Gandi Bar - Internet

The Evolution of Domain Names

Thomas — Mon, 16 Jan 2012 17:08:00 -0800

Here is a bit of context for Domain Names, where they have been, and where they are going, especially with the new gTLDs on the way.

Back in the late 70s, in the early days of the Internet, the network designers needed a method of telling the hosts on their network apart. They went through several iterations and changes to address schemes and communication protocols, eventually coming up with the Internet Protocol (IP) address scheme. They initially assigned names to addresses in a single file called HOSTS.TXT, which they copied to all of the small number of interconnected hosts.

After passing this file around to all their hosts got a little impractical, they created the domain name system or DNS, in 1983. This grew into a global infrastructure, which, despite it’s relatively simple mission (returning a unique numeric IP address when given a text-format name) is now a multi level hierachical database, comprised of thousands of DNS and bind servers.

The Evolution of the Registry and the Registrar

At first, the US government doled out domain names for free, mainly to universities and research institutiuons. After the Internet migrated out of these institutions, and companies and individuals got involved, the free distribution of domain names soon came to an end. In 1993, registration of domain names became a private, subsidized business, at least for .com, .org, and .net extensions. In 1995, fees were introduced.

NSI (Network solutions), who had operated the handing out of free domain names, became the sole Domain Name authority for the Internet, taking over this function from InterNIC, who had contracted it to them in 1991. The initial fee was $100 per name, for two years.

This changed in 1998, with the delegation for DNS management to ICANN, originally formed to take over for IANA in the distribution of IP addresses. With this came the separation of the registry (the database administration portion of the task of updating the DNS system) and the registrar (the commercial business of collecting registration fees and administering the Domain Name registration process).

Dozens of registrar companies like Gandi SAS began to form, offering services that complement the ownership of a domain name, such as hosting services for web and email. NSI maintained a monopoly on .com, .net, and .org, but NSI was purchased by Verisign in 2000, and Verisign sold off the registrar portion of the business in 2003. NSI still runs as a registrar, and Verisign remains the accredited registry for .com and .net extensions.

Domain names continue to evolve. The separation of the registry and the registrar has allowed entities such as governments to form part of the picture once again. The ccTLDs (Country-Code Top-Level Domains), introduced in 2010, are mostly managed by different registries. These registries are sometimes government agencies or offices, sometimes independent companies on contract to governments. They are delegated the authority by IANA (http://www.iana.org/domains/root/db/), and may implement a variety of restrictions and rules for who may register and for what purpose. This is why you need to be a resident of the EU to have a .it domain, for example, or an address in Germany for a .de.

In 2011, after long discussion, the .xxx domain was introduced, ostensibly to allow pornographers to more easily designate their domains as hosting adult material, though certainly not all pornographers agree that this is a good thing for their business, or that ICANN acted appropriately in allowing the xxx extension (see this lawsuit).

That’s where we are now, or where we were until last week.

Avoiding Friday the 13th , on the 12th of January, ICANN announced unrestricted gTLDs as available for application. If you are wondering what an unrestricted gTLD is, think “dot brand” instead of “dot com” and you will get the idea. Here’s a link to more info.

The new gTLDs certainly have the potential to disrupt the relatively settled state of domain names we know now and are more or less comfortable with. ICANN is moving ahead with the proposal despite the obvious potential for confusion, the need to rebrand millions of products and services around new names, and the resistance that is being put up from many entrenched interests like the ANA.

Critics of ICANN’s handling of the initial gTLD proposal in 2008 point out that the registries (and, for that matter the registrars, like Gandi) stand to make a lot of money when the new monikers start to be allowed. It is not unlike a real estate boom, with green fields to be developed. It is up to ICANN to prove to it’s critics that it is not bowing to inappropriate pressure from those who star to gain, and that it’s interests are not in conflict when it approves such regulations.

As big a deal as this is, we will have time to adjust to it gradually. Only 1000 gTLDs will be released a year, and the first of them won’t show up for about a year at the earliest. The application price is so high ($185,000 USD), that it puts a gTLD name out of the reach of most small businesses. The ability to obtain and resell a name that is not related to the business you do, or one that relates to many businesses, not just yours, will be restricted severely. It will be very hard to “typo-squat” or snap up gTLDs and resell them to later claimants.

Still, to really manage one of these names and all of it’s ancillary brand protection provisions is probably much more expensive than just the application fee.

Gandi is cautiously optimistic that ICANN will be able to manage the release well, and we are looking forward to what the creative minds in the community will do with the new digital real estate. It certainly will cost some businesses a significant amount of money to take advantage of the opportunity, but that’s true for a lot of things. It’s the businesses that manage opportunities and take risks that reap the benefits, and having more opportunities is never a bad thing.

The United States Congress is Set to Enable Internet Censorship Tools

Thomas — Fri, 16 Dec 2011 16:01:00 -0800

The US Congress is pushing through a controversial set of bills to protect copyrighted material from piracy, but that also threaten innovation and the free flow of information on the Internet.

