Over the past several weeks, there has been significant discussion about Verisign and its management of the .com top-level domain (TLD) registry. Much of this discussion has been distorted by factual inaccuracies, a misunderstanding of core technical concepts, and misinterpretations regarding pricing, competition, and market dynamics in the domain name industry.

Billions of internet users and trillions of dollars in global commerce rely on the continuing security, stability, and resiliency of the .com TLD and the technical infrastructure that powers it, so it is vital that discussions about this topic be rooted in fact.

To set the record straight, we have collected and addressed the most common myths currently circulating about the .com TLD.

Myths vs. Facts about .com

Myth: The technology that powers the .com TLD is not sophisticated.

Fact: Verisign has invested continuously for decades to build and evolve the infrastructure that powers the .com TLD, which is the most technically sophisticated of its kind. This infrastructure includes an advanced registration system, which reliably updates and maintains an accurate record of all registered .com domain names on a continuous basis, ensuring that millions of registry transactions are processed correctly, and millions of daily changes – including cryptographic updates to support Domain Name System Security Extensions (DNSSEC) – are distributed to a highly resilient global resolution constellation within seconds. This system ensures that users around the world maintain continuous, round-the-clock access to .com domain names and all the resources and services they support. Verisign has also played a vital role in the development and deployment of DNSSEC technology which uses cryptographic protections to ensure those connections are delivered with reliability and trust.

Verisign’s infrastructure processes an average of 329 billion Domain Name System (DNS) transactions each day, operating at a peak of more than six million transactions per second so far this year. Verisign’s resolution infrastructure is engineered to handle peak query loads significantly greater than the highest ever observed, to ensure continuous operation regardless of demand. This infrastructure has delivered 100 percent DNS availability for .com for more than 27 years without interruption. Verisign accomplishes this by operating a large, globally distributed registry operation, made up of hundreds of technical sites spread across 60+ nations on six continents. These sites run purpose-built technology invented by Verisign technologists for the unique demands of the .com TLD. Verisign engineers have developed specialized technologies and protocols that are designed to achieve higher availability and resiliency to prevent disruption. Examples of this design include employing network, system, and application-level diversification approaches such as using hardware from multiple vendors for network and data center operations and using multiple operating system providers to better withstand localized failures or single-threaded supplier issues. Using in-house purpose-built systems, as opposed to leveraging public cloud operations, lowers the risks of circular dependencies as most public cloud providers also rely on .com and the root infrastructure operated by Verisign. These approaches ensure diversity and redundancy for every component of .com operations.

Verisign is also tasked with defending against highly sophisticated and massive volumetric cyberattacks while managing ever-increasing global demand. Trillions of dollars in global commerce and billions of internet users depend on the availability of Verisign infrastructure 24/7. To defend .com against cyberattacks, including by highly sophisticated nation-state actors, Verisign employs a comprehensive enterprise risk management program and threat-driven defensive practices that drive continuous improvements to Verisign’s systems and programs. Verisign has operationalized the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework and the Center for Internet Security’s (CIS) Critical Security Controls in the ongoing design and evolution of its infrastructure, with a security-first mindset. In addition, Verisign employs advanced information security measures such as continuous monitoring, real-time threat detection, ongoing vulnerability assessments, bug bounty programs, and rigorous security audits to safeguard its infrastructure.

Verisign’s infrastructure powers more than just .com. In addition to operating other TLDs, Verisign plays a unique role as Root Zone Maintainer and operator of two of the world’s 13 root servers, a critical function necessary for internet navigation. Hundreds of Verisign employees have developed highly specialized skills, honed over decades, to develop, maintain, and operate this unique global infrastructure. Verisign holds more than 500 patents for DNS and related technologies, and its innovations are deployed globally by other critical internet infrastructure operators. Verisign has made many of its critical DNS patents available on a royalty-free basis to the global DNS community and those technologies have been deployed around the world.

Myth: The annual wholesale price for .com domain names – $10.26 as of Sept. 1 – is much higher than market value and is harming consumers.

Fact: While other generic TLDs (gTLDs) do not share .com’s pricing transparency, the annual wholesale renewal price of a .com domain name is lower than 87 percent of the 448 gTLDs for which such data is available from registrars. Based on that data, some of the largest original gTLDs, which have been in the market for over 20 years, have renewal pricing of $9.93 (.org), $15.00 (.biz), and $17.50 (.info). Some of the largest new gTLDs, which have been in the market for over 10 years, have renewal pricing of $10 (.xyz – increasing to $11 by the end of September), $25.00 (.online), and $40.00 (.store). The available market data makes it clear that .com domain names are priced at or below market value. It is notable that competing TLDs have continued to grow market share while pricing their domain names over twice as high as .com domain names.

Customers of .com domain names are more likely to be affected by two factors outside of Verisign’s control: 1) the rising cost of retail registrations that are outpacing wholesale prices, with some registrars now charging more than double the wholesale price to renew a .com domain name; and 2) the unregulated secondary market, which accumulates large inventories of domain names and charges markups that are – in some cases – thousands of times higher than the regulated wholesale price.

Myth: Verisign spends an unusual amount on share repurchases and dividends at the expense of infrastructure investment.

Fact: Verisign’s technological infrastructure is unmatched in the DNS industry for its scale, technical diversity, security, and resiliency. Verisign has invested for years to evolve and harden that technology, a fact illustrated by the company’s 27-year DNS uptime record. During the 2000s, Verisign offered a number of DNS-related services, including distributed denial-of-service (DDoS) attack mitigation and managed DNS. Significant capacity was added during that period. In 2018, when Verisign divested the last of its non-core businesses to focus on .com and other DNS operations, the company not only maintained, but increased capacity in order to meet growing DNS demand as well as to address growing DDoS volumetric attacks.

Verisign is certainly a profitable company and is proud of its operational success and history of sound financial management, which are important factors in maintaining the security, stability, and resiliency of the DNS. Some critics have singled out Verisign’s methods of increasing shareholder value, a duty of all public companies. Verisign has fulfilled this duty in part through share repurchases and dividends, which benefit a large and diverse group of shareholders including individuals, public employee retirement systems, index funds, and mutual funds (benefiting their millions of investors). Less than one percent of Verisign’s shares are held by company officers and directors.

Verisign’s return of capital practices are well in line with those of other successful public companies. In 2023, more than 90 percent of S&P 500 companies returned capital to shareholders and Verisign ranked 216th out of the S&P 500 in terms of cash returned to shareholders as a percentage of market capitalization. In terms of profitability, market expectation of Verisign’s earnings per share (a reliable measure of profitability) is $8.36 for the next 12 months, which places it 198th in the S&P 500.

Verisign’s sound and transparent financial management underpins its successful management of the .com TLD and other key internet infrastructure. Verisign has been a public company for 26 years and an S&P 500 company for 18 years. As a publicly listed company operating critical internet infrastructure, the public and the DNS ecosystem benefit from Verisign’s transparency in its operating and financial results, which must comply with the SEC’s disclosure rules and regulations for public companies. Verisign’s financial statements must also undergo an independent audit each year. By contrast, many other registries, registrars, and resellers, including some who focus on the secondary market, serve only the narrow interests of their private owners and do so with no obligations surrounding public disclosure or transparency of their ownership, profitability, operations, or otherwise. Adding obligations for these entities to report ownership, profitability, and other metrics to The Internet Corporation for Assigned Names and Numbers (ICANN) and the public would benefit the entire DNS ecosystem.

Myth: Contracts to operate gTLD registries should be routinely rebid, and a presumptive right of renewal for such contracts is bad for consumers and the internet.

Fact: The National Telecommunications and Information Administration (NTIA) recently opined that “The security, stability, and resilience of the Internet’s unique identifier systems is of paramount importance…” This position is shared by Verisign and the majority of participants in the global multistakeholder system of internet governance. ICANN has supported and clarified this priority and the role it plays in registry contracts. The contracts for .com and all other gTLDs reflect this priority (i.e., that stability and predictability in registry operations leads to long-term investments by operators). Verisign’s right to renew its .com Registry Agreement is conditioned on meeting rigorous technical and operational requirements to ensure .com’s continued security, stability, and continuous availability to billions of internet users. This contractual approach encourages gTLD operators to invest in infrastructure to support rising demand and defend against cyberattacks. Due to its investments, Verisign has operated .com with 100 percent DNS uptime for over 27 years.

