As John Levine pointed out in his article “In bad taste:

* The grace period is being massively abused so that it is costing registries significant amounts of money to deal with this abuse

* As far as I can see, nobody asked for it, some member of the ICANN staff added it, the board never debated it, and it went through on auto-pilot.

John also points to articles by Bret Fausett and Bob Parsons, talking about the huge amount of losses that registrars face from this practice.

Tasting is a process that really should be done away with, and fast, and that’s even more necessary because speculators are massively abusing this process, and because it seems to have been, according to John, something that was a ICANN staff decision that got ratified by the board without stopping to consider its implications .. I’d say this decision that slipped through a crack in ICANN’s governance process.

Even so, till this is done away with, there is nothing at all that stops registrars from dealing with egregious abuses of domain tasting, by methods such as rate limiting signups from known speculators, examining domains that are signed up for obviously false whois information and then using their terms of service to proactively deactivate such domains etc.

I agree the lawsuit is misdirected in that Dotster is being sued instead of the speculator.  However, given that the typical domain speculator will register domains with blatantly false information, or at least an offshore maildrop address, in the whois data, and given that dotster / other registrars are

* Easily visible in the whois information

* At least in the law firm’s view, facilitating these abusive registrations

there is a quite good chance that they will be cited in the lawsuit initially, if only so that the plaintiff’s lawyers can use that as a wedge to make them take fast action against the speculated domains.

I am not very surprised at all - it was only a matter of time before the activities of these squatters attracted the attention of IPR lawyers.  ICANN has made this bed and the registrars now have to lie on it .. either that or the registrars will have to quickly prepare another bed, preferably one with red-hot spikes, and have the speculators lie on it. 

Fast and visible action against tasting speculators might deter some of this blatant abuse, and keep registrars from having to waste even more money on lawyers and court fees, after having wasted substantial amounts of money in revenue lost by abuse of the tasting process.

This was inevitable. Most folks who have been ethical and registering their domains in good faith don’t have to worry much. Those who have been crossing the lines need to step back a bit and reassess their business models.

Bret Fausett has posted a copy of the Statement of Claim on his blog.

Fighting abusive registrations is going to be easy initially, especially using “search and destroy” to terminate all domains registered by a known speculator / domain kiter in one clean sweep.

The more unethical kiters will go deeper underground, probably to the extent of using a botnet to signup domains .. just like the more unethical spammers get driven underground.

> An entire industry has sprung up around tasting, fueled by the
> growth in online advertising revolutionized by Google and
> Yahoo’s pay-per-click advertising models.

Just like an entire industry has sprung up around spamming, fueled by widespread virus infections in a popularly deployed operating system?  Please dont dignify domain kiting by raising it to the status of an “industry” that’s getting “revolutionized”.  Blatant abuse of a process doesnt make an industry.

:) Suresh I love your zeal.  I wonder what the good folks organizing and attending the T.R.A.F.F.I.C. conferences will think of your description of the mini-industry that has sprung up around domain tasting.

:)  If I’ve seen one thing for the decade or so that I’ve been looking at this stuff, have a bunch of people doing anything at all and someone will start a conference on it.

I attended the conference and it was an eye opener.  For one thing it was not stuffy at all, and for another, there was a lot of $$ chasing a few domains.  Nice attendance by VCs, btw.

I wonder how far that VC $$ will go when faced with multi million dollar lawsuits from IPR lawyers.

I am sure there are reputable players (for some value of reputable, at any rate) in that industry - and if so it’d be in their self interest to avoid kiting domains, and especially to avoid deliberately kiting or squatting on typo domains.

And at least for registrars, it’d be a very good idea to take a hard look at the process and how it affects their financial bottomlines - just the process of getting thousands of domains registered, only to be relinquished after the grace period.  The legal costs that Dotster (and potentially, other registrars) face is just very expensive icing on the cake.

Ram, could you please explain how “Domain Tasting” is the “target” of this lawsuit?

The lawsuit refers to 27 domain names which were typo’s of various Neiman Marcus trademarks.  It wouldn’t matter whether the domain names were registered for one day or one year.  In other words, the mere fact that these names were used in “domain tasting” is orthogonal to the fact that they are typosquatted names.  So, please explain how “domain tasting” makes this suit at all different from any other cybersquatting suit. 

Are you suggesting that someone, somewhere, would have a legal objection if I decided to run an algorithm that tested, say, every unregistered 9-letter sequence, so long as that algorithm was somehow run through a trademark string filter (as indeed some are attempting to do)?

Interestingly, of course each of these domain names was monetized by Verisign back when it was running Sitefinder.  In fact, NM’s attorney in this suit stated a belief during Domain Roundtable that if Verisign turned Sitefinder back on, then it would be perfectly acceptable for Verisign to resolve these very same names with retail advertising.  During the time that Verisign was monetizing these exact same domain names (as, by necessity, Sitefinder was doing), the plaintiff here had no objection.

John - with retail advertising that advertised NM, obviously?  I am not sure if NM would have been too happy if VRSN had stuffed those sitefinder’d typo domains with ads for Macy’s, or for mortgages for that matter.

Ram’s just portraying Dotster as the innocent victim of a huge multibillion corporation here .. well, innocent victim as in “they probably knew allowing tasters to operate, especially with dotster cloaked registrations, was going to bite them hard, sometime soon.. yet they let it happen”.

I am not sure if NM would have been too happy if VRSN had stuffed those sitefinder’d typo domains with ads for Macy’s, or for mortgages for that matter

Just what do you suppose was indeed at these domain names when VRSN was running Sitefinder?

Ram’s article speaks for itself.  First, he inaccurately states that the lawsuit contains “allegations of cybersquatting by registrars” when in fact only a single registrar is named in the suit, in order to tar with as broad a brush as possible.  Then, he defines “domain tasters” as equivalent to “domainers”, as if all domainers are somehow participating in this practice.

The actual practice of domain tasting is, in fact, self-limiting, as several participants have suggested it has already hit a point of diminishing returns.  The remaining pool of tasters apparently are those who have not yet realized that the bulk of worthwhile .com namespace is indeed taken.

For a registry representative to provide an over-expansive take on this suit is not unusual, since all eyes will be on Verisign if the .com settlement is approved by the DoC, to see if Verisign re-starts Sitefinder.  Indeed, on the Yahoo finance board after the settlement was approved by Verisign, investors were already asking when Sitefinder will be turned on. 

Domain tasting is a race against time to find unregistered domain space which, after registries get the green light to again launch Sitefinder-like services, will be made unavailable when the registries find that they can make more than $6, or $3, or $2, on those unregistered domain names.  So, while Verisign is accepting the fact that this practice is the leading source of new registrations in .com, they are also fully aware that they will get that space back at the proper increment of price increases provided in the .com settlement over time.

John wrote:

In fact, NM’s attorney in this suit stated a belief during Domain Roundtable that if Verisign turned Sitefinder back on, then it would be perfectly acceptable for Verisign to resolve these very same names with retail advertising.”

I’m skeptical of that statement.  My guess is that something else was said or that the statement was misinterpreted.

There is no way NM would support the advertisement of their compeitors on common typos of their brand names.

We’ve been through this with large companies before (see google adwords cases for examples).  The courts have sided with the plaintiff in the past.

I do agree this case likely has less to do with the slimey domain tasting tactics and more to do with brand ownership and shady registrar practices.

-David

OK - can someone produce a fact or two?

The lawsuit seems to - according to the CNET article - allege that a Dotster employee “Scott Fish” tried to sell a Nieman Marcus rep one of those typo’d domains, for $1000.

So was this Fish guy was an employee a Dotster employee, or - as is more likely, an employee of the typosquatter / domainer / kiter or whatever that entity likes to call itself?

Suresh,

http://www.scottfish.blogspot.com/ ??? ;-)

-david

I’m skeptical of that statement.  My guess is that something else was said or that the statement was misinterpreted.

I will obtain permission to post the audio from the mp3 of that session, then.  The simple fact remains that each and every one of these domain names was monetized by Verisign Sitefinder quite some time ago without objection.  Not a single trademark claimant on the planet objected.

You may want to review this recent federal court decision on the subject of keyword-based advertising http://law.marquette.edu/goldman/merckmediplanreconsideration.pdf
Merck & Co. Inc. v. Mediplan Health Consulting Inc.
This internal use of the keyword “Zocor” is not use of the mark
in the trademark sense; rather, this use is more akin to the
product placement marketing strategy employed in retail stores,
where, for example, a drug store places its generic products
alongside similar national brand products to capitalize on the
latter’s name recognition.

I’m not sure I would characterize that as “siding with the plaintiff”.

The simple fact remains that each and every one of these domain names was monetized by Verisign Sitefinder quite some time ago without objection.  Not a single trademark claimant on the planet objected.

From September 15th until October 4th no one complained… meaning what?  Two weeks and a couple days is all we are talking about.  I imagine the situation would be different if SiteFinder was allowed to mature and begin to highly customize page results.

Nice case though—hadn’t seen that one yet.  I don’t have a firm opinion yet either way on the brand protection issue.  I was just pointing out that there is case history supporting protection for brands being used as keywords for their competitors.

-david

Two weeks and a couple days is all we are talking about.

Which is more than twice the length of time that a “tasted” domain name is registered.  By definition, “domain tasting” involves registration of a domain name for less than five days.