In an open letter to lawmakers, the CEOs and founders of several innovative tech companies have cautioned that the Stop Online Piracy Act (SOPA) and the senate version, the PROTECT IP act, would have a "chilling effect" on innovation.
Some critics go so far as to compare the provisions of the bills to laws in place in counties such as China, which routinely blocks sites that the government deems undesirable. Certainly a lot of people see this legislation as a threat to the free flow of information. Mozilla went so far as to modify their Firefox browser logo (that gets displayed when you upgrade Firefox) to have a blackout bar across it.

Some in congress are suggesting alternative proposals, such as Rep. Darrell Issa (R-CA), who offered the Online Protection and ENforcement of Digital Trade Act ( OPEN act ). Others have offered amendments that would reign in the most radical powers that SOPA would grant the US Attorney General, but these amendments have so far been rejected by the committee.
The issues with SOPA are many: it would effectively end the DMCA safe harbor provision, in favor of immediate takedowns. It would even ban linking in search results or social media to offending sites. Because of these provisions, Youtube would likely not exist if SOPA had ben in effect when it was invented. Others complain that the definitions of criminal activity as so vague that they could be used to criminalize common uses of the Internet.
SOPA may not even accomplish it's stated goals: many, including Google Executive Chairman Eric Schmidt say that SOPA will be ineffective against piracy, and that it will fundamentally change the way the internet works.
It also may force companies to introduce instability to systems like DNS. For example, SOPA could require ISPs to cause DNS resolution to fail for sites that are suspected of piracy, even when such failures compromise the integrity of the Domain Name resolution system.
Who would benefit if SOPA passes? Apparently, RIAA, no stranger to copyright infringement lawsuits, and others with large investments in copyrighted material. See their open letter of support here.
It remains to be seen whether the interests that back SOPA as written will prove more powerful than the tech innovators and citizens groups who value the free flow of information.

XXX almost live!

Ryan — Fri, 25 Nov 2011 17:01:00 +0100

The new XXX extension that is dedicated to the adult entertainment industry will be officially open to the public on December 6th, 2011.

After a launch consisting of Sunrise period (over 100,000 reservations), and then a Landrush phase (reserved to just the porn industry), it is now time for the general opening of the extension to the general public. This latest phase will also allow those who were unable to protect their name before to try again.

If you are not part of the adult entertainment industry, then there is nothing more that you need to do than do register the domain, which will be blocked. By "blocked" we mean that it may not be used in any way at all: no link, no DNS, no forwarding, or mail etc.

If, however, you are a member of the sponsored community, you must, after purchasing your domain name, go to the Registry's website to fill out a form to confirm that you participate in the porn industry in order to make your .XXX domain active, and therefore, usable.

In both cases, the domain must be renewed each year, for €65 per year excl. vat under A rates (see all .XXX prices). Only those that blocked their domain during the Sunrise period will have their domain blocked for life and will not need to renew it.

The first orders for the general opening must be sent to the registry on December 6th at 5 PM CET. Also, since the landrush is over, we are now be able to take your per-registration requests.

These will be sent to the registry upon the opening of its technical platform. As usual, and without being able to guarantee that you will indeed get the domain you requested (many people will be simultaneously trying to register), we will do everything possible to send the orders in the order that they were received. Failed orders will be fully refunded to the prepaid account of the handle used to pay (or to the credit card used, upon request to support).

.FR domains available to Europe

Ryan — Thu, 17 Nov 2011 17:39:00 +0100

The registry in charge of .fr domain names, AFNIC, will soon be changing many of their rules, as well as taking over the management of several other French extensions. On Tuesday, December 6th 2011 at 10:00 Paris time, AFNIC's changes will take affect. But what will change precisely?

The new extensions that AFNIC will manage are .YT (Mayotte), .PM (St-Pierre and Miquelon), .TF (The French Southern and Antarctic Lands), and .WF (Wallis and Futuna).

Also, all of the various prerequisites will be homogenized: there will no longer be different rules for .fr, or .re, etc. All of the extensions managed by AFNIC will have the same rules.

What are these rules?

Both individuals and companies are now able to register domains in these extensions, as long as they are located in the European Economic Area or in Switzerland. Organizations no longer need to provide a license number, though it is strongly encouraged, as this will facilitate any verification that AFNIC might perform at a later date.

Concerning reserved domain names, it is necessary to prove that you are registering the domain in good faith. The list of reserved/forbidden terms is still not public however it includes city names and is identical to what is reserved with the .fr.

When can you start to register them?

You can already place your orders for these extensions via our usual registration interface! Prices for .YT, .WF, .TF, and .PM are identical to those of .FR and .RE. In the event that the domain you requested is reserved, you'll be able to provide your justification for registering it from your Orders in Progress page. As always, orders that are unsuccessful will be fully refunded to your prepaid account (or to your bank account if you request this).

