Latest news of the domain name industry

Recent Posts

Gandi says it supports Ukraine but WON’T cut off Russians

Gandi has become the latest large registrar to issue a statement about the war in Ukraine, saying that while it deplores the violence it won’t be disconnecting Russian customers.

CEO Stephan Ramoin wrote that Gandi “condemns” the invasion and is “working on supporting Ukraine, according to the suggestions of our Ukrainian tech colleagues”, adding:

The internet is about including all humanity and working toward a greater goal, giving every human being a voice and a clear vision of the world, not excluding and antagonizing one group of people against another. That’s why we want to support the people of Russia and Belarus expressing their disagreement with this war. We don’t need to escalate, war is not the answer.

Cutting off Russians and Belarusians would only encourage the creation of different closed worlds and digital networks. We have chosen to hold out our hand to these people. We are not at war with them. Only their leaders, and their madness, need to be stopped. We will of course react quickly against war propaganda of any kind.

The statement follows those coming from Namecheap and IONOS, which have both this week announced their intentions to remove most Russian and Belarusian customers.

Based in Paris, Gandi is one of the oldest registrars and has over 1.3 million gTLD domains under management.

Now IONOS kicks out Russian customers

IONOS has become the second major registrar to say it will turf out its Russian customers in response to the invasion of Ukraine.

The company’s board of directors today issued a statement expressing support for the people of Ukraine and saying:

To support worldwide sanctions on Russia, we are not accepting any new customer contracts from Russia and are also terminating existing relationships with Russian customers. This also applies to business relationships with Russian service providers and suppliers. We are currently reviewing all existing supplier contracts.

The directors said that many of their colleagues come from Ukraine and have family in the region.

It’s not immediately clear whether the ban applies to domain name registrants as well as hosting customers, and what options Russian registrants have been given. An IONOS spokesperson said the details are still being worked out.

Earlier in the week, US-based registrar Namecheap, which has its customer support based in Ukraine, gave its Russian registrants notice to transfer their names elsewhere. It later said it would offer free domains to Russian dissidents.

While a little smaller than Namecheap, IONOS is part of Germany-based United-Internet and, with over five million names, a top-10 registrar in terms of gTLD domains under management.

ICANN says NO to Ukraine’s Big Ask

Kevin Murphy, March 3, 2022, Domain Policy

“ICANN has been built to ensure that the Internet works, not for its coordination role to be used to stop it from working.”

That’s ICANN’s response to Ukraine, which earlier this week asked for Russia to lose its top-level domains and IP addresses, to help prevent propaganda supporting its invasion of the country.

The request was arguably based on a misunderstanding of the extent of ICANN’s powers, and CEO Göran Marby says as much in his response last night (pdf) to Ukraine’s deputy prime minister Mykhailo Fedorov:

In our role as the technical coordinator of unique identifiers for the Internet, we take actions to ensure that the workings of the Internet are not politicized, and we have no sanction-levying authority

He goes on to warn about the “devastating and permanent effects” of ICANN suddenly deciding to take unilateral action against .ru, .рф and .su:

For country-code top-level domains, our work predominantly involves validating requests that come from authorized parties within the respective country or territory. The globally agreed policies do not provide for ICANN to take unilateral action to disconnect these domains as you request. You can understand why such a system cannot operate based on requests from one territory or country concerning internal operations within another territory or country. Such a change in the process would have devastating and permanent effects on the trust and utility of this global system.

He concludes:

Within our mission, we maintain neutrality and act in support of the global Internet. Our mission does not extend to taking punitive actions, issuing sanctions, or restricting access against segments of the Internet — regardless of the provocations. ICANN applies its policies consistently and in alignment with documented processes. To make unilateral changes would erode trust in the multistakeholder model and the policies designed to sustain global Internet interoperability.

The response is expected, and I believe broadly, if not unanimously, supported in the ICANN community.

In a line I wish I’d written, the Internet Society’s CEO Andrew Sullivan put it pretty succinctly in a blog post yesterday:

The idea of unplugging a country is as wrong when people want to do it to another country as it is when governments want to do it to their own.

And Sébastien Bachollet, chair of ICANN stakeholder group EURALO, insisted (pdf) that “the Internet must remain intact”.

