Recent Posts
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
- $2 million Christmas bonus for ICANN
- Another VW car dot-brand crashes out
- Largest back-end switch EVER as GoDaddy loses deal
- Yeah, we got phished, ICANN admits after crypto hack
- ICANN hacked to promote crypto scam
- Super Bowl a bit of a dud for .com?
- More gloom predicted for .com
- These are the .gov domains Trump has deleted so far
- Did Trump just create the world’s next ccTLD?
- $3,000 to do a Whois lookup?
- PIR to join GlobalBlock, but its crown jewel won’t
- LA wildfire victims get domain deletes delay
- .free domains to finally arrive as Amazon reveals three gTLD launches
- Six more gTLDs shown the door, five may be auctioned
- Registrar terminated after ignoring Whois transition
- $10 million ICANN giveaway winners picked
- Whois officially died today
- Typo left MasterCard open to hackers for years
- Could ICANN approve an R-word gTLD?
- These are the TLD growers and shrinkers of 2024 (part two)
- GoDaddy ordered to stop lying about crappy security
- These are the TLD growers and shrinkers of 2024 (part one)
- Dead terrorist domains for sale, just without the hyphens
- ICANN eyes more price hikes as it predicts dismal year for industry
- Meet the six people battling to join ICANN’s board
- New gTLD use cases not much use
- Defensive dot-brands are renewing, making ICANN millions
- Identity Digital offers free domain trials through LinkedIn
- Antisemitic remarks cost registrar dearly
- ICANN lawyers want to keep their clients secret
- Facebook cybersquatter asks ICANN to overturn UDRP ruling
- .xxx founder Stuart Lawley has died
- The new gTLD Next Round is really happening as two ICANN programs go live
- Verisign has much to be thankful for as .com contract renewed
- Another 40,000 .ai domains registered
- RDRS usage hits new low
- A dot-brand that was actually used is shutting down
- .id joins the million-domain club
- GoDaddy’s .xxx contract renewed
- Twitter clone Bluesky has one feature domain people should like
- ICANN confirms two bans on new gTLD gaming
- eBay slogan domain no longer has a BIN price
- Will Donald Trump be .io’s white knight?
- As customers flee legacy gTLDs, .org tops 11 million names
- Company accidentally puts porn domain on kids’ toys
- eBay’s new slogan looks like a $75,000 domain it doesn’t own
- Americans are deserting .com
- Weak Q3 for the domain universe, Verisign reports
- ICANN says it WILL raise its domain taxes soon
- Senator says domain industry “enables” Russian disinfo attacks
- bit.ليبيا? Libya to get its Arabic ccTLD
- Verisign gets eight more years running the root
- Two-horse race for open ICANN board seat
- Chinese say internet not ready for single-letter gTLDs
- Unloved INTA slams ICANN over new gTLDs
- Namecheap scores win in .org price-cap lawsuit
- Some Guy wants to take over .com and .net
- Second-shot gTLD bid rules revealed
- Nominet names directors after tight election
- Lawyer ban coming to ICANN
- Identity Digital to take over .ai
- ICA teams up with WIPO on UDRP reform
- Response to sex harassment lawsuit “inadequate”, say ICANN vets
- Unstoppable tops four million names
- Amazon readying fashion and book gTLDs
- Five times ICANN deleted a ccTLD, and what it means for .io
- Future of .io domains uncertain as UK hands over Chagos islands
- .ai now has over half a million names
- UK and Israel cut ICANN funding
- Twitter now up-to-date on linkification
- Moment of truth as .music domains finally go on sale
- ICANN fixes embarrassing “What is a Domain Name?” mistake
- Another ccTLD opens up its second level
- Reporter gains first access to .io island for decades
- .io sells $40 million of domains after massive uptick
- After five years, “useless” TLD has two web sites
- Verisign agrees to .com takedown rules
- New .com contract could see ALL domain prices go up
- Investing in .ad domains may be risky
- Plurals ban policy handed to ICANN board
- Three .now domains sell at premium EAP prices
- ICANN confirms new gTLD application fee
- New gTLD application fee rises by thousands after collision call
- Former .co registry defeated in $350 million contract fix case
- Is this the first Next Round new gTLD contention battle?