Update on the new gTLDs

Ryan — Thu, 11 Aug 2011 16:30:00 +0200

After much discussion, ICANN finally met in Singapore this July and confirmed the launch of the new gTLD process that began in Paris three years ago. As a result of this meeting, in 2 to 3 years from now, we will see a major change in the internet, and an increase in the number of extensions to choose from.

It is only natural to wonder what interest there is in launching tens, hundreds, or (in a few years) thousands of new extensions, knowing that there is already over 240 of them to choose from.

It is widely known that the domain name space (and particularly that of .com) is currently saturated, and yet that extension is the most popular on the web. .com domains are clearly recognized as a generic worldwide extension for company websites. Only a few markets such as the United Kingdom and Germany more readily identify with their national extensions (.co.uk and .de).

If these new extensions turn out to be a success, how long will it take before we change our habits? The opening of each new extension will require colossal efforts in terms of communication.
You will see your favorite shoe brand have websites such as lunarglide3.nike instead of http://nikerunning.nike.com/nikeos/p/nikeplus/fr_FR/products/lunarglide3?pid=408950 for example...

And it's not hard to imagine adds with something like

...or having an address such as arcdetriomphe.paris

We're not there yet, but this is what we can expect to see in the near future, say, in 2014-2015.

For those who wish to manage an extension like .brand, .country, .continent, .sport, etc. applications will begin on January 12th 2012 and will end on April 12th 2012.

There are a few reasons why a company might like to have their own TLD:

- Marketing, because having your own TLD amounts to owning your own piece of the internet, since it is you that define your own naming policy. It is difficult at this time to measure the impact that these new extensions will have on search engine algorithms, however.
The new extensions nonetheless provide for a very interesting opportunity for companies that are holders of a trademark. By registering a larger number of domain names, searching becomes more intuitive for customers, and can even sidestep using search engines. For example: f-150.ford.
This requires, however, a lot of configuration and forwarding towards the appropriate content. Nonetheless it will help assure that the customer does not land on a page that does not correspond to unofficial content that is not under the control of the company. This is a way to put the URL bar back in the center of navigation, which is all to often ignored by users in favor if the search form on the various search engines.
The existing TLDs and notably the country extensions, will remain precious assets in domain name policies, however they may not have the same role as they do today. They must be maintained for a certain number of years however.

- Legal, because once the TLD will have gained a certain notoriety, the company will have a "space" all to themselves, that they control, and that they will have a stronger legal hold over.
Third party attacks on other TLDs than the official TLD will therefore be less important, even though one should not ignore them altogether.

- in terms of security too, since a unique TLD may offer more security for its users, even if criminals are never short of ideas in terms of phishing.

So, are we really going to witness a big change? What is certain, is that the launch has taken place during the ICANN meeting last June in Singapore. The new extensions will therefore most certainly see the light of day.

It will become essential to assure domain name monitoring, as both the scope of the research and the number of results will be larger. It will be, of course, necessary to increase the budgets ties to domain name portfolios.

We hope that this information has been useful. Feel free to contact our Corporate division if you envision launching your own .brand, as we would be more than happy to help you in the preparation of your application to submit to ICANN, as well as the technical aspects inherent to the role of a registry.

Time is running out: despite the calm summer we're having, it is nonetheless the calm before the most important revolution that our industry has seen since the beginning of the internet.

TheRegister.co.uk comments on gandi's removal of SSL certificate for googlesharing.net

Joe — Tue, 06 Apr 2010 10:36:00 +0100

TheRegister.co.uk ( http://www.theregister.co.uk/2010/04/05/googlesharing_cert_revoked/ ) last night published an article describing how Gandi.net had enforced its policies by removing a certificate for a domain name googlesharing.net that had infringed on our terms and conditions in a number of ways. According to the article the known ‘hacker’ who admitted to falsifying his whois information on the registration was surprised that the certificate was removed.

Our policy has always been to respect our customers and protect their rights, but also protect the rights of other companies and customers. The ‘whois’ accuracy requirement is not only an important part of the ICANN regulations, but also a key aspect in us knowing who are customers are and allowing us to contact them in event of a problem. If you falsify your whois information, we may not be able to contact you if there is a problem, and we don’t know who you are which means we can’t protect you as much as other customers that we can vouch for and validate. Ours is a relationship of mutual trust and respect. Please respect us by giving us accurate information. If you want to enforce privacy, use the various privacy settings to obscure your whois data, but don’t falsify it.

Certificates represent an extra layer of security and trust on the internet. They give customers a sense of security that the website they are visiting can be trusted and the owner is a known individual or entity. If the whois data behind a domain is falsified, a valid certificate cannot be issued, because the owner is not a trusted source. It would be wrong to give an accredited level of trust to a site that is based on deliberately misleading information.