RIPE NCC, which had been asked to revoke IP addresses supplied to Russian organizations, wrote that it “believes that the means to communicate should not be affected by domestic political disputes, international conflicts or war.”

ICANN may take a short-term PR hit in the wider world, which includes people who have a misunderstanding of how powerful ICANN is and how tenuous its grasp on the powers it does have.

While .ru appears to be safe, there’s nothing I read in Marby’s letter that would preclude it from initiating retirement proceedings against .su, when the proper policies have been approved.

Namecheap offers free services to Russian dissidents

Namecheap will offer “free anonymous domain registration and free web hosting” to anti-war protest web sites based in Russia or Belarus.

The registrar said in a statement today that the move is in response to imprisoned Russian opposition leader Alexei Navalny’s call for war protests in Russia.

The offer modifies the company’s hard-line position from earlier in the week, in which it banned Russians altogether from its services and gave registrants there a week to get out.

Namecheap’s English-language customer service is based in Ukraine, including in cities under heavy bombardment this week.

Russians interested in the free hosting offer are asked to contact customer service for details.

CENTR kicks out Russia

Kevin Murphy, March 1, 2022, Domain Policy

CENTR, the association of European domain registries, has kicked out the Russian ccTLD operator due to the war in Ukraine.

In a brief statement today, the organization said:

The CENTR Board is following Russian military actions in Ukraine with concern and strongly condemns the violation of international law and Ukraine’s territorial integrity. Ukraine’s national TLD registry is a member of CENTR and we stand with Ukrainians in their efforts to resist Russia’s invasion. We hope for a swift and peaceful resolution of the conflict, and will continue to offer support and help to our Ukrainian colleagues.

Knowledge and information sharing are key to CENTR’s mission, and the CENTR Board needs to safeguard trust within the CENTR community. The Board has therefore decided to suspend the membership of the Coordination Center for TLD RU/РФ, effective immediately. The Board would like to underline that this is in no way targeted at our Russian colleagues. This suspension will be assessed by the CENTR General Assembly at their meeting in March.

I’m not sure the move will have much of an impact on the Coordination Center, but it’s a strong gesture of solidarity with the people of Ukraine, and the latest response from the domain industry to Russia’s insane war.

Ukraine asks ICANN to turn off Russia’s internet, but it’s a bad idea

Kevin Murphy, March 1, 2022, Domain Policy

Ukraine has asked ICANN to take down Russia’s top-level domains.

Andrii Nabok, the Ukrainian official on ICANN’s Governmental Advisory Committee made the request, asking the Org to “Revoke, permanently or temporarily, the domains .ru, .рф and .su” in a widely circulated email last night.

He also asked for DNS root servers in Moscow and St Petersburg to be shut down, and said he’s written to RIPE NCC to request IP addresses issued to Russian organizations to be withdrawn.

The request came on the fifth day of the Russian invasion, amid widespread, swingeing international sanctions targeting the Russian economy and high net worth individuals.

Accusing Russia of “war crimes”, Nabok wrote:

These atrocious crimes have been made possible mainly due to the Russian propaganda machinery using websites continuously spreading disinformation, hate speech, promoting violence and hiding the truth regarding the war in Ukraine. Ukrainian IT infrastructure has undergone numerous attacks from the Russian side impeding citizens’ and government’s ability to communicate.

Moreover, it’s becoming clear that this aggression could spread much further around the globe as the Russian Federation puts the nuclear deterrent on “special alert” and threatens both Sweden and Finland with “military and political consequences” if these states join NATO. Such developments are unacceptable in the civilized, peaceful world, in the XXI century.

Reaction in the community has been more mixed than I would have expected, but I think on balance more people are saying that turning off .ru et al would be a terrible idea, and I’m basically with that majority.

While there’s no doubt that Russia is spreading a lot of misinformation, I’m not sure there’s a direct, clear, demonstrable causal link between propaganda published on .ru domains and the missiles currently raining down on Kyiv that could be remedied by deleting a few lines from a database.

I’ve no doubt ICANN now has a painful decision to make, but I don’t think ICANN is the place to achieve this kind of goal and I think ICANN agrees with me.

We don’t want those clowns deciding what can and can’t be published on the internet, trust me.

