Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
ICANN fixes new gTLD portal bugs
ICANN has brought its new gTLD program customer service portal back online after about five days of patching-related downtime.
In a notice posted late last night, ICANN said the delay was due to the wait for a vendor patch. ICANN said:
A recent, proactive review of the CSC system identified potential vulnerabilities. To address these vulnerabilities, the CSC portal was taken offline while vendor-provided patches were applied. There have been no known compromises to any data.
New gTLD applicants will now have to log in to their TLD Application System accounts, which use the Citrix remote terminal software, to use their customer service tools.
Non-applicants will be able to ask customer service questions via email.
The Knowledge Base — essentially a program FAQ — is still offline, but ICANN said it hopes to bring it back up within a few days.
ICANN shuts down new gTLD portal after finding more security bugs
ICANN has closed down part of its new generic top-level domain portal after finding “potential vulnerabilities” that put “confidential applicant information” at risk.
The shutdown — which has been going on for at least 30 hours — affects the Customer Service and Knowledge Base parts of the site, but ICANN said it is so far not aware of any attacks against the system.
While it’s waiting for a patch, ICANN has decided to move the affected areas behind the unpopular Citrix remote terminal software used previously in the TLD Application System.
This notice was posted on the site:
ICANN performs ongoing monitoring and analysis of our systems, including the Customer Service system. As part of this work, we recently identified potential vulnerabilities in the system used for Customer Service and the Knowledge Base (containing new gTLD articles and information).
Patches are being provided to ICANN to address these issues.
In the mean time, given that use of the Customer Service system was recently expanded, and now includes confidential applicant information, the decision was taken to move the system behind Citrix. This will provide for additional security for applicant information.
We are now testing the installation. This should be completed in the next few days. This decision is a proactive measure. There have been no known compromises to the data, attacks or other actions by third parties (other than our own analysis).
Off the top of my head — and I may be under-counting — this is the fifth significant technical glitch to hit the new gTLD program since April.
There was the notorious TAS bug, which took the system offline entirely for six weeks while ICANN fixed a data leakage vulnerability and upgraded its system capacity.
There was the Reveal Day screw-up, during which Arab community members noticed that all the applied-for Arabic gTLDs were broadcast back-to-front in a presentation.
Then ICANN accidentally published the home addresses of many applicants’ officers and directors, something it had promised not to do. This was probably human error and it has since apologized.
Then the “digital archery” batching system was yanked, after it emerged that TAS performance still wasn’t up to the task and that the scoring results were unreliable.
Former new gTLD program director Michael Salazar resigned a month ago; it is widely believed that he was taking the fall for the gTLD system bugs to that point.
While the latest bug appears — so far — to have not compromised any data, some applicants have nevertheless been frustrated by the fact that the customer service portal has been offline for over a day.
Digital archery suspended, surely doomed
ICANN has turned off its unpopular “digital archery” system after new gTLD applicants and independent testing reported “unexpected results”.
As delegates continue to hit the tarmac here in Prague for ICANN 44, at which batching may well be hottest topic in town, digital archery is now surely doomed.
ICANN said in a statement this morning:
The primary reason is that applicants have reported that the timestamp system returns unexpected results depending on circumstances. Independent analysis also confirmed the variances, some as a result of network latency, others as a result of how the timestamp system responds under differing circumstances.
While that’s pretty vague, it could partly refer to the kind of geographic randomness reported by ARI Registry Services, following testing, earlier this week.
It could also refer to the kind of erratic results reported by Top Level Domain Holdings two weeks ago, which were initially dismissed as a minor display-layer error.
TLDH has also claimed that the number of opportunistic third-party digital archery services calibrating their systems against the live site had caused latency spikes.
Several applicants also said earlier this week that the TLD Application System had been inaccessible for long periods, apparently due to a Citrix overloading problem.
Only 20% of applications had so far registered their archery timestamp, according to ICANN, despite the fact that the system was due to close down on June 28.