- ICANN names its Supreme Court judges
- Who uses Sunrise nowadays? You might be surprised
- ICANN gunning for Tencent over abuse claims
- All the one-character .sk domains to be auctioned
- Straggler gTLD signs first ICANN contract for years
- GoDaddy likely to win relaxed .xxx deal
- Tonkin promoted to CEO at auDA
- ICANN hires new Ombuds from WIPO
- Big twist as ICANN bans new gTLD auctions
- ICANN to “strengthen” harassment rules as it picks another homophobic meeting host
- .my global relaunch starts slowly despite cheapo prices
- Hackers break .mobi after Whois domain expires
Tucows quits ICANN’s Whois disclosure pilot
Tucows has dramatically dropped out of ICANN’s Registration Data Request Service pilot.
The company said that RDRS provides a poor user experience that harms user privacy and causes ICANN to produce misleading usage statistics that show an artificially high request denial rate.
RDRS is a bit more than half way through a two-year pilot designed to gather data that will help ICANN decide whether to deploy a more permanent and probably more expensive long-term solution.
The service is essentially a clearinghouse that connects people who want to request private Whois data with the registrars that manage domains of interest.
Tucows said in a blog post:
Given that the RDRS Standing Committee has enough data to complete its report, as well as the customer experience challenges and data privacy concerns we’ve outlined above, Tucows Domains has decided to end our participation in the RDRS.
The move makes Tucows the highest-profile registrar to pull out of the service to date. Across its various brands (such as Ascio, Enom, EPAG, and OpenSRS) it has around 10 million domains under management.
As of the end of January, RDRS had 94 registrars on board, covering 60% of all registered gTLD domains.
Tucows said it will continue to offer its TACO service, which also allows entities such as intellectual property interests to request private Whois data but charges requesters at least $3,000 a year, which it calls a “cost recovery fee”.
The TACO fee can be waived for “single-use and non-commercial requestors”, Tucows noted. It has updated its terms accordingly.
Registries have started shutting down Whois
Nominet seems to have become the first major registry services provider to start to retire Whois across its portfolio, already cutting off service for about 70 top-level domains.
Queries over port 43 to most of Nominet’s former Whois servers are no longer returning responses, and their URLs have been removed from the respective TLDs’ records on the IANA web site.
The move follows the expiration last month of ICANN’s contractual requirements to provide Whois in all gTLDs. Now, registries must use the successor protocol RDAP instead, with Whois optional.
A Nominet spokesperson tells us the shut-off, which affects large dot-brand clients including Amazon, happened after consultation with ICANN and clients on January 29.
TLDs Nominet was supporting under ICANN’s Emergency Back-End Registry Operator program are also affected.
The registry spokesperson said that the gTLDs .broadway, .cymru, .gop, .pharmacy, and .wales are still offering Whois, due to an interoperability issue:
“The sole reason for the retention of these gTLD WHOIS services is for interoperability with the Brand Safety Alliance (BSA) service integration, which does not yet support RDAP,” she said.
The BSA is the GoDaddy-backed project that offers the multi-TLD GlobalBlock trademark-blocking service.
Nominet’s flagship .uk is also still offering Whois, because Nominet discovered that some of its registrars were still using it, rather than EPP, to do domain availability checks.
The fact that a GoDaddy service and some .uk registrars still don’t support RDAP, even after a years-long ICANN transition plan, is perhaps revelatory.
I’ll admit the only reason I noticed Nominet’s Whois coverage was patchy was that I’d neglected to update one of my scripts and it started failing. Apparently I was not alone.