Not even in the extraordinary circumstances we find ourselves in today.

ICANN is not competent enough, smart enough, or ethical enough to have that kind of power.

It is smart enough to accept its own limitations, however, and it has a strong enough sense of self-preservation to know that to accept Ukraine’s demands would be to sign its own death warrant.

ICANN only has power, and its execs only pull in the big salaries, because it has the consensus support of the internet community.

For 20 years outsiders, such as the ITU and more lately blockchain projects, have sought to chip away at that consensus and replace the multistakeholder model with multilateralism or crypto-based wish-thinking.

Turning off a nation’s TLD would play exactly into the narrative that DNS oversight is dangerously centralized, dangerously Americanized, and ripe for replacement.

That could not only lead to the death of ICANN but also the death of the open, interoperable, international internet.

As much as I support sanctions against Russia, and have nothing but respect and admiration for the people of Ukraine, I fear this is an ask too far.

Noss pressures bankers, lawyers over Russian oligarch links

Kevin Murphy, February 28, 2022, Domain Registrars

Tucows is putting pressure on its outside bankers, lawyers and accountants to come clean about their relationships with Russian oligarchs.

In a series of tweets on Saturday, CEO Elliot Noss said he’d emailed these longstanding partners to ask them about their policies with regards with regard oligarchs’ “essentially laundered” money.

The implication of course is that Tucows would be unhappy to work with any firms whose policies are found lacking.

Here’s the email, reconstructed from Noss’s tweets.

We are writing today because of the Russian invasion of the Ukraine. We note our longstanding relationship with your firm.

We are asking you, and all of our professionals, about your firm’s policy regarding Russian clients, particularly those associated in any way with the current regime. As we imagine you know, most major Russian businesses are either directly or indirectly controlled or associated with the Russian regime. As you also likely know, the funds these companies and their principals, let’s just call them oligarchs, siphon off of these businesses are essentially laundered with the active support of major law firms, banks and accounting firms.

We do not expect you to respond with a firm policy immediately BUT we do expect you to confirm in writing that you have shared this request with your superiors in a way that will most effectively lead to action and we expect you to manage our expectations as to when we may know of your firm’s position.

If you have any questions or would like to discuss this further, please do not hesitate to reach out.

Respectfully Yours,

Elliot Noss
CEO
Tucows Inc.

ICANN boss warns over existential “threat” from Russia

Kevin Murphy, October 27, 2021, Domain Policy

The Cthulian threat of an intergovernmental takeover of ICANN has reared its head again, but this time a resurgent, interventionist Russia is behind it and ICANN’s CEO is worried.

Speaking at ICANN 72, the Org’s virtual annual general meeting this week, Göran Marby highlighted recent moves by Russia in the UN-backed International Telecommunications Union as a “threat” to ICANN’s existence and the current internet governance status quo in general.

Speaking at a constituency meeting on Monday, Marby said:

We see a threat to the multistakeholder model and ICANN’s role in the Internet ecosystem. And anyone in this call are well aware about this threat: Russia in their attempt to be the next secretary-general of the ITU. Their platform is about having a government running not only ICANN but also the RIRs, the IETF and the root server system.

Marby is referring to two things here: Russia’s month-old policy document calling for the exploration of ways to centralize control over many of the internet’s functions under governments, and its attempt to have one of its former ministers installed as the next head of the ITU at next year’s election.

Secretary-general Houlin Zhao’s second and last four-year term is up next year, and Russia is aggressively promoting its own Rashid Ismailov as his successor. American ITU lifer Doreen Bogdan-Martin is considered the main competition and equally aggressively promoted by the US government.

Marby’s clearly concerned that a Russian secretary-general would give more weight to Russia’s current position on internet governance, which is very much about reducing US influence, doing away with ICANN, and bringing internet infrastructure under intergovernmental control.

At a separate session on Tuesday, Marby referred to this state of affairs as a “threat against the interoperability of the internet, not only ICANN as an institution”.

Such threats from the ITU are certainly nothing new — I’ve been reporting on them for almost as long as I’ve been covering ICANN — but Marby seems to think it’s different this time. He said during the ICANN 72 session:

Some of you would say: oh, we heard that before. But this time I would say it’s a little bit different because I think that some of the positions we see there are more mainstream than they were only five years ago.