So, yes, you are correct.  Verisign monetized these same domains for longer than the defendants in this suit.

And, yes, there are several cases on the keyword issue, but far from a consensus result.

For some reason, if you walk into a store and say “I am looking for X brand”, you will be directed to a shelf where x brand sits among its competitors.  The point to the keyword litigation is to make trademarks “more powerful” on the internet by preventing cyberspace from operating like the physical world.

So, a website that is mostly setup to sell, say, a generic, unbranded toilet paper, is allowed to stuff words like “charmin”, “kleenex” etc into the keywords for their website, whether or not they actually sell those, just so that googlers looking for charmin and kleenex will come there instead?

The contours of fairness remain to be worked out.  However, the Geico v. Google decision drew a distinction between competitive ads which were merely triggered by a trademark search term, and ads which misleadingly indicated availability of the designated product.  Using a trademark in the context of a comparison, or in the context of identifying a competing product (e.g. if you like brand X, then you might want to consider trying brand Y) have always been acceptable.  The touchstone is whether use of a trademark fosters fair competition or sows consumer confusion.

But we have drifted far afield from the issues raised in this particular suit, which are fairly straightforward.  My interest in the subject here is simply what difference it makes whether or not “domain tasting” is involved, because the issues in the suit revolve around typosquatted domains, and not the manner in which they were registered.

John,

Well the complaint states:

31. Plaintiff’s are informed and believe and on that basis allege that Dotster was both the registrant and the registrar for the Dotster Domain Names

They continue to state that Dotster uses this position to register domain names and place ads on the pages whereby they return them after 5 days.  They also state that Dotster registers these domains in without valid whois data and without a customer request for the domain in violation of ICANN terms

They then state that this system is structured in a way to direct email to Scott Fish at a private gmail account where he handles transactions to sell domains on behalf of revenue direct with checks and paypal being sent to revenue direct or mailed to the Dotster HQ in Scott Fish’s name.

So these are some strong accusations, but in regards to the domain tasting bits, while they are pretty damning in and of themselves, it’s not the focus of this complaint.

-david

John,
It’s clear you’re the lawyer between us two :)

A few clarifications:
1) I have re-read my post, and see the single sentence about “registrars” which is in error as you pointed out - it should read “registrar”.  You should note that everywhere else in my post, I have consistently referred to the registrar or registrant and not a larger group.  It’s unfortunate that you mis-read this error as something much more “motivated”.
2) You say, “In other words, the mere fact that these names were used in “domain tasting” is orthogonal to the fact that they are typosquatted names.”
+ I agree with the orthogonality.  Fact remains that the generation of these names, along with thousands of others, have recently been amplified by automated programs made possible by the economic value of domain tasting.
3) If you read my profile, you’ll note that my posts and opinions are my own and not motivated or paid for by my employer (a registry).  You should stop implying that I am somehow a shill for registries.
4) You say, “Are you suggesting that someone, somewhere, would have a legal objection if I decided to run an algorithm that tested, say, every unregistered 9-letter sequence, so long as that algorithm was somehow run through a trademark string filter (as indeed some are attempting to do)?”
+ Read the last paragraph of my post.

It would be interesting to find out if the registrant had attempted to register other NM typos and deleted some in the CGP because they did not monetize.

I believe that domainers and their registrars will modify their tasting algorithms and practices as a result of this lawsuit, regardless of its outcome.

I believe that domainers and their registrars will modify their tasting algorithms and practices as a result of this lawsuit, regardless of its outcome.

Agreed.  It is not a simple task, though.  A common word like “shell” can of course refer to the exoskeleton of a mollusk, or it can be a trademark for an oil company.  In the United States alone, there are approximately 2M registered trademarks, hence determining on an automated basis whether (a) a character string is a trademark or a typo of a trademark, and (b) whether the term is susceptible of non-infringing use (e.g. “shell”), on an automated basis, cannot reliably be done (particularly as concerns criterion (b)).  Of course, then one must consider that most of the world’s 120-odd countries do not have electronic databases in which one can even determine whether a character string is subject to a trademark claim.

Ram, you know that I have the greatest respect for you, and did not mean to imply you were “shilling” for anyone.  It just struck me as odd that the headline suggested “domain tasting” was the target of what seems to be a fairly run-of-the mill cybersquatting lawsuit. 

Concerning the “damning allegation” of domain tasting noted above, there are, as always, two ways of looking at that.  Domain tasting is not illegal.  Some people have strong opinions about it.  Personally, I believe it is horrendously inefficient.  However, the cybersquatting act refers to “bad faith intent” to register trademarks as domain names for the purpose of profiting from illicit use of the trademark.  If the search algorithm is based on, for example, a feed of character strings from a search engine, and then fed into a check of domain availability, then the problem is “where is the intent?”.  If the “intent” was to find domain names that may have type-in value based upon “things people type into a search bar”, and not an intent to register trademarks as domain names per se.  In this particular case, though, the sale negotiation does not make for a pretty picture.

Oddly, one of the principal plaintiff’s attorneys in the suit against Overture, which also relates generally to the subject of keyword advertising, has himself profited from selling search engine input data to domainers, but that is a story for another time.

John, you’re fun to chat with - more so because you are very clued into this issue!  Regarding the title, it’s because I believe domain tasting practices overall will go under review at all players - the title could have been more specific to the lawsuit itself, but the real interest for me was my intuition that this run of the mill cybersquatting lawsuit has implication(s) on tasting.

On a tangential note - reg. your thoughts on diminishing returns game - do you expect tasters to move to other TLD extensions one by one based on ROI?

Most domainers are pretty religious about .com.

As you know, “domain tasting” would cease the moment that a registry made its TLD zone server error log avaiable.  TLD zone server operators know full well which unregistered domain names receive traffic.  Domain tasting is merely an inefficient way to attempt to obtain data which the registry already has.  There are a number of models by which a registry could make the error log data available on a profitable basis.  If a registry decided to do that, domain tasting would stop.

On a related note, as one sponsored TLD official has conflated the issues of dropcatching and domain tasting, it is worth noting that commercial email providers such as AOL, Earthlink, etc. do not allow the immediate recycling of email addresses, since it is a recognized security hole.  If there is a perceived problem arising from the immediate re-registration of deleted domain names, it is a problem that can be entirely solved between ICANN and the registries by amending the relevant contracts to require a “cooling off” time before the registry can profit from re-selling the same domain name.

That, of course, would cut into the two principle revenue streams for the registries, and is not as much fun as pretending the “solution” lies with controlling someone else’s behavior.

I know both sides on the NM v Dotster, so I must refrain from comment on the case specifically.

In any event, quite literally making a federal case out of the issue is something that draws attention to the practise.

I understand that there will be talks and a workshop at ICANN meetings in Morocco about this particular issue.

Ram, I know that you presented this to the Registrar Constituency in Wellington.  I hope that you will be participating in this workshop in Morocco.

Jothan,
Did not know of the workshop - if invited, I’ll participate, if not I’ll listen from the audience pews :)

Speaking of kiters and spammers ..
http://www.vnunet.com/articles/print/2157582

Domain ‘kiting’ threat on the rise

Scammers using ‘disposable domains’ for criminal gain
Matt Chapman, vnunet.com 05 Jun 2006

The proliferation of temporary websites being set up by criminals is a growing threat, according to web security firm MessageLabs.

“Disposable domains are becoming a larger problem via a tactic known as ‘domain kiting’ in which cyber-criminals acquire domains without paying for them and use them for illegal gains,” said Mark Sunner, chief technology officer at MessageLabs.

Domain kiting registrars create small websites crammed with links using domain names for which they do not pay. They generate money when innocent surfers land on the page and click on the links. The scam takes advantage of the domain name system’s five-day refund period.

Despite this practice, the monthly MessageLabs Intelligence Report found that the overall threat levels for May remained relatively stable.

Malaysia saw the largest increase in virus attacks during the month, with one in 15 emails carrying a piece of malware. But the worst hit country was still India, which saw one in 9.6 emails infected with a virus.

Hong Kong and Israel were the most spammed countries, with junk mail levels running at 64 per cent.

Sunner explained that the spam threat is now worse because the technology to take control of users’ PCs had moved on.

“Cyber-criminals have become more adept at harvesting infected computer address books and using simple techniques to amplify their reach,” he said.

“This has turned the traditional botnet or zombie into a virtual spam cannon capable of blasting out millions of emails a day.”

MessageLabs found that the global ratio of spam in email traffic in May from new and unknown bad sources was 57.9 per cent. This translated as one in 1.7 emails and is an increase of 0.6 per cent from April.

Meanwhile, the global ratio of viruses in email traffic from new sources was one in every 67.1 emails, a decrease of 0.3 per cent from April’s figures.

Permalink to this story
http://www.vnunet.com/2157582

Where is the connection in this article between domain tasting and spamming?

Why would it be any more advantageous to spamvertise a tasted domain than a paid-for domain?

It certainly sounds interesting.  It would be nice to hear one example of a domain name that was registered for less than five days and used for a criminal activity, but maybe I’m too dense to understand where this article explains how that is happening.

John, density is defined as a measure of how much mass is contained in a given unit volume (density = mass/volume).  Put simply, if mass is a measure of how much ‘stuff’ there is in an object, density is a measure of how tightly that ‘stuff’ is packed together.

It may be a good thing if you are dense!

