Latest news of the domain name industry

Recent Posts

Russia blames DNSSEC, not Ukraine, for internet downtime

Kevin Murphy, January 31, 2024, Domain Registries

Another ccTLD has blamed DNSSEC after seeing hours of downtime affecting its country’s biggest web services yesterday.

This time it’s Russia’s ccTLD.ru, which confirmed today that it was responsible for the widely reported outages on Tuesday, which had sparked speculation that a cyber-attack related to the war in Ukraine might be the culprit.

It was rather a DNSSEC failure that affected both .ru and the Cyrillic .рф domains, the registry said. It was related to a cryptograpghic key rollover, the registry indicated.

“After the failure was detected, the updated keys were revoked, and the functionality of the .RU zone was fully restored, which took about two hours, including the distribution of data through the DNS system,” the registry said on its web site.

“The investigation into the incident is currently ongoing, but it is already clear that the main cause of the failure was the imperfection of the software used to create the encryption keys,” it added.

The explanation was echoed by Russian government officials on social media, and it’s sadly rather plausible. DNSSEC failures at ccTLDs, and to a lesser extent gTLDs, usually related to fluffed key rollovers, are rather common.

There have been similar outages reported in the last few years in Australia (twice), Namibia, Fiji, and Sweden. And those are just the ones reported on this blog. People who track this kind of thing more closely have recorded hundreds of incidents.

.ru domains fly off the shelf as Western sanctions bite

Kevin Murphy, January 25, 2024, Domain Registries

Russia’s ccTLD has posted very impressive growth in registrations for 2023, attributable largely to sanctions related to the country’s invasion of Ukraine.

ccTLD.ru, the registry for .ru and .рф, reported that it ended 2023 with 5,439,137 .ru domains, an increase of 506,024 or 10.3% over the year. It said 85% of the names were registered by Russians.

It said 1,709,718 new domains were registered in .ru, with over 200,000 being registered per month by December.

For comparison with fellow top-10 ccTLDs, Germany’s .de grew by 201,000 names last year, and Brazil’s .br grew by 220,000. The UK’s .uk shrank and the Netherlands’ .nl was basically flat.

In the smaller Cyrllic .рф, the growth rate was even greater — 13.7%, with 768,883 domains in total at the end of the year, up 92,769 names, the registry said.

Despite the rapid growth, .ru is still a bit off its 2017 peak of around 5.53 million domains, according to my database.

In a press release, ccTLD.ru director Andrey Vorobyev admitted that one of the “main drivers” of the growth were Russians transferring their sites to Russia “under the pressure of sanctions”.

After Russia launched its full-scale invasion of Ukraine in 2022, many domain registries and registrars in the West unilaterally decided to stop doing business with Russian citizens and organizations, despite US government sanctions specifically not applying to domains.

GoDaddy cut off Russians and .ru while Namecheap, which has many support staff in Ukraine, cut off Russian customers and continues to prominently fund-raise for Ukraine on its storefront. Other companies announcing boycotts included 101domain, IONOS and Nominet.

Ukraine’s ccTLD, .ua, has fared less well during the crisis. Its total domain count shrank by about 77,000 to 514,000 in 2023, according to my database. The local registry, Hostmaster, had frozen deletions for a period to give people who had been displaced or mobilized more time to renew, but started releasing those domains last year.

Hostmaster has reported adoption of certain third-level geographic .ua domains that use Latin transliterations of Ukrainian place names, rather than Russian — .kyiv.ua versus .kiev.ua for example — as citizens seek to “de-Russify” their holdings.

Russia cuts off ICANN funding after pro-Ukraine stance

Kevin Murphy, October 4, 2023, Domain Policy

Russia did not pay its usual annual tribute to ICANN in the Org’s fiscal 2023, newly published funding data reveals.

Coordination Center for TLD RU usually funnels $50,000 a year into ICANN’s budget, but that was reduced to nothing in the year to June 30, 2023, according to ICANN’s FY23 annual report, published today.