Russian-born cybersecurity policy expert Tatiana Tropina concurred, calling Marby’s concerns “very valid” and telling the same ICANN session:

The points Russia makes at the ITU are scary because they can speak to many governments. They are quite moderate — or, rather, midstream — now, but they do refer to issues of power and control.

Russia’s positions were spelled out in a recent ITU policy document, a “risk analysis of the existing internet governance and operational model”.

According to Russia, ICANN poses a risk because it’s based in the US and therefore subject to the US judicial and legislative systems, as well as the Office of Foreign Assets Control, which restricts American companies’ ability to deal with organizations or states deemed to support “terrorism” and is unpopular in the Middle East:

Critical infrastructure operators/ organizations (ICANN, PTI, RIRs, etc.) may be forced to comply with sanctions of a national administration under which jurisdiction they are located. A number of operational organizations performing supranational functions in the Internet governance are registered in the USA, and they must comply with all laws, rules and regulations of the US judicial authorities as well as of the Office of Foreign Assets Control (OFAC)

It also thinks there’s a risk of the current model favoring big business over the public interest, harming “the preservation of national and cultural heritage, identity of the territory and language”, and it points to ICANN’s decision to award the .amazon gTLD to Amazon over the objections of the eight governments of the Amazonia region.

It’s also worried about the hypothetical ability of ICANN to disconnect ccTLDs from the rest of the world, due to its influence over the DNS root server system, perhaps at the demand or request of the US government.

You can download the Russian document, which covers a broader range of issues, from here as a Word file, but be warned: if you’re not using Microsoft software you may not be able to open it. Because interoperability, yeah?

Neustar exec fingered in Trump’s Russian “collusion” probe

Kevin Murphy, October 1, 2021, Domain Registries

A senior former Neustar executive has been outed as a participant in 2016 research that sought to establish nefarious links between then US presidential candidate Donald Trump and the Russian government.

According to a US federal indictment last month, former Neustar senior VP and head of security Rodney Joffe and others used DNS query data collected by the company to help create a “narrative” that Trump’s people had been covertly communicating with Kremlin-connected Alfa Bank.

The indictment claims that they did so despite privately expressing skepticism that the data was conclusive in establishing such ties.

Joffe did this work while under the impression he would be offered a top cybersecurity job in Hilary Clinton’s administration, had she won the 2016 general election, the indictment claims.

Joffe has not been accused of any illegality or wrongdoing — he’s not even named in the indictment — and his lawyer has told the New York Times that the indictment gives an “incomplete and misleading” version of events.

The indictment was returned by a federal grand jury on September 16 against Washington DC lawyer Michael Sussmann, as a result of Special Counsel John Durham’s investigation into the origins of the Trump-Russia “collusion” probe, which ultimately found insufficient evidence of illegality by the former president.

Sussman is charged with lying to the FBI when, in September 2016, he showed up with a bunch of evidence suggesting a connection between Trump and Alfa Bank and claimed to not be working on behalf of any particular client.

In fact, the indictment alleges, he was working on behalf of the Clinton campaign and Joffe, both of whom had retained his services. Lying to the FBI is a crime in the US.

The indictment refers to Joffe as “Technology Executive 1”, but his identity has been confirmed by the NYT and others.

Sussman’s evidence in part comprised DNS data supplied by Joffe and analyzed by himself and other researchers, showing traffic between the domain mail1.trump-email.com and the Russian bank.

At the time, Neustar was a leading provider of domain registry services, but also a significant player in DNS resolution services, giving it access to huge amounts of data about domain queries.

“Tech Executive-1 [Joffe] used his access at multiple organizations to gather and mine public and non-public Internet data regarding Trump and his associates, with the goal of creating a ‘narrative’ regarding the candidate’s ties to Russia,” the indictment claims.

According to the indictment, Joffe had been offered a job in the Clinton administration. He allegedly wrote, shortly after the November 2016 election: “I was tentatively offered the top [cybersecurity] job by the Democrats when it looked like they’d win. I definitely would not take the job under Trump.”

The researchers — which also included employees of the Georgia Institute of Technology, ​Fusion GPS, and Zetalytics, according to the NYT — sought to create a case for a connection between Trump and the Russian government while privately expressing doubts that their conclusions would stand up to third-party scrutiny, the indictment claims.