Myth: Verisign’s operation of .com constitutes a “monopoly.”

Fact: There are nearly 1,200 gTLDs, and more than 250 country-code TLDs (ccTLDs), operating today. Each of these TLDs offer the same core functionality, allowing users to establish and maintain an online presence, establish websites, and create email addresses. Globally, there are over 362 million registered domain names – the majority of which are registered in TLDs not operated by Verisign. The number of domain names registered in non-Verisign operated gTLDs and ccTLDs has grown consistently as those TLDs have grown their share of the marketplace. In addition to this competition at the wholesale level, there are more than 2,800 ICANN-accredited registrars, and thousands more resellers, offering domain names at a range of prices and in a range of packages to consumers.

Further, from a practical perspective, the technical nature of TLD registries requires that they each be run by a single operator, but with so many operators in the marketplace, consumers have a broad and diverse array of choices at a range of prices. Other TLDs like .org, .shop, .ai, and .uk are not “monopolies” and neither is .com.

Myth: Verisign sets .com domain name prices for consumers.

Fact: Domain name registrars set unregulated retail prices for .com domain names, and those prices vary widely among the 2,800 ICANN-accredited registrars and associated resellers. Some registrars charge more than double the annual wholesale price for .com domain name renewals, and, in many cases, those price increases have outpaced Verisign’s tightly regulated .com wholesale price increases. In analyzing registrar pricing, it is important to distinguish introductory offers – which are often set lower to attract new customers – from renewal prices, which is what registrars charge existing customers to maintain their domain name registrations.

In addition to the retail registrar market, there is also a multibillion-dollar secondary market for domain names, in which domain investors, or “domainers,” accumulate millions of desirable domain names in order to resell them at markups that can be thousands of times higher than Verisign’s regulated wholesale prices. The gap between wholesale prices and secondary market prices makes it possible for domainers to hold names for years – making them prohibitively expensive to the general public. The profitability of the secondary market has also attracted successful retail registrars to expand into it, acquiring large portfolios of .com domain names and creating auction sites where they are sold well above retail prices. A blog that reports on high-profile domain name sales reported that just one reselling site handled $90 million in secondary sales in the second quarter of 2024 alone. Although the secondary marketplace may serve a function within the DNS ecosystem, it is completely unregulated.

Myth: The U.S. Government lifted price caps on .com domain names in 2018.

Fact: Amendment 35 to the Cooperative Agreement retained wholesale price restrictions in the .com TLD, while also retaining legacy regulations prohibiting Verisign from operating as a registrar in the .com TLD. Of the nearly 1,200 gTLDs overseen by ICANN and the global multistakeholder community, .com, .net, and .name (also operated by Verisign) remain the only three that are governed by maximum price restrictions. Those restrictions remain in place today and will remain in place after the .com Registry Agreement is renewed later this year.

The post Setting the Record Straight – Myths vs. Facts about .com appeared first on Verisign Blog.

Today, the latest issue of The Domain Name Industry Brief Quarterly Report was released by DNIB.com, showing the second quarter of 2024 closed with 362.4 million domain name registrations across all top-level domains (TLDs), unchanged compared to the first quarter of 2024. Domain name registrations increased by 5.8 million, or 1.6%, year over year.

Check out the latest issue of The Domain Name Industry Brief Quarterly Report to see domain name stats from the second quarter of 2024, including:

• Top 10 largest TLDs by number of reported domain names, with quarterly renewal percentages when available
• Top 10 largest ccTLDs by number of reported domain names, with quarterly renewal percentages when available
• Top 10 largest gTLDs by number of reported domain names, with quarterly renewal percentages and other key statistics

DNIB.com and The Domain Name Industry Brief Quarterly Report are sponsored by Verisign. To see past issues of the quarterly report, interactive dashboards and learn about DNIB.com’s statistical methodology, please visit DNIB.com.

The post Domain Name Industry Brief Quarterly Report: DNIB.com Announces 362.4 Million Domain Name Registrations in the Second Quarter of 2024 appeared first on Verisign Blog.

Today, the latest issue of The Domain Name Industry Brief Quarterly Report was released by DNIB.com, showing the first quarter of 2024 closed with 362.4 million domain name registrations across all top-level domains (TLDs), an increase of 2.5 million domain name registrations, or 0.7%, compared to the fourth quarter of 2023. Domain name registrations also increased by 7.5 million, or 2.1%, year over year.

Starting with the Q1 2024 report, the DNIB Quarterly Report now includes new information on quarterly renewal percentages for all TLDs, as available, summary information on other legacy gTLDs as a group and an expanded overall analysis of gTLDs.

Check out the latest issue of The Domain Name Industry Brief Quarterly Report to see domain name stats from the first quarter of 2024, including:

• Top 10 largest TLDs by number of reported domain names, with quarterly renewal percentages when available
• Top 10 largest ccTLDs by number of reported domain names, with quarterly renewal percentages when available
• Top 10 largest gTLDs by number of reported domain names, with quarterly renewal percentages and other key statistics

DNIB.com and The Domain Name Industry Brief Quarterly Report are sponsored by Verisign. To see past issues of the quarterly report, interactive dashboards and learn about DNIB.com’s statistical methodology, please visit DNIB.com.

The post Domain Name Industry Brief Quarterly Report: DNIB.com Announces 362.4 Million Domain Name Registrations in the First Quarter of 2024 appeared first on Verisign Blog.

Today, the latest issue of The Domain Name Industry Brief Quarterly Report was released by DNIB.com, showing the fourth quarter of 2023 closed with 359.8 million domain name registrations across all top-level domains (TLDs), an increase of 0.6 million domain name registrations, or 0.2%, compared to the third quarter of 2023. Domain name registrations also increased by 8.9 million, or 2.5%, year over year.

Check out the latest issue of The Domain Name Industry Brief Quarterly Report to see domain name stats from the fourth quarter of 2023, including:

• Top 10 largest TLDs by number of reported domain names
• Top 10 largest ccTLDs by number of reported domain names
• ngTLDs as percentage of total TLDs
• Geographical ngTLDs as percentage of total corresponding geographical TLDs

DNIB.com and The Domain Name Industry Brief Quarterly Report are sponsored by Verisign. To see past issues of the quarterly report, interactive dashboards and learn about DNIB.com’s statistical methodology, please visit DNIB.com.

The post Domain Name Industry Brief Quarterly Report: DNIB.com Announces 359.8 Million Domain Name Registrations in the Fourth Quarter of 2023 appeared first on Verisign Blog.

Today, the latest issue of The Domain Name Industry Brief Quarterly Report was released by DNIB.com, showing the third quarter of 2023 closed with 359.3 million domain name registrations across all top-level domains (TLDs), an increase of 2.7 million domain name registrations, or 0.8%, compared to the second quarter of 2023. Domain name registrations also increased by 8.5 million, or 2.4%, year over year.

Check out the latest issue of The Domain Name Industry Brief Quarterly Report to see domain name stats from the third quarter of 2023, including:

• Top 10 largest TLDs by number of reported domain names
• Top 10 largest ccTLDs by number of reported domain names
• ngTLDs as percentage of total TLDs
• Geographical ngTLDs as percentage of total corresponding geographical TLDs

DNIB.com and The Domain Name Industry Brief Quarterly Report are sponsored by Verisign. To see past issues of the quarterly report, interactive dashboards, and learn about DNIB.com’s statistical methodology, please visit DNIB.com.

The post Domain Name Industry Brief Quarterly Report: DNIB.com Announces 359.3 Million Domain Name Registrations in the Third Quarter of 2023 appeared first on Verisign Blog.