Make no mistake, this is another technical humiliation for ICANN, one which casts the resignation of new gTLD program director Michael Salazar on Thursday in a new light.
For applicants, ICANN said evaluations were still proceeding according to plan, but that the batching problem is now open for face-to-face community discussion:
The evaluation process will continue to be executed as designed. Independent firms are already performing test evaluations to promote consistent application of evaluation criteria. The time it takes to delegate TLDs will depend on the number and timing of batches
…
The information gathered from community input to date and here in Prague will be weighed by the New gTLD Committee of the Board. The Committee will work to ensure that community sentiment is fully understood and to avoid disruption to the evaluation schedule.
Expect ICANN staff to take a community beating over these latest developments as ICANN 44 kicks off here in Prague.
There’s light support for batching, and even less for digital archery. It’s looking increasingly likely that neither will survive the meeting.
Digital Archery lessons from tonight’s tweet-up
ICANN held a Twitter session tonight during which executives answered questions about the new gTLD program in that notoriously restrictive 140-character format.
Unsurprisingly, in light of the frustration borne out of ongoing delays, most of the questions were about timing.
New gTLD applicants wanted to know when ICANN plans to host its Big Reveal event, when the Digital Archery application batching system will open, and when the batches will be confirmed.
The only specific date applicants were given was May 29, which is when ICANN plans to publish its updated program timetable.
A15: Additional schedule details to be posted by 29 May. – @rodbeckstrom #newgTLD #ICANN #ICANNchat
— ICANN (@ICANN) May 22, 2012
But @ICANN gave away enough information to make a broad estimate about the date digital archery will commence.
First, ICANN confirmed that the Big Reveal will be before its public meeting in Prague kicks off on June 23.
A8: Update on timeline to be published shortly. Target reveal date still before Prague. – @rodbeckstrom #newgTLD #ICANN #ICANNchat
— ICANN (@ICANN) May 22, 2012
ICANN also said that the digital archery process will begin before the reveal day and finish after.
A1: Secondary timestamp (digarchery) scheduled 2 open b4 reveal day & close aftr. Designed for reliability & timeliness #ICANNchat #newgTLD
— ICANN (@ICANN) May 22, 2012
A6: #ICANN will publish batches after the reveal, after the digital archery process is complete. – @rodbeckstrom #ICANNchat #newgTLD
— ICANN (@ICANN) May 22, 2012
The archery window will be open for about three weeks, we learned.
A12: The secondary timestamp process will be open for approx 3 weeks, details later. – @rodbeckstrom #newgTLD #ICANN #ICANNchat
— ICANN (@ICANN) May 22, 2012
We can draw some broad conclusions from this information.
The latest possible date for the Big Reveal, given what ICANN said tonight, is June 22 (the Friday before Prague), so the latest possible date for the digital archery window opening is June 21.
In that case, digital archery would run June 21 – July 12, or thereabouts.
Because the archery can’t start before the applications are all submitted, the earliest window would be May 31 – June 20.
My estimates err towards the lower end. I think we’re looking at archery starting within a week of the application window closing and ending immediately before or during Prague.
If ICANN decides that it wants the archery out of the way before the meeting begins, the window could have to open as early as May 31.
If it wants the window to close post-Prague, we’re looking at it opening around June 11.
TAS reopens after humiliating 40 days
Forty days after it was taken offline for a bug fix, ICANN has reopened its TLD Application System, giving new gTLD applicants a week to finish off their applications.
TAS will now close May 30 at 2359 UTC, which is 1559 in California next Wednesday afternoon.
But applicants are being warned that waiting until the final day “may not provide sufficient time to complete all submission steps before the submission period closes.”
The date of the Big Reveal of applications, which I’m now expecting to come at some point before the Prague meeting at the end of June, is likely to be confirmed in the next day or so.