The suspicions were briefed to the media by Sussman and the Clinton campaign, the indictment says, and widely reported prior to the election.

When the FBI investigated the alleged links, it concluded the suspicious traffic was benign and caused by the activities of a third-party marketing firm, according to reports.

As I said, it is not alleged that Joffe broke the law, and his people say the indictment is, as you might expect from an indictment, one-sided.

Still, it’s a very interesting, and possibly worrying, insight into how companies like Neustar and their employees are able to leverage DNS resolution data for their own private purposes.

The full indictment, which uses pseudonyms for most of the people said to be involved in the research, can be read here (pdf). The New York Times story, which reveals many of these identities, can be read here (paywall).

While Neustar’s registry business was acquired last year by GoDaddy, it appears that Joffe did not make the move and instead stayed with Neustar. His LinkedIn profile showed he “retired” at some point in the last few weeks, after 15 years with the company.

What time is it? For ICANN, even that can be a controversial question

Kevin Murphy, June 21, 2019, Domain Tech

ICANN has found itself involved in a debate about whether Russia’s 2014 annexation of Crimea should be recognized.
It’s not unusual for ICANN to find itself in geopolitical controversies — see .amazon for the most recent example — but this time, it’s not about domain names.
It’s about time zones.
One of the little-known functions ICANN provides via its IANA division is the hosting of the so-called TZ Database, which keeps track of all international time zones, daylight savings time practices, and so on.
The database is referenced by scores of operating systems, web sites, libraries and software development kits. It’s used by MacOS, many major Unix/Linux distributions, Java and PHP.
IANA took over the database in 2011, after the original administrator, David Olson, was hit with a bogus lawsuit from an astrology company.
It’s currently managed by University of California computer scientist Paul Eggert. He’s not an ICANN employee. He’s responsible for making changes to the database, which IANA hosts.
There are no complex layers of policy-making and bureaucracy, just an ICANN-hosted mailing list. it very much harks back to the pre-ICANN/Jon Postel/Just A Guy model of international database administration.
But because time zones are set by the governments of territories, and the ownership of territories is sometimes in dispute, the TZ Database often finds itself involved in political debates.
The latest of these relates to Crimea.
As you will recall, back in 2014 the Russian Federation annexed Crimea — part of Ukraine and formerly part of the Soviet Union.
The United Nations condemned the move as illegal and still refuses to recognize the region as part of Russia. The de facto capital city of Crimea is now Simferopol.
As part of the takeover, Russia switched its new territories over to Moscow Time (MSK), a time zone three hours ahead of UTC that does not observe daylight savings.
The rest of Ukraine continues to use Eastern European Time, which is UTC+2, and Eastern European Summer Time (UTC+3).
This means that in the winter months, Crimea is an hour out of whack with the rest of Ukraine.
Currently, the TZ Database’s entry for Simferpol contains the country code “RU”, instead of “UA”.
This means that if you go to Crimea and try to configure your Unix-based system to the local time, you’ll see an indication in the interface that you’re in Russia, which understandably pisses off Ukrainians and is not in line with what most governments think.
You can check this out on some time zone web sites. The services at time.is and timeanddate.com both refer to Europe/Simferopol as being in Ukraine, while WorldTimeServer says it’s in Russia.
The TZ Database mailing list has recently received a couple of complaints from Ukrainians, including the head of the local cyber police, about this issue.
Serhii Demediuk, head of the Cyberpolice Department of the National Police of Ukraine, wrote in December:

by referring Crimea with the country code “RU”, your organization actually accepts and supports the aggressive actions of the Russian Federation who’s armed forces annexed this part of Ukraine. Such recognition may be considered as a criminal offense by the Ukrainian criminal law and we will be obliged to start formal criminal proceedings

It’s the longstanding principle of the TZ Database administrators that they’re not taking political positions when they assign country-codes to time zones, they’re just trying to be practical.
If somebody shows up for a business meeting in Crimea in December, they don’t want their clock to be an hour behind their local host’s for the sake of political correctness.
But Eggert nevertheless has proposed a patch that he believes may address Ukrainian concerns. It appears to have Simferopol listed as both RU and UA.