Today, the latest issue of The Domain Name Industry Brief Quarterly Report was released by DNIB.com, showing the second quarter of 2023 closed with 356.6 million domain name registrations across all top-level domains (TLDs), an increase of 1.7 million domain name registrations, or 0.5%, compared to the first quarter of 2023. Domain name registrations also increased by 4.3 million, or 1.2%, year over year.

Check out the latest issue of The Domain Name Industry Brief Quarterly Report to see domain name stats from the second quarter of 2023, including:

• Top 10 largest TLDs by number of reported domain names
• Top 10 largest ccTLDs by number of reported domain names
• ngTLDs as percentage of total TLDs
• Geographical ngTLDs as percentage of total corresponding geographical TLDs

With the launch of the DNIB.com dashboards, 16 additional TLDs have been included in applicable calculations. The applicable current and historical data presented in this edition of the quarterly report have been adjusted accordingly, and applicable quarterly and year-over-year trends have been calculated using those adjusted figures. More information is available at DNIB.com.

DNIB.com and the Domain Name Industry Brief Quarterly Report are sponsored by Verisign. To see past issues of the quarterly report, interactive dashboards, and learn about DNIB.com’s statistical methodology, please visit DNIB.com.

The post Domain Name Industry Brief Quarterly Report: DNIB.com announces 356.6 Million Domain Name Registrations in the Second Quarter of 2023 appeared first on Verisign Blog.

Verisign today announced the launch of DNIB.com, the new Domain Name Industry Brief (DNIB) website.

Sponsored by Verisign, DNIB.com is a source for insights and analysis from subject-matter experts on key topics relevant to the global Domain Name System (DNS). DNIB.com will offer insight on policy, governance, technology, security, and business trends relevant to analysts, entrepreneurs, policymakers, and anyone with an interest in the DNS. The website features a collection of new, searchable, and interactive dashboards tracking relevant DNS data and trends, that is designed to be a valuable day-to-day resource for industry stakeholders, and anyone interested in learning more about global domain name operations.

DNIB.com is also the new home of the DNIB quarterly report, which Verisign has published for more than a decade, providing a trusted and valued resource for stakeholders across the globe seeking to understand the dynamism and trends of the domain name industry.

The report will be published each quarter at DNIB.com, summarizing the state of the domain name industry through a variety of statistical and analytical research. The new and expanded DNIB.com dashboards take that statistical data to the next level, enabling exploration of trend data across the industry, providing additional history and depth, and offering expert insights and commentary.

The post Announcing the Launch of DNIB.com, a New Source for DNS News, Information, Research, and Analysis appeared first on Verisign Blog.

Today, we released the latest issue of The Domain Name Industry Brief, which shows that the first quarter of 2023 closed with 354.0 million domain name registrations across all top-level domains (TLDs), an increase of 3.5 million domain name registrations, or 1.0%, compared to the fourth quarter of 2022.^1,2 Domain name registrations also increased by 3.5 million, or 1.0%, year over year.^1,2

Check out the latest issue of The Domain Name Industry Brief to see domain name stats from the first quarter of 2023, including:

• Top 10 Largest TLDs by Number of Reported Domain Names
• Top 10 Largest ccTLDs by Number of Reported Domain Names
• ngTLDs as Percentage of Total TLDs
• Geographical ngTLDs as Percentage of Total Corresponding Geographical TLDs

This issue of the Domain Name Industry Brief includes a correction to the March 2023 issue, which incorrectly reported the number of domain name registrations in the .eu ccTLD.² This was the result of a one-time error in the .eu domain name registration data, provided by ZookNIC, which has since been resolved.

To see past issues of The Domain Name Industry Brief, please visit https://verisign.com/dnibarchives.

1. All figure(s) exclude domain names in the .tk, .cf, .ga, .gq, and .ml ccTLDs. Quarterly and year-over-year trends have been calculated relative to historical figures that have also been adjusted to exclude these five ccTLDs. For further information, please see the Editor’s Note contained in Vol. 19, Issue 1 of The Domain Name Industry Brief.
2. The generic TLD, ngTLD and ccTLD data cited in the brief: (i) includes ccTLD internationalized domain names, (ii) is an estimate as of the time this brief was developed and (iii) is subject to change as more complete data is received. Some numbers in the brief may reflect standard rounding.

The post Verisign Domain Name Industry Brief: 354.0 Million Domain Name Registrations in the First Quarter of 2023 appeared first on Verisign Blog.

The launch of .web top-level domain is once again at risk of being delayed by baseless procedural maneuvering.

On May 2, the Internet Corporation for Assigned Names and Numbers (ICANN) Board of Directors posted a decision on the .web matter from its April 30 meeting, which found “that NDC (Nu Dotco LLC) did not violate the Guidebook or the Auction Rules” and directed ICANN “to continue processing NDC’s .web application,” clearing the way for the delegation of .web. ICANN later posted a preliminary report from this meeting showing that the Board vote on the .web decision was without objection.

Less than 24 hours later, however, Altanovo (formerly Afilias) – a losing bidder whose repeatedly rejected claims already have delayed the delegation of .web for more than six years – dusted off its playbook from 2018 by filing yet another ICANN Cooperative Engagement Process (CEP), beginning the cycle of another independent review of the Board’s decision, which last time cost millions of dollars and resulted in years of delay.

Under ICANN rules, a CEP is intended to be a non-binding process designed to efficiently resolve or narrow disputes before the initiation of an Independent Review Process (IRP). ICANN places further actions on hold while a CEP is pending. It’s an important and worthwhile aspect of the multistakeholder process…when used in good faith.

But that does not appear to be what is happening here. Altanovo and its backers initiated this repeat CEP despite the fact that it lost a fair, ICANN-sponsored auction; lost, in every important respect, the IRP; lost its application for reconsideration of the IRP (which it was sanctioned for filing, and which was determined to be frivolous by the IRP panel); and has now lost before the ICANN Board.

The Board’s decision expressly found that these disputes “have delayed the delegation of .web for more than six years” and already cost each of the parties, including ICANN, “millions of dollars in legal fees.”

Further delay appears to be the only goal of this second CEP – and any follow-on IRP – because no one could conclude in good faith that an IRP panel would find that the thorough process and decision on .web established in the Board’s resolutions and preliminary report violated ICANN’s bylaws. At the end of the day, all that will be accomplished by this second CEP and a second IRP is continued delay, and delay for delay’s sake amounts to an abuse of process that threatens to undermine the multistakeholder processes and the rights of NDC and Verisign.

ICANN will, no doubt, follow its processes for resolving the CEP and any further procedural maneuvers attempted by Altanovo. But, given Altanovo’s track record of losses, delays, and frivolous maneuvering since the 2016 .web auction, a point has been reached when equity demands that this abuse of process not be allowed to thwart NDC’s right, as determined by the Board, to move ahead on its .web application.

The post Will Altanovo’s Maneuvering Continue to Delay .web? appeared first on Verisign Blog.

Today, we released the latest issue of The Domain Name Industry Brief, which shows that the fourth quarter of 2022 closed with 350.4 million domain name registrations across all top-level domains (TLDs), an increase of 0.5 million domain name registrations, or 0.1%, compared to the third quarter of 2022.^1,2 Domain name registrations have increased by 8.7 million, or 2.6%, year over year.^1,2

Check out the latest issue of The Domain Name Industry Brief to see domain name stats from the fourth quarter of 2022, including:
• Top 10 Largest TLDs by Number of Reported Domain Names
• Top 10 Largest ccTLDs by Number of Reported Domain Names
• ngTLDs as Percentage of Total TLDs
• Geographical ngTLDs as Percentage of Total Corresponding Geographical TLDs

To see past issues of The Domain Name Industry Brief, please visit https://verisign.com/dnibarchives.

