Tag Archives: ICANN

New Top Level Domains and software implications

Many software applications rely on validation routines to check the validity of domain names. By validation, I mean here to test the string submitted by the user and see if it matches a pre-defined pattern. A typical example are web forms that need to validate e-mail addresses.

This is by no means a new issue. It first appeared with the introduction of the .info TLD. Before that TLDs were only two or three letters long, and many validation routines could not cope with the 4 letters of .info. At the time, ICANN had developed a testing tool which allowed developers to test if their code took into account the requirement for 4 letters. Still, you find today on the Internet tons of library routines that do not support 4 or more letter TLDs.

Some of these routines also rely on a hard-coded list of TLDs. Even today, I sometimes find that some web sites cannot deal with my .eu domain, which was introduced 4 years ago.There are hundreds of thousands of these routines written in Javascript, PHP, Perl, ColdFusion, ASP and just about any programming or scripting language you can think of.

Read more »

IRT Final Report on Trademark Protection in new Top Level Domains – Part 1 – Uniform Rapid Suspension System

The ICANN IRT working group has published its final report, which I decided to analyze a bit further. I already made a few comments last month, both in the At-Large Advisory Council framework and on my own.   There are several issues raised by the recommendations of this report. The URS is one.

Reliance on e-mail

Among the issues is the fact that most of the URS process relies on e-mail for notifications to the registrant, to the registry operator, etc.  Let’s face it: e-mail has become unreliable for critical applications. With more than 90% of e-mail being catalogued as spam, identifying the one important e-mail that you are not expecting is like searching a needle in a haystack.  Some techniques like DKIM, S/MIME signing, etc might help getting through the spam filters, if only the latter are well-configured. Most users do not have fine-grained control on the configuration of their spam filter, and none at all on the one used by their ISP.

Where this matters is that “A Registrant has fourteen (14) calendar days from the date of the initial email notification to submit an Answer“.  If the e-mail was caught by your spam filter, or if you are on vacation, travelling or more simply not reading your e-mail on a regular basis, you are out of  luck. You might lose your domain name without you even noticing it before it is too late.

The language issue is also an important one. It may be that English is the lingua franca of the business community. However, it may not be a language understood by the domain name registrant and he may, in good faith,  discard the notification message. Read more »

Intellectual Property rights in new Top Level Domains: Implementation Recommendation Team draft report

The IRT has released a draft report.  The composition of the  team is strongly biased towards North American intellectual property interests. Unfortunately, individuals were not represented.  Neither were potential new gTLD operators.  There was only one US-based registrar present and only one incumbent US-based registry.  In summary, this report is partial, both because it does not cover the whole picture and because it is strongly biased towards the interests of a specific group.

Quite confusingly, it was published on 24th April, with a 30 day comment period. However, one needs to comment before 6 May if it wants the IRT to consider the comments. Strange tactics.

As others have pointed out, the effective 7 day comment period over this draft report is way too short. It may be wise that the ICANN board does not consider this report before the community has had a real opportunity to comment.

I totally support Michele Neylon’s comments on the whois model  contemplated by this report. It would be in breach with many privacy regulations throughout the world. Further, if the ability to comply with the whois recommendations, as set forth in this report, would become one of the evaluation criteria for the new gTLD applications, this would favour registry operators located in countries with little or no privacy laws. This would put at a competitive disadvantage those businesses which need to comply with local laws. Questions to the IRT:

  • Did the IRT consider if their recommendations regarding the whois were actually compliant with relevant legislation throughout the world ?
  • Will the ability to comply with the whois recommendations, as set forth in this report, be a part of the evaluation process of new gTLD applications ?

Regarding the IP clearinghouse, it is stated that “The recommendation should not result in unnecessary or undue costs, either to trademark owners or to legitimate users and consumers”. Does this mean that the registry operators will have to bear all the increase of their operating costs for protecting third parties interests? The net effect of this is that operators will need to shift the increasing cost among all their customers, including those who have no IP rights to protect. This will mean raising the unit price of domain names for every customer, making the TLD less attractive and potentially be a cause of registry failure. In the case of community-based TLDs that focus on a limited market through a not-for-profit model, this may simply mean that the potential costs  and legal risks may be disporportionate for them to bear.

There is a major concern that different levels of protection for marks may put the registry operator in a position to have to arbitrate between second level domain name  applications and become legally involved in disputes between third parties. Unlike trade marks, which can be multiple according to industrial sectors and geography, domain names are by nature globally unique. As technical operators, registries should have no business in deciding who is the legitimate intellectual right owner.

If such IP clearinghouse system is put in place, it should, at a minimum:

  1. Be automated and implementable at a marginal cost by registries and registrars
  2. Exempt the registry operators from further legal consequences if it has demonstrated that it queried the database at registration time.

In addition to the above, I think it would be only fair that whatever policies are decided as a consequence of this process are also made mandatory for the existing gTLDs. The new entrants should not be the only ones having to bear the weight and costs of these policies.

Comments on the second draft of ICANN’s gTLD applicant’s guide

These are the comments I sent today to ICANN

Unfortunately, this second draft version of the applicant’s guide does not yet address major concerns in the process.

