Home / Blogs

Is NIST’s Recent Letter on o.com a Bureaucratic Coup d’Etat?

Verisign recently informed ICANN that it had received a letter from the National Institute for Standards and Technology (NIST), an agency of the U.S. Department of Commerce, regarding the proposed auction of o.com described in the Second Amendment to the .com Registry Agreement agreed to by ICANN and Verisign in March 2019. This letter, which doesn’t appear to be on official letterhead, is from a NIST Grants Officer and purports to overturn a letter raising objections to the auction that was sent to Verisign on official letterhead and digitally signed by a politically-appointed and duly-authorized Acting Assistant Secretary of the cognizant agency for overseeing and managing the U.S. government’s Internet policy interests and, specifically, Cooperative Agreement NCR 92-8742, which is widely known and referred to as the VeriSign Cooperative Agreement.

So, a career civil servant and clerical bureaucrat working at NIST have, in the absence of politically-appointed leadership of NTIA (an entirely different agency), exercised delegated authority to countermand objections that were put forth by the last politically-appointed leader of NTIA and has done so without even bothering to put the letter on any sort of official letterhead or digitally signing it.

That’s fun.

Regardless, it seems like this letter might be best seen as “a lotta bit” of presumptuous bureaucratic overreach and one wonders whether Adam Candeub, a Michigan State law professor and formerly politically-appointed and duly-authorized NTIA chief, agrees with the letter’s unsupported assertion that he misinterpreted “certain provisions of the Cooperative Agreement.” The letter doesn’t offer any analysis or information to support this accusation beyond the prognostication of a bureaucratic clerk and so perhaps he will weigh in at some point and, if he does, he might consider that in their zeal, the bureaucrats appear to have ignored the full landscape of agreements and restrictions that exist as well as other factors including:

  1. ICANN is violating its Bylaws (Section 2.2 RESTRICTIONS) and its InterNIC license agreement with the Commerce Department in order to profiteer from warehoused and cybersquatted domain names;
  2. The InterNIC license agreement between ICANN and the Department of Commerce—which merges the Memorandum of Understanding by direct reference—requires ICANN to defer to all of the extant terms of the Cooperative Agreement whenever an inconsistency arises between the .com Registry Agreement and the NTIA-VeriSign Cooperative Agreement. ICANN is not a party to the Cooperative Agreement but, pursuant to its InterNIC license agreement, has agreed to defer to its terms;
  3. Amendment 35 to the NTIA-VeriSign Cooperative Agreement spells out specific “Designated Terms” requiring VeriSign to seek and obtain prior written approval of DOC and both parties—VeriSign and DOC—agreed to ignore without deleting or otherwise amending the rest of the Cooperative Agreement;
  4. These “Designated Terms” ignore Article 3.G of the base 1993 Cooperative Agreement requiring approval for changes to “user-based fee structures” and which hasn’t been deleted or otherwise amended;
  5. None of the amendments to the Cooperative Agreement—including Amendment 35, which VeriSign negotiated, signed, and is, presumably, happy with—delete the Article 3.G provision of the original Cooperative Agreement and which, therefore, remains in force; and,
  6. ICANN is bound by the InterNIC licensing agreement (and merged MOU) to all of the extant terms of the NTIA-VeriSign Cooperative Agreement, regardless of what VeriSign and NTIA have agreed to ignore for purposes of their contractual relationship.

That the NIST bureaucrat didn’t consider the implications of the InterNIC licensing agreement is unsurprising since the licensing agreement is being obscured from view on an orphan page of the NTIA website that isn’t accessible except by navigating directly with the specific link typed into a browser address bar. However, the NIST civil servant—along with “program and legal staff of the National Telecommunications and Information Administration and the Department of Commerce’s Office of General Counsel, Federal Assistance Law Division”—don’t appear to have considered that ICANN is violating its Bylaws by warehousing and cybersquatting on o.com in the first place.

About half of NIST’s letter expends great energy for disparaging a former politically-appointed head of NTIA while also exhaustive creativity in spelling out the author’s “delegated authority” in order to posture for contradicting objections raised by a duly-authorized agency head and while the agency in question, NTIA, is still waiting for the Biden Administration to appoint a new Administrator. In the process of this bureaucratic coup d’etat the bureaucrats miss the point—and the official letterhead—entirely.

Read the rest of this analysis →

By Greg Thomas, Founder of DNSDecrypt

Greg Thomas is founder of DNSDecrypt and author of How to Save the Internet in Three Simple Steps: The Netizen’s Guide to Reboot the Root. The views expressed in this article are solely those of Greg Thomas and and are not made on behalf of or for any other individual or organization.

