News and Updates

Namecheap Reaches 10 Million Registrations - Ranks as World's 2nd Biggest Retail Registrar

DN Journal - Fri, 2018-09-07 19:46
Namecheap Founder Richard Kirkendall has had quite a ride since launching the company in 2000. NameCheap has now passed 10 million registrations to rank #2 among the world's retail registrars.
Categories: News and Updates

British Airways Issues Apology for Cyberattack Affecting Hundreds of Thousands of Customers

Domain industry news - Fri, 2018-09-07 19:42

British Airways issued an apology today after the credit card details of hundreds of thousands of its customers were stolen over a two-week period in the most serious attack on its website and app. Paul Sandle reporting in Reuters: "The airline discovered on Wednesday that bookings made between Aug. 21 and Sept. 5 had been infiltrated in a 'very sophisticated, malicious criminal' ... [British Airways] immediately contacted customers when the extent of the breach became clear. Around 380,000 card payments were compromised, the airline said, with hackers obtaining names, street and email addresses, credit card numbers, expiry dates and security codes — sufficient information to steal from accounts."

Follow CircleID on Twitter

More under: Cyberattack, Cybercrime, Malware

Categories: News and Updates

Cheers to ICANN!

Domain industry news - Fri, 2018-09-07 18:22

This essay is part of a series of posts CircleID will be hosting from the ICANN community to commemorate ICANN's 20th anniversary. CircleID collaborated with ICANN to spread the word and to encourage participation. We invite you to submit your essays to us in consideration for posting.

* * *

It has been 1.5 years since I have started my journey with ICANN. Within this short journey of mine, looking back I remember a nice memory that makes me love ICANN more and forces me to get involved even deeper.

I got to know about ICANN in the APNIC conferences. I didn't really get the enormity of ICANN until I attended my first ICANN meeting in Copenhagen, Denmark in March 2017 as a fellow. Along with all the fellows from all over the world, I was treated so special by all the prominent members of the internet industry. The honorable tag "Fellow" was sufficient enough to provide access to all the experts.

As a newcomer, the first meeting was way too overwhelming for me. I was having a lot of questions in my mind. Throughout the first 5 days of the meeting, I was introduced to ICANN constituencies and their type of work.

After having a lot of sessions with all the constituencies, at last, a platform had caught my attention which is called "Public Forum."

With a fearful heart, I approached the microphone and asked three questions which were really bothering me. Why Bangladesh is not a part of GAC, how can we arrange an ICANN outreach event in Bangladesh and my interest to work with SSAC closely. My questions were answered nicely by ICANN board and I was introduced to few people right at that moment who could help address my questions.

My second ICANN meeting was in Abu Dhabi, UAE in October 2017 as a fellow again. From my first meeting to second meeting, ICANN made a noticeable progress on the issues I raised. I provided an update on progress made to ICANN board in my very second public forum providing the evidence on how at ICANN my voice was heard.

I am very delighted that since my last ICANN meeting in Abu Dhabi till now ICANN moved further and progress is remarkable. It was never easy but ICANN didn't give up. My heartiest thanks to Mr. Samiran Gupta and Champika Wijayatunga for that. Now we have a member in GAC from Bangladesh. At the same time, ICANN is going to arrange an outreach in Bangladesh on 8th September 2018. Now I see my voice didn't only get heard but also got implemented and I can't wait to face ICANN board again in next public forum to thank ICANN with pride.

I feel really proud when Samiran Gupta from ICANN mentioned that "Afifa, we are here because of you, because of the comment you made in public forum".

I was really nervous that day. But overcoming the fear, approaching the microphone and raising my voice was very important for me that day. The thought that my comment impacted my entire Bangladesh in a positive way makes me smile.

Happy birthday dear ICANN. Although I won't be able to attend your 20th birthday. You have my best wishes. Counting on making many more memories together. Cheers!

Written by Afifa Abbas, Information Security and Governance Lead Engineer

Follow CircleID on Twitter

More under: ICANN

Categories: News and Updates

August’s top domain name stories

Domain Name Wire - Fri, 2018-09-07 14:04

Here’s a look back at August on Domain Name Wire. These were the top stories ranked by number of page views:

1. Betsy Riot trolls NRA Lobbyist’s wife with domain name – Anti-NRA gun control advocates successfully defended a domain name in a UDRP that they used to troll an NRA lobbyist’s wife.

2. Living as a Digital Nomad for a month – Many domain investors can live and work from anywhere. Here was my experience setting up camp in Seattle for a month.

3. sells as part of big domain name transaction – The seven-figure transaction included 10 domain names.

4. Allstate is no longer in .GoodHands – Allstate is giving up its .goodhands new top level domain name.

5. Former NFL player Shawne Merriman wanted, but panelist disagreed – His clothing company tried to get a domain name through UDRP.

And here are links to the three DNW Podcasts published during the month:

#199 – Crowdsourcing (domain) name selection – listen
#198 – New TLD Economics with Colin Campbell – listen
#197 – Top Domain Sales of the Year – listen

© 2018. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact copyright (at) Latest domain news at Domain Name Wire.

Related posts:
  1. Living as a Digital Nomad for a month
  2. Former NFL player Shawne Merriman wanted, but panelist disagreed
Categories: News and Updates

ICANN surveys domain registrants about trademark claims notices

Domain Name Wire - Fri, 2018-09-07 13:14

Survey is well-intentioned but is unlikely to provide good data.

ICANN is requesting feedback from domain name registrants about trademark claims notices from the Trademark Clearinghouse.

Domain name investors that registered new top level domain names are probably familiar with these notices. When you try to register a domain that matches a trademark in the database, you are presented with a notice that your registration might violate a trademark owner’s rights.

The notices don’t prevent you from registering the domain, but they certainly have a chilling effect on people trying to register the domain.

This is despite many of the notices not applying to the use for which the person wants to register the domain. Many of the trademarks are for common or dictionary words such as Texas and fire, and marks registered to game the system such as wedding, money and realestate.

The survey’s goal is to understand how domain registrants responded to the notices and their impact on registrations. The survey’s questions are dead on, but there’s a big problem with the survey: the typical person that tried to register a domain and saw the notice will be unaware of the survey. Even if they are aware, they won’t spend 15 minutes answering questions.

I suspect anecdotal evidence and data from the Trademark Clearinghouse is going to be more valuable than this survey. For example, there was the tech-savvy friend of mine who tried to pre-register a .app domain. He told me “Yeah, I tried to get that one, but there’s some sort of trademark thing on it.” He ditched the registration.

© 2018. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact copyright (at) Latest domain news at Domain Name Wire.

Related posts:
  1. How common words like Pizza, Money, and Shopping ended up in the Trademark Clearinghouse for new TLDs
  2. ICANN Extends Public Comment Period for New TLD Guidebook
  3. Four new top level domain name contracts signed
Categories: News and Updates

Donuts Holder of the Largest Portfolio of New TLDs Acquired by Abry Partners

Domain industry news - Thu, 2018-09-06 22:23

Donuts Inc., a global leader in new top-level domains (TLDs), has announced that it has entered into an agreement to be acquired by Abry Partners, a private equity firm. Terms and timing of the agreement are not disclosed. Donuts holds the world's largest portfolio of new TLDs, which includes a wide variety of names such as .LTD, .COMPANY, .CAREERS, .SUPPORT, .PHOTOGRAPHY, .CAFE, .HEALTHCARE, .SOCIAL, .WORLD, .LIVE, .TRAVEL, .FAN and .CHARITY. Kevin Murphy reporting in Domain Incite notes: "Not much info about the deal has been released, but one senses an ICANN alum's hand at the wheel. Former ICANN chief Fadi Chehade is a partner at Abry, having been initially employed as senior advisor on digital strategy back in 2016 after he left ICANN."

Follow CircleID on Twitter

More under: Domain Names, Registry Services, New TLDs

Categories: News and Updates

NameExperts & Sedo Divvy Up Four 6-Figure Domain Sales To Take Top Spots on DNJ Chart

DN Journal - Thu, 2018-09-06 22:22
The latest domain sales report is out at and this one includes data from the last three weeks of aftermarket sales.
Categories: News and Updates

Facebook to Invest Over $1 Billion in Its First Asian Data Center in Singapore

Domain industry news - Thu, 2018-09-06 21:21

Facebook today announced its plan to invest more than $1 billion in building its first data center in Asia. It will be located in Singapore and scheduled to open in 2022. Singapore's robust infrastructure and access to fiber, a talented local workforce, business-friendly environment, and a great set of community partners are some of the reasons for its choice of location. From the announcement: "The Singapore Data Center will join our portfolio of hyper-efficient facilities; it has been designed from the ground up with new features to minimize the use of water, energy and land. For example, this data center will be the first to incorporate the new StatePoint Liquid Cooling system. This technology minimizes water and power consumption and, according to our testing, can reduce the amount of peak water used by 20 percent in climates like Singapore's."

Home of the High-Rise Data Centers – "The key challenge in Singapore is land," writes Rich Miller reporting in Data Center Frontier. "The large parcels Facebook usually seeks to build its multi-building cloud campuses are largely unavailable in Singapore, an island nation where land is extremely expensive. The government of Singapore has been encouraging data center operators to build taller facilities. ... Google operates a five-story data center in Singapore, which is its tallest data center anywhere in the world. ... But none approach the 11-story design disclosed today by Facebook."

Follow CircleID on Twitter

More under: Data Center

Categories: News and Updates

Respondent Had Rights or Legitimate Interests in Domain Name by Using It to Promote Genuine Business

Domain industry news - Thu, 2018-09-06 20:30

In the case of Avon Products, Inc. v. Jenika Mukoro, Heirs Holdings, a 3-member WIPO Panel denied the Complainant's efforts to have the domain name <> transferred because the Complainant failed to sustain its burden of establishing that the Respondent had no rights or legitimate interests in the disputed domain name.

