Home / Blogs

Dear Industry Canada, Is Now a Good Time to Replace CIRA?

Today we have sent following to the Minister of Industry Canada, James Moore, as well as the Canadian Internet Registration Authority (CIRA) Board of Directors. This is in response to the revelation that CIRA is positioning to enter the managed DNS space. As we outline in the letter, we are fine with more competition (in fact Google just entered the domain and DNS space too! Now they can slurp up your DNS queries and your email, cross reference it for marketing purposes and use it to target your search results. Isn’t that exciting?).

No, competition is a fact of life, what we want is more of it, not less. Here’s what we wrote to The Honourable James Moore:

* * *

To: The Honourable James Moore, Minister of Industry
CC: Byron Holland, CIRA
CC: Adam Scott, GoC Director to CIRA
CC: The Board of CIRA

My name is Mark Jeftovic, CEO of easyDNS Technologies Inc., the oldest and most well known managed DNS provider in Canada. We are also a CIRA Certified Registrar, and I personally served on the CIRA Board of Directors from 2002-2004.

I’m writing this after becoming aware, via minutes of Board meetings published on the CIRA website:



that CIRA is contemplating entering the managed DNS space. They have obtained an outside legal opinion to discern whether CIRA could be construed in violation of the Competition Act with respect to this proposed expansion of their core mission. I imagine the concern is that since CIRA is, as we all know, a monopoly with respect to the registration of .CA domain names, and that managed DNS services are something often provided by domain registrars, there may be a sentiment that CIRA could be abusing their monopoly position by going in and competing against their own registrars’ business interests:

“with respect .. to the contemplated Managed DNS Service, as well as the application of the Act to CIRA, in general. External counsel was of the opinion that CIRA’s risk under the Act with respect to the offering of the Managed DNS Service was low. CIRA’s own assessment of the potential risk of claims under the Act for non-compliance was overall low.”

Given that CIRA is seriously re-examining their own place in the market, now may also be the perfect time for Industry Canada to reexamine CIRA.

What is the ostensible purpose of CIRA?

The key principles which shaped the creation of CIRA and guided the policy around the re-assignment of management of .CA from UBC over to CIRA was articulated in the letter from ADM Michael Binder (“The Binder Letter”) in 1999.

The letter identified the .CA domain space as a “key public resource” and it encouraged a reliance on market forces and private sector leadership in the management of the .CA domain space.

It went on to define several key principles it wanted CIRA to implement, including:

  • [conduct its] activities in an open and transparent manner that ensures wide public access to all relevant information;
  • Following fair and sound business practices;
  • That it would make applying for .CA domain names being as quick and easy as applying for domain names in other top level domains, and priced competitively;
  • and that the system would facilitate and encourage entry for new players including registrars.

Out of that guidance, CIRA, a not-for-profit private corporation was given stewardship over the .CA space.

Fast forward to today, where the .CA namespace has 2.2 million domains, and from it’s latest annual financial statements, has annual revenues of about $17 million, and expenses of $16.5 million. $6.5 million of which are salaries and benefits, nearly $2 million more in consultants’ fees, almost $1 million in general and office expenses and half-a-million in travel.

It spends nearly as much on both “communication awareness and education” ($1.1 million) and “community investment programs” ($1.6 million) as it does on computer operations and networking ($1.7 million), which from where I’m sitting, should be the main function of a government sanctioned, monopoly operator of an internet registry.

CIRA also has over $20 million cash in the bank. More on that shortly.

Little known fact (even within CIRA itself), is that CIRA’s customers are not actually the domain registrants (the registrants form the membership of CIRA as a stakeholder group). CIRA’s customers are actually the .CA registrars. They can be considered somewhat “captive” in that anybody who wants to offer .CA registrations must deal with CIRA directly, or go through somebody else who does. To do that, one must become “CIRA Certified” (the Canadian equivalent of ICANN Accredited), and play by CIRA’s rules (One of which is a non-disparagement clause, so I write this letter with all due respect toward CIRA.)

Now that CIRA is exploring the option of competing directly with their own registrars, we have to ask ourselves if CIRA were permitted to do so, given it’s monopoly position, has it fulfilled and could it continue to fulfill it’s key objectives if this were to come to pass?

In our minds, CIRA has not yet accomplished it’s core mission of making the .CA TLD a world-class namespace. Put side-by-side beside .COM (I’ll use .COM because during my tenure on the Board it was .COM that CIRA was obsessed with competing against)

  • The wholesale cost of a .CA is still higher than that of a .COM
  • The end-user registration process is unwieldy and clumsy thanks to an excessively legal end user registration agreement (over 200 pages in length!) and a confusing 3-way member creation procedure which fails mid-process 20-30% of the time, compared with near 1-click registrations available under .COM
  • The .CA root name servers do not update in realtime (the .COM’s do since 2004)
  • A typical registry maintenance window can last up to 24 hours and render all changes inoperable, .COM registry maintenance windows are typically under 30 minutes
  • DNSSEC signing of the .CA root was a full 3 years behind .COM’s

So we can see that CIRA still has some work to do even to fulfill it’s core mission! Yet they seem eager to expand into other areas.

Recall that CIRA has managed to build up a nice war chest with which they could enter any competitive space. Given that this excess capital was garnered through its monopoly over the .CA TLD, does that outside legal opinion they obtained about unfair competition still hold water?

Even during my days on the Board, there was always that vexing question “What should we do what all that money?” (There would be even more in the bank, but CIRA risks losing it’s tax status as a not-for-profit if they pile up too much cash, so they keep it down to an amount reasonable as a reserve fund). They could continue to lower the wholesale cost of .CA domain names, (thus fulfilling at least one of the directives of the Binder Letter) and this problem would go away. But it seems like it’s a problem worth keeping, and I dare say, intensifying through their desire to enter the competitive landscape beyond their core mission.

It may be appropriate for CIRA to enter new spaces with the purposes of laying the groundwork, perform research or conduct general viability explorations. For example during my tenure as a Director we participated and played a key role in enum protocol test-beds for Country Code 1 (enum provides a mechanism for mapping telephone numbers to internet addresses).

A similar idea today could be some kind of decentralized, peer-to-peer crypto-currency research in tandem with the Royal Canadian Mint (who is also interested in these matters). These applications are still in the early alpha stages and any inroads CIRA could make would compliment, rather than compete with private initiatives in the space.

But to compete in an already mature space would be unfair to real businesses (defined as those who have to justify their existence in the mind of the market every day in order to survive), who will now have to compete with one of their own suppliers that enjoys a monopoly and is immune from competition in their core market.

But Things Go Better With Competition. Always.

Having said that—we would be the last to propose protectionism for ourselves, we don’t want it, we’re not asking for it. Instead we welcome and encourage competition in all endeavours, because in the end, the more competition there is, the more benefit to the consumer and the economy.

Thus we are suggesting that if CIRA has “grown up” and is ready to venture forth in the world and compete against private businesses, then the street should run in both directions and competition should also be permitted and encouraged in the operation of the .CA top level domain itself.

The obvious way to facilitate this is for Industry Canada to review the .CA TLD with an eye toward opening operation of the registry to competitive bidding for fixed terms, say 3 to 5 years.

  • Currently the Government of Canada receives no funds from .CA domain registrations. My guess is with the .CA opened to competitive forces, the wholesale price would come down, even with the introduction of a modest per-domain fee to the GoC which could help fund various science and technology initiatives undertaken by the government (remember, the namespace is supposed to be a “key public resource”—that means for Canada, not for CIRA.
  • With competition driving innovation, the technical and usability shortcomings of the .CA root would likely disappear within 1 or 2 cycles of the tender process.
  • If Canadian Sovereignty is a concern, the Canadian Presence Requirements which already governs .CA registrants and registrars could be extended to apply to registry operator contenders.

It’s been 14 years since CIRA took over the .CA, it is well past due for a review and revision. The presence of piles of money and their wanderlust to “do something else” proves it.


Mark Jeftovic, President & CEO
easyDNS Technologies Inc.
[email protected]

By Mark Jeftovic, Co-Founder, easyDNS Technlogies Inc.

Filed Under


Well said! I hadn't realized CIRA was Doug Mehus  –  Jun 24, 2014 6:15 PM

Well said! I hadn’t realized CIRA was contemplating getting into the managed DNS space, in much the same way NeuStar and VeriSign already do. It isn’t something I have a problem with Registry Operators (or Registry Administrators, as the case may be) doing. It’s an important revenue opportunity and can make sense. The problem I have is, like you, because of their monopoly position and the fact the .CA contract has not been re-tendered in more than 15 years, *can* lead to abuses.

Their Board of Director nomination process is a bit of a confusing farce, too. They need to scrap the “Nominating Committee” slate as soon as possible. Moreover, many .CA registrants don’t bother with the extra process and hassle of activating their CIRA membership, enabling voting rights. As well, .CA domain name information *isn’t* publicly-accessible. I’d prefer a reCAPTCHA-protected, web-based WHOIS database but allow privacy protection (and domain name information escrow) services to be activated on .CA names.


P.S. Kudos to easyDNS for continuing to provide a Canadian-focused, free recursive DNS service to the public, as competition to OpenDNS and Google, namely. It’s much appreciated! :)

P.S. Kudos to easyDNS for continuing to Mark Jeftovic  –  Jun 25, 2014 7:17 PM

P.S. Kudos to easyDNS for continuing to provide a Canadian-focused, free recursive DNS service to the public, as competition to OpenDNS and Google, namely. It's much appreciated! :)
Doug, thanks BUT sadly, we are shutting down DNSResolvers.com very soon (before July 1st). See http://blog.easydns.org/2014/06/25/dnsresolvers-com-shutdown-imminent/ We will bring a resolver service back in the future but it will not be wide open the way this one is.

Hi Mark,re: thanks for the follow-up!Oh, no Doug Mehus  –  Jun 25, 2014 10:05 PM

Hi Mark, re: thanks for the follow-up! Oh, no problem then. I look forward to seeing the DNS resolver service launch again in the future, perhaps requiring user sign-up (presumably to prevent abuse?). A service similar to Dyn's Internet Guide or OpenDNS, which do require sign-up, would be ideal. :) Cheers, Doug

excellent, Mark. Neil Schwartzman  –  Jun 25, 2014 12:57 AM

I also have some operational issues with cira which Byron Holland assures me don’t exist. I’ve filed a complaint with the competition bureau with regard to the fact that a miscreant can register a malicious domain with CIRA as an individual, and even when provided with proof said domain is being used for commercial purposes, CIRA refuses to remove the whois obfuscation proxy service so researchers can determine who the point of contact is. In other words, if you want to commit malicious activity anonymously under the CIRA régime, declare yourself an individual, and CIRA’s got your back.

Here’s hoping things change.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



New TLDs

Sponsored byRadix

Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign


Sponsored byDNIB.com

Threat Intelligence

Sponsored byWhoisXML API


Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global