The customer in this case was trying to setup and promote a service to offer users a greater degree of privacy from the information that google collects. This is a noble cause and one that we would be happy to host, but only if it plays by the rules. The customer could have avoided this by:

Providing accurate whois information so we know who they are and can vouch for them and issue a certificate with certainty
Register a domain that describes the service but does not risk any potential trademark infringement, e.g. Searchengineprivacy.com (or some combination of that that is avaialbe).

This way we would know who they are and defend their rights to the teeth as we do with all of our customers.

Please note that we weren't contacted by google in this case, but took action based on the falsified Whois data. Google could object to this domain, so it's always good to avoid potential infringement that could cause you to lose a domain in a dispute.

In the spirit of our ‘no bullshit’ policy, what we could have done better in this example was make more of an effort to contact the customer direct at the point when we knew the certificate was going to be revoked. The address and phone number on the Whois were fake but we should have followed up by email. This was our error and we'll do better next time.

.PT domains available at Gandi

Ryan — Mon, 07 Dec 2009 10:05:00 +0100

With the addition of this highly-anticipated extension, we have completed the coverage of southwestern European countries!

In order to register a .PT domain, you must have a Portuguese taxpayer ID, as well as a document that proves that the domain name corresponds to a trademark, family name etc. (for example: the TVA number of the company Martin would be needed to register martin.pt).

If you do not meet this criteria, you can nonetheless register a .COM.PT domain. These domains are open to everyone, with the condition that individuals must provide a national ID number or passport number, and companies must provide their intra-Community VAT number.

The registration .PT and .COM.PT domains are sold at €24 ($35, or £22) excl. VAT per year under A rates. Transfers of .PT or .COM.PT to Gandi are available at only €1 ($1, or £1) for all.

See the .PT information page.

Accented .EU domain names - pre-reservations have started!

Ryan — Mon, 09 Nov 2009 15:33:00 +0100

From December 10th 2009 EURid, the registry that is in charge of the .EU zone, will allow domain names to be registered that include accented characters for the first time. This is of course a great benefit to the 28 countries of the European Union where accented characters are very common: http://www.eurid.eu/en/eu-domain-names/idns-eu.

There will not be a Sunrise period to guarantee protection of existing trademarks. The registry has chosen to use the "first-come, first-served" approach. This means that if you already own a domain name in its unaccented version, you will not be given priority for buying the same domain in its accented version. For more information on .EU Internationalized Domain Names (IDN), we recommend visiting their FAQ on the topic.

You can already start placing your accented .EU domain order requests at Gandi! All pre-registration requests will be sent to the registry (in the order that we received them) on December 10th. Orders that cannot be completed will be fully refunded. To pre-register an accented .EU domain name at Gandi, simply write it in its accented form in the domain name search box on Gandi's home page.

As a reminder, the IDN System is specified by RFC standards 3490, 3491 and 3492. This system is now recognized by all modern web browsers (ex. http://www.스타벅스코리아.com). However when using IDNs for email, only the encoded version (below) is recognized at present. It is not possible, for example to have an email address like ryan@스타벅스코리아.com.

Technically, the "special" characters are encoded using a conversion table. This is why an IDN domain name will begin with the four characters: xn––. For example: bébé.eu becomes xn-–bb-bjab.eu. So ryan@bébé.eu would become ryan@xn-–bb-bjab.eu for use in email.

IDNs are also now available on a first-come, first-served basis!

Stay Tuned! .AM and .FM domains are now available

Ryan — Thu, 05 Nov 2009 08:32:00 +0100

We are pleased to announce that Gandi now manages .am and .fm domains.

These ccTLD, while being the official extensions for Armenia and Micronesia, are frequently used for online radio stations, and who among us has not listened to internet radio?

I know I enjoy the benefits of seeing the name of an artist while playing, having a personalized playlist at work, or even just having a higher quality of sound than the old analogue radio. They were so 20th century

More and more radio stations are being created on the web and letting amateurs be heard all over the world. Radio is not just for the big guys anymore.

Here is the list of these extensions, with A rates shown (excl. VAT) and the link to the information page of each:

.AM from €54 ($78, £49) per year
.FM from €54 ($78, £49) per year

6 new domain name extensions at Gandi: .GS .HT .SB .TL .MU .CX

Ryan — Wed, 04 Nov 2009 16:42:00 +0100

Our previous domain name discovery tour took us over the world's oceans, and introduced you to 5 new extensions managed by Gandi.

Here is another journey, where you can discover 6 new extensions that you can manage at your favorite domain name registrar. And since we went by sail last time, today's tour will be by plane.

Our trip begins in an archipelago without an airport, where less than 200 people live (mainly researchers), and where the temperature is frequently below zero. The archipelago of South Georgia is less than 1,000 nautical miles off the coast of Antarctica and from here we leave the .GS (South Georgia) archipelago and set a Northerly course towards warmer latitudes.

After traveling more than 5,000 nautical miles, and after flying over nearly all of South America, we come to the tropical climate of the Caribbean Sea, where we will land on the tumultuous Haiti home of the .HT (Haiti).