1. All figure(s) exclude domain names in the .tk, .cf, .ga, .gq, and .ml ccTLDs. Quarterly and year-over-year trends have been calculated relative to historical figures that have also been adjusted to exclude these five ccTLDs. For further information, please see the Editor’s Note contained in Vol. 19, Issue 1 of The Domain Name Industry Brief.
2. The generic TLD, ngTLD and ccTLD data cited in the brief: (i) includes ccTLD internationalized domain names, (ii) is an estimate as of the time this brief was developed, and (iii) is subject to change as more complete data is received. Some numbers in the brief may reflect standard rounding.

The post Verisign Domain Name Industry Brief: 350.4 Million Domain Name Registrations in the Fourth Quarter of 2022 appeared first on Verisign Blog.

Today, we released the latest issue of The Domain Name Industry Brief, which shows that the third quarter of 2022 closed with 349.9 million domain name registrations across all top-level domains, a decrease of 1.6 million domain name registrations, or 0.4%, compared to the second quarter of 2022.^1,2 Domain name registrations have increased by 11.5 million, or 3.4%, year over year.^1,2

Check out the latest issue of The Domain Name Industry Brief to see domain name stats from the third quarter of 2022, including:
• Top 10 Largest TLDs by Number of Reported Domain Names
• Top 10 Largest ccTLDs by Number of Reported Domain Names
• ngTLDs as Percentage of Total TLDs
• Geographical ngTLDs as Percentage of Total Corresponding Geographical TLDs

To see past issues of The Domain Name Industry Brief, please visit verisign.com/dnibarchives.

1. All figure(s) exclude domain names in the .tk, .cf, .ga, .gq and .ml ccTLDs. Quarterly and year-over-year trends have been calculated relative to historical figures that have also been adjusted to exclude these five ccTLDs. For further information, please see the Editor’s Note contained in Vol. 19, Issue 1 of The Domain Name Industry Brief.
2. The generic TLD, ngTLD and ccTLD data cited in the brief: (i) includes ccTLD internationalized domain names, (ii) is an estimate as of the time this brief was developed and (iii) is subject to change as more complete data is received. Some numbers in the brief may reflect standard rounding.

The post Verisign Domain Name Industry Brief: 349.9 Million Domain Name Registrations in the Third Quarter of 2022 appeared first on Verisign Blog.

In 1987, CompuServe introduced GIF images, Steve Wozniak left Apple and IBM introduced the PS/2 personal computer with improved graphics and a 3.5-inch diskette drive. Behind the scenes, one more critical piece of internet infrastructure was quietly taking form to help establish the internet we know today.

November of 1987 saw the establishment of the Domain Name System protocol suite as internet standards. This was a development that not only would begin to open the internet to individuals and businesses globally, but also would arguably redefine communications, commerce and access to information for future generations.

Today, the DNS continues to be critical to the operation of the internet as a whole. It has a long and strong track record thanks to the work of the internet’s pioneers and the collaboration of different groups to create volunteer standards.

Let’s take a look back at the journey of the DNS over the years.

Scaling the Internet for All

Prior to 1987, the internet was primarily used by government agencies and members of academia. Back then, the Network Information Center, managed by SRI International, manually maintained a directory of hosts and networks. While the early internet was transformative and forward-thinking, not everyone had access to it.

During that same time period, the U.S. Advanced Research Projects Agency Network, the forerunner to the internet we know now, was evolving into a growing network environment, and new naming and addressing schemes were being proposed. Seeing that there were thousands of interested institutions and companies wanting to explore the possibilities of networked computing, a group of ARPA networking researchers realized that a more modern, automated approach was needed to organize the network’s naming system for anticipated rapid growth.

Two Request for Comments documents, numbered RFC 1034 and RFC 1035, were published in 1987 by the informal Network Working Group, which soon after evolved into the Internet Engineering Task Force. Those RFCs, authored by computer scientist Paul V. Mockapetris, became the standards upon which DNS implementations have been built. It was Mockapetris, inducted into the Internet Hall of Fame in 2012, who specifically suggested a name space where database administration was distributed but could also evolve as needed.

In addition to allowing organizations to maintain their own databases, the DNS simplified the process of connecting a name that users could remember with a unique set of numbers – the Internet Protocol address – that web browsers needed to navigate to a website using a domain name. By not having to remember a seemingly random string of numbers, users could easily get to their intended destination, and more people could access the web. This has worked in a logical way for all internet users – from businesses large and small to everyday people – all around the globe.

With these two aspects of the DNS working together – wide distribution and name-to-address mapping – the DNS quickly took shape and developed into the system we know today.

The Multistakeholder Model and Rough Consensus

Thirty-five years of DNS development and progress is attributable to the collaboration of multiple stakeholders and interest groups – academia, technical community, governments, law enforcement and civil society, plus commercial and intellectual property interests – who continue even today to bring crucial perspectives to the table as it relates to the evolution of the DNS and the internet. These perspectives have lent themselves to critical security developments in the DNS, from assuring protection of intellectual property rights to the more recent stakeholder collaborative efforts to address DNS abuse.

Other major collaborative achievements involve the IETF, which has no formal membership roster or requirements, and is responsible for the technical standards that comprise the internet protocol suite, and the Internet Corporation for Assigned Names and Numbers, which plays a central coordination role in the bottom-up multistakeholder system governing the global DNS. Without constructive and productive voluntary collaboration, the internet as we know it simply isn’t possible.

Indeed, these cooperative efforts marshaled a brand of collaboration known today as “rough consensus.” That term, originally “rough consensus and running code,” gave rise to a more dynamic collaboration process than the “100% consensus from everyone” model. In fact, the term was adopted by the IETF in the early days of establishing the DNS to describe the formation of the dominant view of the working group and the need to quickly implement new technologies, which doesn’t always allow for lengthy discussions and debates. This approach is still in use today, proving its usefulness and longevity.

Recognizing a Milestone

As we look back on how the DNS came to be and the processes that have kept it reliably running, it’s important to recognize the work done by the organizations and individuals that make up this community. We must also remember that the efforts continue to be powered by voluntary collaborations.

Commemorating anniversaries such as 35 years of the DNS protocol allows the multiple stakeholders and communities to pause and reflect on the enormity of the work and responsibility before us. Thanks to the pioneering minds who conceived and built the early infrastructure of the internet, and in particular to Paul Mockapetris’s fundamental contribution of the DNS protocol suite, the world has been able to establish a robust global economy that few could ever have imagined so many years ago.

The 35th anniversary of the publication of RFCs 1034 and 1035 reminds us of the contributions that the DNS has made to the growth and scale of what we know today as “the internet.” That’s a moment worth celebrating.

The post Celebrating 35 Years of the DNS Protocol appeared first on Verisign Blog.

Today, we released the latest issue of The Domain Name Industry Brief, which shows that the second quarter of 2022 closed with 351.5 million domain name registrations across all top-level domains, an increase of 1.0 million domain name registrations, or 0.3%, compared to the first quarter of 2022.^1,2 Domain name registrations have increased by 10.4 million, or 3.0%, year over year.^1,2

Check out the latest issue of The Domain Name Industry Brief to see domain name stats from the second quarter of 2022, including:
• Top 10 Largest TLDs by Number of Reported Domain Names
• Top 10 Largest ccTLDs by Number of Reported Domain Names
• ngTLDs as Percentage of Total TLDs
• Geographical ngTLDs as Percentage of Total Corresponding Geographical TLDs

To see past issues of The Domain Name Industry Brief, please visit verisign.com/dnibarchives.

The post Verisign Q2 2022 Domain Name Industry Brief: 351.5 Million Domain Name Registrations in the Second Quarter of 2022 appeared first on Verisign Blog.

Today, we released the latest issue of The Domain Name Industry Brief, which shows that the first quarter of 2022 closed with 350.5 million domain name registrations across all top-level domains, an increase of 8.8 million domain name registrations, or 2.6%, compared to the fourth quarter of 2021.^1,2 Domain name registrations have increased by 13.2 million, or 3.9%, year over year.^1,2

Check out the latest issue of The Domain Name Industry Brief to see domain name stats from the first quarter of 2022, including:
• Top 10 Largest TLDs by Number of Reported Domain Names
• Top 10 Largest ccTLDs by Number of Reported Domain Names
• ngTLDs as Percentage of Total TLDs
• Geographical ngTLDs as Percentage of Total Corresponding Geographical TLDs

To see past issues of The Domain Name Industry Brief, please visit verisign.com/dnibarchives.

