Latest news of the domain name industry

Recent Posts

Will Donald Trump be .io’s white knight?

Kevin Murphy, November 14, 2024, Domain Policy

US President-Elect Donald Trump’s incoming administration is reportedly looking into torpedoing a deal between the UK and Mauritius that raises serious questions about the future of the .io ccTLD.

According to The Independent, Trump wants to veto the deal that would see the UK cede sovereignty over most of the Chagos islands, currently known as the British Indian Ocean Territory, and is seeking legal advice from the Pentagon.

The largest of the islands, Diego Garcia, is home to a secretive US-UK military base used to support US actions in the Middle East. Native Chagossians were forcibly removed from the territory to allow its construction in the early 1970s.

The proposed UK-Mauritius treaty would allow the base to continue to exist for at least 99 years, but critics of the deal reportedly worry that Mauritius taking over the rest of BIOT would encourage Chinese espionage.

Since the treaty was announced, questions have been raised about the .io ccTLD, which is assigned to BIOT and commercialized globally by Identity Digital via a UK shell company.

ICANN confirmed in writing today that if the International Standards Organization removes IO from its list of territories, “a five-year time window will commence during which time usage of the domain will need to be phased out”.

But there are other considerations that have received fewer column inches. Head of the IANA function, which looks after the root zone, Kim Davies added:

Country-code top-level domains are operated for the benefit of the country or territory they represent. Managers of these domains must maintain an operational nexus with that country to ensure they have appropriate local accountability mechanisms for how the domain name is operated. Should this jurisdictional change take effect, changes may be required to ensure proper accountability to the new country.

In other words, there’s a scenario in which .io disappears and a scenario in which Identity Digital and Mauritius have to come to some kind of arrangement. Both would cost the registry money, but the latter seems like it would be less costly for registrants.

But if a new Trump administration decides to ignore international law and somehow persuades the UK to withdraw from the deal, the status quo for .io could persist.

The UK-Mauritius treaty has not yet been ratified. It’s expected to be debated by the UK parliament, where the new Labour government certainly has the votes to get it passed, early next year.

Neustar exec fingered in Trump’s Russian “collusion” probe

Kevin Murphy, October 1, 2021, Domain Registries

A senior former Neustar executive has been outed as a participant in 2016 research that sought to establish nefarious links between then US presidential candidate Donald Trump and the Russian government.

According to a US federal indictment last month, former Neustar senior VP and head of security Rodney Joffe and others used DNS query data collected by the company to help create a “narrative” that Trump’s people had been covertly communicating with Kremlin-connected Alfa Bank.

The indictment claims that they did so despite privately expressing skepticism that the data was conclusive in establishing such ties.

Joffe did this work while under the impression he would be offered a top cybersecurity job in Hilary Clinton’s administration, had she won the 2016 general election, the indictment claims.

Joffe has not been accused of any illegality or wrongdoing — he’s not even named in the indictment — and his lawyer has told the New York Times that the indictment gives an “incomplete and misleading” version of events.

The indictment was returned by a federal grand jury on September 16 against Washington DC lawyer Michael Sussmann, as a result of Special Counsel John Durham’s investigation into the origins of the Trump-Russia “collusion” probe, which ultimately found insufficient evidence of illegality by the former president.

Sussman is charged with lying to the FBI when, in September 2016, he showed up with a bunch of evidence suggesting a connection between Trump and Alfa Bank and claimed to not be working on behalf of any particular client.

In fact, the indictment alleges, he was working on behalf of the Clinton campaign and Joffe, both of whom had retained his services. Lying to the FBI is a crime in the US.

The indictment refers to Joffe as “Technology Executive 1”, but his identity has been confirmed by the NYT and others.

Sussman’s evidence in part comprised DNS data supplied by Joffe and analyzed by himself and other researchers, showing traffic between the domain mail1.trump-email.com and the Russian bank.

At the time, Neustar was a leading provider of domain registry services, but also a significant player in DNS resolution services, giving it access to huge amounts of data about domain queries.

“Tech Executive-1 [Joffe] used his access at multiple organizations to gather and mine public and non-public Internet data regarding Trump and his associates, with the goal of creating a ‘narrative’ regarding the candidate’s ties to Russia,” the indictment claims.

According to the indictment, Joffe had been offered a job in the Clinton administration. He allegedly wrote, shortly after the November 2016 election: “I was tentatively offered the top [cybersecurity] job by the Democrats when it looked like they’d win. I definitely would not take the job under Trump.”

The researchers — which also included employees of the Georgia Institute of Technology, ​Fusion GPS, and Zetalytics, according to the NYT — sought to create a case for a connection between Trump and the Russian government while privately expressing doubts that their conclusions would stand up to third-party scrutiny, the indictment claims.

The suspicions were briefed to the media by Sussman and the Clinton campaign, the indictment says, and widely reported prior to the election.

When the FBI investigated the alleged links, it concluded the suspicious traffic was benign and caused by the activities of a third-party marketing firm, according to reports.

As I said, it is not alleged that Joffe broke the law, and his people say the indictment is, as you might expect from an indictment, one-sided.

Still, it’s a very interesting, and possibly worrying, insight into how companies like Neustar and their employees are able to leverage DNS resolution data for their own private purposes.

The full indictment, which uses pseudonyms for most of the people said to be involved in the research, can be read here (pdf). The New York Times story, which reveals many of these identities, can be read here (paywall).

While Neustar’s registry business was acquired last year by GoDaddy, it appears that Joffe did not make the move and instead stayed with Neustar. His LinkedIn profile showed he “retired” at some point in the last few weeks, after 15 years with the company.

Will you shut up, man? Trump takedown domain on sale for ridiculous fee

Kevin Murphy, September 30, 2020, Domain Sales

Proving once again that there’s no neologism or emergent catchphrase that won’t be registered as a .com, a domainer has put willyoushutupman.com on sale in the wake of last night’s ludicrous US Presidential debate.

The line “Will you shut up, man?” was uttered in exasperation by Democrat candidate Joe Biden midway through the debate, after being ceaselessly harangued and interrupted by President Trump.

It’s currently listed on Dan.com with a “make an offer” tag, but Newsweek reported earlier today that the seller had priced the domain at $175,000.

The domain currently redirects to an affiliate link to the bespoke printing company Zazzle, so even if it doesn’t sell, the domainer may make a bit of cash.

Newsweek also reports that Biden’s campaign are already selling “Will you shut up, man?” merch, but I was unable to find such an item on the official Biden site.

