I've always been a fan of co-ops. In New York, we shop at greenstar.coop and my wife banks at alternatives.coop, in the UK we shop at co-operative.coop. So when the .COOP domain opened, I wondered if I could get my own clever domain name, but found that chicken.coop was taken by a small producer co-op in the southern U.S. Drat.
Back in June I got a note from the .COOP registry saying that they were issuing new passwords for zone file access and I needed to confirm my contact details. Out of idle curiosity I took another look at chicken.coop and found that the small co-op had sold out to a large company that didn't look like a co-op to me. So when I sent in my contact details, I asked whether they still restricted registrants to co-ops, and if so they should take a look at chicken.coop. I promptly got a personal note from Carolyn Hoover thanking me for pointing it out, since they were clearly in violation of the rules.
Three days ago I got another note telling me that they'd finally revoked chicken.coop and it's available. (Some friends run a CSA that raises chickens, so maybe they can do a coop-cam.) It's nice that they finally did revoke the non-coop registration but it took six months, which I'd say was slow except that compared to compliance efforts by ICANN it's warp speed. And as far as I can tell, there's still no compliance process in .COOP other than tips like mine.
As ICANN and its contractors are slowly and painfully learning, compliance is hard, it's expensive, and it's only going to get harder and more expensive as time goes on. As has been well documented in the press, for a long time ICANN had no meaningful compliance process for bad WHOIS data. Then they set something up, but it was far too underpowered to deal with all the reports, particularly once Knujon started doing automatic reporting. ICANN is now mostly able to keep up with the reports, but now there's a second round of what to do when the registrars who get the reports don't act on them.
Last week ICANN sent out a press release saying that they'd sent out notices of contract breach to chronic problem registrars joker.com and dns.com.cn. But those registrars have been famous bad actors for years, and ICANN says the process leading to these notices started in November 2007, almost a year ago. That's still orders of magnitude too slow when registrations take no more than hours.
Contract compliance enforcement is hardly a new or obscure activity, and every ICANN contract that affects third parties (notably registry and registrar agreements) is going to need it. I don't have any brilliant ideas here, except that I wish ICANN would take advantage of other people's experience rather than reinventing this wheel from scratch.
|Cybersquatting||Policy & Regulation|
|DNS Security||Registry Services|
|IP Addressing||White Space|
Minds + Machines
Neustar DNS Services
Neustar DDoS Protection