The post Verisign Q1 2022 Domain Name Industry Brief: 350.5 Million Domain Name Registrations in the First Quarter of 2022 appeared first on Verisign Blog.

Today, we released the latest issue of The Domain Name Industry Brief, which shows that the fourth quarter of 2021 closed with 341.7 million domain name registrations across all top-level domains, an increase of 3.3 million domain name registrations, or 1.0%, compared to the third quarter of 2021._^1,2 Domain name registrations have increased by 1.6 million, or 0.5%, year over year._^1,2

Check out the latest issue of The Domain Name Industry Brief to see domain name stats from the fourth quarter of 2021, including:
• Top 10 Largest TLDs by Number of Reported Domain Names
• Top 10 Largest ccTLDs by Number of Reported Domain Names
• ngTLDs as Percentage of Total TLDs
• Geographical ngTLDs as Percentage of Total Corresponding Geographical TLDs

To see past issues of The Domain Name Industry Brief, please visit verisign.com/dnibarchives.

---

1. All figure(s) exclude domain names in the .tk, .cf, .ga, .gq and .ml ccTLDs. Quarterly and year-over-year trends have been calculated relative to historical figures that have also been adjusted to exclude these five ccTLDs. For further information, please see the Editor’s Note contained in the full Domain Name Industry Brief.
2. The generic TLD, ngTLD and ccTLD data cited in the brief: (i) includes ccTLD internationalized domain names, (ii) is an estimate as of the time this brief was developed and (iii) is subject to change as more complete data is received. Some numbers in the brief may reflect standard rounding.

The post Verisign Q4 2021 The Domain Name Industry Brief: 341.7 Million Domain Name Registrations in the Fourth Quarter of 2021 appeared first on Verisign Blog.

The .web Independent Review Process (IRP) Panel issued a Final Decision six months ago, in May 2021. Immediately thereafter, the claimant, Afilias Domains No. 3 Limited (now a shell entity known as AltaNovo Domains Limited), filed an application seeking reconsideration of the Final Decision under Rule 33 of the arbitration rules. Rule 33 allows for the clarification of an ambiguous ruling and allows the Panel the opportunity to supplement its decision if it inadvertently failed to consider a claim or defense, but specifically does not permit wholesale reconsideration of a final decision. The problem for Afilias’ application, as we said at the time, was that it sought exactly that.

The Panel ruled on Afilias’ application on Dec. 21, 2021. In this latest ruling, the Panel not only rejected Afilias’ application in its entirety, but went further and sanctioned Afilias for having filed it in the first place. Quoting from the ruling:

In the opinion of the Panel, under the guise of seeking an additional decision, the Application is seeking reconsideration of core elements of the Final Decision. Likewise, under the guise of seeking interpretation, the Application is requesting additional declarations and advisory opinions on a number of questions, some of which had not been discussed in the proceedings leading to the Final Decision.

In such circumstances, the Panel cannot escape the conclusion that the Application is “frivolous” in the sense of it “having no sound basis (as in fact or law).” This finding suffices to entitle [ICANN] to the cost shifting decision it is seeking…the Panel hereby unanimously…Grants [ICANN’s] request that the Panel shift liability for the legal fees incurred by [ICANN] in connection with the Application, fixes at US $236,884.39 the amount of the legal fees to be reimbursed to [ICANN] by [Afilias]…and orders [Afilias] to pay this amount to [ICANN] within thirty (30) days….

In light of the Panel’s finding that Afililas’ Rule 33 application was so improper and frivolous as to be sanctionable, a serious question arises about the motives in filing it. Reading the history of the .web proceedings, one possible motivation is becoming more clear. The community will recall that, five years ago, Donuts (through its wholly-owned subsidiary Ruby Glen) failed in its bid to enjoin the .web auction when a federal court rejected false allegations that Nu Dot Co (NDC) had failed to disclose an ownership change. After the auction was conducted, Afilias then picked up the litigation baton from Donuts. Afilias’ IRP complaint demanded that the arbitration Panel nullify the auction results, and award .web to itself, thereby bypassing ICANN completely. In the May 2021 Final Decision the IRP Panel gave an unsurprising but firm “no” to Afilias’ request to supplant ICANN’s role, and instead directed ICANN’s Board to review the complaints about the conduct of the .web contention set members and then make a determination on delegation.

A result of this five-year battle has been to prevent ICANN from passing judgment on the .web situation. These proceedings have unsuccessfully sought to have courts and arbitrators stand in the shoes of ICANN, rather than letting ICANN discharge its mandated duty to determine what, if anything, should be done in response to the allegations regarding the pre-auction conduct of the contention set. This conduct includes Afilias’ own wrongdoing in violating the pre-auction communications blackout imposed in the Auction Rules. That misconduct is set forth in a July 23, 2021 letter by NDC to ICANN, since published by ICANN, containing written proof of Afilias’ violation of the auction rules. In its Dec. 21 ruling, the Panel made it unmistakably clear that it is ICANN – not a judge or a panel of arbitrators – who must first review all allegations of misconduct by the contention set, including the powerful evidence indicating that it is Afilias’ .web application, not NDC’s, that should be disqualified.

If Afilias’ motivation has been to avoid ICANN’s scrutiny of its own pre-auction misconduct, especially after exiting the registry business when it appears that its only significant asset is the .web application itself, then what we should expect to see next is for Afilias/AltaNovo to manufacture another delaying attack on the Final Decision. Perhaps this is why its litigation counsel has already written ICANN threatening to continue litigation “in all available fora whether within or outside of the United States of America.…”

It is long past time to put an end to this five-year campaign, which has interfered with ICANN’s duty to decide on the delegation of .web, harming the interests of the broader internet community. The new ruling obliges ICANN to take a decisive step in that direction.

The post IRP Panel Sanctions Afilias, Clears the Way for ICANN to Decide .web Disputes appeared first on Verisign Blog.

Today, we released the latest issue of The Domain Name Industry Brief, which shows that the third quarter of 2021 closed with 364.6 million domain name registrations across all top-level domains, a decrease of 2.7 million domain name registrations, or 0.7%, compared to the second quarter of 2021.^1,2 Domain name registrations have decreased by 6.1 million, or 1.6%, year over year.^1,2

Check out the latest issue of The Domain Name Industry Brief to see domain name stats from the third quarter of 2021, including:

• Top 10 Largest TLDs by Number of Reported Domain Names
• Top 10 Largest ccTLDs by Number of Reported Domain Names
• ngTLDs as Percentage of Total TLDs
• Geographical ngTLDs as Percentage of Total Corresponding Geographical TLD

The Domain Name Industry Brief this quarter also includes an overview of the ongoing community work to mitigate DNS security threats.

To see past issues of The Domain Name Industry Brief, please visit verisign.com/dnibarchives.

---

1. The figure(s) includes domain names in the .tk ccTLD. .tk is a ccTLD that provides free domain names to individuals and businesses. Revenue is generated by monetizing expired domain names. Domain names no longer in use by the registrant or expired are taken back by the registry and the residual traffic is sold to advertising networks. As such, there are no deleted .tk domain names. The .tk zone reflected here is based on data from Q4 2020, which is the most recent data available. https://www.businesswire.com/news/home/20131216006048/en/Freenom-Closes-3M-Series-Funding#.UxeUGNJDv9s.
2. The generic TLD, ngTLD and ccTLD data cited in the brief: (i) includes ccTLD Internationalized Domain Names (IDNs), (ii) is an estimate as of the time this brief was developed and (iii) is subject to change as more complete data is received. Some numbers in the brief may reflect standard rounding.

The post Verisign Q3 2021 The Domain Name Industry Brief: 364.6 Million Domain Name Registrations in the Third Quarter of 2021 appeared first on Verisign Blog.

For over a decade, the Internet Corporation for Assigned Names and Numbers (ICANN) and its multi-stakeholder community have engaged in an extended dialogue on the topic of DNS abuse, and the need to define, measure and mitigate DNS-related security threats. With increasing global reliance on the internet and DNS for communication, connectivity and commerce, the members of this community have important parts to play in identifying, reporting and mitigating illegal or harmful behavior, within their respective roles and capabilities.

As we consider the path forward on necessary and appropriate steps to improve mitigation of DNS abuse, it’s helpful to reflect briefly on the origins of this issue within ICANN, and to recognize the various and relevant community inputs to our ongoing work.

As a starting point, it’s important to understand ICANN’s central role in preserving the security, stability, resiliency and global interoperability of the internet’s unique identifier system, and also the limitations established within ICANN’s bylaws. ICANN’s primary mission is to ensure the stable and secure operation of the internet’s unique identifier systems, but as expressly stated in its bylaws, ICANN “shall not regulate (i.e., impose rules and restrictions on) services that use the internet’s unique identifiers or the content that such services carry or provide, outside the express scope of Section 1.1(a).” As such, ICANN’s role is important, but limited, when considering the full range of possible definitions of “DNS Abuse,” and developing a comprehensive understanding of security threat categories and the roles and responsibilities of various players in the internet infrastructure ecosystem is required.

In support of this important work, ICANN’s generic top-level domain (gTLD) contracted parties (registries and registrars) continue to engage with ICANN, and with other stakeholders and community interest groups, to address key factors related to effective and appropriate DNS security threat mitigation, including:

• Determining the roles and responsibilities of the various service providers across the internet ecosystem;
• Delineating categories of threats: content, infrastructure, illegal vs. harmful, etc.;
• Understanding the precise operational and technical capabilities of various types of providers across the internet ecosystem;
• Relationships, if any, that respective service providers have with individuals or entities responsible for creating and/or removing the illegal or abusive activity;
• Role of third-party “trusted notifiers,” including government actors, that may play a role in identifying and reporting illegal and abusive behavior to the appropriate service provider;
• Processes to ensure infrastructure providers can trust third-party notifiers to reliably identify and provide evidence of illegal or harmful content;
• Promoting administrative and operational scalability in trusted notifier engagements;
• Determining the necessary safeguards around liability, due process, and transparency to ensure domain name registrants have recourse when the DNS is used as a tool to police DNS security threats, particularly when related to content.
• Supporting ICANN’s important and appropriate role in coordination and facilitation, particularly as a centralized source of data, tools, and resources to help and hold accountable those parties responsible for managing and maintaining the internet’s unique identifiers.

Definitions of Online Abuse

To better understand the various roles, responsibilities and processes, it’s important to first define illegal and abusive online activity. While perspectives may vary across our wide range of interest groups, the emerging consensus on definitions and terminology is that these activities can be categorized as DNS Security Threats, Infrastructure Abuse, Illegal Content, or Abusive Content, with ICANN’s remit generally limited to the first two categories.

• DNS Security Threats: defined as being “composed of five broad categories of harmful activity [where] they intersect with the DNS: malware, botnets, phishing, pharming, and spam when [spam] serves as a delivery mechanism for those other forms of DNS Abuse.”
• Infrastructure Abuse: a broader set of security threats that can impact the DNS itself – including denial-of-service / distributed denial-of-service (DoS / DDoS) attacks, DNS cache poisoning, protocol-level attacks, and exploitation of implementation vulnerabilities.
• Illegal Content: content that is unlawful and hosted on websites that are accessed via domain names in the global DNS. Examples might include the illegal sale of controlled substances or the distribution of child sexual abuse material (CSAM), and proven intellectual property infringement.
• Abusive Content: is content hosted on websites using the domain name infrastructure that is deemed “harmful,” either under applicable law or norms, which could include scams, fraud, misinformation, or intellectual property infringement, where illegality has yet to be established by a court of competent jurisdiction.

Behavior within each of these categories constitutes abuse, and it is incumbent on members of the community to actively work to combat and mitigate these behaviors where they have the capability, expertise and responsibility to do so. We recognize the benefit of coordination with other entities, including ICANN within its bylaw-mandated remit, across their respective areas of responsibility.

ICANN Organization’s Efforts on DNS Abuse

The ICANN Organization has been actively involved in advancing work on DNS abuse, including the 2017 initiation of the Domain Abuse Activity Reporting (DAAR) system by the Office of the Chief Technology Officer. DAAR is a system for studying and reporting on domain name registration and security threats across top-level domain (TLD) registries, with an overarching purpose to develop a robust, reliable, and reproducible methodology for analyzing security threat activity, which the ICANN community may use to make informed policy decisions. The first DAAR reports were issued in January 2018 and they are updated monthly. Also in 2017, ICANN published its “Framework for Registry Operators to Address Security Threats,” which provides helpful guidance to registries seeking to improve their own DNS security posture.

The ICANN Organization also plays an important role in enforcing gTLD contract compliance and implementing policies developed by the community via its bottom-up, multi-stakeholder processes. For example, over the last several years, it has conducted registry and registrar audits of the anti-abuse provisions in the relevant agreements.

The ICANN Organization has also been a catalyst for increased community attention and action on DNS abuse, including initiating the DNS Security Facilitation Initiative Technical Study Group, which was formed to investigate mechanisms to strengthen collaboration and communication on security and stability issues related to the DNS. Over the last two years, there have also been multiple ICANN cross-community meeting sessions dedicated to the topic, including the most recent session hosted by the ICANN Board during its Annual General Meeting in October 2021. Also, in 2021, ICANN formalized its work on DNS abuse into a dedicated program within the ICANN Organization. These enforcement and compliance responsibilities are very important to ensure that all of ICANN’s contracted parties are living up to their obligations, and that any so-called “bad actors” are identified and remediated or de-accredited and removed from serving the gTLD registry or registrar markets.

The ICANN Organization continues to develop new initiatives to help mitigate DNS security threats, including: (1) expanding DAAR to integrate some country code TLDs, and to eventually include registrar-level reporting; (2) work on COVID domain names; (3) contributions to the development of a Domain Generating Algorithms Framework and facilitating waivers to allow registries and registrars to act on imminent security threats, including botnets at scale; and (4) plans for the ICANN Board to establish a DNS abuse caucus.

ICANN Community Inputs on DNS Abuse

As early as 2009, the ICANN community began to identify the need for additional safeguards to help address DNS abuse and security threats, and those community inputs increased over time and have reached a crescendo over the last two years. In the early stages of this community dialogue, the ICANN Governmental Advisory Committee, via its Public Safety Working Group, identified the need for additional mechanisms to address “criminal activity in the registration of domain names.” In the context of renegotiation of the Registrar Accreditation Agreement between ICANN and accredited registrars, and the development of the New gTLD Base Registry Agreement, the GAC played an important and influential role in highlighting this need, providing formal advice to the ICANN Board, which resulted in new requirements for gTLD registry and registrar operators, and new contractual compliance requirements for ICANN.

Following the launch of the 2012 round of new gTLDs, and the finalization of the 2013 amendments to the RAA, several ICANN bylaw-mandated review teams engaged further on the issue of DNS Abuse. These included the Competition, Consumer Trust and Consumer Choice Review Team (CCT-RT), and the second Security, Stability and Resiliency Review Team (SSR2-RT). Both final reports identified and reinforced the need for additional tools to help measure and combat DNS abuse. Also, during this timeframe, the GAC, along with the At-Large Advisory Committee and the Security and Stability Advisory Committee, issued their own respective communiques and formal advice to the ICANN Board reiterating or reinforcing past statements, and providing support for recommendations in the various Review Team reports. Most recently, the SSAC issued SAC 115 titled “SSAC Report on an Interoperable Approach to Addressing Abuse Handling in the DNS.” These ICANN community group inputs have been instrumental in bringing additional focus and/or clarity to the topic of DNS abuse, and have encouraged ICANN and its gTLD registries and registrars to look for improved mechanisms to address the types of abuse within our respective remits.

