Domain Names

Harmonizing WHOIS With NIS2 Article 28 - the Rubber Is About to Meet the Road

ICANN must act now to harmonize its domain name registration data (commonly known as WHOIS) policies with Article 28 of the European Union's Network and Information Security (NIS2) directive, first to adhere to applicable laws as it fulfills its oversight responsibilities and, second, to keep its word to the community to preserve WHOIS to the fullest extent possible under law. more

Phishers Exploit the Cybercrime Supply Chain Despite the Availability of Effective Countermeasures

Interisle Consulting Group today released its fourth annual Phishing Landscape report investigating where and how cybercriminals acquire naming and hosting resources for phishing. Our study shows that cybercriminals evolved their tactics for obtaining attack resources, including sharply increasing their exploitation of subdomain and gateway providers. more

An Unnatural .Bond: A Study of a ‘Megacluster’ of Malware Domains

A recent news story, following research from security provider Infoblox, highlighted the case of the 'Revolver Rabbit' cybercriminal gang, who have registered more than half-a-million domains to be used for the distribution of information-stealing malware. The gang make use of automated algorithms to register their domains, but unlike the long, pseudo-random ('high entropy') domain names frequently associated with such tools, the Revolver Rabbit domains instead tend to consist of hyphen-separated dictionary words (presumably so as to obfuscate their true purpose), with a string of digits at the end. more

Global Domain Market: 368 Million Names and Growth in 2023 (Afnic Observatory)

Afnic, the association in charge of the .fr domain and several other French overseas and generic Top Level Domains, has published the 2023 edition of its annual observatory report "The global domain name market" containing all of the latest key figures and trends in the TLD market... At year-end 2023, the global domain name market represented some 368 million domain names. more

When a UDRP Panel Infers Bad Faith from An Asking Price

In the Converse.co dispute, a three-member UDRP panel unanimously ordered the transfer of the disputed domain name to the Complainants, All Star C.V. and Converse, Inc., owners of the well-known brand CONVERSE for shoes and apparel. The panel drew the inference that the Respondent, by setting of an asking price of around $300,000 after having acquired the domain name for $306, was primarily motivated by a bad faith intent to target the Complaint. more

Alternative Insights on Article 28 of the NIS2 Directive

On June 9 CircleID published an insightful article by Thomas Rickert entitled "Demystifying Art 28 NIS2." In that piece Thomas set forth two alternative interpretations of Article 28(6) of NIS2, and argued that TLD registries should not be required to maintain a separate database of the registrant data under NIS2. In my view, Thomas' approach is inconsistent with the remainder of Article 28, and would not achieve the goals of NIS2 to improve cybersecurity across the EU member states. more

Demystifying Art. 28 NIS2

On December 14, 2022, the European Parliament adopted the Directive on measures for a high common level of cybersecurity across the Union (Directive (EU) 2022/2555) hereinafter referred to as "NIS2"), which was published in the official journal on December 27, 2022. Being a directive, NIS2 requires transposition into national law. According to Art. 41 of NIS2, the transposition into national law must take place by October 17, 2024 and the measures must be applied as of October 18, 2024. more

The Verisign Shared Registration System: A 25-Year Retrospective

Every day, there are tens of thousands of domain names registered across the globe -- often as a key first step in creating a unique online presence. Making that experience possible for Verisign-operated top-level domains (TLDs) like .com and .net is a powerful and flexible technology platform first introduced 25 years ago. more

ICANN’s Registration Data Request Service: Open CSG Working Session at ICANN80

Now just more than a quarter of the way into the pilot program, ICANN's Registration Data Request Service (RDRS) again will be the subject of intensive discussions during the ICANN80 meeting in Kigali in early June. This includes further consultations hosted by the Commercial Stakeholder Group (CSG) and including registrars, data requestors and ICANN Org. more

Announcing the 2024 ICANN Contracted Parties Summit Statement!

As Chairs of ICANN's Registries and Registrar Stakeholder Groups, we are proud to announce that we have initiated a new practice for the Contracted Parties Summits: the publication of our Contracted Parties Summit Statement. As you may (or may not) know, Contracted Parties get together periodically to interact and work together on issues that we care about, and which impact our businesses as registries and registrars. more

Exploring the Domain of Subdomain Discovery

Domain name monitoring - that is, the detection of domains with names containing a brand-term (or other string) of interest - is a very well-established element of brand protection services. Branded domain names are of key importance to brand owners (as the basis for business-critical infrastructure (i.e. 'core' domain names), and as part of a 'tactical' portfolio of strategic and defensive registrations), but also to infringers, who can utilise domains as a means of impersonation, passing off, claimed affiliation, or traffic direction and monetisation. more

NIS 2.0 and Its Impact on the Domain Name Ecosystem

I recently appeared on the 419 Consulting podcast to discuss the European Union's NIS 2.0 Directive and its impact on the domain name ecosystem. I encourage all TLD registries, domain name registration service providers, and DNS operators to listen to the recording of that session which Andrew Campling has made available. more

13th Registration Operations Workshop: Join Us Online on June 4th, 2024

As a member of the ROW Planning Committee, I am writing this post on behalf of the Committee and welcome all community members to join us on June 4th. We are celebrating ROW's 10th anniversary! A decade of collaboration and inspiration! Thank you to the incredible community that has fueled this journey! more

A New Analysis of the Newest New-GTLDs

As the new-gTLD programme - the ICANN initiative to add a large number of new domain extensions (top-level domains, or TLDs) to the Internet - continues to see ongoing launches of new TLDs, we conduct a new retrospective of the activity landscape of the most recent extensions to have been launched. This new study focuses on all new-gTLDs to have entered their Sunrise or General Available periods since the start of 2023, following a previous overview by Stobbs of the full new-gTLD landscape. more

Annual Observatory on .FR Activity: New All-Time Record for .FR Domain Name Create Operations

Afnic, the Registry of the .FR Top Level Domain, published its annual review on .FR activity in 2023 and analysis of market trends. This growth was due in particular to a significant increase in the number of .FR domain name create operations in 2023 (+6.4%). A new all-time record was reached, with 801,427 create operations, the 800,000 threshold for the number of create operations in a year being passed for the first time. more