Trump gives Verisign almost $1 billion in free money

Kevin Murphy, November 5, 2018, Domain Registries

The Trump administration may have just handed Verisign close to $1 billion in free money.
That’s according to the back of the envelope I’m looking at right now, following the announcement that the National Telecommunications and Information Administration is reinstating Verisign’s right to increase .com registry fees.
As you may have read elsewhere already (I was off sick last week, sorry about that) a new amendment to the Verisign-NTIA Cooperative Agreement restores Verisign’s ability to raise prices by 7% per year in four of the six years of the deal.
The removal of the Obama-era price freeze still needs to be incorporated into Verisign’s ICANN contract, but it’s hard to imagine ICANN, which is generally loathe to get into pricing regulation, declining to take its lead from NTIA.
Verisign would also have to choose to exercise its option to increase prices in each of the four years. I think the probability of this happening is 1 in 1.
Layering this and a bunch of other assumptions into a spreadsheet, I’m coming up with a figure of roughly an extra $920 million that Verisign will get to add to its top line over the next six years.
Again, this isn’t an in-depth study. Just back-of-the-envelope stuff. I’ll talk you through my thinking.
Not counting its occasional promotions, Verisign currently makes $7.85 for every year that a .com domain is added or renewed, and for every inter-registrar transfer.
In 2017, .com saw 40.89 million add-years, 84.64 million renew-years and 3.79 million transfers, according to official registry reports.
This all adds up to 129,334,643 revenue events for Verisign, or just a tad over $1 billion at $7.85 a pop.
Over the four-year period of the price increases transaction fees will go up to $8.40, then $8.99, then $9.62, then $10.29. I’m rounding up to the nearest penny here, it’s possible Verisign may round down.
If we assume zero transaction growth, that’s already an extra $762.2 million into Verisign’s coffers over the period of the contract.
But the number of transactions inevitably grows each year — more new domains are added, and some percentage of them renew.
Between 2016 and 2017, transaction growth was 3.16%.
If we assume the same growth each year for the next six years, the difference between Verisign’s total revenue at $7.85 and at the new pricing comes to $920 million.
Verisign doesn’t have to do anything for this extra cash, it just gets it.
Indeed, the new NTIA deal is actually less restrictive on the company. It allows Verisign to acquire or start up an ICANN-accredited gTLD registrar, something it is currently banned from doing, just as long as that registrar does not sell .com domains.
Verisign’s .net contract also currently bans the company from owning more than 15% of a registrar, so presumably that agreement would also need to be amended in order for Verisign to get into the registrar business.
I say again that my math here is speculative; I’m a blogger, not a financial analyst. There may be some incorrect assumptions — I’ve not accounted for promotions at all, for example, and the 3.16% growth assumption might not be fair — and there are of course many variables that could move the needle.
But the financial markets know a sweetheart deal when they see one, and Verisign’s share price went up 17.2% following the news, reportedly reaching heights not seen since since the dwindling days of the dot-com bubble 18 years ago.
The reason given for the lifting of the price freeze was, for want of a better word, bullshit. From the NTIA’s amendment:

In recognition that ccTLDs, new gTLDs, and the use of social media have created a more dynamic DNS marketplace, the parties agree that the yearly price for the registration and renewal of domain names in the .com registry may be changed

Huh?
This seems to imply that Verisign has somehow been disproportionately harmed by the rise of social media, the appearance of new gTLDs and some unspecified change in the ccTLD marketplace.
While it’s almost certainly true that .net has taken a whack due to competition from new gTLDs, and that the domain marketplace overall may have been diminished by many small businesses spurning domains by choosing to set up shop on, say, Facebook, .com is still a growing money-printing machine with some of the fattest margins seen anywhere in the business world and about a 40% global market share.
If the Trump administration’s goal here is to make some kind of ideological statement about free markets, then why not just lift the price caps altogether? Give Verisign the right to price .com however it pleases?
Or maybe Trump just wants to flip the bird to Obama once more by reversing yet another of his policies?
Who knows? It doesn’t make a lot of sense to me.