The Panel found that the Complainant proved that its trademark AVON (which has been in use since 1929) is well-known in the field of cosmetics and has been used also in connection with the sales of vitamins and supplements as well as to support breast cancer campaigns. The Panel also found that it was clear that there is no relationship between the Complainant and the Respondent and that the Complainant has not authorized the Respondent's use of its trademark AVON or the registration and use of the disputed domain name.

But the Respondent provided convincing evidence to demonstrate that it was using the disputed domain name to promote a genuine business in the field of healthcare services and that it had been using the name AVON in connection with the health and medical services provided through its subsidiaries in Nigeria since as early as 2008. The Respondent submitted certificates of incorporation for Avon Healthcare Limited (dating back to 2010) and for other companies belonging to the Respondent's "Avon group" which were incorporated between 2008 and 2009. In addition, the Respondent provided copies of company reports audited by Ernst & Young for the years 2013 and 2015, certificates of accreditation of Avon Healthcare Limited issued by the Nigerian health insurance controller, and printouts of online websites referring to the activities of the Respondent's Avon group. Moreover, the Respondent also provided a plausible explanation as to the reason why the name "Avon" was selected for such activities, being the initials of the founder's name.

So the Panel found that, on balance of probabilities, the Respondent registered and used the disputed domain name to promote its own business without intending to trade off or exploit the Complainant's trademark, which appears to be well-known in a different sector. The Panel also gave attention to the list of 106 occurrences submitted by the Respondent of the term "Avon" to be in wide use, and corresponding to the name of several rivers, towns and communities, as well as businesses and brands which do not operate in the same field of activity of the Complainant.

In view of the above, and noting some limited online research to verify certain aspects of the Response, the Panel found that the Respondent had proven that it had been using the disputed domain name in connection with a bona fide offering of goods or services before receiving notice of the present dispute. Moreover, based on the evidence submitted by the Respondent, the Panel also found that the Respondent had demonstrated that the entity which actually uses the disputed domain name, i.e., Avon Healthcare Limited, has been commonly known by the disputed domain name.

Written by Evan D. Brown, Attorney

Follow CircleID on Twitter

More under: Domain Management, Domain Names, Intellectual Property, Law

Categories: News and Updates

A Look at the Current State of DNSSEC in the Wild

Domain industry news - Thu, 2018-09-06 18:50

The DNS system is, unfortunately, rife with holes like Swiss Cheese; man-in-the-middle attacks can easily negate the operation of TLS and website security. To resolve these problems, the IETF and the DNS community standardized a set of cryptographic extensions to cryptographically sign all DNS records. These signatures rely on public/private key pairs that are transitively signed (forming a signature chain) from individual subdomains through the Top Level Domain (TLD). Now that these standards are in place, how heavily is DNSSEC being used in the wild? How much safer are we from man-in-the-middle attacks against TLS and other transport encryption mechanisms?

TL;DR – this will take more than 3 minutes to read.

  • DNSSEC is enabled on most top level domains
  • However, DNSSEC is not widely used or deployed beyond these TLDs

Three researchers published an article in Winter ;login; describing their research into answering this question (membership and login required to read the original article). The result? While more than 90% of the TLDs in DNS are DNSEC enabled, DNSSEC is still not widely deployed or used. To make matter worse, where it is deployed, it isn't well deployed. The article mentions two specific problems that appear to plague DNSSEC implementations.

First, on the server side, a number of domains either deploy weak or expired keys. An easily compromised key is often worse than having no key at all; there is no way to tell the difference between a key that has or has not been compromised. A weak key that has been compromised does not just impact the domain in question, either. If the weakly protected domain has subdomains, or its key is used to validate other domains in any way, the entire chain of trust through the weak key is compromised. Beyond this, there is a threshold over which a system cannot pass without the entire system, itself, losing the trust of its users. If 30% of the keys returned in DNS are compromised, for instance, most users would probably stop trusting any DNSSEC signed information. While expired keys are more obvious than weak keys, relying on expired keys still works against user trust in the system.

Second, DNSSEC is complex. The net result of a complex protocol combined with low deployment and demand on the server side is poor implementations in client implementations. Many implementations, according to the research in this paper, simply ignore failures in the certification validation process. Some of the key findings of the paper are:

  • One-third of the DNSSEC enabled domains produce responses that cannot be validated
  • While TLD operators widely support DNSSEC, registrars who run authoritative servers rarely support DNSSEC; thus the chain of trust often fails at the first hop in the resolution process beyond the TLD
  • Only 12% of the resolvers that request DNSSEC records in the query process validate them

To discover the deployment of DNSSEC, the researchers built an authoritative DNS server and a web server to host a few files. They configured subdomains on the authoritative server; some subdomains were configured correctly, while others were configured incorrectly (a certificate was missing, expired, malformed, etc.). By examining DNS requests for the subdomains they configured, they could determine which DNS resolvers were using the included DNSSEC information, and which were not.