As stated in the previous comments round, it is fundamentally wrong to assume that all new gTLD applicants will use the .com model of mass market approach for domain names. Both the amount of the application fee and the yearly registry fee imply that the registry will need to sell as many domain names as possible, favouring numbers over quality. This is the wrong approach with regard to community-based TLDs.

The amount of the application fee should be reduced, as it may discriminate against less financially resourceful applicants, such as communities. While I understand ICANN may want to prevent frivolous applications with a high application fee, it nevertheless excludes from the process a lot of potential serious applications targeting a limited community.

It is unfair that only the applicants of the first round would have to cover the past costs of the new gTLD development program. On the other hand, it is difficult to guess how many applications will be submitted on each round. Because these costs have already been expended and that ICANN clearly states that whatever is recovered will be transferred to a reserve fund, it is therefore suggested to simply drop the $26,000 that represents the incidence of gTLD development program cost on each application.

Note that this request for a large up-front investment in the application process is orthogonal to the expectation of ICANN for the applicants to demonstrate the availability of continuation funding. Whatever capital will be invested in submitting the application will not be available in the future. Hence, ICANN’s financial expectations at the application stage may plant the seed of future registry failure.

Further, payment of the application fees in several installments should be offered to TLD applicants. For those applicants that need to submit a strong business plan to their investors, having a pay-as-you-go fee through the application process will make it easier to convince investors.

ICANN should also consider postponing for two or three years the collection of the annual registry fee, to allow new gTLD operators to start operating in a financially sound context, with no loans and other debts that may compromise the start-up of their activities. On the short and medium term, this help new registries to become more solid and will be beneficial for the the long term stability of the DNS space.

The fact that ICANN only allows for payments to be made in USD places a high risk on the business plans of those applicants that work in other currencies. As suggested elsewhere, ICANN should accept payments in other
currencies, at a rate fixed at the time the applicant’s guidebook is published.

There is still a fundamental contradiction in using an auction model as a last resort for community-based applications. By definition, community-based applications will target smaller communities and use a cost-recovery model, rather than a purely commercial one. For the winner of the auction, this will mean recovering its costs through increasing the gross price of registrations. As a consequence, the number of domain names sold may be reduced and the newly launched registry may not meet its business plan. Ultimately, auctions may also be a cause of registry failure.

The ICANN new generic TLD process (Las Vegas edition)

I have not submitted any comments on ICANN’s new gTLD process, mostly because many other people have said more diplomatically what I think, but I thought I could blog about it.

My main concern from the beginning was that the process should allow any serious candidate to run with a reasonable chance to be able to actually start running a gTLD. This includes small and medium sized communities and startup companies with little seed money.  This also includes registry models that may not favour mass registrations. For all these, the current model is flawed.

Communities based on values, whether cultural or ethnic are by definition limited in scope. So are communities based on geography, although they could larger.  These communities could get their TLD, if they have strong political support and  the attached financing. It this case, the short term profits are not the registration fees themselves, but the prestige linked to a community having its own TLD. I bet the application for the  .VLA TLD will succeed, because it has the strong political support of a wealthy community.

For the startup registries wishing to enter the gTLD arena and compete to a certain degree with the incumbents, the skies are cloudy, to say the least. First and foremost: you need money. A lot of it. Anthony Van Couvering  at Names@Work has a timeline, which details the associated costs. However, a lot of the costs are not appearing. My personal estimation is that the whole process, up to the contract signing ceremony with ICANN,  is USD 1 million at the very minimum. More realistically, you need  50% more to be on the safe side.

400K will go to ICANN and its subcontracted  evaluators. The associated costs with the evaluations can quickly add up.  At this stage, there is no way to know exactly how much they will cost, because there are many parameters.  ICANN tells you these costs will be payed directly to the evaluators, not through ICANN.  This will make it even more opaque.

The rest needs to cover consultants,  lawyers, salaries, ICANN meeting sponsorships, meetings with your community leaders to gain support for your application (and everything that goes with it: profits sharing, gadgets, gourmet dinners, escorts, you name it) and travel to ICANN meetings for you and your staff.

On top of that, ICANN wants you to be able to guarantee the operation of the TLD for 3 years, even if your TLD is not a success.

Note that this will not guarantee at all that your application will succeed.  But at least it will guarantee one an a half year of hard work and travel to exotic places for two or three people, and others on a as-needed basis.  Now go out and tell your banker, if he has not gone bankrupt already.

If you are lucky enough to reach the contract signing stage, the real work begins: hire staff, build an infrastructure, convince registrars to carry your TLD, set up a sunrise period . These are another four or five months without a single cent falling on your bank account.  In conclusion, this whole new gTLD process will be most profitable for established actors, who will not have to cover many of the above-mentioned costs, or have the reserves to cover them.

Even if ICANN revises parts of their RFP, I am not sure it will attract the 500 applications it expects. This RFP should have been published 8 years ago, at the height ofthe Internet bubble, when everything related to the Net received full funding. Now, in this recession period, investors and bankers are cautious. It will not be easy to find partners who are willing to potentially loose USD 1.5 million, if it cannot be demonstrated with certainty they can recoup their investment in less than two years.

Good luck. May the farce be with you.