After sipping on a Piña Colada, a plate of local Shrimp, and then sunbathing for a few hours on one of the magnificent local beaches, we board the plane again. After refueling and taking off, we change course by 260 degrees for a loooooooong flight of nearly 8,000 nautical miles that will take us across the pacific ocean, the international date line, and the Tropic of Cancer. We will land on runway 24 of the Solomon Islands, home of the .SB.

A brief historic visit of this island that has played such a large role during the the Pacific War, and we take off again, this time for a shorter flight of only 2,000 nautical miles, due West, to a country where it best to have the authorization pass into its airspace, as internal conflict has given more voice to arms than diplomats. Welcome to East Timor and the .TL!

We continue 1,000 nautical miles west along our route, and there we see the o' so very small but charming .CX with the festive name (Christmas Islands). The beaches there are magnificent, the scenery is enchanting, and the local cuisine is rich is flavor (and spices ;)). Relaxed, and full of wonderful memories of our stay, we board out flight and head out to our last destination.

With our course set West-South-West to 255, we can sit back and enjoy the 3,000 nautical mile flight over the Indian Ocean. There, an island suddenly appears on the blue horizon, welcoming and bathed in sunlight.

Having the authorization to land on runway 32 we arrive at Mauritius home of the .MU!!

After a long journey far above the waves, we find ourselves on the most diverse island on the Indian Ocean. Halfway between Africa and Asia, colonized by the Europeans, here is a charming melting pot of people, language, and culture...

Our plane is in the Hangar, and so we will profit from our presence on this island paradise to wait for the new batch of extensions. We hope that you have had a pleasant flight, and we wish you a wonderful stay! See you again soon on Air Gandi!

Here is the list of extensions, with A rates shown (excl. VAT) and the link to the information page of each:

.GS: €30 ($40, £25) per year
.HT: €64 ($90, £55) per year
.SB: €44 ($60, £8.30) per year
.TL: €26 ($35, £18) per year
.MU: €42 ($58, £36) per year
.CX: €26 ($35, £18) per year

Around the world in 5 extensions

Ryan — Mon, 28 Sep 2009 14:40:00 +0200

We have just added 5 new "exotic" extensions to the list available at Gandi. If you want to step onboard the magical Gandi cruise ship, I will be pleased to give you a tour!
Our voyage starts in this vibrant and very lively Central America... Yes, .HN (Honduras) domains, like our friends in the region, could have a very fiery and passionate temperament Or just be normal, it's up to you

A bit farther up, we discover the lesser-known .BZ (Belize), with its sandbanks and the famous "Great Blue Hole". From there, we head East, across the warm waters of the Caribbean Sea, and stop at .VC (Saint Vincent and the Grenadines).

And since you are beginning to be entranced by the warm winds, and the crystal clear waters, we will continue our trip South East, across the Atlantic, around the Cape of Good Hope, and up along the coast of Madagascar to drop anchor in the .SC (Seychelles), a truly magical location...

Finally, we will head North-North East, and 7,000 kilometres further, after having passed through the coastal waters of .IN and .CN, we will leave our cruse ship and travel inland, to the very Asian and very ancient .MN (Mongolia) land of Genghis Khan.

We hope that this little journey has whetted your appetite for exoticism! Here is a list of these new extensions, which are open for registration to all, as well as a link to their information page, a bit more technical, as well as the prices that go with them (all rates stated excluding VAT)

.HN: €44 per year, under A rates
.BZ: €18 per year, under A rates
.VC: €24 per year, under A rates
.SC: €60 per year, under A rates
.MN: €32 per year, under A rates

Expert SEOs give their opinion on Liberalisation

Joe — Tue, 16 Jun 2009 12:37:00 +0100

Looks like our ICANN report has generated quite a bit of buzz. We've been covered in hundreds of online publications in 10+ different languages all over the world (summary will follow towards the end of the week).

But it seems we've hit a rich vein of SEO implications and generated a bit of buzz in that community. I've just come across this blog summarising the view of many of the SEO big boys. http://www.cornwallseo.com/search/2009/06/16/what-is-internet-liberalisation-and-why-should-you-care/

Interesting stuff and some good issues raised.

Jeff Behrendt says "The only clear winner of the proposed new TLDs is ICANN - at $185K per application, that’s a gravy train they are going to want to ride for many years."

That may be a little unfair. The fee is partly in place to make sure that ICANN can provide a good oversight to new extensions being created and protect trademark holders and general internet users from people setting up dodgy extensions or without the technical competency to run them. They've said this may come down (or up) as they get into the process. The fee should be high to ensure a higher quality of registry. This could be the beginning of the internet name space clear up, with higher standards leading to fewer squatted, speculative or advertising domains.

Michael Gray says - "In most cases opening the web up with more TLD’s is just going to create confusion for consumers". A point also made by Patrick Altoft about consumer confusion.