Based on their results, the authors of this paper make some specific recommendations, such as enabling DNSSEC on all resolvers, such as the recursive servers your company probably operates for internal and external use. Owners of domain names should also ask their registrars to support DNSSEC on their authoritative servers.

Ultimately, it is up to the community of operators and users to make DNSSEC a reality in the 'net.

Written by Russ White, Network Architect at LinkedIn

Follow CircleID on Twitter

More under: Cybersecurity, DNS Security

Categories: News and Updates

More companies should emulate Tucows’ new earnings call format

Domain Name Wire - Thu, 2018-09-06 17:11

Format leads to higher quality questions and answers.

Last month Tucows (NASDAQ: TCX) held an unusual earnings conference call. Rather than a live call with analysts asking questions, the company pre-recorded the prepared remarks portion of the call. It then invited analysts and shareholders to submit questions in writing, to which Tucows would respond.

I wrote about the reasons for this last month. Now, I can unequivocally support this model. More companies should do it.

Take a look at the quality of both the questions and answers (pdf).

Noticeably absent are questions with answers already in the financials that analysts just needed a few more minutes to locate.

I’m a bit baffled that no analysts asked about the domain business, but I suppose they view the upside in the Ting mobile and fiber business.

© 2018. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact copyright (at) Latest domain news at Domain Name Wire.

Related posts:
  1. Tucows changes domain name price structure
  2. Tucows revenue jumps on Enom acquisition
  3. Digging into Tucows’ annual report
Categories: News and Updates

China Continues to Be at the Forefront of Fibre Adoption, Saw 26% FTTH Growth in Past 12 Months

Domain industry news - Thu, 2018-09-06 17:06

China's fiber adoption constituted 80% of global FTTH growth in the past 12 months, according to the latest report from Point Topic. The country has reported a 26 percent annual growth in FTTH connections. The report also highlights the decline of copper connections which dropped by 7 percent in the last year while FTTH/B/C connections increased by 28 percent in the same period. "Around 78% of global fixed broadband subscriptions are fiber (FTTH/B/C) and cable-based." Brazil, Italy, France and New Zealand are among other nations that saw FTTH quarterly growth rates in double digits. Point Topic has also pointed out that high fiber broadband penetration does not necessarily mean equally competitive pricing. "For example, the median residential fiber broadband tariff in China is almost twice as high as in Japan, with similar fiber penetration levels and direct fiber (FTTH/B) dominating in both countries."

Follow CircleID on Twitter

More under: Access Providers, Broadband, Telecom

Categories: News and Updates

Domains used by China’s Top 100 internet companies

Domain Name Wire - Thu, 2018-09-06 16:40

Studying these domains will help you understand what types of domains China’s biggest internet companies prefer.

Researching domains used by top Chinese internet companies.

Spectacular domain sales to China have been reported in recent years, and many of them were bought by internet companies, such as for $17m, for $5m, and for $3.6m. This should not surprise domain investors because internet companies are the new leaders in this internet age.

With China poised to become the largest domain market supported by its 800 million internet population, studying domains used by the best internet companies in China will help investors understand what domains to sell to this market. The opportunity came recently when the “2018 Top 100 Chinese Internet Companies Report (2018年中国互联网企业100强分析报告)” was jointly published by the Internet Society of China and MIIT in July. Based on the report and with help from Baidu search, I have created the following list.

RankChineseEnglishFoundedDomain 1阿里巴巴 2腾讯 3百度 4京东Jing 5网易 6新浪 7搜狐 8美团 9三六零(奇虎360)360 Total 10小米 11今日头条(字节跳动) 12网宿 1358集团 14金山软件Kingsoft 15携程 16二三四五 17美图 18新华网Xinhua 19苏宁 20汽车之家(北京车之家) 21用友网络Yon 22咪咕文化 23三七互娱37 24凤凰网(天盈九州)Phoenix 25恺英网络 26东方明珠Oriental Pearl Group 27昆仑万维 28多玩(华多) 29易 车 网 30快 乐 阳光(芒果 TV)Mango 31鹏博士Dr 32唯品会 33央视网China Central 34四三九九(4399) 35凡普金科 36网龙网络NetDragon Websoft 37波克城市Poker 38米哈游Mi Ha 39朗玛信息 40幻电(哔哩哔哩) 41巨人网络Giant 42猎豹移动Cheetah 43同程旅游 44龙采科技Long 45科大讯飞Iflytek 4621CN(世纪龙信息) 47泰一指尚 48光环新网 49竞技世界网络JJWorld 50东方财富 51游族网络You 52斗鱼网络 53宜人贷 54中钢网Zhong Gang 55东软集团 56慧聪Hui 57马鞍山百助Bai 58腾邦国际 59迅雷网络 60吉比特 61微贷网Wei Dai 62连尚网络Lian 63钢银网 64前程无忧(前锦网络)Qian Cheng Wu 65找钢网Zhao Gang 66花椒直播 (密境和风)Hua 67好未来TAL 68蜗牛数字Wo Niu (Snail) 69游龙网络You Long Wang 70六间房 71东方网 72房天下(搜房科技) 73艾德 74岚悦科技Lan Yue Ke 75华云数据Hua 76联动优势 76OFO小黄车(东峡大通) 78途牛Tu 79创梦天地(乐逗游戏) 80思贝克 81盛天网络Sheng 82梦网科技 83猪八戒网Zhu Ba 84平治信息 85驴妈妈(景域)Lv Ma 86当当网Dang 87趣丸网络Qu 88拓维信息 89世纪佳缘Jia 90房多多Fang Duo 91天鸽互动Tian 92创蓝253Chuang Lan 93爱酷游Ai Ku 94不锈钢电子交易中心 95沪江网校Hu 96锐之旗Rui Zhi 97风行网Fung Xing 98美柚Mei 99世纪互联Shi Ji Hu 100优刻得