Trump’s ‘Muslim ban’ draws fire, creates confusion in ICANN community

Kevin Murphy, January 31, 2017, Domain Policy

At least two senior-level ICANN community members, including a new member of its board of directors, have been affected by US President Donald Trump’s controversial travel restrictions, imposed this weekend on the citizens of seven Muslim-majority nations.
The so-called “Muslim ban” has also attracted criticism from other members of the community.
Kaveh Ranjbar, Amsterdam-based chief information officer for RIPE/NCC and an ICANN director, said that he is unable to attend this week’s board retreat in Los Angeles because he holds an Iranian passport.
“I have checked this with ICANN’s general counsel and they have tried an external counsel with expertise in immigration,” Ranjbar told DI. “Their advice was that I might be able to travel but they were not sure. As you know the situation is really fluid and things change real fast.”
“After checking with the airline and looking at similar cases, I decided not to even try, because I did not want to risk deportation or being detained in the US,” he said.
Ranjbar was born in Iran but holds dual Dutch-Iranian citizenship.
He said he will participate remotely in the board retreat, likely until with 3am each day.
“However, the work of ICANN board is no different than any other board, it is mostly free exchange of ideas and discussing and challenging positions, outside of the formal setting of the meetings, that’s how you get a feel on your other colleagues positions and will be informed enough about their positions which will enable you to support or oppose with proper grounds and arguments,” he said. “I will miss that critical part.”
Non-Commercial Users Constituency chair Farzaneh Badiei is also affected. She’s Iranian, but recently relocated to the US on an academic visa.
She told NCUC members that she’s effectively stuck there, unable to attend an intersessional meeting in Iceland or ICANN’s March meeting in Denmark, for fear of not being allowed to return.
“I have been advised to take precautionary measures in light of the current draft executive order that might not allow current visa holders re-entry to the United States,” she said.
ICANN is still evaluating the situation.
“We are still trying to fully understand the potential impact of the President’s Executive Order on our community, Board and staff travelers. We want to ensure ICANN’s continued accessibility and openness,” a spokesperson said on Sunday.
ICANN does have Iranian-born staffers, but I’m not aware that any have reported travel problems as a result of the Trump move.
The travel ban has drawn fire from other related organizations.
Internet Society CEO Kathy Brown wrote that she was “deeply troubled” by the ban, adding:

Not only will the purported bans place an unwarranted burden on people in our organization, it is an anathema to the Internet Society whose values rest firmly on a commitment to an open, globally connected community dedicated to the open, global Internet. We are encouraged by the countries who have rejected the U.S. action this weekend and by the human rights organizations that have stood in solidarity with countless refugees and travelers who were so abruptly halted in entering the U.S.

The chairs of the IETF, IAOC and IAB indicated in a joint statement that they may reconsider holding future meetings in the US:

the recent action by the United States government to bar entry by individuals from specific nations raises concerns for us—not only because upcoming IETF meetings are currently scheduled to take place in the U.S., but also because the action raises uncertainty about the ability of U.S.-based IETF participants to travel to and return from IETF meetings held outside the United States….
Our next meeting is planned for Chicago, and we believe it is too late to change that venue. We recognize, however, that we may have to review our other planned meeting locations when the situation becomes clearer. We are already reviewing what to do as far as location for the next open North American meeting slot.

Meanwhile, the Internet Governance Project’s Milton Mueller blogged:

This has significant implications for Internet governance. Coordination and policy making for a global medium based on cooperation and voluntary standards requires open transnational institutions. Participation in those institutions requires the ability to freely travel. The United States can no longer be considered the leader, either politically or ideologically, of an open global Internet if its own society is mired in protective barriers… What a stroke of good fortune that the prior administration succeeded in freeing ICANN from the U.S. government in its waning months.

The travel ban is said to be “temporary”, lasting just 90 days, but some fear it may evolve into a permanent fixture of US policy.

Watch: Hollywood actors trash Trump, promote .vote

Kevin Murphy, September 22, 2016, Domain Registries

Robert Downey Jr, Scarlett Johansson, James Franco, that bloke who plays the Hulk, and a “shit-ton of famous people” are starring in a new anti-Trump attack viral that promotes a .vote domain name.
The video, put together by cult director Joss Whedon, gently spoofs quick-cut celebrity-ensemble appeals, while making a serious point about US presidential candidate Donald Trump being a threat to domestic race relations and global security.
It directs viewers to SaveTheDay.vote, where they are encouraged to register to vote in the November 8 poll.
Here it is:

It’s probably the highest-profile “in the wild” spotting of a .vote domain to date.
While I doubt it will work magic on .vote registration volumes, it’s certainly no bad thing for the visibility of new gTLDs in general.
At time of writing, the video had received about 1.2 million views on YouTube, less than 24 hours after its release.
.vote is an Afilias gTLD with post-registration usage restrictions. It currently has about 1,800 names in its zone file but only one domain in the Alexa one million most-visited sites.