Recent Posts
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
Microsoft seizes domains Russia was using to attack Ukraine
Microsoft says it has taken control of some domain names that we being using by hackers connected to the Russian security services to launch cyber attacks against Ukrainian, US and EU targets.
Company VP Tom Burt wrote that seven domains used by a group called Strontium were seized via a US court order and redirected to a Microsoft sinkhole, disrupting these attacks.
Burt wrote that the targets were Ukrainian media organizations and US and EU foreign policy think tanks, adding:
We believe Strontium was attempting to establish long-term access to the systems of its targets, provide tactical support for the physical invasion and exfiltrate sensitive information.
One wonders why Russia would use domains under US jurisdiction to conduct such attacks.
War fails to stop .ua domains selling
Ukraine’s ccTLD has maintained what appears to be a healthy level of new registrations, despite the Russian invasion.
The company today reported that between February 24 and March 25, it saw over 3,000 new .ua domain regs, over 2,000 of which were in .com.ua. The ccTLD offers names in a few dozen third-level spaces.
February 24 was the day Russia invaded, and the day Ukraine went into martial law.
“The com.ua domain is mostly used by commercial organizations. Therefore, the presence of registrations shows that Ukrainian business continues to operate under martial law,” Hostmaster wrote (via Google Translate).
.ua had a total of 534,162 domains under all 2LDs today, according to the registry’s web site.
While Hostmaster has not yet published its end-of-month stats for March, it appears that the new adds suggest an improvement on typical monthly performance, or at least business as usual.
The registry has come under denial-of-service attack dozens of times since the war started, but says it has so far continued to operate without interruption.
Marby pledges low red tape in $1 million Ukraine donation
It’s been three weeks since ICANN promised $1 million to support internet access in Ukraine and CEO Göran Marby says he’s trying to get the money put in to action as efficiently as possible.
Thankfully, the Org doesn’t seem to be resorting to its regular fallback position of creating a time-consuming committee or esoteric process, but there are still some hoops that need to be jumped through.
Marby wrote today:
We made the decision to partner with an organization that is already on the ground in Ukraine providing support that is in alignment with our mission. I believe that contributing to an existing organization is a better option than creating our own tailor-made solution, especially when we do not have expertise in disaster recovery and crisis response work.
ICANN is doing due diligence on “several” organizations to make sure the Org meets “applicable laws, regulations, and ICANN’s fiduciary obligations”, he wrote.
While the money has been committed to help internet access — in line with ICANN’s mission — nothing has been publicly disclosed about what specifically it will be spent on.
One idea floated during ICANN 73 earlier this month was to provide satellite terminals that could be used to work around any infrastructure damage caused by the Russian invasion on the ground.
Marby wrote:
We are working diligently to implement this initiative in a timely manner, doing everything we can to speed the process, while at the same time proceeding in a cautious and responsible way.
He promised an update when the money has been allocated.
Ukraine registry hit by 57 attacks in a week
Ukrainian ccTLD registry Hostmaster today said its infrastructure was hit by 57 distributed denial of service attacks last week.
On its web site, which has continued to function during the now month-long Russian invasion, the company said it recorded the attacks between March 14 and 20, which a top strength of 10Gbps.
“All attacks were extinguished. The infrastructure of the .UA domain worked normally,” the company, usually based in Kyiv, said.
Hostmaster took the initiative in the first days of the war to move much of its infrastructure out-of-country, to protect .ua from physical damage, and to sign up to DDoS protection services.
101domain throttles its business in Russia
101domain has become the latest registrar to say it is limiting its business in Russia in response to the invasion of Ukraine.
The company, owned by Altanovo Domains, said today it is suspending all new accounts, orders and inbound domain transfers for customers located in Russia.
It will also no longer sell or accept transfers for domains in Russian-linked TLDs .ru (including third-level names), .рф (.xn--p1ai), .МОСКВА (.xn--80adxhks), .рус (.xn--p1acf), .дети (.xn--d1acj3b), .su, and .tatar.
“We will continue to process renewals of existing services for the time being, however this may change at any time and without notice,” the company said.
101domain follows fellow registrars Namecheap, IONOS, and GoDaddy in announcing what effectively amount to commercial sanctions against Russia.
Industry bodies CENTR and ICANN, along with ccTLD registry Nominet, have also committed to concrete actions to sanction Russia and/or support Ukraine.