I guess the idea behind this article is that if you are a spammer and want to have fun, you can register a domain name, send spam merrilly for 4.95 days, delete in the 0.05 day (get the refund), and repeat.

This then implicates either the registrar as a spammer, or their reseller as a spammer - since I know of no registrar who makes the 5-day grace period available to any old registrant.

Spammers have been spamming using brand new domains for quite some time (months, at least) - and in some cases, in active collusion with registrars and resellers / setting themselves up as resellers.  Creating thousands of throwaway domains at a time.

A few things contributed to this -

1. Update of the whois db only twice a day, while a newly registered domain would show up in the root servers and be available within minutes of registration.  So - a domain. But no information on who the owner is.

2. Botnets and their need to be quickly mobile (so they stopped hardcoding IPs into spam URLs, and they stopped abusing dynamic DNS for this after the DDNS providers cracked down hard).  So most botnet spammers use brand new, throwaway domains for everything from sending email to hosting nameservers, webservers, etc for their spam campaign, on brand new, throwaway domains.. and keep changing these domains around.  Right now .. another disturbing trend is all these NS, www, mail etc hosts used by botnet spammers are themselves hosted on trojan hosts.

3. Domains are cheap enough at $10 retail .. compared to the return spammers get.  But spammers thrive on spending as less as they can to maximize RoI .. preferably by ripping off others’ resources.  And they send out millions of spams, delivering email to a fraction of a percent of those addresses, out of which an even tinier fraction actually buys their product.  They still make millions.  See the recent cases of spammers Jeremy Jaynes and Ryan Pitylak for example.

Spammers dont need a domain for more than a day or two .. and all the return from a single spam campaign comes in the first few hours of the spam being sent out .. tailing off after say two days. 

Tasting provides them a great way to get their domains for free, for those three or four days, instead of paying $10 a domain retail (or far cheaper wholesale when they get themselves resellership).

Hmm, that should mean that ORG and INFO and MOBI should be less attractive targets since we update Whois in real-time.

How does one actually validate if this is a true hypothesis?

Well .. we run one of the SURBL URI blocklist zones (http://www.surbl.org) and we pick up something like 800..1200 brand new domains a day that are referenced in spam. I havent done a real deep study but pulling out whois records for random samples from those domains over a long period gives me a few ideas of what’s going on.

The whois is often next to useless .. I dont expect spammers to give accurate whois, so its usually something totally fake, with contact information being a UPS store / Mailboxes ETC / some nonexistent street address in a foreign location .. or they use the domain whois cloaking facilities that most registrars provide.

com and one or two ccTLDs used to / still update whois only twice a day and those two were popular.  And .biz etc were popular (still are) for a different reason .. any domain would when created almost instantly appear in DNS, instead of waiting several hours.

In any case the throwaway domain problem is very real, and cloaked whois services, and tasting, are being massively abused by these people as well, not just typosquatters.

This then implicates either the registrar as a spammer, or their reseller as a spammer - since I know of no registrar who makes the 5-day grace period available to any old registrant.

Correct, which makes the entire works readily traceable.  I’m not sure that people understand that one needs to have sufficient credit with the registry in order to participate in domain tasting.  To register 50,000 domains in .com, the registrar needs to float $300,000 at Verisign.  The notion that someone is floating that kind of cash (on which Verisign collects the interest, btw) in order to remain ‘untraceable’ as a spammer is unrealistic.

One doesn’t even needs a domain name to do all sorts of untoward and illegal things on the internet, and the notion that criminals use real whois data - whether the domain name lasts 5 days or 5 years - is a chuckle.  Most spam is sent with forged “from” addresses anyway. 

See the recent cases of spammers Jeremy Jaynes and Ryan Pitylak for example

They weren’t using domain tasting, so the relevance is… what?

Various things routinely are floated in the domain tasting discussion - cybersquatting, phishing, spamming - none of which have been documented in connection with domain tasting and all of which exist independent of domain tasting.  There are plenty of reasons to dislike domain tasting on its own merits, but this notion of having to tie it together with various boogeymen makes me believe that next we’ll hear that domain tasting promotes illegal immigration, terrorism, and attacks by wild bears.

The bottom line remains that ICANN is projecting a 30M budget within a very short time frame, and SOMEONE is going to have register a lot of domains in order to support that budget.

In any case the throwaway domain problem is very real, and cloaked whois services, and tasting, are being massively abused by these people as well, not just typosquatters.

Suresh, can you document a single tasted domain used to send spam?  I would be interested to see that.

For us, the real problem is one of customer confidence and customer support. We are getting almost daily complaints from customers due to this practice - usually some issue around a domain name that’s available and then gone shortly afterwards. Sometimes they claim that our systems suck because we said a domain name wasn’t available but they went to Registrar B and were able to register it there. Or even worse, accusations that we are somehow involved in selling domain name queries to a third party as part of some kind of extortion scheme.

Investigating these complaints and trying to explain them to customers (or lost customers) is costly, both in terms of resources and in terms of consumer confidence.

What’s really sad is that this practice can be easily stopped by either the Registries or ICANN, but neither have taken any steps to do it. We have discussed it at length with both, most recently focusing on ICANN, and have gotten no where. That something like this would have to go through the Policy Development Process to get corrected is discouraging, especially when both registries and ICANN have the ability to stop it under existing policy.

when both registries and ICANN have the ability to stop it under existing policy

That is debatable. For a publicly held company to define a revenue net-positive practice as “abusive” would not be responsible.

Certainly the entire practice can be avoided by providing an alternative means to obtain the data that domain tasters are seeking.

The problems that you mention, unlike some of the other bogeymen, are indeed real impacts of domain tasting.  I wonder if anyone has done any analysis of how many names, at any given moment, are on the five day “float”.  Based on a casual glance at daily nameserver change data, I would guess somewhere between 700K to 1M.

For a publicly held company to define a revenue net-positive practice as “abusive” would not be responsible.

That, in a nutshell, is why abusive cost-shifting practices like spamming and industrial pollution ultimately require government intervention.

As it stands, the whole “domain tasting” game is another exercise in abusive cost-shifting. If we had any representative form of Internet governance, our representatives would have stepped in by now and put an end to this state of affairs. Those who want to “taste” domains should do so at their own expense rather than obtaining a free ride off those registrants who actually pay for their domains.

I don’t understand the “free ride” argument at all.  If Joe tests 100,000 domain names, and keeps 10,000 of them, then he’s paying $60,000 to the registry.  How on earth is that cost-shifting.  Indeed, having to keep a credit of $600,000 at Verisign in order to test 100,000 domain names, then at 5% annual interest, he is paying $82 per day in lost interest to Verisign.  That’s $410 over five days to Verisign for handling, what, 300K data items?

So, in that scenario, Verisign makes $60,410 in five days, and you call it “cost shifting”?  You think Verisign is losing money on this? 

Tell you what.  Hand me $600,000 for five days, and we’ll talk about who is getting a “free ride” from whom.

I’m not sure that it is generally understood what the requirements of this game are.  The registrar HAS to have a sufficient account with Verisign in order to engage in domain tasting.

And, looking at what Verisign makes on the financial float, kindly consider that at $6.00 per year, a domain name costs a little over $.016 per day.  So, maintaining a credit of $600K at a 5% annual interest rate for five days is the equivalent to registration of 25,000 domain names.

The notions that it is cost-free to the taster, or cost-shifting at Verisign, are absurd.

So domain kiters are handing that 600K for five days to VRSN out of the goodness of their hearts?  Or just for the pleasure of pumping up VRSN’s balance sheets? 

If kited domains account for over 90% of registrations, that is surely not the case.  The effective investment is the few cents per $6 that VRSN earns in interest (5 days interest on $6 per kited domain).  And the RoI on that pittance is probably massive, or domain kiters wouldnt be as hyperactive as they currently are.

In fact, if as John Levine says, this was an ad hoc decision by an ICANN staffer which then slipped through the board without anyone noticing, ICANN might want to find out which staffer it was, and see if they can’t dispense with his or her services, fast, for evident lack of judgement.

John, I feel like I’m stating the obvious, and I hate doing that, but I suppose it’s necessary to mention the elephant standing in the corner of the room now and then.

I don’t understand the “free ride” argument at all.  If Joe tests 100,000 domain names, and keeps 10,000 of them, then he’s paying $60,000 to the registry.  How on earth is that cost-shifting.

The registry costs are 100,000 name additions and 90,000 name deletions, for a total of 190,000 registry transactions against revenue of $60,000. Total revenue per transaction approximately $0.32. Contrast this with the person who only registers names the old-fashioned way—with intent to use the name. For each domain there is one registry transaction: the addition of the name. Each name generates revenue of six dollars. Total revenue per transaction: six dollars, which is nineteen times that of the domain taster.

Counting registry deletions may not be entirely fair, so let’s dismiss registry deletions as “cost of doing business” as an alternative model. Fairness in this area would require a slightly more sophisticated pricing scheme at the registry level, but I won’t go into irrelevant detail lest I sidetrack the discussion. Even if we only consider registry additions as cost-bearing transactions, the domain taster in your example pays only for one in ten of his additions, whereas the “traditional” user pays the full price for each one.

The point is that a registry transaction costs the same amount (from the perspective of the registry) whether it has a long term effect, or whether it is undone shortly thereafter by an opposite transaction. In terms of pricing, however, the short-term registrations are free, and the long term registrations are not. Thus, the pricing structure results in the long-term registrants subsidising the short-term registrants, and that is unfair, abusive cost-shifting.