During 2020 and 2021, ICANN’s gTLD contracted parties have been constructively engaged with other parts of the ICANN community, and with ICANN Org, to advance improved understanding on the topic of DNS security threats, and to identify new and improved mechanisms to enhance the security, stability and resiliency of the domain name registration and resolution systems. Collectively, the registries and registrars have engaged with nearly all groups represented in the ICANN community, and we have produced important documents related to DNS abuse definitions, registry actions, registrar abuse reporting, domain generating algorithms, and trusted notifiers. These all represent significant steps forward in framing the context of the roles, responsibilities and capabilities of ICANN’s gTLD contracted parties, and, consistent with our Letter of Intent commitments, Verisign has been an important contributor, along with our partners, in these Contracted Party House initiatives.

In addition, the gTLD contracted parties and ICANN Organization continue to engage constructively on a number of fronts, including upcoming work on standardized registry reporting, which will help result in better data on abuse mitigation practices that will help to inform community work, future reviews, and provide better visibility into the DNS security landscape.

Other Groups and Actors Focused on DNS Security

It is important to note that groups outside of ICANN’s immediate multi-stakeholder community have contributed significantly to the topic of DNS abuse mitigation:

Internet & Jurisdiction Policy Network
The Internet & Jurisdiction Policy Network is a multi-stakeholder organization addressing the tension between the cross-border internet and national jurisdictions. Its secretariat facilitates a global policy process engaging over 400 key entities from governments, the world’s largest internet companies, technical operators, civil society groups, academia and international organizations from over 70 countries. The I&JP has been instrumental in developing multi-stakeholder inputs on issues such as trusted notifier, and Verisign has been a long-time contributor to that work since the I&JP’s founding in 2012.

DNS Abuse Institute
The DNS Abuse Institute was formed in 2021 to develop “outcomes-based initiatives that will create recommended practices, foster collaboration and develop industry-shared solutions to combat the five areas of DNS Abuse: malware, botnets, phishing, pharming, and related spam.” The Institute was created by Public Interest Registry, the registry operator for the .org TLD.

Global Cyber Alliance
The Global Cyber Alliance is a nonprofit organization dedicated to making the internet a safer place by reducing cyber risk. The GCA builds programs, tools and partnerships to sustain a trustworthy internet to enable social and economic progress for all.

ECO “topDNS” DNS Abuse Initiative
Eco is the largest association of the internet industry in Europe. Eco is a long-standing advocate of an “Internet with Responsibility” and of self-regulatory approaches, such as the DNS Abuse Framework. The eco “topDNS” initiative will help bring together stakeholders with an interest in combating and mitigating DNS security threats, and Verisign is a supporter of this new effort.

Other Community Groups
Verisign contributes to the anti-abuse, technical and policy communities: We continuously engage with ICANN and an array of other industry partners to help ensure the continued safe and secure operation of the DNS. For example, Verisign is actively engaged in anti-abuse, technical and policy communities such as the Anti-Phishing and Messaging, Malware and Mobile Anti-Abuse Working Groups, FIRST and the Internet Engineering Task Force.

What Verisign is Doing Today

As a leader in the domain name industry and DNS ecosystem, Verisign supports and has contributed to the cross-community efforts enumerated above. In addition, Verisign also engages directly by:

• Monitoring for abuse: Protecting against abuse starts with knowing what is happening in our systems and services, in a timely manner, and being capable of detecting anomalous or abusive behavior, and then reacting to address it appropriately. Verisign works closely with a range of actors, including trusted notifiers, to help ensure our abuse mitigation actions are informed by sources with necessary subject matter expertise and procedural rigor.
• Blocking and redirecting abusive domain names: Blocking certain domain names that have been identified by Verisign and/or trusted third parties as security threats, including botnets that leverage well-understood and characterized domain generation algorithms, helps us to protect our infrastructure and neutralize or otherwise minimize potential security and stability threats more broadly by remediating abuse enabled via domain names in our TLDs. For example, earlier this year, Verisign observed a botnet family that was responsible for such a disproportionate amount of total global DNS queries, we were compelled to act to remediate the botnet. This was referenced in Verisign’s Q1 2021 Domain Name Industry Brief Volume 18, Issue 2.
• Avoiding disposable domain name registrations: While heavily discounted domain name pricing strategies may promote short-term sales, they may also attract a spectrum of registrants who might be engaged in abuse. Some security threats, including phishing and botnets, exploit the ability to register large numbers of ‘disposable’ domain names rapidly and cheaply. Accordingly, Verisign avoids marketing programs that would permit our TLDs to be characterized in this class of ‘disposable’ domains, that have been shown to attract miscreants and enable abusive behavior.
• Maintaining a cooperative and responsive partnership with law enforcement and government agencies, and engagement with courts of relevant jurisdiction: To ensure the security, stability and resiliency of the DNS and the internet at large, we have developed and maintained constructive relationships with United States and international law enforcement and government agencies to assist in addressing imminent and ongoing substantial security threats to operational applications and critical internet infrastructure, as well as illegal activity associated with domain names.
• Ensuring adherence of contractual obligations: Our contractual frameworks, including our registry policies and .com Registry-Registrar Agreements, help provide an effective legal framework that discourages abusive domain name registrations. We believe that fair and consistent enforcement of our policies helps to promote good hygiene within the registrar channel.
• Entering into a binding Letter of Intent with ICANN that commits both parties to cooperate in taking a leadership role in combating security threats. This includes working with the ICANN community to determine the appropriate process for, and development and implementation of, best practices related to combating security threats; to educate the wider ICANN community about security threats; and support activities that preserve and enhance the security, stability and resiliency of the DNS. Verisign also made a substantial financial commitment in direct support of these important efforts.

Trusted Notifiers

An important concept and approach for mitigating illegal and abusive activity online is the ability to engage with and rely upon third-party “trusted notifiers” to identify and report such incidents at the appropriate level in the DNS ecosystem. Verisign has supported and been engaged in the good work of the Internet & Jurisdiction Policy Network since its inception, and we’re encouraged by its recent progress on trusted notifier framing. As mentioned earlier, there are some key questions to be addressed as we consider the viability of engaging trusted notifiers or building trusting notifier entities, to help mitigate illegal and abusive online activity.

Verisign’s recent experience with the U.S. government (NTIA and FDA) in combating illegal online opioid sales has been very helpful in illuminating a possible approach for third-party trusted notifier engagement. As noted, we have also benefited from direct engagement with the Internet Watch Foundation and law enforcement in combating CSAM. These recent examples of third-party engagement have underscored the value of a well-formed and executed notification regime, supported by clear expectations, due diligence and due process.

Discussions around trusted notifiers and an appropriate framework for engagement are under way, and Verisign recently engaged with other registries and registrars to lead the development of such a framework for further discussion within the ICANN community. We have significant expertise and experience as an infrastructure provider within our areas of technical, legal and contractual responsibility, and we are aggressive in protecting our operations from bad actors. But in matters related to illegal or abusive content, we need and value contributions from third parties to appropriately identify such behavior when supported by necessary evidence and due diligence. Precisely how such third-party notifications can be formalized and supported at scale is an open question, but one that requires further exploration and work. Verisign is committed to continuing to contribute to these ongoing discussions as we work to mitigate illegal and abusive threats to the security, stability and resiliency of the internet.

Conclusion

Over the last several years, DNS abuse and DNS-related security threat mitigation has been a very important topic of discussion in and around the ICANN community. In cooperation with ICANN, contracted parties, and other groups within the ICANN community, the DNS ecosystem including Verisign has been constructively engaged in developing a common understanding and practical work to advance these efforts, with a goal of meaningfully reducing the level and impact of malicious activity in the DNS. In addition to its contractual compliance functions, ICANN’s contributions have been important in helping to advance this important work and it continues to have a critical coordination and facilitation function that brings the ICANN community together on this important topic. The ICANN community’s recent focus on DNS abuse has been helpful, significant progress has been made, and more work is needed to ensure continued progress in mitigating DNS security threats. As we look ahead to 2022, we are committed to collaborating constructively with ICANN and the ICANN community to deliver on these important goals.