First of all, .com is king in China. 86% of the companies use .com and only 13% use .cn. The only non-mainstream extension found is .tv. Also, short domains are preferred as 99% of the domains are 10 characters or less excluding the extension (the median is only 6 characters). So, if you want to sell to corporate users in China, focus on short .com domains.

This study breaks the myth that Chinese companies prefer Pinyin but not English domains. In the list, Pinyin domains account for only 37% of the domains and English domains take up 36%. Here, I’m using the term “English” loosely and treat names such as CTrip, iflytek, and OFO as English. (Acronym has 10% and numeric 7%.)

If you want to sell to corporate users in China, focus on short .com domains of less than 10 characters.Click To Tweet

Digging deeper, 78% of Pinyin domains are 2-pin (two Pinyin words such as Bai Du). This implies that if you want to invest in Pinyin domains, focus on 2-pin names. For acronym and numeric domain investors, note that no company on this list uses a domain longer than 4L or 4N. This means you have less chance to sell to corporate China if your have 5L/5N or longer domains.

Even though this list contains the best internet companies in China, there are still many of them not following the norm held by global brands of owning brand-matching .com domains. There are issues in brand matching (e.g., use of subdomain (e.g., and misspelling (e.g. This offers great selling opportunities of the right domains.

In summary, if you want to sell to corporate users in China, focus on short .com domains of less than 10 characters excluding the extension. Both Pinyin and English names are fine. For acronym and numeric domains, try not to exceed 4L or 4N.

© 2018. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact copyright (at) Latest domain news at Domain Name Wire.

Related posts:
  1. Why you shouldn’t go bananas over domain name “sale”
  2. China has been a blessing. Will it be curse?
  3. What China giveth, China can taketh away
Categories: News and Updates

Internet Companies and Government Contracts: Complying with DCAA Regulations

Domain industry news - Thu, 2018-09-06 16:40

One of the biggest opportunities for Internet companies of all sizes can be to get a U.S. government contracts. This kind of business partnership is highly desirable as the U.S. government spends about $500 billion for contracts annually.

The government contracting in an extremely competitive field, as the huge number of businesses bid for the same contracts. After all, there is a lot of money involved here and those are all big jobs that can prove vital for any company.

However, for a company to be able to apply for one of the government contracts, it first must meet the necessary regulations which are required.

One of these regulations is the Defense Contract Audit Agency (DCAA) compliance.

For DCAA Pre-Award Requirements to be met, you should make sure your company complies with the following:

1. Direct and indirect costs must be isolated so that direct costs apply only to those services or goods needed to fulfill the contract, while indirect apply to those which are needed to manage the business as a whole.

2. All books of account must be consistent with the general ledger system.

3. Employee timekeeping system or software must be used for separating different activities as a proof of no fraud or wasted time concerning the employee working hours.

4. There should be monthly (or more frequent) reports concerning cost set up and regularly updated.

5. Companies should separate current costs from pre-production or pre-development costs.

The DCAA auditors look for these requirements to be met by the contractor:

  • Business systems
  • Management policies and procedures
  • Accuracy and reasonableness of contractors' forward-pricing and incurred-cost representations
  • Adequacy and reliability of records and accounting systems
  • Contractor compliance with contractual provisions having accounting or financial significance

Where to find opportunities for government contracts?

Here are some websites on which you can get information about all U.S. government contract demands:

How can an Internet-based business get government contracts?

By following these steps companies can increase their chances of landing a federal contract:

1. Deliver innovation, fresh thinking, and relevant solutions. The government is not known for its innovation and flexibility and these areas are a good exploit for Internet companies to prove useful.

2. Don't shy away from a potential government contract and think that is unlikely that your product or services will be acquired. The government will buy almost anything, especially if your solution proves to be more agile, efficient, and responsive in delivery than the one from a larger and more rigid company.

3. Create relationships. Some agencies offer lobbying services that can help you get contracts. Another good way is collaborating with other competing companies and try to make partnerships that will increase the chances of getting contracted.