Suresh Ramasubramanian said:

In fact, if as John Levine says, this was an ad hoc decision by an ICANN staffer which then slipped through the board without anyone noticing, ICANN might want to find out which staffer it was, and see if they can’t dispense with his or her services, fast, for evident lack of judgement.

You and John L. are entirely correct.

I was on the board when the matter of grace terms came up.  And the only kind of grace term that was raised was “Redemption grace”, i.e. the mechanism to help folks who forgot to renew on time.

The “Add Grace” was never mentioned, not even hinted at.  Add Grace, which is the hook on which all this stuff hangs, is a creation by ICANN’s staff.

There is a bit of a prelude in that the EPP work done in the IETF enumerated a range of grace periods.  The IETF, in an effort to be technically complete, described an “add grace” mechanism.  But that hardly translates into a mandate by the board to ICANN’s staff to turn that into a policy and contract term.

As for firing those who did this bit of unauthorized creation:  In my final report to ICANN’s board I pointed out that it was my business judgement that ICANN’s choice of law firm should be reconsidered and that perhaps ICANN should also inquire whether it had grounds to seek legal redress against its current firm.  As far as I know ICANN’s board has never considered, much less acted upon, that recommendation.

So, Karl - was pushing “add grace” through a creation of ICANN’s staff?  Or ICANN’s law firm?  And why fire the law firm for a staff decision that was probably made in all good faith at that time?

In response to Suresh Ramasubramanian question:

“was pushing “add grace” through a creation of ICANN’s staff?  Or ICANN’s law firm?”

Is there a difference?  There may be a thin, translucent layer of insulation now, although I’m not sure there is.

However, back during my term staff and JDRP were as interfused as scotch and soda - there was no line.

One of ICANN’s great problems is the degree to which it is a marionette created by, controled by, and plied, beneath the sheets, by JDRP.  JDRP yearly sucks millions of dollars out of ICANN in the form of legal fees (and thus out of the internet community.)

When I inspected ICANN’s financial records I was shocked to discover that ICANN was accepting invoices from its largest creditor, JDRP, that were one-line summaries, “for services rendered” amounting to often well in excess of $100,000 per month.  So there was no way to tell exactly where JDRP was poking its fingers except by inspection of the ancillary billings, such as travel expenses (quite high) that indicated that JDRP people from Cleveland and DC were making an amazing number of short trips to Marina del Rey and lots of other places around the world.

When ICANN tried (but failed) to form the independent review panel it was a JDRP person who shepherded the effort (she worked very, very hard to try to bring it to fruition.)

The thing of presumptive renewall - not a creation of ICANN -instead a creation of a private negotiation between ICANN’s founder at JDRP and Verisign.

So to be asked to draw a line of demarcation between acts of ICANN’s staff and acts of JDRP is like drawing a line beween twilight time and night time.

Thus, the pricing structure results in the long-term registrants subsidising the short-term registrants, and that is unfair, abusive cost-shifting.

Considering that the registry fee is orders of magnitude above cost, I would guess that you are against any sort of volume discounts offered in any line of business.  The cost of delivering a letter to your mailbox is the same for any piece of mail, but somehow bulk mailers get a discount on postage.  Que’ lastima.  Verisign has a tremendous amount of discretion to stop “abusive” use of their system, and Verisign has repeatedly declined to discuss numbers in three successive RC discussions on the subject.  As long as they are profiting from the practice - by a single penny - it is not “cost shifting” in any sense of the word.  All you have established is that their profit margin per unit is lower for volume purchasers.  That is normal in any business.

The notion that “add grace” was some nefarious plot hatched by JDRP lawyers also neglects the actual history of the provision.  The intent was apparently to address a situation in which a registrar’s software goes haywire and accidentally registers domain names which were not ordered.  The problem is that the clause does not reflect the intent, and that the contract includes an integration clause that precludes reading some external “intent” into the contract.

Karl A’s objection that it was “never” before the board appears to neglect the fact that Karl A was no on the board when the five day non-payment provisions were written into section 5.4 of the 1999 Registrar License Agreement, which was Appendix B of the .com registry agreement.  During Karl’s term, the board considered revisions to the 1999 Registry Agreement.  So, no, Karl was not on the board during drafting of the 1999 agreement, was quite obviously not involved in the discussion of the actual intent of the provision, and apparently believes it was slipped in through the back door to enable “domain tasting”.  The add/grace provision was merely meant as an error correction mechanism to avoid bankrupting a registrar over a piece of broken software.

The “Add Grace” was never mentioned, not even hinted at.  Add Grace, which is the hook on which all this stuff hangs, is a creation by ICANN’s staff.

hint:

http://www.icann.org/tlds/agreements/verisign/registry-agmt-appc-16apr01.htm
There are four grace periods provided by the VGRS Shared Registration System: Add Grace Period, Renew/Extend Grace Period, Auto-Renew Grace Period, and Transfer Grace Period.

Responding to John Berryhill:

You suggest that those who are using the 5-day grace period deserve to pay $0.00 as part of a volume pricing discount.

OK, then how come registrars, particularly large ones, don’t also get a quantity discount to the same level, in particular $0.00, for their non-5-day registrations, which are, at the time they occur, are indistinguishable from the 5-day registrations?

There is a provision for bulk transfers buried deep in the contractual appendices but those are for the bulk transfer of registrar assets and must be done with explicit ICANN approval.  That’s clearly not the case with these 5-day tastes.

Let’s start getting a bit more precise about things.

The thing I’m calling “add grace” is really a cluster of four distinct grace periods called “add grace”, “renew/extend grace”, “auto-renew grace”, and “transfer grace”.

These, I believe, first appeared in the April 2001 contracts.  I was very much on the board at that time.

(By-the-way, I voted against these contracts because of procedural flaws - the contracts did not have the green light from the DNSO that ICANN’s bylaws required, and I found that the contracts as a whole were rather bad - for example, the presumptive renewall mechanism was introduced here.)

So I was in a perfect position to observe what the board was told and what it was not told.  These grace provisions were rather deeply buried among several hundred pages of the 25 appendices to the contract itself.  These periods were never once highlighted to the board, much less discussed by the board.  ICANN’s staff never took the board on a detailed walk through of its provisions and their implications.  Yes, board members should have read the contract and its 25 appendices (I did and I think I may have been alone in that regard.)  During this time, ICANN’s “staff” was visible to ICANN’s board through four faces - Stuart Lynn, Louis Touton, Andrew McLaughlin, and Joe Sims.  Of these, one was ex-JDRP [now returned to JDRP] and one other was, and still is JDRP.  Virtually all contract work was done by those two JDRP related people with the assistance of JDRP associates and partners.

As for the notion that these “grace” periods are to repair errors - OK, I’ll take your word that that is their purpose - but can you really say with a straight face that these millions of short-term registrations are to repair errors?  Any system in which the ratio of non-errored transaction to errored transactions is on the order of 1:200 is a system that is incredibly flawed.

Going further back in time, to a time before my term began - I’m looking at section 5.4 of the the earlier, 1999, registry-registrar agreement that you reference - and to my eyes it is clearly a provision intended to deal with deadbeat registrars who don’t pay rather than something to correct errors or provide anything even close to the “grace” periods of the 2001 contracts.

The “redemption grace” mechanism came in somewhat later (March 14, 2002).  I was on the board at that time as well. (I voted to add this kind of grace period.)

.By-the-way, it appears that Appendix G of the 2001 contracts superseded the section 5.4 of the 1999 agreement.

John Berryhill says:

Considering that the registry fee is orders of magnitude above cost….

This has been a persistent and inaccurate rumor, and is incorrectly stated here.  At least for mid-size registries such as the ones I am responsible for (~7mm names), this is not close to being true.  There is a reason why even in the uber-competitive .net bid (with the exception of my employer) no registry bidder, including those with deep pockets such as DENIC, or VeriSign, offered a price below $3.50 (my employer bid around $3).  [The “impartial” evaluators decided post-facto that price did not matter in the evaluation].

Perhaps significant economies of scale kick in when you are running 40 or 50 million domains like VeriSign does, but at the mid-level scale we operate at, there are very real costs that are certainly orders of magnitude higher than the $0.03 that I’ve heard bandied about.  And - given that .com has more “net-adds” per week than all other TLDs in the world combined - smaller registries such as .info have to offer aggressive pricing terms while matching the technical and operational strength of .com.  That .info has grown to 3mm names is because of this combination - it is not a low-cost endeavor.

The US postal service has in the past 7 years had to increase the price of first class mail from ~$0.29 to $0.39 (approx. 35% increase) because the total number of packages over which to amortize their costs has decreased quite dramatically (and, the bulk mail rates, while lower, have also grown commensurate to the drop in packages shipped).

Ram Mohan writes above:

“there are very real costs that are certainly orders of magnitude higher than the $0.03 that I’ve heard bandied about.”

I’m the source of that $0.03 calculation.  (There was actually another calculation as well that led to a somewhat higher number, but far below $1.00/year/name.)

I gave my calculations that led to that result.

Nothing you say rebuts my calculations or the assumptions upon which they are constructed.

I’d like to see you, and Verisign and others, publish to the world an audited statement of costs.  As a tied-and-and bound captive of Verisign and PIR I really deserve to know the cost basis supporting the fees that I am being required to (indirectly) pay every year.