While it could of course be a coincidence, I rather suspect it’s retaliation for ICANN’s overt support for Ukraine following Russia’s invasion last year.

ccTLD.ru counts the Russian Ministry of Communications and Mass Media as one of its “founding members”.

ICANN donated $1 million to the Emergency Telecommunications Cluster, a relief organization, to support Ukrainians affected by the war, and gave the Ukrainian government a platform to denounce the war at a public meeting.

Later last year, ICANN also lobbied against the Russian candidate for ITU secretary general.

The .ru registry was not the only ccTLD operator to slash funding in FY23.

Belgium already said it would cut its donation from $75,000 to $25,000 in protest at “mission creep” and perceived failures to deal with privacy regulations, and the annual report shows it made good on its threat.

But it seems to have been joined by the Netherlands and Denmark, which cut their contributions respectively by $45,000 to $180,000 and by $30,800 to $30,000. Slovenia halved its donation to $5,000.

Overall, ccTLD contributions were down $176,535 to $2,214,240.

ICANN’s bean-counters probably won’t be losing any sleep over the decline; the Org’s overall funding was $150 million in the year.

101domain throttles its business in Russia

Kevin Murphy, March 11, 2022, Domain Registrars

101domain has become the latest registrar to say it is limiting its business in Russia in response to the invasion of Ukraine.

The company, owned by Altanovo Domains, said today it is suspending all new accounts, orders and inbound domain transfers for customers located in Russia.

It will also no longer sell or accept transfers for domains in Russian-linked TLDs .ru (including third-level names), .рф (.xn--p1ai), .МОСКВА (.xn--80adxhks), .рус (.xn--p1acf), .дети (.xn--d1acj3b), .su, and .tatar.

“We will continue to process renewals of existing services for the time being, however this may change at any time and without notice,” the company said.

101domain follows fellow registrars Namecheap, IONOS, and GoDaddy in announcing what effectively amount to commercial sanctions against Russia.

Industry bodies CENTR and ICANN, along with ccTLD registry Nominet, have also committed to concrete actions to sanction Russia and/or support Ukraine.

Soviet Union “no longer considered eligible for a ccTLD”, ICANN chair confirms

Kevin Murphy, March 11, 2022, Domain Policy

The former Soviet Union’s .su domain could soon embark along the years-long path to getting kicked off the internet, ICANN’s chair has indicated.

The .su ccTLD, which survived the death of the USSR thirty years ago “is no longer considered eligible for a ccTLD”, Martin Botterman said in response to a question by yours truly at the ICANN 73 Public Forum yesterday.

It seems ICANN will no longer turn a blind eye to .su’s continued existence, and that the policy enabling ccTLDs to be “retired” could be invoked in this case, after it is finalized.

The question I asked, per the transcript, was:

While it is generally accepted that ICANN is not in the business of deciding what is or is not a country, do you agree that the Soviet Union does not meet the objective criteria for ccTLD eligibility? And would you support dot SU entering the ccTLD retirement process as and when that process is approved?

I went into a lot of the background of .su in a post a couple weeks ago, and I’m not going to rehash it all here.

I wasn’t expecting much of a response from ICANN yesterday. Arguments over contested ccTLDs, which usually involve governments, are one of the things ICANN is almost always pretty secretive about.

So I was pleasantly surprised that Botterman, while he may have dodged a direct answer to the second part of the question, answered the first part with pretty much no equivocation. He said, per the recording:

It is correct that the Soviet Union is no longer assigned in the ISO 3166-1 standard and therefore is no longer considered eligible for a ccTLD.

ICANN Org has actually held discussions with the managers of the .su domain in the past to arrange an orderly retirement of the domain, and the ccNSO asked ICANN Org starting in 2010 and reiterated in 2017 to pause its efforts to retire the domain so that the Policy Development Process could be conducted. And that is a request we have honored.