The post Ongoing Community Work to Mitigate Domain Name System Security Threats appeared first on Verisign Blog.

This article originally appeared in The Domain Name Industry Brief (Volume 18, Issue 3)

Earlier this year, the Internet Engineering Task Force’s (IETF’s) Internet Engineering Steering Group (IESG) announced that several Proposed Standards related to the Registration Data Access Protocol (RDAP), including three that I co-authored, were being promoted to the prestigious designation of Internet Standard. Initially accepted as proposed standards six years ago, RFC 7480, RFC 7481, RFC 9082 and RFC 9083 now comprise the new Standard 95. RDAP allows users to access domain registration data and could one day replace its predecessor the WHOIS protocol. RDAP is designed to address some widely recognized deficiencies in the WHOIS protocol and can help improve the registration data chain of custody.

In the discussion that follows, I’ll look back at the registry data model, given the evolution from WHOIS to the RDAP protocol, and examine how the RDAP protocol can help improve upon the more traditional, WHOIS-based registry models.

Registration Data Directory Services Evolution, Part 1: The WHOIS Protocol

In 1998, Network Solutions was responsible for providing both consumer-facing registrar and back-end registry functions for the legacy .com, .net and .org generic top-level domains (gTLDs). Network Solutions collected information from domain name registrants, used that information to process domain name registration requests, and published both collected data and data derived from processing registration requests (such as expiration dates and status values) in a public-facing directory service known as WHOIS.

From Network Solution’s perspective as the registry, the chain of custody for domain name registration data involved only two parties: the registrant (or their agent) and Network Solutions. With the introduction of a Shared Registration System (SRS) in 1999, multiple registrars began to compete for domain name registration business by using the registry services operated by Network Solutions. The introduction of additional registrars and the separation of registry and registrar functions added parties to the chain of custody of domain name registration data. Information flowed from the registrant, to the registrar, and then to the registry, typically crossing multiple networks and jurisdictions, as depicted in Figure 1.

Registration Data Directory Services Evolution, Part 2: The RDAP Protocol

Over time, new gTLDs and new registries came into existence, new WHOIS services (with different output formats) were launched, and countries adopted new laws and regulations focused on protecting the personal information associated with domain name registration data. As time progressed, it became clear that WHOIS lacked several needed features, such as:

• Standardized command structures
• Output and error structures
• Support for internationalization and localization
• User identification
• Authentication and access control

The IETF made multiple attempts to add features to WHOIS to address some of these issues, but none of them were widely adopted. A possible replacement protocol known as the Internet Registry Information Service (IRIS) was standardized in 2005, but it was not widely adopted. Something else was needed, and the IETF went back to work to produce what became known as RDAP.

RDAP was specified in a series of five IETF Proposed Standard RFC documents, including the following, all of which were published in March 2015:

• RFC 7480, HTTP Usage in the Registration Data Access Protocol (RDAP)
• RFC 7481, Security Services for the Registration Data Access Protocol (RDAP)
• RFC 7482, Registration Data Access Protocol (RDAP) Query Format
• RFC 7483, JSON Responses for the Registration Data Access Protocol (RDAP)
• RFC 7484, Finding the Authoritative Registration Data (RDAP) Service

Only when RDAP was standardized did we start to see broad deployment of a possible WHOIS successor by domain name registries, domain name registrars and address registries.

The broad deployment of RDAP led to RFCs 7480 and 7481 becoming Internet Standard RFCs (part of Internet Standard 95) without modification in March 2021. As operators of registration data directory services implemented and deployed RDAP, they found places in the other specifications where minor corrections and clarifications were needed without changing the protocol itself. RFC 7482 was updated to become Internet Standard RFC 9082, which was published in June 2021. RFC 7483 was updated to become Internet Standard RFC 9083, which was also published in June 2021. All were added to Standard 95. As of the writing of this article, RFC 7484 is in the process of being reviewed and updated for elevation to Internet Standard status.

RDAP Advantages

Operators of registration data directory services who implemented RDAP can take advantage of key features not available in the WHOIS protocol. I’ve highlighted some of these important features in the table below.

RDAP Feature	Benefit
Standard, well-understood, and widely available HTTP transport	Relatively easy to implement, deploy and operate using common web service tools, infrastructure and applications.
Securable via HTTPS	Helps provide confidentiality for RDAP queries and responses, reducing the amount of information that is disclosed to monitors.
Structured output in JavaScript Object Notation (JSON)	JSON is well-understood and tool friendly, which makes it easier for clients to parse and format responses from all servers without the need for software that’s customized for different service providers.
Easily extensible	Designed to support the addition of new features without breaking existing implementations. This makes it easier to address future function needs with less risk of implementation incompatibility.
Internationalized output, with full support for Unicode character sets	Allows implementations to provide human-readable inputs and outputs that are represented in a language appropriate to the local operating environment.
Referral capability, leveraging HTTP constructs	Provides information to software clients that allow the client to retrieve additional information from other RDAP servers. This can be used to hide complexity from human users.
Support of standardized authentication	RDAP can take full advantage of all of the client identification, authentication and authorization methods that are available to web services. This means that RDAP can be used to provide the basic framework for differentiated access to registration data based on attributes associated with the user and the user’s query.

Verisign and RDAP

Verisign’s RDAP service, which was originally launched as an experimental implementation several years before gaining widespread adoption, allows users to look up records in the registry database for all registered .com, .net, .name, .cc and .tv domain names. It also supports Internationalized Domain Names (IDNs).

We at Verisign were pleased not only to see the IETF recognize the importance of RDAP by elevating it to an Internet Standard, but also that the protocol became a requirement for ICANN-accredited registrars and registries as of August 2019. Widespread implementation of the RDAP protocol makes registration data more secure, stable and resilient, and we are hopeful that the community will evolve the prescribed implementation of RDAP such that the full power of this rich protocol will be deployed.

You can learn more in the RDAP Help section of the Verisign website, and access helpful documents such as the RDAP technical implementation guide and the RDAP response profile.

The post Industry Insights: RDAP Becomes Internet Standard appeared first on Verisign Blog.

As I noted on May 26, the final decision issued on May 20 in the Independent Review Process (IRP) brought by Afilias against the Internet Corporation for Assigned Names and Numbers (ICANN) rejected Afilias’ petition to nullify the results of the public auction for .WEB, and it further rejected Afilias’ demand to have it be awarded .WEB (at a price substantially lower than the winning bid). Instead, as we urged, the IRP Panel determined that the ICANN Board should move forward with reviewing the objections made about .WEB, and to make a decision on delegation thereafter.

Afilias and its counsel both issued press releases claiming victory in an attempt to put a positive spin on the decision. In contrast to this public position, Afilias then quickly filed a 68-page application asking the Panel to reverse its decision. This application is, however, not permitted by the arbitration rules – which expressly prohibit such requests for “do overs.”

In addition to Afilias’ facially improper application, there is an even more serious instance of rule-breaking now described in a July 23 letter from Nu Dot Co (NDC) to ICANN. This letter sets out in considerable detail how Afilias engaged in prohibited conduct during the blackout period immediately before the .WEB auction in 2016, in violation of the auction rules. The letter shows how this rule violation is more than just a technicality; it was part of a broader scheme to rig the auction. The attachments to the letter shed light on how, during the blackout period, Afilias offered NDC money to stop ICANN’s public auction in favor of a private process – which would in turn deny the broader internet community the benefit of the proceeds of a public auction.

Afilias’ latest application to reverse the Panel’s decision, like its pre-auction misconduct 5 years ago, has only led to unnecessary delay of the delegation of .WEB. It is long past time for this multi-year campaign to come to an end. The Panel’s unanimous ruling makes clear that it strongly agrees.

The post Afilias’ Rule Violations Continue to Delay .WEB appeared first on Verisign Blog.