Visit Page

Filed Under


Greg,I've enjoyed reading your posts. I'm Thomas Barrett  –  Apr 22, 2021 11:31 PM


I’ve enjoyed reading your posts.  I’m intrigued by this comment:

“ICANN is…cybersquatting on o.com”

There appears to be hundreds of trademarks in the USPTO for the letter “O”.  No doubt, many more “O” trademarks exist in other jurisdictions.  Which of the well-known brands, would you wager, are biggest victims of ICANN cybersquatting here?

But, more importantly, ICANN has reserved many other strings, including unregistered 2 letter ISO codes and even various three-letter ISO codes, all presumably to protect future ccTLD’s.  But some of these will never be delegated for a cctld.  especially, the three-letter codes.

Would you agree that ICANN is cybersquatting here too?  Or perhaps, the ccTLD’s are cybersquatting on these three letter codes?

For example, .ETH is reserved by ICANN as a three-letter code for Ethiopia, which current uses .ET.  Why do they need two?

Shouldn’t there be an expiration for Ethiopia to claim their .ETH country code? Otherwise, isn’t Ethiopia cybersquatting on .ETH?


Tom John Berryhill  –  Apr 23, 2021 12:14 PM

Greg's posts are written on behalf of a party who has accumulated a bunch of what are called "naked assignments" of obscure dis-used and mostly figurative single-letter trademark registrations. It's a stupid scheme which he believes will entitle him to corresponding domain registrations. To appreciate how idiotic this scheme is, have a look at, for example, US TM Reg. No. 3879670. The mark is for a drawing of a necktie in a "U" shape. Because it searches in the USPTO index as the letter "U", it is one of the trademarks which was bought in the belief that it will provide an advantage in obtaining single letter domain registrations. Digging further into the underlying documentation for that US trademark registration, it was obtained on the basis of a "specimen of use" consisting of the then-registrant's Twitter page @untyed, which hasn't tweeted in six years and whose domain name likewise expired years ago. It is obviously long-abandoned as a mark. Nonetheless, because trademark registrations can last longer than the actual rights in the mark due to the renewal cycle, this nitwit buys up this worthless crap while continuing to have Greg here post what has become a weekly screed to CircleID which he believes will gain support for his stupid notion that buying worthless pieces of crap at the USPTO will result in the road to single-letter domain name riches.

Mr. Berryhill:Your uncivil and abusive comment has Greg Thomas  –  Apr 27, 2021 10:28 PM

Mr. Berryhill: Your uncivil and abusive comment has almost nothing to do with me or this article and appears to be based upon your mistaken assumption that I am writing on behalf or at the behest of another party. This is entirely incorrect. As I have previously stated in public posts and elsewhere -- and I will reiterate again here so that there is no further confusion on your part or on the part of any other -- my articles are not written on behalf or at the behest of anyone and I do not represent any interest other than my own. I do not own any trademarks, either in whole or in part, nor do I own any domain name registrations for speculative purposes. The sum total I have ever earned for selling a domain name was $700 for a single domain name that was associated with a travel business I launched that, unfortunately, didn't work out as planned. As far as I am aware, we have never met and so I am entirely unclear why you are targeting my articles for such angry attacks -- particularly those attacks such as what you have made here and which have absolutely nothing to do with me but appear to be directed at an unnamed third party. What I care about is that ICANN is violating its Bylaws by acting as a registrar -- which is, and has always been, prohibited. ICANN's prohibited registrar holds illegitimate registrations that include, but aren't limited to, single-character labels in the legacy registries. ICANN is also violating its extant contractual obligations to the U.S. government. My point is that the DNS and every single stakeholder would be vastly better off if ICANN were made to adhere to its Bylaws and extant contractual obligations. Ad hominem attacks don't whitewash the wrongdoing that I am highlighting nor do they address it. At best, they are unnecessary distractions from addressing the serious matters at hand. If you have issues of substance that you wish to discuss civilly and respectfully with me then I invite you to reach out for further dialogue. But, speaking only for myself as always, I would appreciate you foregoing further abusive and uncivil comments. Regards, Greg

Tom — Thanks for your comment and Greg Thomas  –  Apr 23, 2021 3:58 PM

Tom — Thanks for your comment and kind words. Despite the negative aspersions cast about my writing, except for subscriptions to my DNSDecrypt newsletter, I don’t get paid for my articles and which express my own views and aren’t written or published on behalf of anyone. I haven’t considered the issues that you raise and so I don’t have an opinion but perhaps this may make a good topic for a future article. I’ll note that subscribers to my DNSDecrypt newsletter can suggest specific topics for analysis. I appreciate you taking the time to share your thoughts and for having the benefit of your views. Regards, Greg

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Brand Protection

Sponsored byCSC


Sponsored byDNIB.com

Domain Names

Sponsored byVerisign


Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix