Domain Names

A Failed Whois Policy

ICANN's two-year effort to purportedly preserve the Whois public directory to the greatest extent possible while complying with GDPR has failed. Under the latest proposal, the Whois database, once a contractually-required directory of domain name registrants, will be gutted to the point of virtual worthlessness, as registrars, registries, academics, and hand-wringing others ignored the public interest and imposed ever-higher barriers to legitimate, GDPR-compliant access to registration data. more

Maximizing Qname Minimization: A New Chapter in DNS Protocol Evolution

Data privacy and security experts tell us that applying the "need to know" principle enhances privacy and security, because it reduces the amount of information potentially disclosed to a service provider -- or to other parties -- to the minimum the service provider requires to perform a service. This principle is at the heart of qname minimization, a technique described in RFC 7816 that has now achieved significant adoption in the DNS. more

The Suitable Defendant Rule: In Rem Jurisdiction under the ACPA

The Anticybersquatting Consumer Protection Act (ACPA) creates two distinct avenues by which mark owners may seek a remedy for cybersquatting. A person who is a suitable defendant under 15 U.S.C. §1125(d)(1)(A) is one over whom the court has in personam jurisdiction. However, if the mark owner is "not able to obtain in personam jurisdiction over a person who would have been a defendant" in the ACPA action, then "[t]he [mark] owner may file an in rem civil action against a domain name in... more

A Responsible Domain Industry Needs a Responsible Registrant Appeals Process

As the steward of .ORG, Public Interest Registry is committed to serving as an "exemplary registry" for the DNS. As part of that mission, PIR published our Anti-Abuse Principles last year that serve as our north star to address questions of abuse. As PIR has stated on many occasions, generally speaking, the DNS is not the appropriate place to address questions of website content abuse because of the blunt tool we as a registry have and the collateral damage that can be caused by suspending a domain name for a piece of content. more

Only Bad Actors Should Worry About the URS

With DNS abuse a topic of increased concern throughout the community, any controversy over adopting the Uniform Rapid Suspension System (URS) for all generic top-level domains (gTLDs) seems misplaced. The URS was designed as a narrow supplement to the Uniform Domain-Name Dispute Resolution Policy (UDRP), applicable only in certain tightly defined circumstances of clear-cut and incontrovertible trademark infringement involving the registration and use of a domain name. more

TLD Maintenance Significantly Improved With the New Registry Maintenance Notifications for EPP

Three years ago, the first Internet-Draft on Registry Maintenance Notifications for the Extensible Provisioning Protocol (EPP) was published, which will become a Request for Comments (RFC). The IETF Registration Protocols Extensions (REGEXT) working group is the home of the coordination effort for standards track EPP extensions. They released eight RFCs over the last couple of years, and they are currently working on more than 15 Internet-Drafts. more

How Will the New .AU Domain Licensing Rules Impact You?

The .AU Domain Administration (auDA) will soon implement new .AU domain administration licensing rules either late this year or early next year. These rules apply to new registrations and around 3 million existing domain names in the com.au, net.au, org.au, and more .AU namespaces... Previously, an Australian trademark application or registration may constitute the required Australian presence for an .AU domain name, but the domain name need not match the trademark. more

UDRP and the Law: Should Cybersquatting be the Default View?

I have returned to the subject of the title on a number of occasions and it is worth revisiting. Like judicial proceedings, the substance of disputes under the Uniform Domain Name Dispute Resolution Policy (UDRP) and Panel determinations are publicly available. The Internet Corporation for Assigned Names and Numbers (ICANN) mandates in its Rules that all decisions must be delivered to the parties within "three business days" of their receipt of the decision and posted on providers' websites. more

Uniform Rapid Suspension Not Appropriate for .com Domain Names

The Internet Commerce Association has been actively involved for the last four years on the ICANN Working Group reviewing the Uniform Rapid Suspension (URS) policy and the Uniform Domain Name Dispute Resolution Policy (UDRP). The Working Group is currently wrapping up its review of the URS. The UDRP will be reviewed in an upcoming second phase. more

The Countdown Has Started – Here Come One-Year Digital Certificate Life Cycles

Apple announced its decision to trust only one-year digital certificates on its Safari browser in February 2020. This decision created a domino effect, with Mozilla and Google following suit; certificate providers announced they would not issue two-year certificates after Aug. 19, 2020. We wrote an article in March to help brands to prepare for this change. more

Too Little, Too Late? Why ICANN's Proposed WHOIS Access System Isn't Worth It

After two years of grueling, complex and contentious debate, the ICANN EPDP team delivered its Phase 2 Final Report on July 31st, 2020. Unfortunately, and disappointingly, the policy recommended for the so-called "System for Standardized Access/Disclosure" (SSAD) fails to meet the needs of the users it supposedly is designed to benefit. more

A CENTR White Paper on Creating More Standardized and Streamlined Domain Registry Lock Services

CENTR has published a white paper separating registry lock services into two standardized models. This categorization and the included recommendations can help top-level domain registries (re)design their registry lock services. The aim of the paper is to reduce fragmentation in implementation between registries to explain the value of registry lock to domain holders more easily. more

Reasons Why You Should NOT Apply for a .BRAND New gTLD

There are two kinds of new domain name extensions: those dedicated to selling domain names through the network of accredited Registrars and those dedicated to a personnel use. I call these "dotBRANDs" or ".brand" new gTLDs since they are used - most of the time - by Trademarks for their own benefit. This article focuses on .BRAND new generic Top-Level Domains. In the ICANN vocabulary, these are "Registry Agreements with Specification 13". more

The EPDP Passed an Important Milestone… Now What?

This isn't the blog post I had hoped to write. When I signed up to participate in ICANN's Expedited Policy Development Process for gTLD Registration Data, I knew we had a lot of work ahead of us, but I was cautiously optimistic that we would, eventually, reach a successful outcome. Today, I find myself looking at things differently. After hundreds of hours and countless meetings and emails, Phase 2 of the EPDP's work has wrapped up with the delivery of our final report to the GNSO Council. more

Fraudulent Transfer: Recovering Stolen Domain Names

Either because of laxness on the part domain name holders or cunning on the part of thieves, registrars have been duped into transferring domain names to fraudsters' accounts. I discussed the matter last year in Recovering Domain Names Lost to Fraudulent Transfer. These cases are mostly filed in the Eastern District of Virginia, Alexandria Division, for the good reason that the registry for dot com is located in that jurisdiction and they are mostly recovered. more