So we’re glad to report that the ccNSO recently concluded that Policy Development Process and sent its policy recommendations to the ICANN board.

We will soon evaluate the ccNSO policy recommendations, and we will do so in line with the bylaws process.

It looked and sounded very much like he was reading these words from his screen, rather than riffing off-the-cuff, suggesting the answer had been prepared in advance.

I wasn’t able to attend the forum live, and I’d submitted the question via email to the ICANN session moderator a few hours in advance, giving plenty of time for Botterman or somebody else at ICANN to prepare a response.

The ccNSO policy referred to (pdf), which has yet to be approved by the ICANN board, creates a process for the removal of a ccTLD from the DNS root in scenarios such as the associated country ceasing to exist.

It’s creatively ambiguous — deliberately so, in my view — when it comes to .su’s unique circumstances, presenting at least two hurdles to its retirement.

First, the Soviet Union stopped being an officially recognized country in the early 1990s, long before this policy, and even ICANN itself, existed.

Second, the .su manager, ROSNIIROS, is not a member of the ccNSO and its debatable whether ICANN policies even apply to it.

In both of these policy stress tests, the ccNSO deferred to ICANN, arguably giving it substantial leeway on whether and how to apply the policy to .su.

I think it would be a damn shame if the Org didn’t at least try.

While it’s widely accepted that ICANN made the correct call by declining to remove Russia’s .ru from the root, allowing .su to continue to exist when it is acknowledged to no longer be eligible for ccTLD status, and the policy tools exist to remove it, could increasingly look like an embarrassing endorsement in light of Russian hostilities in former Soviet states.

Now Sedo pulls the plug on Russians

Kevin Murphy, March 9, 2022, Domain Services

Secondary market player Sedo has become the latest domain name company to stop dealing with Russians and Russian domains.

The company sent an email to its customers today saying that it has “suspended trading and parking” for .ru domains and domains in Belarus’ .by ccTLD.

It said it can no longer serve customers in Russia or Belarus and has “temporarily deactivated” their accounts.

It’s not clear whether the move is motivated by Sedo taking a principled stance against the war in Ukraine, or necessitated by the company’s inability to process cross-border payments due to international sanctions.

“Sedo disapproves of any kind of hate and violence, as well as anything that radically contradicts our corporate values,” the company said. “Therefore, for the sake of the civilians involved, we hope for an early resolution of this conflict.”

Sedo is part of the United-Internet group. Its sister company, IONOS, announced it was working on kicking out Russian customers last week.

ICANN says NO to Ukraine’s Big Ask

Kevin Murphy, March 3, 2022, Domain Policy

“ICANN has been built to ensure that the Internet works, not for its coordination role to be used to stop it from working.”

That’s ICANN’s response to Ukraine, which earlier this week asked for Russia to lose its top-level domains and IP addresses, to help prevent propaganda supporting its invasion of the country.

The request was arguably based on a misunderstanding of the extent of ICANN’s powers, and CEO Göran Marby says as much in his response last night (pdf) to Ukraine’s deputy prime minister Mykhailo Fedorov:

In our role as the technical coordinator of unique identifiers for the Internet, we take actions to ensure that the workings of the Internet are not politicized, and we have no sanction-levying authority

He goes on to warn about the “devastating and permanent effects” of ICANN suddenly deciding to take unilateral action against .ru, .рф and .su:

For country-code top-level domains, our work predominantly involves validating requests that come from authorized parties within the respective country or territory. The globally agreed policies do not provide for ICANN to take unilateral action to disconnect these domains as you request. You can understand why such a system cannot operate based on requests from one territory or country concerning internal operations within another territory or country. Such a change in the process would have devastating and permanent effects on the trust and utility of this global system.