As well as fixing the bug – a data leakage vulnerability that enabled applicants to see each others’ file names, affecting over 150 users – ICANN has made system performance improvements and cleaned up its HTML preview function, in response to user complaints.
Repairing the vulnerability has cost ICANN “hundreds of thousands of dollars” since TAS was taken offline April 12, chief operating officer Akram Atallah estimated last Thursday.
The fact that the system has reopened half a day ahead of the most recently scheduled deadline – it was due to open at 1900 UTC tonight – is unlikely to win ICANN many plaudits.
If the opinions of the opinionated are any guide, the TAS outage has left ICANN with a severe dent in its already patchy reputation, even among fervent supporters.
Atallah and senior vice president Kurt Pritz came in for a pummeling during an ICANN summit attended by registrars and registries, many of them gTLD applicants, late last week.
Several outspoken long-time community members made it clear that their confidence in ICANN’s ability to hit deadlines is at an all-time low.
Expectations of professionalism have increased, as AusRegistry CEO Adrian Kinderis told Atallah, now that ICANN has $350 million of applicant cash in its bank account.
The bug itself may have been as unavoidable and understandable as any bug in new software, but ICANN’s tardiness resolving the problem has left applicant trust in many cases shattered.
ICANN not done with TAS bug analysis
Despite sending out hundreds of notifications to new gTLD applicants today, it looks rather like ICANN’s analysis of the TLD Application System bug is not yet complete.
(MAY 10 UPDATE — in a statement today, ICANN provided significantly more information about the notification process, rendering much of the speculation originally in this post moot. Read it here.)
TAS to reopen May 22. Big Reveal on for Prague?
ICANN’s bug-plagued TLD Application System will reopen on May 22 and close on May 30, according to a statement just issued by chief operating officer Akram Atallah.
The dates, which are only “targets”, strongly suggest that that the Big Reveal of all new gTLD applications is going to happen during the public meeting in Prague in late June.
If ICANN still needs two weeks to collate its application data before the reveal, we’re looking at June 14, or thereabouts, as the earliest possible reveal date.
But that’s just ten days before ICANN 44 officially kicks off, and I think it’s pretty unlikely ICANN will want to be distracted by a special one-off event while it’s busy preparing for Prague.
For the Big Reveal, my money is on June 25.
Atallah also said this morning that all new gTLD applicants have now been notified whether they were affected by the TAS bug, meaning ICANN has “met our commitment to provide notice to all users on or before 8 May”.
That said, some applicants I spoke to this morning, hours after it was already May 9 in California, said they had not received the promised notifications. But who’s counting?
The results of ICANN’s analysis of the bug appear to show that no nefarious activity was going on.
“We have seen no evidence that any TAS user intentionally did anything wrong in order to be able to see other users’ information,” Atallah said.
ICANN has also discovered another affected TAS user, in addition to the 50 already disclosed, according to Atallah’s statement.
ICANN affirms full refunds for pissed-off gTLD applicants, silent on new CEO
ICANN’s board of directors has approved full refunds for any new gTLD applicant that asks for one – something that the organization has already been offering for over a month.
At its two-day retreat in Amsterdam this weekend, the board’s New gTLD Program Committee resolved:
to offer to applicants a full refund of the New gTLD Application fee actually paid to ICANN if the applicant wishes to withdraw its application prior to the date that ICANN publicly posts the identification of all TLD applications.
The date of the Big Reveal, when the names of every applicant and every applied-for gTLD will be publicly posted and the refunds will no longer be available, has not yet been set.
While the resolution refers to the TLD Application System data leakage bug, the refund does not appear to be restricted to directly affected applicants. Anyone can claim it.
However, as regular DI readers know, ICANN had been offering full refunds to applicants that withdraw before the Big Reveal for weeks before the TAS bug emerged.
ICANN customer services reps told DI and at least one gTLD applicant in March that: “Applications withdrawn prior to the posting of the applied-for strings are qualified for a $180000 refund”.