(By-the-way, even if we assume your suggested cost of $3.00/name/year, Verisign would be getting $3 [soon to be $4] of monopoly profit out of every name every year, that’s still $200,000,000 year of pure, ICANN manna profit.)

Ultimately the answer can only be found by opening up the TLD space to large numbers of competitors who can bring new business models and methods into the stodgy old ICANN world of TLDs.

I am willing to stake my own personal $$ on the fact that you and Verisign have bloated operational costs - will you support my efforts to have my .ewe registry put into the ICANN/NTIA root so that I can (pun intended) compete with you with my free permanent registrations?

See
The .ewe Business Model - or - It’s Just .Ewe and Me, .Kid(s)
for how .ewe will work (hint, it obtains revenue from name management services rather than from yearly registrations.)

And how about giving IOD and Chris Ambler a chance with .web?

Most of your comments regarding new TLDs are out of my control or influence, so I have no comments on them, other than to wish you and anyone else who applies the best. I’ve welcomed the addition of new TLDs - each has potential to appeal to a specific audience.

I don’t understand how adding new TLDs will reduce the costs associated with running a registry, unless it’s the magic bullet of more competition always reduces prices.  More TLDs with fewer domains each will result in higher operating costs for both registries and registrars.  YMMV.

You suggest that those who are using the 5-day grace period deserve to pay $0.00 as part of a volume pricing discount.

I suggest no such thing.  Those who are using the 5-day grace period are paying thousands of dollars to the registry, on top of the interest the registry is earning on the float.  If I had a choice between a guy that was going to register 1 domain name a year and test none, and a guy that was going to test one million and keep a couple ten thousand, guess which guy is going to win the “valued customer” award for putting food on my table?

And as far as “deserve” goes, I don’t see where I am making any subjective judgments about which people are “good” or “bad”.

Let’s start getting a bit more precise about things.

The thing I’m calling “add grace” is really a cluster of four distinct grace periods called “add grace”, “renew/extend grace”, “auto-renew grace”, and “transfer grace”.

“more precise”=“distingushing among defined, different things”

“less precise”=“using vocabulary distinct from the contract”

For completeness, you had also mentioned the “redemption grace” period, but these various gracious things exist for distinct purposes, so lumping them all together and calling them “bad” is not a route to more precision.

The US postal service has in the past 7 years had to increase the price of first class mail

The USPS was brought up as an example of volume discounting.  Nobody is running around the country delivering the TLD zone in a fleet of vehicles consuming fossil fuels.  The cost of equivalent storage and data processing power, relevant to running a TLD registry, has monotonically declined for years.

Of course .com has economies of scale.  Compared to a thick registry, consider the fact that the registrars have to handle more data elements in .com than the registry does, and many of them do it on less than a $6 margin over cost.  That fact alone speaks volumes.

As for the notion that these “grace” periods are to repair errors - OK, I’ll take your word that that is their purpose - but can you really say with a straight face that these millions of short-term registrations are to repair errors?

To be precise, the “add grace” - the mechanism relevant to this discussion and which has the defined meaning in the contract - was intended as an error correction mechanism.  The point, which I apparently didn’t make clear enough, was that the way contracts work, Karl, is in accordance with the words printed on the paper.  Where there is an integration clause - i.e. a clause that refers to those words being the “entire agreement” - then the parties’ subjective intent is not relevant to interpreting the words on that piece of paper.

I did not say, with a straight face or otherwise, that domain tasting is being done as an error-correction mechanism.  What I did say was that the relevant contract fails to define add grace as an error correction mechanism.  The contract merely provides a five day initial repudiation mechanism.  Period.  The integration clause of the contract renders the historical reason for the existence of “add grace” in the contract - error correction - to be irrelevant to the fact that “add grace” is in the contract.

What was under discussion in 2001 were revisions to a contract which already included a five day repudiation provision.  Presumably, what was uppermost in the discussion at the Board level were the revised terms, and not things which had already been in it.

Tim Ruiz has noted some genuine concerns, but the bulk of the discussion about domain tasting revolves around tying it to “something bad” which is, in the bogeymen of cybersquatting, phishing, or spam, orthogonal to domain tasting (i.e. they exist independently of it) or else entirely unsubstantiated in the case of the “cost shifting” argument.

A lack of precison does not contribute to precisely understanding the impacts of the thing under discussion.  If the point is “I don’t like it so let’s find a way to get rid of it”, that’s a perfectly valid viewpoint.  However, there is no end to things of which someone, somewhere, has a subjective dislike.  Determining whether something is objectively harmful requires reasoned, fact-based, analysis though.  Railing at Jones Day is not an argument relevant to that type of analysis.

IMHO, further analysis of the concerns raised by Tim are more likely to be fruitful.  I also firmly believe that the minute Verisign is no longer making a profit on the practice is the minute which domain tasting will be defined as “abusive” under the registry-registrar agreement.

In comment #45, John Berryhill says the following in reference to me.

Considering that the registry fee is orders of magnitude above cost, I would guess that you are against any sort of volume discounts offered in any line of business.

No, I’m not. Many registrars do offer volume discounts in the sense that you pay less per year if you register for more than one year, and I have taken advantage of this offer from time to time.

But this isn’t about volume discounts. The grace period has absolutely nothing whatsoever to do with volume: it applies to a single domain just as readily as a thousand. It’s also not a discount: it’s a refund. What we’re talking about with the grace period is a time-limited refund policy, not a volume discount.

You also asserted “the registry fee is orders of magnitude above cost”—a fairly remarkable claim in and of itself. Even if it’s true, it doesn’t change the fact that long term registrants pay a much higher price relative to the costs they generate than domain tasters.

All I’m asking for is that domain tasters pay for domains in proportion to the running costs they generate. Your bluster about how a domain taster can generate more revenue than a low-volume registrant simply does not address this point. I don’t deny that domain tasters can be lucrative customers (if they actually keep a sufficient number of the domains they sample). The real problem arises when the registry adjusts its prices upwards to maintain existing profit margins in the face of rising costs due to massive refunds.

Many registrars do offer volume discounts in the sense that you pay less per year if you register for more than one year, and I have taken advantage of this offer from time to time.

...and many of them offer discounts based on number of domain names registered. 

Verisign is duty-bound to its shareholders to maximize revenue.  Looking solely at cost without considering the fact that domain tasters are keeping hundreds of thousands of domain names is an odd view of the world.  Verisign could reduce its cost to zero by discontinuing the registry entirely.

Even if it’s true, it doesn’t change the fact that long term registrants pay a much higher price relative to the costs they generate than domain tasters.

We’re going in a circle here.  That observation is true of any volume discount situation.  After enough ICANN meetings, a lot of airlines will upgrade your coach tickets, even though other passengers paid the same amount for their coach ticket.  I imagine that Verisign knows how to make a profit, even if the margin on a large volume customer is lower than a small volume customer.

You seem to want to draw a distinction between “domain tasters” and long-term registrants.  Domain tasters ARE long-term registrants, and they hold an appreciable percentage of all of the long-term .com registrations.  People who test-drive cars at a dealership are also known as “car buyers”.

What would be really fascinating to know, and which Verisign in all likelihood knows perfectly well, is the proportion of new .com registrations attributable to domain tasting.  My guess is that proportion would be substantial.  If you pay, today, to extend your single domain name for ten years, then for the next five years you are making absolutely no revenue for Verisign.  My goodness, if every registrant did that, then what, in your imagination, is Verisign going to do to make money for the next nine years?

There are two responses here, first to Ram Mohan and then to John Berryhill

First: (to Ram Mohan) You ask why new TLDs ought to reduce costs.  I’m not saying that the existing registries will necessarily incur lower costs through the presence of TLDs, rather I am suggesting that the competition for newcomers, people who are not yet locked into a given TLD, tends to change the way incumbent registries think.

The bigger thing is that new TLDs could adopt entirely new methods of business and operation.  For example in my .ewe plan I will publish no whois, thus saving $$ on systems and bandwidth.  Nor will I need the infrastructure to support the massive polling rates as registrars circle to catch names being dropped.  And since .ewe has no renewal cycle, those systems, and costs, are eliminated.  On the other hand .ewe would charge for things like NS updates, which today’s ICANN imposed business model makes free of charge.

I’d like to see a formal statement from Afilias to the effect that they support a policy on the part of ICANN that would open new TLDs to anyone, for a very low application fee (on the order of $50), with any business model, with only two provisos:

- that the applicant agree to operate its name servers in accord with published and widely accepted internet technical standards.

- That the applicant agree to publish a yearly statement from an auditor of its choice that indicates that the applicant engages in business asset preservation practices sufficient for the operator or a sucessor to revive the business should it fail or there be a significant natural or human disaster.

Second: (to John Berryhill)

You seem to be saying that those people who engage in all those millions of 5-day or less registrations are actually handing money to the registry for that 5 day period.  I have not seen any evidence that this kind of money transfer actually occurs.

I’d like to see evidence that this huge 5-day circlular cash flow actually occurs.

You are also making the assumption that Verisign is somehow like other business and is free to make choices about who is a “preferred” customer and who is not.

I believe that Verisign should be treated like a public utility - that should be the quid pro quo of its protected role over .com - and as such a utility, any discounting ought to be clearly tied to specific and concrete economies of scale.