Well that seems to be what our consumers have said in our survey, so they agree. Though this liberalisation does open up the opportunity for specific TLDs and therefore potentially more simplicity and order. Michael's example of .movie is precisely along these lines, why have spiderman3themoive.com when you can have spiderman3.movie. The film industry could create this extension and protect its use solely for films. I think consumers could get used to that, and it will make more logical sense. More literal meaning to the name space. Roll on the sematic web. Tim Berners-Lee would be so proud

Hugo Guzman talks about the importance to big business - "The liberalization of domain extensions is already grabbing the attention of Fortune 500 companies".

This was supported by our research too. Still 2/3 were unaware this was happening, but those that did know were both excited and afraid of it, depending on which department you spoke to (e.g. excited = marketing, afraid = legal). Owning .brand could allow you to more effectively manage your brand as you create the association with customers that only sites on .brand are really yours. Though Steve Russell is right, this will cost a lot more than the $185k setup fee.

Anyway, food for thought, and thanks guys for your views.

How the domain name industry works - polluting the name space

Joe — Thu, 28 May 2009 14:22:00 +0100

Would you trust a 'for profit' company to represent your best interests? Perhaps. But when your interests diverge, will they represent you or themselves?

Following the overwhelming success of our first article on the domain name industry (1 comment ;-), we naturally thought you were begging for more! I know, I know registrars and registries can be a bit dull, but it is important. Believe me when something goes wrong with your domain name, understanding this can be quite important. So if we look at how and where issues can be dealt with, and who has influence in the industry it sheds a bit more light on the subject.

So now we know who's who in the tree (ICANN, Registries, Registrars, Resellers and You) we can see how the influence the landscape and who has control of what. In a nutshell:

So you as a customer will rely on your Registrar (or Reseller) to represent your needs and solve your problems for you, though they may have to do this at the Registry or ICANN level.

The crazy thing about this is that the Registrars (or Resellers) which are purely commercial entities have voting rights at the registries and ICANN to influence overall policy in the domain space. In some registries (e.g. Nominet for UK), they have voting rights based on the number of domains they manage. So the bigger the commercial entity, the more influence on policy. Hmm. Would you trust a for profit company to represent your best interests? Perhaps. But when your interests diverge, will they represent you or themselves?

Imagine this problem - the domain name space is being filled with squatters, domain speculators, parked/advertised domain names, etc. Now as 'you' the consumer of domain names or visitor to sites online, this is probably not a good thing. You can't get the addresses you want because they are taken, and when you do browse the net you often come across pointless, cluttered sites that offer nothing but invitations to buy them and ad links to other services.

So what would 'you' like. Probably to get rid of all this junk domain space to free it up for use by people who want to publish actual sites or services online, not just profit from the namespace.

But what about the Registries, Resellers, Regsitrars and even ICANN? Well unfortunately they get paid for every domain name sold. If you were to cut all these domains out each of these bodies would see a substantial drop in revenue. For ICANN or the Registries, this might result is less resources to support or manage the name space. For Registrars and Resellers (and some private sector Registries), this would lead to lower sales and profits and 'shareholder value'.

So if you were running a company would you push for something that was better for your customers, but resulted in a 25-50% fall in sales? Hmm. Perhaps not.

The fact that some Registrars like us (but not us, we don't do this!) are actually taking available domains out of circulation, so customers can't get them, and then advertising on them for profit is extraordinary. We're crapping in our own garden!

http://en.wikipedia.org/wiki/Domain_name_front_running http://domainnamewire.com/tag/domain-warehousing/

At Gandi we do believe that our industry needs to clean itself up and not accept this 'pollution' of our own domain name space. Gandi has always stood against these activities and will not engage in them. But as an industry we have to grow up and accept lower sales volume for the sake of maintaining a useable and available name space that is in the interest of all internet users, and not just the commercial companies that have privileged access to domain buying and domain information.

If we just go all out for profit, much like the current man made global pollution problem, we'll just trash our own domain name space.

So when you buy a domain name, you are in effect taking a vote for the company that you want to represent your interests in the definition of global domain policy. Think about it.

8 Things a Domain Thief Loves

Joe — Sun, 15 Feb 2009 21:19:00 +0000

We all put a lot of effort into securing the domain names we purchase. It may be creative energy finding the perfect name for your blog in an increasingly crowded landscape; or waiting patiently for your company name to be released back into the wild by someone who's owned it for 5 years but never used it.

Regardless, your domains can be stolen or sniped from right under your nose. We thought we'd take a light hearted look at how to keep your domains safe from potential domain thieves:

1. Unlocked Domain Names

The thief does not like a locked domain name, it means they have to go through another layer of protection to steal it. Lock all your domains by default.

Do you realise how easy it is for a thief to crack your free email compared to pop3. C'mon now, get serious.

Solution: Lock all your domains by default.