ICANN said in a statement today:
We recognize that this represents an increase of only US $5000 over the refund that withdrawing applicants would otherwise receive, but we believe it is an important part of fulfilling our commitment to treat applicants fairly.
Under the terms of the Applicant Guidebook, the maximum refund available after the Reveal is $148,000.
In other news from Amsterdam…
The ICANN board has decided to let director Thomas Narten join the New gTLD Program Committee, which comprises all of the board members without new gTLD conflicts of interest.
Narten had been barred from the recently formed committee because he worked for IBM, which planned to apply for one or more new gTLDs.
But the board said he has now “mitigated the previously-identified conflict of interest with respect to the New gTLD Program”, so he gets to join the committee as a non-voting liaison.
It’s not clear from the weekend’s resolution why Narten is no longer conflicted. Two obvious possibilities spring to mind.
There was no news from Amsterdam on ICANN’s CEO hunt.
Incumbent Rod Beckstrom intends to “hand the baton” to his successor at the Prague meeting in late June, and the board already has a favored candidate lined up to replace him.
I understand that this candidate did attend the Amsterdam board retreat, albeit under a veil of secrecy lest his or her identity leak out before official confirmation.
But I also understand that the board has decided to move super-cautiously on the CEO decision, in order to avoid repeating the mistakes of the past.
ICANN expects up to 2,305 new gTLD applications
After months of speculation, ICANN has finally revealed how many new generic top-level domain applications it expects to receive.
The lowest amount appears to be 2,091.
That’s the number of applications in the TLD Application System when it was taken offline due to the data leakage bug on April 12, ICANN said.
Another 214 applications had been registered but not yet paid for.
That’s a potential total of 2,305 applications.
ICANN has $350 million in application fees in the bank as a result.
How many of the unpaid bids convert to full applications will be key in deciding how many evaluation batches the first gTLD round will have.
Closer to 2,091, and it’s likely to be four batches. Closer to 2,305, and we may see a fifth batch.
With Initial Evaluation expected to take five months per batch, with a possible 11 months after that for the final Extended Evaluations and string contention resolution, it could be June 2015 before the first new gTLD round is completely processed.
It remains to be seen how many unique strings have been applied for, and how many applications will be successful, but with ICANN only planning to delegate 200 to 300 new gTLDs per year, the first round is likely going to last a loooong time.
TAS bug hit over 100 new gTLD applicants
It just keeps getting worse.
ICANN’s TLD Application System security bug could have revealed file names belonging to 105 new gTLD applicants to 50 other applicants on 451 occasions, according to the organization.
With 1,268 applicants in the system, those numbers certainly fit with the “a minority of applicants” description previously given, but it still shows that the bug was widespread.
The supplied numbers are “approximate”, but ICANN said it is “continuing to review system logs and packet-level traffic to confirm how many viewings actually did occur.”
The latest news means, for example, that 50 new gTLD applicants may have had the ability to see information belonging to other applicants on average nine times each.
While the new data may not strongly suggest that the bug was deliberately exploited by any applicant(s), it’s not inconsistent with that scenario.
It could mean that one applicant saw the details of 56 others (suggesting exploitation), but it could also mean that 50 applicants saw about two third-party file names each (suggesting accidental viewing).
Without further information, it’s impossible to know.
ICANN has not revealed, and is unlikely to reveal in the short term, whether any applicant was able to view the metadata of another applicant for the same gTLD.
The organization has however started to notify affected applicants whether they were affected as victim or beneficiary, according to the latest update from chief operating officer Akram Atallah.
Atallah also revealed that TAS had 95,000 file attachments in the system when it was taken down April 12.
At an average of 75 files per TAS account, this would support the idea that, on average, each TAS account was being used to file more than one application.
ICANN still plans to wrap up the notification process before next Tuesday, May 8, but there’s no word yet on when TAS will reopen for the final five days of the application window.
Recent Comments