As for the various grace periods - you had asserted that I was not on the board when any of them came to pass and thus not in a position to observe the actions of JDRP and the knowledge of the board.  I pointed out that, to the contrary, I was, in fact, on the board when every one of the various grace periods came into existance.

As for the belief that “add-grace” (and its three cousins) is there to repair errors: I never said that it was.  Rather I said that the existance of these things was never made clear to the board.

The thing about correcting errors is your assertion about that section 5.4 in the predecessor agreement.

As for integration clauses - I’m quite aware of integration clauses.  But words are never precise, and material not in the agreement itself can frequently be used to illuminate ambiguities, at least that’s the way it is here in California, where both ICANN is incorporated and where Verisign has its main place of business.

For example, the fee schedule in the current ICANN-Verisign registry agreement is silent whether fees can be different for different registrars or under different conditions.  So without considering external factors it is not possible to know whether such variable pricing (based on quantity of registrations) is permissible or not.

As for railing at JDRP - who’s railing?  I’m merely pointing out that ICANN’s staff and JDRP have, for much of the life of ICANN, been indistinguishable.

In addition, as an example of how ICANN’s strings are pulled by JDRP: The agreement in which the 4 types of start-of-period grace were added was a contract that was privately negotiated by a JDRP attorney, without any request to do so or direction from the board.  It was presented to the board as a nearly consumated fait accompli.

I’m skeptical of that statement.  My guess is that something else was said or that the statement was misinterpreted.

No need to guess, you can listen to it for yourself.

As promised:

http://www.johnberryhill.com/steele-drt.mp3

When the question was broadened to trademark violations generally, NM’s attorney was perfectly clear that for a registry to monetize typo trademarks is not a “use in commerce” of the mark, and not actionable.  What it boils down to is that it is okay for a registry to monetize trademark typos.  That’s what the “domain tasting” is all about - skimming the worthwhile names out of the unregistered namespace in the interval remaining before Verisign turns Sitefinder back on (and their shareholders are asking).

You seem to be saying that those people who engage in all those millions of 5-day or less registrations are actually handing money to the registry for that 5 day period.  I have not seen any evidence that this kind of money transfer actually occurs.

Then you are not looking.  First, the registrar has to have sufficient credit with Verisign.  That is required by the contract, and it is the reason why Verisign makes money on the float.  This was made crystal clear in the RC meetings with the registries in Argentina and in Luxembourg.

Second, domain tasters are actually handing money to the registry for the X% of those millions of registrations which they keep.  And that X% translates into tens of thousands of domain names weekly.  Domain tasters are simply harvesting domain names which hav the potential to return more than $6 per year in the same manner that one extracts a mineral from ore.

Here is the question, Karl.  This week N domains will be registered.  N=X+Y, where X are domains registered by people who are “good” and Y domains are registered and kept by domain tasters.  What would you guess is the ratio X/Y? 

If X/Y is less than unity, then do you seriously believe that there is “cost shifting” going on?  I have not seen any evidence that it IS less than unity, so where have you seen yours?

If you are talking about the money required to float the domain names for five days, what evidence have you not seen?  A registrar without sufficient credit at the registry cannot register ANY domain names.  A good overview, by a vocal critic of domain tasting makes it quite clear:

http://www.bobparsons.com/adddropscheme.html

How the add/drop scheme works – first they make a large cash deposit.
The registrars who participate in the add/drop scheme first make a large cash deposit with the VeriSign registry.

You are also making the assumption that Verisign is somehow like other business and is free to make choices about who is a “preferred” customer and who is not.

Well, golly, the ICANN Board just approved a settlement in which Verisign is expressly permitted to provide volume discounts.

John said:

Compared to a thick registry, consider the fact that the registrars have to handle more data elements in .com than the registry does, and many of them do it on less than a $6 margin over cost.  That fact alone speaks volumes.

I know of _no_ retail or reseller registrar who registers only domain names and does not upsell any other services, adding to their margins.  The domain name is merely the foot in the door with the customer.  My registry’s database size is roughly comparable to that of VeriSign’s thin one - the cost of disk storage may have gone down x%, but the volume of items stored has gone up 6x%.

While I am not familiar with the business practices of the several hundred registrars, I have to tell you I am shocked, shocked, that registrars are cost shifting the price of domain registrations from those customers who only register domain names but do not buy other services from their registrar.

Actually, Fabulous.com does not charge for any other services.  They offer domain monetization on a revenue-sharing basis with their registrants, but that is not an upsell to the registrant.

the cost of disk storage may have gone down x%, but the volume of items stored has gone up 6x%.

Hmmm… sounds like you need to start charging for domain registrations, because what matters is cost/unit.

Ah now you’re conflating several issues.  My case was not one of cost shifting, that’s a fight you have to pick with someone else.

In response to John Berryhill:

You say that some percentage of the tasting results in actual paid registrations.

Fine, but the fact that they pay for what they keep is irrelevant.

Your calculation of X/Y is also irrelevant, becuse it is not those registrations that are fully paid-for that are the issue - it is that 200 times larger number that are not paid for.

What you seem to continue to disregard is that the vast bulk of registrations do not last longer than 5 days and are done for free, or pretty close to free.

You claim that there is money on deposit in Verisign that pays for those - but I can hardly believe that there is so much money on deposit that it generates $6 (soon to be $7) in those 5 days for each of those sub-5-day registrations - Let’s see, $6 at 10% interest per year - for a week - wow, all of about one cent.

So the sub-5-day speculators, even using optimistic interest rates, are paying Verisign about $0.01 for something that even by my calculations costs 3x that much, and by Afilias calculations costs 350x that much, and for which we normal folks have to pay 600 times (soon to be 700 times) as much.

Such is the “gift” of ICANN unto the community of internet users.

Without going off into the irrelevant tangent of integration clauses - if we presume that the intent of the 4 graces was to correct errors then we see that the intented goal has been significantly overwhelmed by another practice that creates a substantial cost for the registry.

The contracts should be amended to require an actual, documented error to invoke any of the 4 graces.  Those who wish to speculate should be required to invest their money for a full term registration.

ICANN, however, simply does not have the body parts necessary to do that.  And thus we who do not engage in sub-5-day domain tasting have to pay for the enormous system costs incurred by Verisign to support that speculative fever.  We also suffer in yet another way that is very difficult to measure - the contamination of names due to past uses by speculators.

If we were not trapped captives in .com - and don’t try to argue that we can move, that would be to ignore the investment we have made in our net identities, think how much it would cost IBM to completely change over from ibm.com to ibm.foo - then we could walk away from Verisign.  But we can’t - not only because we are captives, but also because ICANN has imposed this system on every and all of the general purpose TLDs.

As they say in Boston - we are scrod.

if we presume that the intent of the 4 graces was to correct errors

Karl, we are talking here about one of them, not all four.  The periods were established to serve different purposes.

enormous system costs incurred by Verisign

Enormous?  How enormous?  I gather you have seen evidence that it is enormous.  Or do we operate under different evidentiary standards here?

Fine, but the fact that they pay for what they keep is irrelevant.

It is most certainly not irrelevant.  Those are registrations that would not be made otherwise.  You simply cannot wave your hand and make the revenue from the resulting registrations irrelevant.  The quantity of new, fully paid, registrations resulting from domain tasting is substantial, and it raises the question of who is subsidizing whom.  If you do not know the relative values of X and Y, then all of the talk about “cost shifting” is mere bluster.  I’m willing at least to say I don’t know, because we’ve been asking Verisign for the numbers for going on two years now.  You are willing to believe without evidence.  Faith-based policy is not appropriate for ICANN, although I do realize it has recently been applied to a TLD contract decision.

Those who wish to speculate should be required to invest their money for a full term registration.

No, that won’t happen.  What will happen is that a source of thousands of domain registrations per week will disappear, since there is no _a priori_ method of determining whether resulting traffic will pay for the registration.  Accordingly, Verisign will seek to make up the lost revenue somewhere.  Gee, I wonder where they will look…

I realize that there are people who do not understand the difference between domain tasting and dropcatching, which are two entirely different things, but if you want to talk about system load, then dropcatching is indeed a huge load that required substantial efforts to meet.  By comparison, domain tasting, which does not involve the rapid-fire repetitive, simultaneous, multi-source ADD polling involved in dropcatching, has to present a smaller “load” on the registry.

And, again, the entire issue would disappear overnight simply by having a mechanism to get at the .com zone server error data.  Verisign will not do that, and will not even sell it.  Ram also ignores that proposed solution.  Doesn’t it make you the least bit curious why?

In response to similar questions raised by Neulevel’s similar dabbling in a Sitefinder-like mechanism in 2003, the INTA community was promised a data analysis which, oddly, has never materialized:

http://gnso.icann.org/mailing-lists/archives/ga/msg00365.html

Responding to John Berryhill:

You say the 4-grace periods were established for four different purposes.

A couple of points:

  - Since nobody ever said to the board what these were for, everything having to do with purpose is speculation.  (Ah, that old integration clause thing again.)

  - However the plain language of all four covers four very similar situations, and uses almost identical language to do so.  Those four situation are all start-of-term situations, with the variation having to do whether the term is new, a non-automatic renewal, an automatic renewal, and a transfer.

Some of this short-term registration is based on the “add-grace”, but there is also the potential use of the two “renewal” graces by registrars who have in their contracts (such as Dotster) the right for them to continue a name after the original registrant has let the contract lapse.