4. Research and learn about previous Internet-based companies that had successfully obtained government contracts and see what are the things that also might help you.

Written by Mark Maric, Search Engine Optimization Director

Follow CircleID on Twitter

More under: Policy & Regulation

Categories: News and Updates

Call for Participation - ICANN DNSSEC Workshop at ICANN63 Barcelona

Domain industry news - Thu, 2018-09-06 16:06

Do you have a great idea about DNSSEC or DANE that you'd like to share with the wider community? If so, and you're planning to be in Barcelona, Spain for ICANN63 in October 2018, submit a proposal to present your idea at the DNSSEC Workshop!

Send a brief (1-2 sentence) description of your proposed presentation to by Friday, 07 September 2018.

For more information, read the full Call for Participation below.

The DNSSEC Deployment Initiative and the Internet Society Deploy360 Programme, in cooperation with the ICANN Security and Stability Advisory Committee (SSAC), are planning a DNSSEC Workshop during the ICANN63 meeting held from 20-25 October 2018 in Barcelona, Spain. The DNSSEC Workshop has been a part of ICANN meetings for several years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments.

For reference, the most recent session was held at the ICANN Policy Forum in Panama City, Panama on 25 June 2018. The presentations and transcripts are available at: and

At ICANN63 we are particularly interested in live demonstrations of uses of DNSSEC, DS automation or DANE. Examples might include:

  • DNSSEC automation and deployment using CDS, CDNSKEY, and CSYNC
  • DNSSEC/DANE validation in browsers and in applications
  • Secure email / email encryption using DNSSEC, OPENPGPKEY, or S/MIME
  • DNSSEC signing solutions and innovation (monitoring, managing, validation)
  • Tools for automating the generation of DNSSEC/DANE records
  • Extending DNSSEC/DANE with authentication, SSH, XMPP, SMTP, S/MIME or PGP/GPG and other protocols

Our interest is to provide current examples of the state of development and to show real-world examples of how DNSSEC and DANE related innovation can be used to increase the overall security of the Internet.

We are open to presentations and demonstrations related to any topic associated with DNSSEC and DANE. Examples of the types of topics we are seeking include:

1. DNSSEC Panel (Regional and Global)

For this panel, we are seeking participation from those who have been involved in DNSSEC deployment in the region and also from those who have not deployed DNSSEC but who have a keen interest in the challenges and benefits of deployment. In particular, we will consider the following questions: Are you interested in reporting on DNSSEC validation of your ISPs? What can DNSSEC do for you? What doesn't it do? What are the internal tradeoffs to implementing DNSSEC? What did you learn in your deployment of DNSSEC? We are interested in presentations from both people involved with the signing of domains and people involved with the deployment of DNSSEC-validating DNS resolvers.

2. Post KSK Rollover

Following the Root Key Rollover, we would like to bring together a panel of people who can talk about lessons learned from this KSK Rollover and lessons learned for the next time

3. DS Automation

We are looking at innovative ways to automate the parent-child synchronization CDS / CDNSKEY and methods to bootstrap new or existing domains. We are also interested in development or plans related to CSYNC, which are aimed at keeping the glue up to date.

We would like to hear from DNS Operators what their current thoughts on CDS/CDNSKEY automation are.

3 DNSSEC/DANE Support in the browsers

We would be interested in hearing from browser developers what their plans are in terms of supporting DNSSEC/DANE validation.

4. DANE Automation

For DNSSEC to reach massive deployment levels it is clear that a higher level of automation is required than is currently available. There also is strong interest for DANE usage within web transactions as well as for securing email and Voice-over-IP (VoIP). We are seeking presentations on topics such as:

  • How can the industry use DANE and other DNSSEC applications as a mechanism for creating a more secure Internet?
  • What tools, systems and services are available to help automate DNSSEC key management?
  • Can you provide an analysis of current tools/services and identify gaps?
  • What are some of the new and innovative uses of DANE and other DNSSEC applications in new areas or industries?
  • What tools and services are now available that can support DANE usage?

We would be particularly interested in any live demonstrations of DNSSEC / DANE application automation and services. Demonstrations of new tools that make the setup of DNSSEC or DANE more automated would also be welcome.

If you are interested in participating, please send a brief (1-2 sentence) description of your proposed presentation to by **07 September 2018 **

We hope that you can join us.

Thank you,
Kathy Schnitt

On behalf of the DNSSEC Workshop Program Committee:
Jean Robert Hountomey, AfricaCERT
Jacques Latour, .CA
Russ Mundy, Parsons
Ondřej Filip, CZ.NIC
Yoshiro Yoneya, JPRS
Dan York, Internet Society
Mark Elkins, DNS/ZACR

Written by Dan York, Author and Speaker on Internet technologies - and on staff of Internet Society

Follow CircleID on Twitter

More under: DNS, DNS Security

Categories: News and Updates

10 more end user domain names sales

Domain Name Wire - Thu, 2018-09-06 14:15

An eCommerce company, virtual reality blog, and investment exchange bought domains last week.