He concludes:

Within our mission, we maintain neutrality and act in support of the global Internet. Our mission does not extend to taking punitive actions, issuing sanctions, or restricting access against segments of the Internet — regardless of the provocations. ICANN applies its policies consistently and in alignment with documented processes. To make unilateral changes would erode trust in the multistakeholder model and the policies designed to sustain global Internet interoperability.

The response is expected, and I believe broadly, if not unanimously, supported in the ICANN community.

In a line I wish I’d written, the Internet Society’s CEO Andrew Sullivan put it pretty succinctly in a blog post yesterday:

The idea of unplugging a country is as wrong when people want to do it to another country as it is when governments want to do it to their own.

And Sébastien Bachollet, chair of ICANN stakeholder group EURALO, insisted (pdf) that “the Internet must remain intact”.

RIPE NCC, which had been asked to revoke IP addresses supplied to Russian organizations, wrote that it “believes that the means to communicate should not be affected by domestic political disputes, international conflicts or war.”

ICANN may take a short-term PR hit in the wider world, which includes people who have a misunderstanding of how powerful ICANN is and how tenuous its grasp on the powers it does have.

While .ru appears to be safe, there’s nothing I read in Marby’s letter that would preclude it from initiating retirement proceedings against .su, when the proper policies have been approved.

CENTR kicks out Russia

Kevin Murphy, March 1, 2022, Domain Policy

CENTR, the association of European domain registries, has kicked out the Russian ccTLD operator due to the war in Ukraine.

In a brief statement today, the organization said:

The CENTR Board is following Russian military actions in Ukraine with concern and strongly condemns the violation of international law and Ukraine’s territorial integrity. Ukraine’s national TLD registry is a member of CENTR and we stand with Ukrainians in their efforts to resist Russia’s invasion. We hope for a swift and peaceful resolution of the conflict, and will continue to offer support and help to our Ukrainian colleagues.

Knowledge and information sharing are key to CENTR’s mission, and the CENTR Board needs to safeguard trust within the CENTR community. The Board has therefore decided to suspend the membership of the Coordination Center for TLD RU/РФ, effective immediately. The Board would like to underline that this is in no way targeted at our Russian colleagues. This suspension will be assessed by the CENTR General Assembly at their meeting in March.

I’m not sure the move will have much of an impact on the Coordination Center, but it’s a strong gesture of solidarity with the people of Ukraine, and the latest response from the domain industry to Russia’s insane war.

Ukraine asks ICANN to turn off Russia’s internet, but it’s a bad idea

Kevin Murphy, March 1, 2022, Domain Policy

Ukraine has asked ICANN to take down Russia’s top-level domains.

Andrii Nabok, the Ukrainian official on ICANN’s Governmental Advisory Committee made the request, asking the Org to “Revoke, permanently or temporarily, the domains .ru, .рф and .su” in a widely circulated email last night.

He also asked for DNS root servers in Moscow and St Petersburg to be shut down, and said he’s written to RIPE NCC to request IP addresses issued to Russian organizations to be withdrawn.

The request came on the fifth day of the Russian invasion, amid widespread, swingeing international sanctions targeting the Russian economy and high net worth individuals.

Accusing Russia of “war crimes”, Nabok wrote:

These atrocious crimes have been made possible mainly due to the Russian propaganda machinery using websites continuously spreading disinformation, hate speech, promoting violence and hiding the truth regarding the war in Ukraine. Ukrainian IT infrastructure has undergone numerous attacks from the Russian side impeding citizens’ and government’s ability to communicate.

Moreover, it’s becoming clear that this aggression could spread much further around the globe as the Russian Federation puts the nuclear deterrent on “special alert” and threatens both Sweden and Finland with “military and political consequences” if these states join NATO. Such developments are unacceptable in the civilized, peaceful world, in the XXI century.

Reaction in the community has been more mixed than I would have expected, but I think on balance more people are saying that turning off .ru et al would be a terrible idea, and I’m basically with that majority.

