or keep it running (still regulated by ICANN) as they please.
ICANN’s CEO and the chair of the Registrars Stakeholder Group will be able to delay this sunset date if necessary.
Most registrars already run an RDAP server, following an order from ICANN in 2019. IANA publishes a list of the service URLs. One registrar has already lost its accreditation in part because it did not deploy one.
There’ll be implementation work for some registrars, particularly smaller ones, to come into compliance with the new RAA, no doubt.
There’ll also be changes needed for third-party software and services that leverage Whois in some way, such as in the security field or even basic query services. Anyone not keeping track of ICANN rules could be in for a sharp shock in a couple of years.
The contracted parties have been negotiating these changes behind closed doors for almost three years. It’s been almost a decade since the last RAA was agreed.
The contracts are open for public comment until October 24.
Recent Comments