As for Verisign’s costs:

The smaller part of operating a registry is the suite of name servers scattered around the world - that kind of thing can grow fairly easily with the installation of more copies of standardized equipment at more sites.  Maintenance is easy because any part can be taken down without significant impact on the totality of the name-server function.

The larger part is the registration system - it has to handle not only the transaction load but also the load as registrars circle waiting for names to drop.  That kind of system is much harder and more expensive to expand because it all centers on a database that is being updated very frequently.

If we look at the basic number of names in .com - on the order of 50,000,000 and assume that all of them are renewed once a year, we end up with a transaction rate of about 2 per second.  Even a fairly studly PC can handle that kind of transaction rate.  But when we throw on the 5-day load, we multiply that transaction rate by something on the order of 200 times - i.e. 1000 transactions a second.  That’s a quantum leap that changes the whole way the system is designed.  And its a fairly expensive change as well.

The 200x increase in transaction load also reflects onto the system that disseminates changes to the servers - it means that system has to disseminate, and that the name servers have to digest, about 300,000 updates (as a bulk update) to their zone file with every 5 minute update.  Because name servers can go offline for a few moments while doing this (as long as that offline time is not synchronized across all servers) this is a much easier problem than at the central database.  But it still implies more expensive communications pathways (many of us do pay for bandwith) and more complex systems with rather more sophisticated recovery procedures.

These system changes cost dollars, lots and lots of ‘em.

And who is paying for that change - not the folks who are generating that 90% part of the load.  Instead it is the less thatn 10%, the folks who do full-term registrations, who are paying for the entire system.

Those who end up retaining registrations rather than abandoning them after 5 days are paying their fair share, that’s why the fact that some speculators do that is irrelevant.

You say that if speculators have to pay for the full year that the 200x burden of short-term registrations will disappear.

Great.  That will reduce the cost of systems needed by registries.  And that means that we can deal with the question of what it costs for a registry to process a registration once the predatory load of the speculators has been removed.

I’m aware that this is different than the massive polling for the drop catching - but it isn’t isolated from tasting.  The tasting system causes 200x more names to be dropped, more chum into the shark infested dropcatching waters.

I’m not sure what you mean by the .com zone error data - Do you mean the queries that don’t ask a legitimate DNS question (usually because the name doesn’t exist) and get a negative response?

That kind of information can be obtained by statistical methods of traces gathered at internet choke points or heavily traversed paths - can one say Narus? (and NSA)?

An interesting twist is that there is nothing, beyond their very significant personal integrity, that prevents root server operators from occassionally “going recursive” on some portion of their traffic and generating such statistics themselves (and selling ‘em.)

Those who end up retaining registrations rather than abandoning them after 5 days are paying their fair share, that’s why the fact that some speculators do that is irrelevant.

Some?  Karl, it would be good to at least attempt to understand those whom you dislike.  Backing up a bit, do you understand the purpose and motivation of domain tasting - i.e. why it is being done?  The domain tasters are looking for domain names to keep.  It is not a matter of “some” of them keeping domains.  I’m not sure you understand the point of the exercise.  Domain tasters are retaining registrations in massive numbers.  When that continues, Verisign will adopt a position against it, and that will be that.  But I am sure that Verisign appreciates your concern with maintaining the threadbare margin they manage to eke out of running the .com registry.

While the notions that the .com registry fee is based on a “fair share” of cost, and that Verisign is some sort of charity, are quaint.  Domain tasting has been going on for quite a while.  In fact, if you look hard enough, you can find the practice bemoaned in a SnapNames newsletter dated October 2001, and the .com registry fee has remained $6 - the same $6 it has been for years.  It hasn’t taken a nickel out of the pocket of a single one of the “good” domain registrants.

By comparison, domain tasting, which does not involve the rapid-fire repetitive, simultaneous, multi-source ADD polling involved in dropcatching, has to present a smaller “load” on the registry.

John, they are different types of loads - not directly comparable.  Karl has it right in terms of load and bandwidth and host update volumes.

Reply to John Berryhill:

Of course I understand why the “tasters” are doing it - to make a buck.

And making a buck is OK ... OK as long as that making of a buck doesn’t generate costs that the rest of us have to pay.

And in this case those making a buck are generating a lot of costs that we have to pay.

Sure, I understand that the taste testers keep a large number of names.  But that number they keep - as we can see from their catch-and-release rate - is tiny as compared to the number they try out for a few days.  And absent hard facts it is hard to know what the ratio of those registrations is to registrations from folks who are not engaging in the tasting practice.

All I am saying here is that those names they toss back are not free from cost - there is a significant system cost in processing those registrations (and in processing the release transaction as well) and there is a cost in names that become damaged goods because of the way they are used by the tasters.

And that cost has to be paid from two sources: A) paid registrations and B) the accumulated interest on the registrar’s deposit held by the registry.

The latter, unless the deposits are large, doesn’t amount to a very large hill of beans.  And from what has passed during this dicussion the amounts on deposit seem to be on the order of $6 times the number of names a registrar may have in the tasting period.  That’s not large enough to generate the kind of return that is on par with the full period payment that the rest of us pay.

So, that leaves the bulk of the cost to be borne by those who pay for full term - whether those full term names are by speculators who are keeping a 5-day taste or by those who use names for the more routine purposes.

We have cost shifting - a subsidy of speculators - because those of us who are not participating in this 5-day frenzy paying a goodly chunk of the expense caused by those who are.

You keep asserting that these 5-day speculators retain “massive” numbers of names.  What do you believe is the order of magnitude of “massive”?  And where does that number, assuming you have it, come from?

As for Verisign being a charity - it isn’t.  But Verisign occupies a unique position over a large and captive customer base.  Verisign’s rights over .com are highly derivative and Versign is still, at the end of the day, merely an operator and not an owner of .com.  ICANN and NTIA ought to have been restraining Verisign’s understandible moves to capitalize on its position, but ICANN and NTIA are wimps.

Verisign does not “own” .com - it merely has a perpetual contractual right from ICANN to operate it under certain conditions.  And it is true that ICANN has given up just about every meaningful lever of control it had over Verisign (thanks to one of JDRP’s lawyers).  But that doesn’t mean that A) we can’t grind our teeth about those few remaining things where we can reduce the amount of screwing the net public receives from Verisign courtesy of ICANN and B) seek to have rights over .com rescinded from ICANN thus, in turn, rendering void Verisign’s role over .com (although it would leave a nasty lawsuit from Verisign against ICANN.)

We can continue going round and round, or we can agree that without hard numbers it’s really impossible to resolve this either way.

And we might be able to agree that ICANN has failed to obtain those hard numbers.

And I suspect we could agree that one path through this is to allow more TLDs with lots of new business models so that newcommers, those not yet locked-in, have a choice.

In fact some of those business models - like that of .ewe - might be based on a non-refundable fee-for-service model in which those who wish to speculate have to ante up enough non-recoverable money to cover the cost of providing the services needed to support them.

In comment #54, John Berryhill said the following in reference to me.

You seem to want to draw a distinction between “domain tasters” and long-term registrants.

I draw a distinction between obtaining something below cost, and obtaining something above cost.

If you want to play around with aggregates, then you can imagine figures where a domain taster is obtaining domains at a price above the cost. One can also imagine a domain taster who ultimately obtains services below cost, because his “keep” ratio is just so low. These thought experiments can be used to demonstrate the existence of possible problems, but in this particular case they have served only to create distractions, so I will abandon them.

My stance in this specific case is that no legacy registry should offer services below cost. This need not put domain tasters out of business: I only require that they pay a reasonable cancellation fee (sufficient to cover actual costs) rather than obtain service at no direct expense. In this manner, we can be assured that one particular subset of users aren’t driving the costs up for everyone.

You keep asserting that these 5-day speculators retain “massive” numbers of names.  What do you believe is the order of magnitude of “massive”?  And where does that number, assuming you have it, come from?

You can watch it happen by tracking dailychanges.com over the course of two weeks or so.  After a day or two, spotting the domain tasters is easy. 

For example, there is one nameserver which, today, accounted for 354,940 new names and 420,010 deleted names.  After a five day moving average, you can readily figure the “keep rate”. To register that many names requires a credit with Verisign over 2M.  Verisign keeps collecting the interest on that money as the taster keeps rolling through its algorithm.  If that is insignificant, then I’d like to visit that hill of beans of yours.  That party currently holds 2,037,016 names, and thus is paying over 12M per year to Verisign.  That’s one registrar.  Compare that figure with, say, ICANN’s budget.

You can compare those figures with, say, Yahoo.com, which accounted for 2,196 new, -382 deleted, and 2,060,894 total.

It’s not cheap or easy for domain tasters to run their systems either, so its not as if they are doing this for recreational purposes.  They are looking for names to keep.

And absent hard facts it is hard to know what the ratio of those registrations is to registrations from folks who are not engaging in the tasting practice.

Again, the facts are readily available by watching dailychanges.com, and the relative growth rates of names held over time.

We can continue going round and round, or we can agree that without hard numbers it’s really impossible to resolve this either way.

Agreed.  One thing we know for certain is that Verisign knows the numbers, and they are not in business to lose money.

