Latest news of the domain name industry

Recent Posts

WebUnited inks deal to “mirror” country’s TLD in the blockchain

Kevin Murphy, February 12, 2024, Domain Registries

Blockchain domains startup WebUnited says it has signed up its first registry client to a service that allows domain names to be “mirrored” on a blockchain naming service.

The company has inked a deal with Global Domains International, the registry for Samoa’s .ws ccTLD (sometimes marketed as a generic for “web site”), that will let its registrars up-sell matching .ws names on the Polygon blockchain.

WebUnited, a Swiss-based joint venture of domain registry ShortDot and “Web3” naming player Freename, says registrants will be able to use their mirrored .ws names to address cryptocurrency wallets, for example.

The company essentially acts as a registry service provider for its registry clients in much the same way as regular RSPs do now, except instead of putting domains into EPP databases and the consensus DNS, it adds them to a blockchain.

Registrars that choose to sign up to the service will use an “EPP-like” API to access the registry, ShortDot COO Kevin Kopas said. He expects .ws to charge about five bucks a year for the blockchain add-on domains.

Kopas said WebUnited is also mirroring policies found in regular domain names, so if somebody loses their domain in a UDRP case, for example, they also lose their matching blockchain name.

After .ws, ShortDot’s own TLDs — .bond, .sbs, .icu, .cyou and .cfd — are also expected to offer the mirroring service. Because these are gTLDs governed by ICANN contracts, ShortDot first has to go through the Registry Service Evaluation Process for approval.

Kopas said that once ShortDot has completed its RSEP it will be able to supply gTLD clients with template language to get their own RSEPs approved. He said WebUnited has a pipeline of potential ccTLD and gTLD registries that have expressed an interest in the service.

Verisign to crack down on Chinese domains

Kevin Murphy, August 15, 2022, Domain Registries

Verisign has asked for permission to implement a more stringent regime for denying or suspending .com and .net domain names registered in China, to comply with the country’s strict licensing rules.

The changes appear to mean that customers of Chinese registrars who have not verified their identities, which Verisign says is a “very small percentage”, will be prevented from registering new domains and may lose their existing domains.

The company has filed a Registry Services Evaluation Process request with ICANN, proposing to tweak the registrant verification system it has had in place for the last five years in a few significant ways.

China has a system called Real Name Verification, whereby Chinese citizens have to provide government-issued ID when they register domains. Local, third-party Verification Service Providers such as ZDNS typically carry out the verification function for Verisign and other foreign registries.

The big change is that Verisign will no longer allow names to be registered without a valid code.

The RSEP says that attempts by China-based registrars to register domains without the required government verification code will result in the EPP create command failing, meaning the domain will not be registered.

Under the current system, outlined in a 2016 RSEP (pdf), the name is registered and Verisign presumably takes the money, but the domain is placed on serverHold status, meaning it is not published in the zone and will not resolve.

The new system will also allow Verisign to retroactively demand codes for already-registered names, when they come up for renewal or transfer, with the option to suspend or delete the names if the codes are not provided. The RSEP (pdf) states:

With regard existing domain names without the required verification codes, which currently comprise a very small percentage of domain name registrations from registrars licensed to operate in the People’s Republic of China, Verisign intends to address compliance issues with these domain names directly with registrars. Verisign reserves the right to deny, cancel, redirect or transfer any domain name registration or transaction, or place any domain name(s) on registry lock, hold or similar status

It’s not clear what a “very small percentage” means in hard numbers. A small slice of a big pie is still a mouthful.

Verisign has substantial exposure to the Chinese market. On the odd occasion when .com shrinks, it’s largely due to speculative registrations from China not being renewed, such as in the second quarter this year.

The RSEP names the service the Domain Name Registration Validation Per Applicable Law service. While it’s in theory applicable to any jurisdiction’s laws, in practice it’s all about addressing the demands of the Chinese government.

Verisign to mandate 2FA for .com registrars

Over 2,000 registrars are likely to be affected by a new Verisign policy making two-factor authentication mandatory when logging into the company’s registrar portal.

ICANN has given the preliminary nod to a Verisign proposal to make 2FA, which has been available on an optional basis for over a decade, mandatory.

Voluntary adoption of the security feature has been light since it was first introduced in 2009. According to Verisign’s Registry Services Evaluation Process request (pdf) only around 200 registrars currently use it.

There were 2,446 active .com registrars at the last count. The RSEP also applies to .net and .name.