2. Domain name front running (also called domain sniffing)

Just because that domain you searched for three months ago is now with someone using it to promote a Nigerian Strip Poker site, does not mean that it was sniffed and then stolen. However, enough evidence does exist to suggest the practice does exist.

http://www.gandibar.net/post/2008/10/22/Why-domain-name-services-are-not-all-equal

What more can a domain thief hope for than to know the domain name you want.

Solution: search for your name on reputable domain registrar's site (not to blow our own trumpet but you won't catch anyone 'sniffing' here)

3. Weak Passwords

You may think that having a password like "123abc" is an ironic way to fool password crackers, but you wont be laughing when your domain name is used to promote a One Legged Albanian Car wash service.

Solution, make it long and hard. the password that is.

4. Non Variant password implementation

Yes I know it's easier to have the same password for every online account you own. Not wise, if you lose one, you lose them all. Think about that for a minute.

Solution: Keep a hard copy of your accounts and respective passwords handy.

5. Shady, Not to be Trusted Domain registrars

I'm not naming names here, but there are some places you should not be registering your domain. Your neighbourhood domain name thief knows the weak registrars. When you're a vulture you hang where the meat is.

Solution: Read up on the registrar, make sure they have a good rep.

6. Industrial Password Cracking software

If you have a free email service, or you are with a registrar whose security is weak, then the domain name thief will be bringing out his favourite password cracking software.

Solution: Chose a long password and include non dictionary letters.

7. Downloads of Dodgy Software

If you want to spend hours downloading all six series of T. J. Hooker using Bit Torrent I'm not going to judge you, even though Shatner will be losing the royalties. But, are you really sure that download isn't letting some hairy-assed keylogging software onto your pristine machine.

Once the domain thief has a keylogger installed he can open a can of rampant destruction on your security and as you say goodbye to that domain name at least Shatner can comfort you.

8. Naive people who cannot spot a Phishing scam

I've never met someone who has had their details phished, but who would admit it? If your registrar has sent you an email to confirm personal details or to confirm your password, it is most probably a phishing exercise.

If in doubt, email or call the registrar.

So there you have it. It's impossible to guarantee 100% security, but if you make it so hard that even the hardened domain thief cannot work up the enthusiasm, it's job done.

The gold rush to new extensions

Ryan — Wed, 25 Jun 2008 18:01:00 +0200

Some time ago we published an entry discussing certain changes in this market, and notably PPC (Pay Per Click), or: "how to purchase millions of domain names in order to pollute the internet with websites for which the sole purpose is to display an advertisement".

And pocket millions from the web surfers that we all are, rather than to perform our role as a virtual notary that is honest (even though it pays less).

This "evolution", which personally seems to me to be more of a "regression", has since obviously become an important growth factor for the majority of actors in this market. Except for us, but you know that already.

As you may have already read about, ICANN has just announced that there will be a degree of liberalization in the creation of new extensions. Soon, there will be dozens, or even hundreds of new ones, right next to the ones that are already well known (.com, .net, .org, .info., .de., .co.uk...), and this, thanks to a rather non-discriminative selection process ($70k in capital, and $500k in insurance).

The level of excitement on the part of market professionals (web hosts, registrars, and also established registries) is indescribable. At this very moment, in the hallways of this ICANN convention in Paris, there are many whose sole motivation is to build their own extension, the one that will make them even more rich than they already are.

And I assure you, it really makes for an interesting sight. Did I evoke the image of the Far West?

We are, however, not being sarcastic here: I will say it again, we consider this as an additional chance for everyone to make their own place on the Internet, their own 'identity' in the most professional and personalized way possible. And we hope that in the long term, our brand will fit the image of those people and companies that are looking to do so.

I would like, however, to clarify for our customers, our colleagues at Gandi, and our share holders, as well as to our competitors and all those that have us in mind for becoming a registry of an extension that, NO we do not wish to give in to the trend of mixing roles (ok, perhaps just for the .gandi, but that is even unlikely ^^).

Our wish is to provide an irreproachable level of service, and we cannot do this if we are both the judge and the party, the supplier and the reseller, the regulation authority and the distributor. A notary cannot simultaneously be a real estate agent and promoter: this is exactly, at any rate for us, the same problem that is applied to Internet addresses and to the websites that are on them.

However, this is what has been happening in recent years, because all of the actors believe that the market is so stupid that it will not wake up one day from its torpor. We are betting on the contrary in the long term, and the negative consequence that it will surely have for some. At the least, we can do our job with the head held high, and that is priceless.

It is quite clear: ICANN had just let loose the wave of excess speculation, by opening Pandora's box of new extensions.

Without a doubt, it will be impossible to determine the rules governing the non-cumulation of mandates in a market that is so profitable and controlled by only a handful of people around the world. Also without a doubt, the appearance of new actors, coming from different backgrounds and lured by the prospects, will allow for a "upwards" normalization of this market.

Or not.

Whatever happens, we will still be here for those that would like to give us their trust, which we will do our utmost to honor by taking such a stand.