While there’s no doubt that Russia is spreading a lot of misinformation, I’m not sure there’s a direct, clear, demonstrable causal link between propaganda published on .ru domains and the missiles currently raining down on Kyiv that could be remedied by deleting a few lines from a database.

I’ve no doubt ICANN now has a painful decision to make, but I don’t think ICANN is the place to achieve this kind of goal and I think ICANN agrees with me.

We don’t want those clowns deciding what can and can’t be published on the internet, trust me.

Not even in the extraordinary circumstances we find ourselves in today.

ICANN is not competent enough, smart enough, or ethical enough to have that kind of power.

It is smart enough to accept its own limitations, however, and it has a strong enough sense of self-preservation to know that to accept Ukraine’s demands would be to sign its own death warrant.

ICANN only has power, and its execs only pull in the big salaries, because it has the consensus support of the internet community.

For 20 years outsiders, such as the ITU and more lately blockchain projects, have sought to chip away at that consensus and replace the multistakeholder model with multilateralism or crypto-based wish-thinking.

Turning off a nation’s TLD would play exactly into the narrative that DNS oversight is dangerously centralized, dangerously Americanized, and ripe for replacement.

That could not only lead to the death of ICANN but also the death of the open, interoperable, international internet.

As much as I support sanctions against Russia, and have nothing but respect and admiration for the people of Ukraine, I fear this is an ask too far.

Maybe now’s the time for ICANN to start dismantling the Soviet Union

Kevin Murphy, February 25, 2022, Domain Policy

Like I’m sure a great many of you, I spent much of yesterday listening to the news and doom-scrolling social media in despair, anger and helplessness.

War has returned to Europe, with Vladimir Putin’s Russia yesterday invading Ukraine on a flimsy pretext, in an apparent effort to begin to recreate the former Soviet Union.

I watched r/ukraine on Reddit, as its number of subscribers increased by tens of thousands in a matter of hours, with people from all over the world wondering what they could do to help, from volunteering to literally take up arms to hollow if well-meaning virtue-signalling.

Can I volunteer for the Ukrainian army? I live in Japan and can’t speak the language, does that matter?

If any Ukrainians can make it to Ottawa, I have a spare couch for as long as you need it!

Here’s a guide to how I survived the snipers in Sarajevo!

Here’s a yellow-and-blue banner I made that you can use on your Twitter!

Slava Ukraini!

It got me thinking: is there anything the domain industry or ICANN community can do? Is there anything I can do?

The only thing I could think of was to run this idea up the flagpole and see if anyone sets fire to it:

Maybe now’s the time for ICANN to start dismantling the Soviet Union.

It may sound ludicrous. The Soviet Union hasn’t existed outside Putin’s fantasies since 1991.

But it’s alive and well in the DNS, where the top-level domain .su has somehow managed to survive the death of its nation, evade any efforts to have it removed, and stick around in the root for over 30 years.

It currently has over 100,000 registered domains.

I’m not suggesting for a second that all of these domains were registered by people who support the return of the USSR, or are even aware of the connection, but it is the ccTLD of choice for sites like this gung-ho propaganda rag, and the Donetsk People’s Republic, the breakaway Ukrainian region.

Whenever I’ve asked people with better in-depth knowledge of ccTLD policy than me for an explanation of why .su continues to exist, despite not having a nation to represent, I generally get a lot of hand-waving and mumbling about a “lack of political will”.

Maybe there’s a political will now, if not at ICANN Org then perhaps in the ICANN community.

My understanding, based on a deep-dive through the public record, is that it might be possible to have .su deleted — the word ICANN uses is “retired” — but the rules are arguably open to interpretation.

A bit of background first

ICANN’s rules concerning ccTLDs are a bit like the UK constitution — they’re not written down in any one document, but have rather evolved over the years through a combination of habit, convention, case law and pure making-it-up-on-the-spot.