The 2FA system requires registrars to enter a one-time password, in addition to their usual credentials, whenever they log in to their accounts.

The change only applies to registrars logging into Verisign’s web site to manage their accounts, not to registrants who have .com domains. It does not apply to under-the-hood EPP transactions.

The company is hoping to implement the change pretty damn quick — its June 30 RSEP states that it will start to give registrars a 30-day noticed period the following day, before ICANN had even formally approved the change.

ICANN approval (pdf) came yesterday, so presumably 2FA will become mandatory in a matter of days.

Another single-TLD brand protection service planned

BestTLD is planning to introduce a trademark-blocking service covering its single new gTLD, .best.

The company has asked ICANN for permission to launch what it calls the Best Protection service, which would provide domain blocks in lieu of defensive registrations in .best.

The service is similar to Donuts’ Domain Protected Marks List and other industry offerings, but is perhaps most comparable to the Trademark Sentry offering .CLUB Domains came up with a few years ago.

While DPML lets brands block their marks as domains across Donuts’ entire stable of almost 300 TLDs, BestTLD’s offering, like .CLUB’s, focuses instead on blocking marks as a substring in a single TLD.

In other words, Facebook could subscribe to the service for the string “facebook” and it would block domains such as “facebook-login.best”.

A good thing about such services from a registry’s perspective is that, unlike domains, the same string can be sold multiple times to different owners of the same trademarked string.

The registry has filed a Registry Services Evaluation Process request with ICANN and said it is ready to launch with back-end provider CentralNic whenever it gets approval.

Pricing was not disclosed, but if .CLUB’s $2,000 tag is any guide one might expect a super-premium fee.

Regular .best domains sell for about $20 a year and over 30,000 have been registered to date.

Donuts’ DropZone approved despite competition fears

Kevin Murphy, October 6, 2021, Domain Registries

ICANN has approved Donuts’ proposed drop-catching service, DropZone, despite concerns it could add cost to the dropping domains market.

The Org and Donuts subsidiaries representing over 200 gTLDs signed amendments September 29 that incorporate DropZone into their Registry Agreements, according to ICANN records.

The full new text in the amendments, which does a pretty good job of describing the service, is:

Dropzone Service

Registry Operator may offer the Dropzone service, which is a Registry Service that will manage the release of domain names that have reached the end of their life cycle.

The Dropzone is a separate system, parallel to the main EPP system, that will manage on a daily basis the release of domain names that have been purged for a short period of time, called the Dropzone. Any TLD-accredited registrars may use the Dropzone to register a recently-purged domain name.

On a daily basis, at the end of the Dropzone period, the Registry will execute an awarding process, which will select, per domain name, the first domain creation request submitted (first come, first serve).

What the amendment doesn’t mention are fees. The original Donuts Registry Service Evaluation Request stated in August:

In addition to the standard or premium registration prices of a given domain name, The Dropzone service can support additional application fees to be configured on a per TLD basis. Applications fees where applicable will be charged in addition to the standard registration price of a domain name.

This caused concern at TurnCommerce, the company that runs the DropCatch.com network of registrars, which told ICANN last month that DropZone was anti-competitive and could raise the price of dropping domains.

But ICANN responded that DropZone passed its competition sniff test, and would not be referred to government authorities.

Donuts has not yet publicly announced plans to launch DropZone.

A virtually identical service, that did not mention added fees in its RSEP, was previous approved for Afilias, the registry operator Donuts acquired at the start of the year.

Dropping domains might get more expensive at Donuts

Kevin Murphy, August 23, 2021, Domain Registries

Donuts is planning to change the way its registry handles dropping domains and may charge additional fees for access.

According to a service request filed with ICANN, Donuts wants to migrate its hundreds of gTLDs to the “Dropzone” system originally deployed by Afilias, which the company acquired at the end of 2020.

Instead of domains separately dropping according to their expiry time, Dropzone sees them pooled together into daily batches for a more orderly release.

Registrars are still awarded dropping domains on a first-come, first-served basis, according to when they submit their EPP create requests to the Dropzone environment, according to Donuts.

Donuts reckons this system will allow it to better manage traffic load on its registry. Presumably, registrars won’t need to send so many creates, as the drop time is synchronized for all deleting domains.

It also thinks the process will help level the playing field for registrars trying to register expired domains.