Network Solutions Caught Red-Handed

Ryan — Wed, 16 Jan 2008 10:23:00 +0100

Have you ever gone to register a domain name, only to discover that that between the time you made your whois search (perhaps you looked it up during your lunch break at work), and the time that you purchased it (say, when you came home in the evening), that the domain name was suddenly no longer available? That the domain name you once thought could be yours for 12 euros at Gandi was now being sold on a restricted basis for a higher price and at a different registrar?
What happened?

"Front running" is a term to describe what occurs when an unscrupulous system logs the domain name searches that you type into a whois search engine, and if the domain name is available, the system automatically registers the domain name for itself. For what purpose? For selling the domain name at a higher price, and for only their customers...

It has just been publicly acknowledged that Network Solutions engages in just this practice.

Incredible. If you go to Network Solutions' website and enter any domain name in their whois search engine, it will be automatically registered with Network Solutions as the owner and contacts. Then, if you try to register the domain name at a later time (within 5 days), you will only be able to register it at Network Solutions, and at a higher price than normal!

The excuse given by Network Solutions is that - if you can believe it - is that they are doing this to protect their customers. As far as I know, however, one does not become a customer by simply doing a whois search, and I hardly see how the practice of front running protects one from front runners...

Though there are now many bloggers and reporters discussing this, you can read about it in more detail here, and see an example of this being done before your eyes.

Needless to say, Gandi does not engage in this practice. Anyone is free to search domains using our whois search engine with the knowledge that we will never go behind your back to steal your domain and try and sell it at a higher price to you, or the best bidder. Want proof? Use our whois search engine to test random domains - you will see that they will remain free

We will be happy to answer any of your questions regarding this, and welcome any discussion regarding domain name registration or the whois database. Has something like this happened to you before? Please share your story!

Top Spammer Put Behind Bars

Ryan — Thu, 31 May 2007 16:38:00 +0200

As you can read in the Spamhaus News, Robert Soloway, one of the world's most prolific spammers, was arrested yesterday by United States federal agents after being indicted by a federal grand jury on charges of identity theft, money laundering, and mail, wire, and e-mail fraud.

For those that follow the latest developments in the tug-of-war between spammers and anti-spammers, the announcement of Robert Soloway's arrest is welcome news. The putting behind bars of Mr. Soloway will definitely reduce the amount of spam received, and will serve as an example to other spammers, that such activity does not go unnoticed and unpunished.

Spam does not come out of the blue - indeed, there is a person behind each and every e-mail that is sent out, and these people are not beyond the arm of the law.

While Spamhaus and Gandi are working together in this fight against spam and providing the very information that law enforcement needs to protect your inbox and identity, you can also play a role.

By complaining to the registrars and web hosts that allow their services to be used by these criminals, and by contacting your local political representatives to encourage them to take action against spam and spammers, you too can be responsible for reducing the amount of unsolicited junk mail in the world.

I don't know about you, but having the absolute need for anti-spam filters on my e-mail accounts to putting iron bars over the windows of my house. Wouldn't it be nice if when "you got mail", it was actually from someone you hoped to hear from?

What's up? - week 02

Arti — Wed, 10 Jan 2007 12:13:00 +0100

Here are the changes made to Gandi since....oh my...a while now

New DNS system!
Optimization of the prepaid system for resellers
Installation of the new Mail servers (we have nearly tripled our capacity)

A year that takes off for my "What's up" entries with brand new acts - it's touching
Due to the number of changes that will be rapidly announced, entry after entry, the conclusion of long hard months of gruelling development heated by coal furnaces and illuminated by torches...What? I am told that I am getting carried away. Ok, but the work has been intense and the team, right on the front line of the battlefield, is very pleased to present to you, along with its season's greetings, the result of its work.

We will therefore, while awaiting for next week, for the entry of "Homemade DNS". A project that has been greatly anticipated by many of you, that will allow you even greater flexibility with regards to the management of your domain name, and this, via a really simple interface. A post by Romuald, in charge of the project, is available here.
For my part, I invite you to look forward to my next "What's up", which will be just as revolutionary as this one!

It's DNS.BE's turn for V2

Arti — Thu, 30 Nov 2006 18:10:00 +0100

The .be registry has just informed us that they will be shutting down their machines during a brief transition to the V2 of their technical platform tonite at midnight, and this - for un unknown length of time.
During this time, which may last at best several hours, or worse, a very long time or even worse than that (Murphy's law), all operations concerning .be domains will be suspended (if they depend on passing on a request to the registry of course).
We will let you know as soon as our Belgian friends plug it back in!

.EU at half-mast

Arti — Tue, 05 Sep 2006 15:12:00 +0200

You may have noticed that the .EU is experiencing some problems today. The EURID Registery is out-of-service and the information we received from them is brief. We were informed at 10:40 this morning by Eurid of its temporary unavailability without being given a precise hour when normal service would return. Thus, we are waiting and will keep you informed as soon as we have more news.

***EDIT***
5:00 PM, the .EU is back and ready to roll