ICANN, and IANA before it, “is not in the business of deciding what is and what is not a country”. It has always deferred to the International Organization for Standardization, which maintains a list of names and corresponding country-codes called ISO 3166-1.

If a country or territory appears on the 3166-1 list, its corresponding “alpha-2” code is eligible to become a ccTLD.

SU was listed on 3166-1, the same as any other country, until September 1992, when it was broken up into 15 names and codes corresponding to the 15 former Soviet nations. Russia got RU and Ukraine got UA, for examples, and their ccTLDs are .ru and .ua.

SU was then given a “transitionally reserved” status by the ISO, which basically means it’s due to be phased off the list altogether (albeit not for 50 years) and organizations are discouraged from using it.

In corresponding ccTLDs, every string on the “transitionally reserved” list has either transitioned to a new ccTLD (such as East Timor’s .tp becoming Timor-Leste’s .tl) or split into a collection of new ccTLDs (such as the break-up of the Netherlands Antilles).

Since ICANN took over the root, these and other transitions typically happen with the consent of the local government and the local registry. But the Soviet Union dissolved long before ICANN existed, it doesn’t have a government, and the registry is in no hurry to give up its asset, which is a bit of a money maker.

ICANN stated its intention to retire .su as early as 2003, and the earliest archived IANA record, from 2006, said it was “being phased out”.

It launched a brief consultation on the retirement of ccTLDs in 2006, which prompted a flood of comments from outraged .su supporters.

The following year, there were face-to-face talks between ICANN and the two Moscow companies running .su at the time — the Foundation for Internet Development (FID) and Russian Institute for Public Networks (RIPN).

IANA’s Kim Davies, who now heads the division as an ICANN VP, blogged in 2007, partly in response to these comments, that .su had a chance to remain delegated:

To retain .SU, under current policy they would need to successfully apply for the code to be re-instated into the ISO 3166-1 standard, either as a regular two-letter country code, or as an “exceptionally reserved” code like UK and EU.

The “exceptionally reserved” list is another subdivision of ISO 3166-1. It currently includes four codes that are also ccTLDs — .ac for Ascension Island, a UK territory, .uk itself, and the European Union’s .eu.

The fourth is .su, because FID somehow managed to persuade the ISO 3166 Maintenance Agency to get SU on the list, reversing its 50-year sentence on the transitional list, in 2008. It appears to be the only example of a private, non-governmental, non-UN entity requesting and obtaining a special listing.

There’s been very little public discussion about .su’s fate since then. My suspicion is that it fell off the radar when ICANN CEO Paul Twomey, who made ccTLD relations a cornerstone of his administration, left the Org in 2009.

Or it could be that that the “exceptionally reserved” status was enough to satisfy IANA’s eligibility criteria. But there are several reasons why that might not be the case.

In Davies’ 2007 blog, post he said: “There are other issues that will need to be addressed for .SU to be a viable ccTLD designation, but recognition by the appropriate standard is a prerequisite.”

IANA currently has a web page in which it lays out seven ways a TLD can get into the root. This is what it says about exceptionally reserved strings:

Eligible under ICANN Board Resolution 00.74. This resolution provides for eligibility for domains that are not on the ISO 3166-1 standard, but that the Maintenance Agency deems exceptionally reserved, and requires that the Agency “has issued a reservation of the code that covers any application of ISO 3166-1 that needs a coded representation in the name of the country, territory, or area involved”. There is currently (as of June 2013) only one code eligible under these requirements, “EU” for the European Union.

The cited ICANN board resolution, now incorporated into IANA precedential law, dates from September 2000. It’s the resolution that hacked historical IANA practice in order to set the groundwork for eventually levering .eu into the root.

But the relevant part here is where IANA explicitly rules out any exceptionally reserved string other than EU meeting the requirements to be a ccTLD as of 2013. SU’s ISO 3166-1 status has not changed since 2008.

RIPN and FID explicitly acknowledged this in a joint letter (pdf) to ICANN then-CEO Paul Twomey in 2007. In it, they wrote:

we understand that should ISO-3166/MA add the two letter code “SU” to the exceptionally reserved or indeterminately reserved ISO3166-1 list will not be sufficient to clarify the status of .SU as current ICANN/IANA policies require a venue in which legality of actions can be determined.

To paraphrase: being on the list ain’t no good if you got no country.

They said that if ICANN went ahead and retired .su anyway, they would like 10 to 15 years to transition their registrants to alternative TLDs.

Which handily brings me to now

There has never been a formal community-agreed ICANN policy on retiring ccTLDs, until now.

By happy coincidence, the ccTLD Name Supporting Organization recently finished work on such a policy. It came out of public comment a few weeks ago and will next (I was going to write “soon”, but you know?) come before the ICANN board of directors for consideration.

The proposed policy (pdf) conspicuously avoids mentioning .su by name and seems to go out of its way to kick the can on .su’s potential retirement.

The silence is deafening, and the ambiguity is claustrophobic.

It defines ccTLDs as:

  • 2-letter ccTLDs corresponding to an ISO 3166-1 Alpha-2 Code Element (the majority of ccTLDs).
  • 2-letter Latin ccTLDs not corresponding to an ISO 3166-1 Alpha-2 Code Element
  • IDN ccTLDs as approved by ICANN

The second bullet point is accompanied by a footnote that explains it’s referring to the “exceptionally reserved” codes UK, AC and EU, three of the four ccTLDs on the ISO’s exceptional list.

The ccTLDs .uk and .ac which refer to exceptionally reserved codes UK and AC are grandfathered as ccTLDs and .eu, which corresponds to the exceptionally reserved code EU, was delegated under the relevant ICANN Board resolution from September 2000

There’s no mention of SU, the fourth.

Under the proposed policy, the ball would start rolling on a possible retirement whenever a “triggering event” happens. The relevant trigger for .su (and .uk, .eu and .ac) is the ISO making a change — seemingly any change — to its 3166-1 listing.

IANA, referred to in the policy as the IANA Functions Operator or IFO, would then have to decide whether the change warranted initiating the retirement process, which would take at least five years.

As is so often the case in ICANN policy-making, the difficult decisions seem to have been punted.

Only one ccTLD operator filed a public comment on this proposed policy — it was RIPN, operator of .su. While generally supportive, it worried aloud that triggering events prior to the approval of the policy should not count. Its triggering events were in 2008 and the 1990s, after all.

The policy’s creators again ambiguously kicked the can:

The [Working Group] believes the applicability of the Policy to existing situations or those emerging before the proposed Policy becomes effective is out of scope of its mandate. For situations prior to this Policy coming into force, responsibility lies with the IFO to create a suitable procedure. The WG suggests that such a procedure could be based on and anticipates the proposed Policy.

So… does ICANN get to apply the policy retroactively or not?

My overall sense is that the .su situation, which the record shows was certainly on the minds of the ccNSO during the early stages of the policy-development process, was considered too difficult to address, so they took the ostrich approach of pretending it doesn’t exist.

The .su registry seems to think it’s safe from enforced retirement, but it doesn’t seem to be absolutely sure.

In conclusion

I think the record shows that .su doesn’t really deserve to exist in the DNS, and that there’s an opportunity to get rid of it. ccTLDs are for countries and territories that exist and the Soviet Union hasn’t existed for three decades.

IANA rules don’t seem to support its existence, and upcoming policy changes seem to give enough wiggle room for the retirement process to be kicked off, if the will is there to do so.

It would take years, sure.

Would it help stop innocent Ukrainians getting gunned down in the street this week? No.

Would it be more than simple virtue signalling? I think so.

And if not, why not just do it anyway?

In a world where an organization like UEFA considers Russia too toxic for poxy football match, what would it say about an organization that allows the actual Soviet Union’s domain to continue to exist online?