While RDAP can be fairly simple to implement (if I can do it…), actually finding each registry’s RDAP server is a bit more complicated than under the Whois regime.
All gTLD registries were obliged to offer Whois at whois.nic.[tld], and IANA would publish the URLs on its web site, but RDAP URLs are not standardized.
It’s not super obvious, but it seems instead you have to head over to IANA’s “Bootstrap Service” and download a JSON file containing a list of TLDs and their associated base RDAP URLs.
$3,000 to do a Whois lookup?
ICANN’s Registration Data Request Service cost hundreds, maybe even thousands, of dollars every time it was used in its first year, according to an analysis of official stats.
RDRS is the system designed to connect entities such as trademark owners, security researchers, and law enforcement with registrars, allowing them to request private domain registration data that is usually redacted in Whois records.
It’s running as a two-year pilot, in order to gauge demand and effectiveness, and its first full month of operation was December 2023.
ICANN has been publishing monthly transparency reports, including data such as number of requests and outcomes, and we know how much it cost the Org to develop and operate, so it should be possible to make some back-of-the-envelope calculations about how much each request costs the ICANN taxpayer.
The cost could range from about $300 to over $3,000 per request, even using some fairly generous assumptions.
RDRS cost $1,647,000 to develop, which is pretty much a shoestring by ICANN standards. Most of that was internal staffing costs, with some also being spent on external security testing services.
The total operational cost for the first 10 months was $685,000. Before ICANN publishes its calendar Q4 financials later this month, we could extrapolate that the first 12 months of operation was around $800,000, but let’s be generous and stick with $685,000 for this particular envelope’s backside.
While there were 7,871 registered requesters at the end of November 2024, they had collectively only submitted 2,260 requests over the same period.
Only 2,057 of those requests had been closed at the end of the period, and only 23% of closed requests resulted in registrar approval and data being fully handed over to the requester.
That works out to 474 approved requests in the first year.
With the most-generous assumptions, $685,000 of ops costs divided by 2,260 requests equals $303 per request.
If we only count approved requests, we’re talking about $1,445 per successful Whois lookup equivalent.
But we should probably switch to an envelope with a larger rear end and include the $1.6 million development costs in our calculations too.
If we factor in half of those costs (it’s a two-year pilot), we’re looking at about $666 per request or $3,181 per successful request in the first 12 months.
If the system was more widely used, the per-request cost would of course fall under this calculation, but there’s no indication that usage is significantly on the increase just yet.
These are only the costs incurred to ICANN. Registrars on one side of the service and requesters on the other also bear their own costs of working with the service.
Dealing with RDRS is not the same as doing a Whois lookup. You have to deal with a much lengthier form, add attachments, make a reasoned legal case for your request, etc. It eats work-hours and staff need to be trained on the system.
It may seem that $3,181 to do a Whois lookup is too expensive for the ICANN taxpayer.
And maybe it is, if it’s being predominantly used to assist (say) Facebook’s trademark enforcement strategy.
But if those Whois lookups help law enforcement more quickly nail a gang of fentanyl dealers or child sexual abuse material distributors, maybe the costs are more than justified.
At the end of November the number of requests from law enforcement was 15.6% of the total, while IP holders accounted for 29.7%, ICANN stats show.
ICANN’s board of directors will decide towards the end of the year whether the RDRS pilot has been successful and whether it should continue indefinitely.
Whois officially died today
Domain registries and registrars are no longer obliged to offer Whois services as of today, the deadline ICANN set for formally sunsetting the protocol.
It’s been replaced by RDAP, the newer Registration Data Access Protocol, which offers a more structured way to deliver domain ownership information.
Under ICANN’s standard Registry Agreement and Registrar Accreditation Agreement, January 28 marks the end of the RDAP “ramp up period” and the moment Whois becomes purely optional.
I expect many registrars will offer Whois and RDAP in parallel for a while, so ingrained in internet architecture is the older protocol. Likewise, the term “Whois” will likely be used colloquially to refer to RDAP for some time.
The data delivered by RDAP is not substantially different to that delivered by Whois, and those who access Whois via a web interface, such as ICANN’s lookup.icann.org, probably won’t notice any difference.
The main headaches will likely be experienced by those using custom software to access Whois over port 43, who may find they have to tweak their code to parse incoming RDAP responses instead.
Importantly, the switch to RDAP does not mean users will get data that was already redacted in Whois. Privacy laws such as GDPR apply equally to RDAP.
The only way to obtain private data is contacting the relevant registrar, directly or via ICANN’s Registration Data Request Service, and crossing your fingers.
RDRS usage hits new low
ICANN’s Registration Data Request Service was used less often in October than in any other month since it launched a year ago, according to the latest statistics.
There were 131 requests for private Whois data in the month, down from the previous low of 141 recorded in May and September’s 189, the monthly report published by ICANN shows.
There were 98 closed requests — another new low — and the mix of granted/refused requests tilted more towards approval than usual, with almost 35% of requests being approved versus 56% denied.
While it took on average 3.41 days for requests to be approved, the average time for denial was an incredible 41.96 days.
Three new registrars joined the voluntary pilot program in October, giving RDRS coverage of 60% of registered gTLD domain names.
The monthly report breaks down the geographic location of requestors and the requestor type for the first time, showing that the US was by far the biggest, followed by the UK, France and Brazil, with American IP owners and law enforcement most likely to request data.
RDRS usage stabilizing?
Usage of ICANN’s experimental Registration Data Request Service may have hit what might in future pass for normal levels, with not a massive amount of fluctuation across several key statistics for the last few months.
But ICANN’s latest monthly stats report, published late last week, shows that July was the worst month so far in terms of closed Whois data disclosure requests, dipping into double digits for the first time since its launch in late 2023.
There were 164 disclosure request in July, down from 169 in June but up on May’s low point of 154. The mix of requester types tilted towards IP owners — 40% versus a lifetime average of 33% — while law enforcement was down.
Only 97 requests were closed during the period, a third consecutive all-time low down from 134 in June and 140 in May. Approved requests were at 22.72% while denied requests were at 65.79%, a slight improvement in terms of the approved/denied mix compared to June.
It took a bit longer to get a request approved in July — 9.3 days on average versus 6.59 in June and a lifetime average of 7.19 days. The median time-to-approval since launch is still two days.
Getting a request denied took about half as long in the period — 10.7 days versus 19.46 in June. The median value is also still two days.
Two new, smaller registrars — one Chinese, one Moroccan — joined the project, and none quit, leading to a total of 92. Registrar coverage remained at 59% of registered gTLD domains.
The number of RDRS queries for domains held at unsupported registrars was down at 27.86% compared to a lifetime average of 29.7% but up against June’s 23.31%.
RDRS stats improve a little in June
ICANN’s Registration Data Request Service saw a small improvement in usage and response times in June, but it did lose a registrar, according to statistics published today.
There were 170 requests for private Whois data in the month, up a little from May’s historic low of 153, and 20.88% were approved, compared to 20.29% in May.
The mean average response time for an approved request was down to 6.59 days, from 11.34 days in May and April’s huge 14.09 days. Since the RDRS project began last November, the median response time is two days.
Smaller registrar OwnRegistrar opted out of the program during the month, but the coverage in percentage terms held steady at 59%, with 90 registrars of various sizes still participating.
RDRS usage hits all-time low
Usage of ICANN’s Registration Data Request Service, which lets people submit Whois queries to registrars, hit a new low in May, six months after its launch.
RDRS was used to submit 156 requests for private Whois data in the period, the lowest number to date. In December, there were 173 requests; the peak was 290 the following month.
While requests from law enforcement held at 46, requests from IP holders, which had peaked at 117 in February, dipped a little between April and May, going from 43 to 37.