But the ICANN request (pdf) also suggests that, unlike Afilias, it might add additional fees for registrars to access Dropzone:

In addition to the standard or premium registration prices of a given domain name, The Dropzone service can support additional application fees to be configured on a per TLD basis. Applications fees where applicable will be charged in addition to the standard registration price of a domain name.

Such charges would presumably be passed on to registrants.

Afilias’ original request for Dropzone approval stated that the fee to catch a drop would be the same as a standard registration fee.

Registrars will have to reconfigure their systems to use Dropzone, which exists on a separate host.

Afilias’ 21 gTLDs have been using Dropzone since ICANN approved the service last year.

.org domains could come in seven new languages

Public Interest Registry is planning support for seven more languages in the .org gTLD.

The company has asked ICANN for permission to support seven additional internationalized domain name scripts: Croatian, Finnish, Hindi, Italian, Montenegrin, Portuguese, and Japanese.

Five of these languages use the Latin script also used in English, but have special accents or diacritics that require IDN tables to support in the DNS.

PIR submitted the request via the Registry Services Evaluation Process, where it is currently being reviewed by ICANN. Such RSEPs are usually approved without controversy.

After .org price outrage, ICANN says it has NOT scrapped public comments

Kevin Murphy, October 11, 2019, Domain Policy

ICANN this evening said that it will continue to open up gTLD registry contract amendments for public comment periods, despite posting information yesterday suggesting that it would stop doing so.
The organization recently formalized what it calls “internal guidelines” on when public comment periods are required, and provided a summary in a blog post yesterday.
It was very easy to infer from the wording of the post that ICANN, in the wake of the controversy over the renegotiation of Public Interest Registry’s .org contract, had decided to no longer ask for public comments on future legacy gTLD contract amendments.
I inferred as much, as did another domain news blogger and a few other interested parties I pinged today.
I asked ICANN if that was a correct inference and Cyrus Namazi, head of ICANN’s Global Domains Division, replied:

No, that is not correct. All Registry contract amendments will continue to be posted for public comment same as before.

He went on to say that contract changes that come about as a result of Registry Service Evaluation Process requests or stuff like change of ownership will continue to not be subject to full public comment periods (though RSEP does have its own, less-publicized comment system).
The ICANN blog post lists several scenarios in which ICANN is required to open a public comment period. On the list is this:

ICANN org base agreements with registry operators and registrars.

The word “base” raised at least eight eyebrows of people who read the post, including my two.
The “base” agreements ICANN has with registries and registrars are the 2013 Registrar Accreditation Agreement and the 2012/2017 Registry Agreement.
The RAA applies to all accredited registrars and the base RA applies to all new gTLD registries that applied in the 2012 round.
Registries that applied for, or were already running, gTLDs prior to 2012 all have bespoke contracts that have been gradually brought more — but not necessarily fully — into line with the 2012/17 RA in renewal renegotiations over the last several years.
In all cases, the renegotiated legacy contracts have been subject to public comment, but in no cases have the comments had any meaningful impact on their ultimate approval by ICANN.
The most recent such renewal was Public Interest Registry’s .org contract.
Among the changes were the introduction of the Uniform Rapid Suspension anti-cybersquatting policy, and the removal of price caps that had limited PIR to a 10% increase per year.
The comment period on this contract attracted over 3,200 comments, almost all of which objected to the price regulation changes or the URS.
But the contract was signed regardless, unaffected by the comments, which caused one registrar, NameCheap, to describe the process as a “sham”.
With this apparently specific reference to “base” agreements coming so soon thereafter, it’s easy to see how we could have assumed ICANN had decided to cut off public comment on these contentious issues altogether, but that appears to not be the case.
What this seems to mean is that when .com next comes up for renewal, it will be open for comment.

Google has big, innovative plans for .new

Kevin Murphy, August 5, 2019, Domain Registries

Google is set to launch .new next year with a innovative value proposition that changes how domain names are used.
The company plans to slowly release .new domains to a carefully controlled customer base, starting in the first quarter 2020.
In a Registry Service Evaluation Process request filed with ICANN last week, the company said:

Google Registry plans to launch the .new TLD with a usage-based restriction in its domain registration policy that requires that all domain names be used for action generation or online content creation

The phrase “action generation or online contention creation” is key here, repeated across multiple Google documents.
What it means is that registrants will have to commit to use their .new domains in much the same way as Google itself is using its own batch of proof-of-concept names.
If you type doc.new into your browser address bar today, you’ll be taken to a fresh word processing document hosted on Google Docs, assuming you’re logged in to Google.
The same goes for domains such as spreadsheet.new, slides.new and a few others.
Looking at the .new zone file, it appears Google has plans to expand the concept beyond Office-style online applications into areas such as email, bug-reporting, support-ticketing, forms, reminders, and web site creation.
These services appear to be live but currently restricted to authorized users.
When Google opens up the .new space to third-party registrants, it’s easy to imagine domains such as tweet.new taking users directly to a Twitter composition page or blog.new immediately opening up a new post on something like WordPress or Medium.
Right now, Google is declining to comment on the specifics of its launch plan, but we can infer some details from its activity in the ICANN world.
I get the impression that the company does not want to be overly prescriptive in how .new domains are used, as long as they adhere to the “action generation or online contention creation” mantra.
Stephanie Duchesneau, Google program manager, told attendees at an ICANN summit this May that .new will be a space “where anyone is able to register, but the domain name has to be used in a certain way”.
While that may eventually be the case, at first Google plans to operated a Limited Registration Period under ICANN rules, during which only hand-vetted registrants will be able to grab domains.
Its recent RSEP request (pdf) asks ICANN permission to deploy an authentication system based on RFC 8495 to handle the LRP roll-out.
To the best of my understanding, RFC 8495 is a newish extension to EPP designed to deal with domain allocation, rather than usage, so it does not appear to be the means by which Google will enforce its policies.
The RSEP says it is Google’s plan to “seed” the gTLD with a bunch of third-party .new domains that adhere to the usage concept it has laid out.
This is due to happen some time in Q1 next year, but Google has not yet filed its TLD startup information with ICANN, so the exact dates are not known.
Under ICANN rules, as far as I can tell an LRP can run more or less indefinitely, so it’s not entirely clear when .new will become available to the general registrant.

Brand-blocking service plotted for porn gTLDs

MMX wants to offer a new service for trademark owners worried about cybersquatting in its four porn-themed gTLDs.
The proposed Adult Block Services would be similar to Donuts’ groundbreaking Domain Protected Marks List and the recent Trademark Sentry offering from .CLUB Domains.
The service would enable big brands to block their marks from registration across all four TLDs for less than the price of individual defensive registrations.
Prices have not been disclosed, but a more-expensive “Plus” version would also allow the blocking of variants such as typos. The registry told ICANN:

The Adult Block Services will be offered as a chance for trademark owners to quickly and easily make labels unavailable for registration in our TLDs. For those trademark owners registering domain names as a defensive measure only, the Adult Block Services offer an easy, definitive, and cost-effective method for achieving their goals by offering at-a-stroke protection for TLDs included in the program. The Adult Block Services are similar to the Donuts’ DPML, Uniregistry’s EP and EP Plus and the .Club UNBS and should be immediately understood and accepted by the trademark community.
The Adult Block will allow trademark owners to block unregistered labels in our TLDs that directly match their trademarks. The Adult Block Plus will allow trademark owners to block unregistered, confusingly similar variations of their trademarks in our TLDs.

It seems more akin to DPML, and Uniregistry’s recently launched clone, than to .CLUB’s forthcoming single-TLD offering.
The Registry Service Evaluation Process request was filed by ICM Registry, which was acquired by MMX last year.
It only covers the four porn gTLDs that ICM originally ran, and not any of the other 22 gTLDs managed by MMX (aka Minds + Machines).
This will certainly make the service appear less attractive to the IP community than something like DPML, which covers Donuts stable of 242 TLDs.
While there’s no public data about how successful blocking services have been, anecdotally I’m told they’re quite popular.
What we do have data on is how popular the ICM gTLDs have been in sunrise periods, where trademark owners showed up in higher-than-usual numbers to defensively register their marks.
.porn, .adult and .sex garnered about 2,000 sunrise regs each, more than 20 times the average for a new gTLD, making them three of the top four most-subscribed sunrise periods.
Almost one in five of the currently registered domains in each of these TLDs is likely to be a sunrise defensive.
Now that sunrise is long gone, there may be an appetite in the trademark community for less-expensive blocks.
But there have been calls for the industry to unify and offer blocking services to cover all gTLDs.
The brand-protection registrar Com Laude recently wrote:

What brands really need is for registry operators to come together and offer a universal, truly global block that applies across all the open registries and at a reasonable price that a trademark owner with multiple brands can afford.

Quite how that would happen across over 1,200 gTLDs is a bit of a mystery, unless ICANN forced such a service upon them.