ICANN bigwigs support sanctions on Russian domains
Current and former ICANN directors are among 36 high-profile tech policy veterans to support the creation of a new domain block-list that could be deployed in humanitarian crises such as the current war in Ukraine.
An open letter (pdf), published last night, calls to effectively create a list of sanctioned domain names and IP addresses that could be blocked in much the same way as current lists help network operators block spam and malware.
The letter says:
We call upon our colleagues to participate in a multistakeholder deliberation… to decide whether the IP addresses and domain names of the Russian military and its propaganda organs should be sanctioned, and to lay the groundwork for timely decisions of similar gravity and urgency in the future.
Signatories include current ICANN director Ihab Osman, former chair Steve Crocker, founding CEO Mike Roberts, former CSO Jeff Moss and former director Alejandro Pisanty.
Other signatories include three members of the European Parliament, various academics and security researchers, the bosses of networking coordination groups, and the CEOs of several ccTLD registries.
Dmitry Kohmanyuk, founder of Ukrainian ccTLD registry Hostmaster, also signed the letter.
The letter deconstructs Ukraine’s recent requests for internet sanctions against Russian, including its request for ICANN to turn off Russia’s .ru domain, and concludes “the revocation, whether temporary or permanent, of a ccTLD is not an effective sanction because it disproportionately harms civilians”.
Such a sanction would be trivially circumvented and would lead to the proliferation of alt-roots, harming international interoperability, they say.
Having ruled out sledgehammers, the letter goes on to suggest a nutcracker approach, whereby the domain names and IP addresses of sanctioned entities are blocked by consensus of network operators like they’re no more than filthy spammers. The letter reads:
Blocklisting of domain names allows full precision and specificity, which is the problem that precludes action by ICANN. The system is opt-in, voluntary, consensual, and bottom-up, all values the Internet governance community holds dear. Yet, at the same time, it has achieved broad adoption.
We conclude that the well-established methods of blocklisting provide the best mechanism for sanctioning both IP routes and traffic and domain names, and that this mechanism, if implemented normally by subscribing entities, has no significant costs or risks.
The billion-dollar question is of course: Who would decide what goes on the list?
The letter, which says it’s designed to be a conversation-starter, is a bit vague on the policy-making aspect of the proposal.
It calls for the formation of “a new, minimal, multistakeholder mechanism” that would publish a block-list data feed after “due process and consensus”, adding:
This process should use clearly documented procedures to assess violations of international norms in an open, multistakeholder, and consensus-driven process, taking into account the principles of non-overreach and effectiveness in making its determinations. This system mirrors existing systems used by network operators to block spam, malware, and DDoS attacks, so it requires no new technology and minimal work to implement.
While such a system might well help protect gullible (to pick a nationality at random) Americans from the Kremlin’s misinformation campaigns, it’s not immediately clear to me how such a system would help shield blameless everyday Russians from their own government’s propaganda.
If rt.com, for example, were on the block-list, and Russia wanted RT available to its citizens, presumably Russian ISPs would just be told, at the barrel of a metaphorical gun, to stop using the block-list.
It will be interesting to see where this conversation leads.
Nominet cuts off Russian registrars
Russian registrars will no longer be able to sell .uk domains, due to the war in Ukraine, Nominet announced today.
“We are not accepting registrations from registrars in Russia — we are suspending the relevant tags,” the registry said.
A “tag” is the unique identifier Nominet issues to its registrars to enable them to access the .uk registry.
I believe it’s the first example of a national domain registry taking action against Russian companies in response to the invasion of Ukraine.
While Nominet is independent, it’s pretty tight with the UK government, which with international partners has implemented some quite tough economic sanctions against Russia.
Nominet said that the “very small” number of existing domains with Russian addresses “will continue to operate as normal”.
Other measures the company announced include a £200,000 donation to the war relief effort, a reduction of its roughly £100,000 of investments in Russian companies to about £1,000, and the monitoring of new .uk registrations for possible Ukraine-related scams.
Other domain companies to announce what effectively amount to sanctions against Russia include Namecheap, Sedo, IONOS, GoDaddy and CENTR.
ICANN has also offered money to Ukraine and concessions to Ukrainian registrants, though the latter may also apply to Russians.
Now Sedo pulls the plug on Russians
Secondary market player Sedo has become the latest domain name company to stop dealing with Russians and Russian domains.
The company sent an email to its customers today saying that it has “suspended trading and parking” for .ru domains and domains in Belarus’ .by ccTLD.
It said it can no longer serve customers in Russia or Belarus and has “temporarily deactivated” their accounts.
It’s not clear whether the move is motivated by Sedo taking a principled stance against the war in Ukraine, or necessitated by the company’s inability to process cross-border payments due to international sanctions.
“Sedo disapproves of any kind of hate and violence, as well as anything that radically contradicts our corporate values,” the company said. “Therefore, for the sake of the civilians involved, we hope for an early resolution of this conflict.”
Sedo is part of the United-Internet group. Its sister company, IONOS, announced it was working on kicking out Russian customers last week.
Ukraine’s emotional plea to ICANN 73
A Ukrainian government representative has delivered a powerful speech at ICANN 73, calling on ICANN, the community, and the domain name industry to do more to help the war-ravaged country.
Speaking at the opening plenary session of ICANN’s Governmental Advisory Committee, Ukraine representative Andrii Nabok gave his personal account of coming under Russian fire at his home near Kyiv, and praised the “heroic” efforts of ISPs and local ccTLD registry Hostmaster in keeping the internet functional for many Ukrainians.
He went on to condemn the invasion in the strongest terms, calling the Russian Federation “the empire of evil, the terrorist state number one, the fascist of the 21st century”.
Nabok welcomed ICANN’s offer of $1 million to aid with connectivity, saying that Ukraine is in need of satellite terminals, but questioned ICANN’s decision to refuse the country’s request to disconnect .ru from the DNS root.
He went on to call for the domain industry to contribute to anti-Russian sanctions, and questioned whether it is still appropriate for ICANN to have a Russian as one of its DNSSEC “trusted community representative” key-holders.
His speech was followed by prepared expressions of solidarity from the UK, France, the European Union, Switzerland, Australia, the US, Canada, Burkina Faso, Argentina, and Burundi.
Russia took the floor briefly to say that it does not believe ICANN is a suitable forum to discuss “political issues”.
No government echoed Ukraine’s call for ICANN to use its DNS root management powers to sanction Russia, with most expressing support for the Org’s neutrality and the multi-stakeholder model.
I’m going to publish Nabok’s entire speech here, taken from the official transcript with only minor formatting edits. Recordings of the session can be found on its web page (registration required).
“One world, one Internet.” This slogan in our opinion is wonderful. Multistakeholder model, a community-based, consensus-driven approach to policymaking, this model is great. Ukraine admires both the slogan and this model. Ukraine believes both in this slogan and this model. The Ukrainian government showed its support for them in its numerous actions and statements before.
On February 24th at 5:00 am, my family woke up from explosions. We saw a little fire and smoke in the window. Our city near Kyiv was shelled by rockets. I cannot put into words the feeling when you have to explain to your seven-year-old daughter that we urgently need to leave home to save our lives. In a few minutes, my friends from all parts of Ukraine confirmed that there had been missile strikes in the whole country. At once, all the values you lived with yesterday cease to exist, and now the main task is to save our families, relatives, and friends.
So Russian missiles attacked Ukraine. Putin said it is a special military operation in the territory of independent country. Putin said the goal is demilitarization and denazification to ensure the security of Russia. Security of the largest country in the world with the most enormous nuclear potential seems to be defending itself against [inaudible] without nuclear weapons.
Logic has left our chat. Today is the 12th day of the war. Not some operation, but a war. A war in Europe, undeclared Russian war on Ukraine. It is the 12th day of Russian bombing in our peaceful Ukrainian cities and even villages, schools, kindergartens, maternity clinics, even nuclear stations. But Putin’s blitzkrieg became blitz failure. The whole world admires the courage of Ukrainian soldiers and civilians, on social media, in private messages, on TV. Unfortunately, thousand Ukrainians have been killed, including 38 children.
Millions of Ukrainians have been forced to leave their homes. Many of you sent us many words of support, sheltered us, and helped our army. Many thanks to you. Many of you understood that the real goal of Kremlin and Russian dictatorship is to destroy freedom, peace and human rights, right to life, right to dignity, right to freedom, and right to Internet.
Last year our team carried out a large state infrastructure project for deploying fiber optics networks in the most remote villages of our country. According to our last data, we had the highest level of coverage of high-capacity networks among all the European countries. About 97% of the Ukrainian population had the opportunity to connect to Internet based on fiber optic technologies.
Those settlements where the Russian army enters are cut off from the Internet. For example, in one of the villages where my relatives live, there are currently several thousand Russians. As soon as they captured the village, they immediately cut the optical cable and shot at the mobile operator’s base station with a machine gun. People are now cut off from the world.
Today is the 12th day of destroying Ukrainian Internet infrastructure by Russian bombs. Our heroic ISPs rebuild it under fire, risking their lives to save communications for people. Thanks to our heroic ISPs and Elon Musk’s support, people in bomb shelters still have a chance to know whether their relatives are safe or not, whether they are alive, or unfortunately, no more.
Our cybersecurity is also under threat. Thanks to heroic efforts, the .UA domain is stable. All services have been moved to backup positions and function independently from the Ukrainian infrastructure. Hostmaster LLC strengthened Anycast secondaries to prevent possible attacks on domain service.
“ICANN has been built to ensure that the Internet works, not for its coordination role to be used to stop it from working.”
I fully support these words of Göran Marby, ICANN CEO. But I would like to ask you, will it be okay for you if Internet is working for all except Ukrainians? Just because Russian assassins will kill Ukrainians. Of course, this is an apocalyptic scenario that will not be implemented. Ukrainians will not allow this. Ukraine has already received invaluable support from nearly all ICANN constituencies and at individual level. We are grateful for your help in strengthening the cybersecurity of .UA as well as other items of our critical infrastructure. We welcome the decision of ICANN Board to allocate an initial sum of 1 million US dollars to be used to provide financial assistance to support access to Internet infrastructure in emergency situations.
It will be great to spend a part of this sum to buy more Starlinks for Ukrainian Internet users. Of course, ICANN cannot close the sky over Ukraine, but I would like to ask all of you to appeal to your governments to protect Ukraine, and the infrastructure of the Internet for that matter, from the barbaric actions of Putin’s Russia. We fully support ICANN’s commitment to ensure a single and global Internet. Moreover, we have already asked to limit the Kremlin’s influence on our common free digital space since the national Russian peculiarities of Internet governance are known worldwide. Kremlin wants and will be happy to get the sovereign Internet, and they will get it by destroying “one world, one Internet” if we do not unite against such threats.
On March 11th, Russia will completely disconnect from the global Internet but the Russian representative will retain his role as one of the 12 holders of the DNSSEC root key. Are you serious? That is why we call on ICANN community, IANA, registrars and registries and the vendors who make the Internet free and available for everyone on the Earth to join the enforcement to the sanctions of the civilized world recently imposed on Kremlin, Russian companies and individuals. Do not allow them to use the Internet as a cyber battlefield against fundamental human rights and do not allow them to attack critical infrastructure for bloody warfare.
We also call on public and private entities to make steps in technological exodus from the Russian Federation, the empire of evil, the terrorist state number one, the fascist of 21st century. Last person out turns off the lights. I hope it will not be ICANN.
Thank you, dear community, for your support. We believe that you are also on the side of freedom and light.
ICANN extends Covid-19 abuse monitoring to Ukraine war
ICANN has started monitoring domains related to the war in Ukraine for potential abuse, expanding an ongoing project related to the Covid-19 pandemic.
CEO Göran Marby has during multiple sessions at ICANN 73 this week said that the Org will soon announce an extension of its DNSTICR project — pronounced “DNS Ticker” and standing for Domain Name Security Threat Information Collection & Reporting.
The plan is to alert registrars about Ukraine-related domain names being used to scam people or drop malware.
“There will be coming up more information about this very soon, but we have decided to also add names in relationship to the conflict in Ukraine,” Marby said during a session with the Commercial Stakeholders Group.
DNSTICR was launched in March 2020, when the pandemic was in full swing, to find new domains containing keywords such as “covid”, “pandemic” and “coronavirus”, and check them against domain abuse lists.
From May 2020 to August last year, it flagged 210,939 pandemic-related domains, and found that 3,791 of them were malicious with “high confidence”.
CTO John Crain said in a session on Monday: “There’s a lot of stuff in the press and some technical papers out there that show clearly that the bad guys, as always, have, once again, pivoted to whatever is happening in the world. So if we can do a little bit to help, we will.”
Recent Comments