This week’s end user domain buyers run the gamut but feature several travel-related businesses as well as a perfume and beauty products online shop, and a few tech businesses. The top sale at nearly €16,000 went to a universal shopping basket service called Cloud Basket where users can use one account to buy from different websites.

Take a look at some of the end user sales at Sedo this past week, and you can view previous weeks’ lists here. €15,890- Already online and operating as a universal shopping basket service where you can buy from different online shops using one account. The buyer is Q.One Technologies GmbH. – $9,999 Purchased by the owner of & sells discounted perfumes and cologne along with skincare, makeup and more. €5,000 – A .co name makes the list as this site redirects to, which claims to be spatial technology company “capturing and publishing 3D information about real-world interiors on an industrial scale.” So maybe Stak will be a side project or additional product offering. €4,000 – Translating to Human Resources Knowledge, this site forwards to which claims to be one of the ten biggest specialist publishing houses in Germany. $4,000 – Showing a “Coming Soon” sign and was purchased by Maco Lighting Pty Ltd, an Australian lighting company. $3,888 – A virtual/augmented reality blog. €3,500- Currently up and running as an investment portal where members can interact with other people interested/working with bonds. €2,999 – Travel search engine mainly focused on hotels. €2,499 – A landing page directing visitors to other Bhutan visitor sites so I imagine this will be a travel site for Bhutan in French. $2,150 – This is an upgrade from the hyphenated It forwards to the website for a private charter flight company.

© 2018. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact copyright (at) Latest domain news at Domain Name Wire.

Related posts:
  1. What domain names Mozilla and others bought last week
  2. What domain names Goldman Sachs and others bought this week
  3. More end user domain name sales
Categories: News and Updates

CentralNic scoops up tiny domain name registrar with focus on Romania and Brazil

Domain Name Wire - Thu, 2018-09-06 12:05

Company believes acquisition will give it a boost in Romania and Brazil.

Domain name company CentralNic (London AIM: CNIC) has acquired GlobeHosting Inc. for €2.56 million. €1.5 million was paid up front with anniversary payments over the next two years making up the difference.

GlobeHosting focuses on Romania and Brazil. It generated €849k in revenue for the twelve months ending July 31 and its EBITDA was €419k.

CentralNic believes the company is well positioned to benefit from changes in Romania’s .ro country code domain:

Romania’s country code, .RO, is undergoing significant adjustment from which GlobeHosting is expected to benefit, with imminent changes to its pricing structure involving all existing .RO users renewing their domains. Internet penetration in Romania is growing with an approximately four per cent increase in 2017. Currently approximately 60 per cent of Romania’s circa 20 million population uses the Internet.

© 2018. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact copyright (at) Latest domain news at Domain Name Wire.

Related posts:
  1. CentralNic is on the premium domain hamster wheel
  2. CentralNic scoops up KeyDrive for up to $55 million
  3. Shareholders approve KeyDrive acquisition; deal to close tomorrow
Categories: News and Updates

GDPR Didn't Affect Spam? Not So Fast

Domain industry news - Wed, 2018-09-05 18:05

I have recently become aware of a blog post from Recorded Future that attempts to analyze the effects of the GDPR on online security. Unfortunately, it starts by asking an irrelevant question and then goes on to use irrelevant metrics to come to a meaningless answer.

The premise of Recorded Future's article — that spammers would send more spam and register more domains because GDPR came into effect — tells us nothing useful about how GDPR affects anything. It's the wrong question, it's not a question most security people are concerned with, and it ignores how spam and spammers work.

The goal of spam is to get the recipients to do something, usually to click through to a landing page containing phish or a malware. Spammers use botnets, hijacked IP space, and deceptively registered snowshoe IP addresses. More IP addresses let them evade filters and send more spam; more domains make no difference.

Spam volumes increase as spammers start campaigns, and decrease as the campaign ends, or as security researchers and law enforcement take down the networks of compromised machines used to send most spam.

Spam domains are the ones that spammers want people to end up on, the destination sites. Spammers only need to run a certain number of redirection and destination sites, and a lot of the redirectors they use are on other people's hacked sites. Sending spam doesn't need any domains at all, since the return addresses in spam are invariably fake, either addresses taken from the spam lists, or just made up.

Using more domain names gives spammers little if any advantage. If more domains were better, and if detection and takedown were easier before GDPR, spammers would have been buying ever-ballooning numbers of domains before GDPR, but they weren't.

Indeed, GDPR would mean spammers now have an easier time and need fewer domains, because less spam will be detected, more will get through to users, and landing domains will stay up longer so more of the spam will have working landing pages.

Some of the Recorded Future analysis is just puzzling and suggests a lack of familiarity with spamming techniques.

For example, it looks at the number of registrations in heavily abused TLDs, such as .men and .fun and doesn't see many new ones. But the reason those TLDs are heavily abused is that they had promotions to sell cheap bulk domains. Once the promotions are over and the price goes back up, the number of new registrations drops to the usual trickle, GDPR or no.