The mix between approved and denied requests was pretty much unchanged — about 20% of requests get approved and about 70% get denied.
The number of RDRS queries (domain lookups that don’t necessarily result in a request) was also at at all-time monthly low, at 1,393, from a December peak of 2,349 and April’s 1,435. Only a quarter of queries were for supported domains, down from 30% in April.
The wait time for approval shortened a little, having topped out at a massive 14 days in April, to an average of 11.34 days. Denials took on average 9.77 days.
Three more registrars joined the voluntary service in May, and none left. One of the newcomers was a second Alibaba accreditation, which brought in 3.5 million domains and raised the overall service coverage from 57% to 59% of all gTLD domains.
One way of spinning the numbers would be to say that RDRS users have become disillusioned with the service, another would be to say they are done kicking the tires and seeing what they can get away with, have discovered its limitations, and are now using it as intended.
The people have spoken on RDRS and they said “Meh”
Users of ICANN’s new Whois data request service appear to be overwhelmingly apathetic about it, if the results of the first quarterly user survey are to be believed.
ICANN sent surveys to 861 users of the Registration Data Request Service and 29 of the registrars that support it. Only 17 requesters and 15 registrars responded, and not every respondent answered every question.
With such a small sample size, it’s debatable whether the results can tell ICANN or anyone else whether RDRS is any good or not.
Asked whether having RDRS was better or worse than not having RDRS, only seven requester respondents answered. Two thought it was “much worse”, one thought it was “somewhat worse”, two thought it was “about the same” and two thought it was “somewhat better”.
Nobody clicked the button for “much better”, a fact that would be quite easy to seize upon as a headline if not for the fact that this is a survey of seven people and therefore pretty much worthless.
Responses to free-text questions perhaps shed a little light on the user experience: some people think it’s too slow, they’re not happy that they didn’t get the data they wanted, and the level of registrar support is too low.
Asked the same question about whether RDRS has made handling Whois requests better or worse, 11 registrars responded. The mix was heavily towards the “worse” end of the scale, which is probably not what ICANN wanted to hear.
In free-text responses, some registrars said they found the interface and workflow lacking, making the process of handling requests take more time and effort than doing the same outside RDRS. Pretty much the diametrical opposite of RDRS’s raison d’etre.
RDRS is a two-year pilot that has data-gathering as one of its primary purposes, but with such a lackluster response to the first survey ICANN is surely hoping the seven remaining surveys may produce some more meaningful stats.
The full survey results are available to read here (pdf), if you can be bothered.
ICANN restarts work on controversial Whois privacy rules
ICANN is to bring in new rules for Whois privacy and proxy services, the best part of a decade after they were first proposed to massive controversy.
It’s looking for volunteers to work with Org staff on implementing policy recommendations that in 2015 led to tens of thousands of people expressing outrage about the dangers, as they saw it, of their privacy being breached.
ICANN is putting together an Implementation Review Team to help implement the recommendations of the Privacy and Proxy Services Accreditation Issues Policy Development Process, known as PPSAI, which sought to bring privacy/proxy services under ICANN’s regulatory umbrella.
The recommendations were hugely controversial in their first draft, which in a minority statement expressed the view that people should be banned from using their domains commercially if they were using privacy services.
But the IRT will be tasked with implementing the final draft, which expunged the calls for such a ban.
The policy still calls for ICANN to run an accreditation system for privacy/proxy services in much the same way as it accredits registrars. It also lays out rules for how such services should gather registrant data and how to treat customer interactions.
But the recommendations are undeniably from a different era, thunk up before the EU’s General Data Protection Regulation made privacy-by-default essentially the industry standard for Whois records.
The PPSAI recommendations now interact with policies and practices that have been adopted in the intervening years, such as the recent Registration Data Policy and the Registration Data Request Service.
People willing to donate 10 to 20 hours a month to the new IRT can check out more details here.
Recent Comments