These thought experiments can be used to demonstrate the existence of possible problems

Agreed.  My purpose in the discussion is to attempt to filter among possible problems from actual problems.  And if there is any doubt, I do know some folks who were domain tasting a while back but have discontinued it because, at least in their experience, the return was too low.  Maybe that was a function of their search input stream, and others have obtained different results.  I have also briefly consulted with some software developers who were attempting to build a “trademark filter”.  My personal belief is that the practice is ultimately self-limiting, as the unregistered namespace worth more than $6/year is eventually tapped out, if that hasn’t already happened.  The effective result of domain tasting has been that if Verisign turns on Sitefinder again, then the return to Verisign will not be nearly as much as if domain tasting had not become prominent during the ICANN/Verisign litigation.  This may lead one to certain conclusions about the proposed .com progressive cost increase in the settlement as a method to “recapture” that lost namespace for a future rebirth of Sitefinder. (pet theory alert)

Response to John Berryhill:

Lets make some calculations based on the numbers you give.

On a single day this example registrar (the term “nameservers” in the dailychanges reports is misleading) generates 354940 name registrations and has on deposit with Verisign a $2,000,000 deposit.

(I’m ignorring the drops - because every registration generates a corresponding drop or renewal within a window of no more than ten years.  So we can just use the registration as a synonym for a registration-drop/renewal pair.)

That deposit generates, assuming that its generate a return of twice today’s prime rate (8%), i.e. 16% compounded daily - for an annual return of about $347,000 which, if divided by the $6 registry fee amounts to a tad less than 58,000 full-term registrations.

In other words the registrar you cite is paying for 58,000 registrations but is generating costs for ... let’s simply extend that one day’s traffic out through the entire year - Over 129,553,000 registration cost instances.

That means that this registrar is generating registration transactions that cost over 2200 times more than the return generated on its deposit.

To cover the registration costs that it is incurring - assuming that $6 is the registration cost - then its deposit ought to be nearly $4.5 BILLION.

You could respond by saying “those less than 5-day registrations” don’t cost the registry the same amount as do full term registrations.  Perhaps they don’t, but given that the vast bulk of the overhead of processing a registration occurs at the registration transaction and the delete transaction and not in the carrying in the interim, then that difference is going to be quite small.

And you could say that the $6 amount is higher than Verisign’s actual costs.  I agree.  But none of us know Verisign’s actual costs but we all know that whatever it is it is a lot less than $6, soon to be $7.  And if that is the case then *all* of us ought to be paying a lot less.

I’ve been arguing that the actual cost is less than $0.035 - which is about 172 times less than the current fee of $6.  That would reduce the needed deposit for that example registrar down to a mere $26,000,000 - somewhat close to the number you say they deposited.  If, as you say, Verisign is not objecting to this practice (because it’s making a profit from it) then this would be evidence that my calculation of $0.035 would perhaps be near target.

The dailychanges reports are only partially revealing - it appears that there is a lot of transfer-based juggling between registrars (which causes yet more load and expense for the registry.)  And calculating a retention rate is difficult because an unknown portion of the drops are of previously retained full-term paid registrations that didn’t generate sufficient return.

By-the-way, internationalized domain names vastly expand the unexplored tasting space, so that may dash the hopes that this practice may have exhausted itself.

I’ve been thinking about Bob Parson’s plan - the $0.25 non refundable amount for all registrations - and compared it to your airplane ticket analogy.  It seems to me that those who want a registration with the full bells-and-whistles, including the 4-graces ought to be paying *more* than those of us who know what we want and know that we won’t be returning it.  So, just as a non-refundable airplane ticket may costs X and a refundable version costs perhaps 2X, a registration that doesn’t permit use of the 4-graces could cost Y and a registration that has the 4-graces option 2Y, where Y has some cognizable and direct relationship to the actual cost of processing a registration.

Karl, I believe the issue is certainly clear, and likely a lot clearer to the accounting department at Verisign, so you may have the last word on this thread, which has strayed far afield from the original article.  First, you asserted that interest didn’t amount to a hill of beans, and then you did your analysis on interest alone, as if none of the tasted domains are kept and fully paid.  You have to look at both halves of the loaf at one time. If you are correct that the registry fee is 220X the actual cost, then a “keep rate” of less than .5% pays the entire freight for a domain taster.  The bottom line remains that the registry fee has remained $6.00, and not a single other registrant has been paying the freight for domain tasting.

As far as tracking retention rates goes, yes it is approximate, but we are both clever enough to deduce a range of tasted/non-tasted deletions, particularly in circumstances where one sees a registration batch which amounts to a significant percentage of the registrar’s total domain count.  One can also estimate the background deletion rate from the daily counts of non-tasting registrars.

Concerning ccTLD’s, or other gTLD’s, the domain traffic business favors .com.  Again, the goal is to obtain commercially valuable traffic.  It is a vritual certainty that if you turned on your hobby registry today, you would not see domain tasting in .ewe.  Consumer behavior is such that the launch of new TLD’s actually increases traffic in .com, for the same reason that internet gaming companies will advertise their “free play” .net domain in the United States, instead of their “real play” .com domain to avoid running afoul of laws relating to gambling advertising.  These companies know fully well that promoting the .net domain boosts traffic to the .com domain.

Here is a link to the workshop that will be happening in Marrakech.

Comment to Jothan Frakes:

That gathering seems useful.

But there are some things that ought to be added to the agenda.

First of all, please don’t focus exclusively on “add grace” - it is merely one of four closely related grace provisions, each of which could be used to perform “tasting” at different times.

The contracts call these:

- add grace
- renew/extend grace
- auto-renew grace
- transfer grace

And it is not clear whether any of these are the precise hook that the tasters are hanging their hat on.

In other words, it would be useful to clearly identify what contractual provisions make these practices possible.

Second - One HUGE issue is how much it actually costs a registry to process various kinds of transactions.  It is surprising that ICANN established a rate in the proposed ICANN-Verisign contract without gathering this information.  So this gathering should require that the various registries clearly indicate their cost structures, in very fine grain detail - And I would not accept any excuses that that is their proprietary data: Too many important ICANN choices depend on accurate knowledge of those costs.

Thirdly: It has been asserted that this practice will be foreclosed when and if Verisign revives SiteFinder (and other registries follow suite).  Is that really true?

Fourth: It has been asserted that this practice is naturally dying out because all names have been tried.  However, is that really the case when we take IDN names into consideration?

Fifth, like airplane tickets that are refundable cost more than airplane tickets that are non-refundable, might it be useful to names that get the refundable benefit of the 4-graces at a higher price than those that might wish to forego those refundable terms?

Sixth:  Is there merit in Bob Parson’s proposal to require that some amount of money (he suggests $0.25) be retained when any of these 4-graces are exercised.  If so, should that fee be tied to the actual cost of providing the registry services utilized?

And it is not clear whether any of these are the precise hook that the tasters are hanging their hat on.

Why not try actually getting to know some of them?

Karl, I hope it is useful, too.  I was invited by ICANN to moderate this particular workshop session in Morocco.

I’ll likely have to bring an air horn and a stopwatch to keep folks on pace to cover the materials given our session length.  Actually, an air horn is not TSA approved, so perhaps a whistle instead.  Anyway…

This workshop could have had many, many, many topics, yet the session realistically has 2.5 to 3 hours to cover a lot of ground, so there was a necessity to try to get as much use out of that time as possible.  This made it necessary to really focus on three key areas:

1 Domain Monetization
Understanding what is going on in domain monitization is an important place to start this dialog.  The beginning of any reasonable dialog begins with some comprehensive understanding of the whole picture.

2 Add Grace ‘Tasting’
This thread of comment about Ram’s post explains volumes as to it being a timely topic to focus on.  The add-grace period activity that is occuring will be discussed.

3 Expiring Names
Many registrars are altering their Registration Agreements to allow them to retain ownership of the domain as part of seeking some form of remedy in the event of non-payment by the registrant.  Those domains are subsequently auctioned in some manner by the registrar.

It is a workshop, designed to help elevate awareness of the marketplace to all who attend, and there is a good diversity in the panels, so there will be great dialog happening. 

I encourage people to comment in the forum that ICANN has set up prior to 6/27 so that there is a good representation of public opinion brought in to the meeting.

Regarding the workshop, if there are circleid readers who wish to comment, it would work best if comments would flow through ICANN’s comment forum: post your comments to dn-market-comments at icann.org (remove spaces and replace the at with @). Comment archives are at http://forum.icann.org/lists/dn-market-comments/.

Jothan, I agree with you that monitization is an excellent topic. I recently made this presentation at NANOG under their “lightning talk” series. This is a smaller part of a much larger piece of research and I hope that you will examine monitization from the root on up. Cheers, -M<

So, a website that is mostly setup to sell, say, a generic, unbranded toilet paper, is allowed to stuff words like “charmin”, “kleenex” etc into the keywords for their website, whether or not they actually sell those, just so that googlers looking for charmin and kleenex will come there instead?

Not in Australia. In Australia a lawsuit between General Motors and Ford determined that a web site can not be stuffed with the trademarks of competing companies. The plantif argued that the practice should not be allowed: the defendent did not offer a defence. The result was a binding precendent (in Australia) that favours large well known companies at the expense of small unknown companies.

Remind me to buy the next aussie regulator I meet a beer.

Cracking down on some of the more unethical aspects of domain kiting (typosquatting, brand squatting in keywords or elsewhere) is something that needs to be done, and fast.