To understand the effect of GDPR, the relevant questions are: Is GDPR enabling damage, because it makes detection, blocking, and mitigation harder?

Criminals do use domains for spam payloads, redirectors, and landing pages. WHOIS has been a key tool not just to identify individual domains, but to find connections among domains (which tend to be registered with similar information, even if it's false) to take down a whole network of them at a time. I can't find any public numbers about takedowns, but the security researchers I know tell me that lack of WHOIS is a significant impediment to research, and the half-hearted measures that some registrars provide to reveal one domain at a time is no substitute when you're looking at clusters of thousands or tens of thousands of domains.

At this point, we do not have the data to say how GDPR is affecting the Internet's security, and we certainly do not have data to claim there is no effect.

Written by John Levine, Author, Consultant & Speaker

Follow CircleID on Twitter

More under: Domain Names, Policy & Regulation, Spam

Categories: News and Updates

Getting on with Digital Transformation: Three Steps to Making Strategic Technology Choices

Domain industry news - Wed, 2018-09-05 17:52

In a recently published Uptime Institute Survey, Uptime Institute found that organizations operating data centers are finding it increasingly difficult to recruit professionals skilled in security, networking, and hybrid technologies. This realization comes at an interesting time, as the monolithic business infrastructure built over the last two decades is now entering a period of transformation.

In some ways, this reminds me of the prelude to the millennium some 20 years ago. At the time, everyone decided to embrace the Internet and tackle the Y2K problem all at once. This led to a shortage of Internet experts and information technology professionals skilled in the Y2K problem, giving way to one of the biggest technology booms to date.

History never repeats itself, but it often rhymes

As far as general market dynamics are concerned, everyone doing the same thing at the same time tends to lead to a boom. While the Information Technology and Communications industry has been drumming the importance of the digital transformation trend for several years now, the progress to date has been lackluster. However, with the awareness of digital transformation hitting the mainstream, it is now beginning to seem like things are about to change.

Once the mainstream market starts moving forward, there will be two problems that organizations have to address: the shortage of knowledgeable staff and the complexity of the next-generation business platforms. Both issues come with significant strategic implications, because getting things wrong and missing the train may lead to a competitive disadvantage.

Therefore, all organizations must try to come to grips with understanding how to position with the technology dimensions of the digital transformation. To get started, here is a list of three key considerations that should be weighed in before making decisions.

1. As an organization, do we really have the know-how and the resources to do this on our own?

Engineers love solving challenging problems with interesting technologies. So, their first instinct is to develop things in-house. Yet as the technology that powers the digital transformation is becoming increasingly complex, there is a growing gap between what in-house engineers do and do not know.

In this situation, it is often advisable to work with partners who have already been on the learning curve for a few years. Even for organizations that can afford to invest tens or hundreds of millions on these initiatives, having knowledgeable partners is a great way to reduce the Capital Expenditure (CAPEX) and to speed up the time-to-market for the agile business platforms of tomorrow.

2. Do we understand that complex working systems are invariably developed from simple systems?

The development of complex systems should always be started by building a simple system that works. While a new paradigm such as agile business infrastructure may make it tempting to design everything from a clean slate, this typically leads to designs with layers of excess complexity that do not meet the untrained eye.

Leveraging the existing infrastructure to the fullest extent is often a much better approach because when done right it will shorten the project lead times, cut the costs and ensure business continuity. For example, hybrid multi-cloud architectures are a wonderful way to augment the legacy infrastructure with automation and public clouds.

3. How long can we afford to wait?

Experience tells us that transformational information technology undertakings often involve delays and budget overruns. This is generally caused by designs that introduce hidden layers of complexity. Therefore, instead of relying on internal efforts to learn the ropes, a much better strategy is to implement a blueprint architecture developed by a consortium of vendors having prior experience working with automation initiatives of similar scale. The market may be new, but there are industry pioneers out there who have already been there, seen it and done it.


As digital transformation makes progress, organizations will have to decide how to address the impending change. New technologies are an excellent way to enable new business models and processes, but they come with new levels of complexity that the specialists experienced in the traditional technologies may not fully acknowledge. To address this issue, most organizations are best off by partnering with companies that have already paid their dues and spent some time on the learning curve.

Written by Juha Holkkola, Co-Founder and Chief Technologist at FusionLayer Inc.

Follow CircleID on Twitter

More under: Blockchain, Broadband, Cloud Computing, Data Center, Internet of Things, Mobile Internet, Networks, Telecom

Categories: News and Updates

Largest New gTLD Domain Registry Operator Donuts Inc. Acquired by Private Equity Firm

DN Journal - Wed, 2018-09-05 17:48
A major private equity firm, Abry Partners, has acquired Donuts Inc., operator of more than 200 new gTLDs. A former ICANN CEO is on Abry's leadership team.
Categories: News and Updates

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer