Gandi Bar - Domain names - Comments

ICANN - domain name extension liberalisation - who benefits? - MJ Ray

MJ Ray — Tue, 26 Jan 2010 15:37:14 +0100

Dominic Search has an interesting comment, but cooperatives are far from arcane organisations and I thought Poptel broke up rather than exactly going defunct (although I suspect it might have gone that way if it hadn't) because of its lack of asset lock.

Why domain name services are not all equal - منتدى

منتدى — Sat, 26 Dec 2009 04:57:11 +0100

Hi Joe, thanks for your very kind comments (and great name). It almost looks like I've written this myself!

Anyway, thanks again, and we hope to continue to bring you and your clients great products and services for many years to come. Take care,

Why domain name services are not all equal - watches

watches — Tue, 01 Dec 2009 01:42:05 +0100

I can no longer use Gandi for various reasons, and finding a decent alternative is proving quite difficult.x1201

Why domain name services are not all equal - metin2 yang

metin2 yang — Fri, 23 Oct 2009 10:41:09 +0200

wow gold wow gold wow gold wow gold wow gold wow gold wow gold

Why domain name services are not all equal - Zhang

Zhang — Sun, 05 Apr 2009 02:30:36 +0200

I just noticed that miconian.com (Mentioned at your post) just changed their registrar to Dreamhost.

One domain name, one certificate - Romain

Romain — Wed, 01 Apr 2009 08:40:15 +0200

It seems that EV SSL are great but the green bar doesn't display in IE !! Do you know why ?

Why domain name services are not all equal - wow

wow — Tue, 24 Mar 2009 01:29:39 +0100

wow......

8 Things a Domain Thief Loves - Shiju Alex

Shiju Alex — Fri, 20 Mar 2009 11:57:05 +0100

Good job...

I have a few suggestions, mostly regarding contact info.

# It is a good idea to enable privacy protection
# Whether or not you have enabled privacy protection, be sure to have valid contact info.
# The contact email ids are very important. Never make a foolishness like have a contact mail id on an expired domain (and leave the domain unlocked)

One domain name, one certificate - Nicolas (Gandi)

Nicolas (Gandi) — Mon, 09 Mar 2009 12:48:40 +0100

Fulgan: See comment #15 and contact our customer care team
Regarding your questions, we don't support custom OIDs in our certificate for the moment and SubjectAltName extension are not proposed for the moment, we will probably add a intermediary offer with 2 or 3 CN included.
Our intermediate CA are available here http://en.gandi.net/ssl/documentati... and our root CA here http://crt.usertrust.com/AddTrustEx...

One domain name, one certificate - Fulgan

Fulgan — Mon, 09 Mar 2009 10:20:39 +0100

Hello,

I was kinda excited by the announcement because, like you, I strongly believe that SSL must be much strongly tied to the DNS system and this for many reasons, only a few of them being that it will make securing "low budget" domains stronger.

However, I wasn't surprised to see that the announcement is misleading: with the fact that you get a single SSL cert per registered DNS and the fact that it's only for a single year, the real mellow of that specific bone has been removed and it's now just a promotional introduction offer instead of a real step forward.

Don't get me wrong: it IS a good offer and the price is really interesting. Even though I'm apparently too good a customer to be eligible for this offer (I register my domains for 3 to 5 years, usually, and thus none will expire before the end of the promotion), I will still be interested the next time I need a "public" X509 certificate.

A few questions remains, though:
- Will you support SubjectAltName extension in certificate requests ? (OID 2.5.29.17) If yes, will there be additional costs involved ?
- What is your root CA ? Ideally, do you have a web page that is signed with your production authority so we can check the chain and compatibility with browsers and applications ?
- Will you support custom OIDs in the certificates ? If yes, will there be additional costs involved ?

Thank you,
Stephane

One domain name, one certificate - Leland

Leland — Thu, 05 Mar 2009 14:23:37 +0100

@Jonas (#21)

I just tried with Safari 3.2.1 myself, and it defaulted to english for me -- even though the language cookie isn't listed in my Safari... (/me investigates further)

hmm...

Update

Okay.. looking into this I think I have isolated the answer. You mentioned that you have set the Accept-language header to nl-nl... I removed the cookie and did the same in Firefox and sure enough the page defaulted to french. The long and short of it is the site defaults to french without cookie. If you set a language preference in the browser, but it is a language that is not recognised or supported by the gandi website, again it will revert to its default language (French). If the language is recognised and supported, it will attempt to use that instead. If the language cookie is set, this overrides the browser preference.

HTH

Leland

One domain name, one certificate - Jonas

Jonas — Thu, 05 Mar 2009 13:14:22 +0100

@Leland

I'm using Safari 3.2.1. For .gandi.net I have a 'currency' but no 'language' cookie. It also turns out that my language isn't even saved within the same session. I hadn't noticed this because of the redirect to en.gandi.net.

I just tried Firefox and this browser does indeed store the 'language' cookie. The default language (sans cookie) was French, despite having the 'Accept-Language' header set to 'nl-nl'.

One domain name, one certificate - nibl

nibl — Thu, 05 Mar 2009 03:47:59 +0100

Is this a single root or chained root certificate?

I don't see Gandi listed as a known CA in Firefox 3.0.6, so which authority/authorities is Gandi using?

Thanks.

One domain name, one certificate - Steve

Steve — Thu, 05 Mar 2009 01:36:22 +0100

Is there any need to whine so much, people? Obviously Gandi are SSL resellers from a higher authority; otherwise they'd have to go back in time and have their cert added to browsers from years ago to make it actually work properly. Renewal after the year is optional, and it's a pretty low price anyway.

My company's SSL certs are up for renewal in May and I'll certainly be having a good look at Gandi's offering, as they've been so good with everything else I've bought from them in the past.

One domain name, one certificate - Tom Chiverton

Tom Chiverton — Thu, 05 Mar 2009 00:32:50 +0100

@Stephen: Cheers, email sent ! It is an excellent deal, and a lot better experience than elsewhere too

One domain name, one certificate - Leland

Leland — Wed, 04 Mar 2009 13:45:08 +0100

@Jonas (#10) concerning your issue with the site language. It seems that your browser is not storing a specific cookie used by the website to remember the language preference.

Specifically, the name of the cookie is simply "language" with a content indicating the country code corresponding to the preferred language. It is applied to domain *.gandi.net and sent for any type of connection. It generally has a 90 day life time as far as I can tell.

Using firefox and IE, the gandi website (as well as the wiki, groups, and gandibar) all default to english for me (and I'm actually at Gandi in Paris) as stored in my language cookie (English is my native language, so suits me perfectly!).

You might want to check that your browser is accepting and storing the appropriate cookies from Gandi.net. (In firefox, for example, the cookies associated with the page can be found under Tools -> Page Info -> Security -> View Cookies.)

Hope that helps!

Leland

One domain name, one certificate - joe (Gandi)

joe (Gandi) — Wed, 04 Mar 2009 12:05:49 +0100

Hi El Bunto,

I believe you can purchase a certificate per sub domain, e.g. buy several of the 1 sub domain certs, rather than buying the unlimited one which as you say is much more expensive. This way you can vary the cost with the number you need. Does that help?

Joe

One domain name, one certificate - Stephan

Stephan — Wed, 04 Mar 2009 10:03:11 +0100

Jonas : The french version is also clearer now, I modified it. It's always tricky to communicate, so thanks for asking the right questions.

Wolfgang : we are your CA certificate. The fact we've licensed a technology doesn't mean we're not really your authority of certification. We are declared like that, and I guess it's all that really matters at the end.

Tom/Ano/El Bunto : Thanks for the feedback We appreciate your concerns, and for the effort of posting here, I'll make sure you'll benefit from a free certificate with your domains (1 year is already a great offer, as you recognized !). Hope it helps :D
Please contact our support we'll deal with it.

One domain name, one certificate - El Bunto

El Bunto — Wed, 04 Mar 2009 08:53:21 +0100

I'm not pleased with GANDI regarding this scheme.

First, I renewed my domain early after receiving the `domain expiring in 30 days'' communication to prevent any problems with payment processing. So although my domain renews on 10th March, I am not eligible for this free certificate. Why not?

Secondly, the vast gulf in prices for one cert versus an unlimited number appears to be deliberately designed to sting those people who need two or three certs. Why did GANDI not offer a sliding scale of pricing instead of assuming that those who need more than one cert must purchase an infinite number?

One domain name, one certificate - Anonymous

Anonymous — Wed, 04 Mar 2009 08:37:57 +0100

Regarding comment 11: Based on the documentation in the wiki at http://wiki.gandi.net/ssl, it looks like Gandi lets you generate a CSR yourself and submit that. A CSR includes only the public key, not the private key.

Regarding comment 10: Yeah, same problem here. I registered my domain two months ago. I wonder: does renewing early, as in adding a year to the end of the registration, let me take advantage of the free certificate offer?

Regarding the various comments about misleading advertising: only one struck me as misleading, namely the word "renew". I interpreted the offer as "each time you renew your domain you get a free certificate for a year", which would *rock*. When I realized it only meant one free year total, that seemed slightly less awesome, though still nice. And your prices still beat many other certificate authorities.

One domain name, one certificate - Wolfgang Rupprecht

Wolfgang Rupprecht — Tue, 03 Mar 2009 21:43:01 +0100

If Gandi were to sign my CA certificate, that might be worth something, but I'm not sure when I would trust a certificate where the private key was generated by an outside entity and where the only barrier to someone else getting a key with a a similar CN is an administrative one.

One domain name, one certificate - Tom

Tom — Tue, 03 Mar 2009 19:55:11 +0100

Ace !
Except... I renewed my domains just the other week, and obviously missed this offer, which is only going to run till the end of the year, apparently. Bah.

One domain name, one certificate - Jonas

Jonas — Tue, 03 Mar 2009 18:51:42 +0100

Well, in the French version of http://www.gandi.net/ssl/ there's no mention of the one year limit in the title ("Un certificat SSL standard inclus gratuitement* avec votre nom de domaine !").

On a side note. It's really annoying that everything I visit Gandi.net, I first get served the French version. It never gives me the English version even though I'm using a Dutch version of my OS and browser. Also, when I switch languages, it never remembers this choice between sessions. I'm guessing I get served the French version because I'm log in from Brussels.

Anyway. I did overreact--sorry for that--but you guys do sort of have a history with making your services look cheaper than they are (e.g. changing prices after the beta period; mentioning prices with VAT not included). You shouldn't. You're the best already!

One domain name, one certificate - El Bunto

El Bunto — Tue, 03 Mar 2009 18:02:35 +0100

I was very excited by this announcement, but was then disappointed at the binary pricing scheme. I would require certificates for two subdomains but this results in an eight-fold increase in cost!

Perhaps Gandi would consider a sliding scale of prices? There is a spectrum of requirements between one domain and unlimited domains.

Dodgy domain practices, the story contines... - Rhys

Rhys — Tue, 03 Mar 2009 14:30:20 +0100

Indeed, it's a nice question where it's better to comment on the content))) But, in any case as every one whose comments are there under the note, I'd like to say thanx for sharing this nice piece of information with us! have a nice day!

One domain name, one certificate - Stephan

Stephan — Tue, 03 Mar 2009 13:35:03 +0100

Vbfox : We're not reseller, but authority of certification. With all rights and duties attached. The fact that for the higher certificates we use Comodo services is simply to complete our offering, in order to cover the needs of everybody.

You don't need the extramile proposed with the big certificates (monetary guarantees), but perhaps others will make this choice, knowing exactly what they are buying (it's explained on the product pages, and we freely talk about it in and there).

We think we're introducing something quite interesting to the mass market : True SSL certificate with a domain name. From such a large provider, it's simply a first, and as certificates will be more and more important to professionalize your web presence, it's definitely a service we needed to propose, the Gandi way.

I totally agree with you, this particular market needs a good kick in the butt, and this is, I think, a good start in that direction : we're still there, with the same ethical guidelines and hopes, be assured about that.

One domain name, one certificate - Vbfox

Vbfox — Tue, 03 Mar 2009 12:43:29 +0100

I really hope that you someday manage it. It is a market that -- like dns when gandi began -- need a good kick in the butt.

One domain name, one certificate - joe (Gandi)

joe (Gandi) — Tue, 03 Mar 2009 12:35:28 +0100

Hi Vbfox,

Don't worry about it. I understand. In an ideal world we would provide every product direct to you, build and developed entirely in house, as we have with our domains and hosting services. However some products like SSL require quite a serious investment in specific encryption technologies, which is why the industry is dominated by a few large players. We have choosen Comodo as our SSL technology provider and partner as they are independent, which is important to us as it is consistent with our vision.

I hope that gives you a better idea of where we're coming from, and thanks for helping us make sure our message is clear and honest.

Joe

One domain name, one certificate - Vbfox

Vbfox — Tue, 03 Mar 2009 12:15:34 +0100

It totally make sense, i'm sorry if i was rude but i was expecting more from you. You are here just a resseler as there are a miriad of.

I still don't see why i should pay an ssl cert when i use it to provide non monetary services.

When i provide a webmail or a private download site for my company or even to customers WHY should i pay for a service that is just a distributed pki to avoid man in the middle. Gandi as a domain name provider know that i own the domain and should be able to provide a wilcard for free.

The current offer is the same as other providers and is aimed to provide monetary guarantees that arent needed in most case.

Basically i was expecting more. Sorry.

One domain name, one certificate - joe

joe — Tue, 03 Mar 2009 11:51:40 +0100

Hi vbfox and Jonas,

There is no intension to deceive you here. We are paying for the privilage to be able to offer our customers a certificate for 1 year for free with all domains. Like domains, certificates cost money, so we can't provide this for free indefiniately.

The text on our homepage says '1 year free certificate' and as you have pointed out we do put the terms of the certificate clearly on the SSL page. We are not trying to hide our offer, nor why we are offering it. If it was not clear in the article, I will adjust it, as we would hate for you to think we are trying to mislead or exploit you.

The reason we are doing this is because we think certificates will form an increasingly important part of the domain space, particularly as the ICANN liberalisation will create any number of alternative domains that might 'look' like your domain. The certificate will be a way of making sure your customers know its you.

As Ryan says, we hope you will see some benefit from the free year and if you want to continue with it, that's up to you. If we can find a way to extend the offer, or get you better rates, we will do that.

I hope that makes sense,

Joe

One domain name, one certificate - Vbfox

Vbfox — Tue, 03 Mar 2009 11:36:59 +0100

Misleading advertising and as all other you expect us to pay for a small "*" character.

Long gone is the time wher gandi was doing things more honestly than other. Now your just another money hungry provider.

One domain name, one certificate - Ryan (gandi)

Ryan (gandi) — Tue, 03 Mar 2009 11:34:15 +0100

Jonas: we are simply saying that we include a Gandi Standard SSL Certificate for free for one year, with domains that are registered, renewed, or transferred at Gandi.

As is our way, there is no obligation to have a Standard SSL certificate with the domain's registration, and no forced sale. If our customer wants to have a Gandi Standard SSL certificate, he will be happy to benefit from the free year, and can renew it if it pleases him/her, or not.

One domain name, one certificate - Jonas

Jonas — Tue, 03 Mar 2009 11:04:19 +0100

* Included for free the first year with the purchase, transfer, or renewal of your domain name. €12 euros excl. vat per year for its renewal. Offer valid until December 31st, 2009.

This is some seriously misleading advertising you have going on here.

[ping] 8 Things a Domain Thief Loves - Notes Fantasia

Notes Fantasia — Wed, 25 Feb 2009 09:37:15 +0100

8 Hal Yang Disukai Pencuri Domain

Kita semua melakukan segala upaya untuk mengamankan domain yang dimiliki. Merupakan sebuah energi besar untuk mendapatkan nama domain untuk blog Anda di dunia Internet yang penuh sesak, atau menunggu dengan sabar nama perusahaan Anda untuk di-release...

8 Things a Domain Thief Loves - ComputerBob

ComputerBob — Wed, 18 Feb 2009 14:28:05 +0100

Good job. I've been doing all of the things that you suggest since I registered my first domain in 1997. This is a case in which an ounce of paranoia can save several tons of frustration (and expense, as described by KK above!).

To thank you, I linked to this article in my Journa today:
http://www.computerbob.com/wp/8-thi...

--CB

8 Things a Domain Thief Loves - KK

KK — Tue, 17 Feb 2009 19:33:10 +0100

Wish I'd read this months ago - i paid $1200 0to retrieve a domain that was drop-caught!

8 Things a Domain Thief Loves - Zhang

Zhang — Mon, 16 Feb 2009 06:51:19 +0100

Thank you for this article...

I also have suggestion for you to increase your account security.

Since domain owner will not login to domain account every day, it would be great if there is some notification option to be send to account owner's email address for every successful or failed login. So in case the account compromised, the real owner will have the notification and can act immediately.

Also send notification for every important changes to the account, like email address.

Dodgy domain practices, the story contines... - Remington

Remington — Tue, 10 Feb 2009 12:03:04 +0100

Right you are, it is very nice that you have followed this line. It is very detailed and I'd like to say thank you for the links.

Why domain name services are not all equal - hoodia

hoodia — Fri, 06 Feb 2009 09:33:51 +0100

hm, interesting explanation! never thought about these reasons... I thought it is just a question of prestige and price... And how do you think, if there will appear a new country who will give it the domain name?

Dodgy domain practices, the story contines... - Arjun

Arjun — Thu, 05 Feb 2009 09:44:39 +0100

yeas the information is really useful... thanx for the links to those posts, I do not know where it' better to leave a comment on the content here or there, but still I'd like to say out my reaspect and best wishes to you!

Dodgy domain practices, the story contines... - Zhangjia

Zhangjia — Sun, 28 Dec 2008 14:18:54 +0100

Thank you for sharing this information.....

UK government theatens domain name industry, 'Get your house in order or we'll step in and take over'! - DoctorDee

DoctorDee — Wed, 24 Dec 2008 08:41:34 +0100

I would welcome any move that wrested control of the UK TLD from Nominet. As an organisation they have historically done a terrible job of managing .uk while pocketing huge profits from their bungling. They are autocratic, old fashioned and high handed.

They have lucked into a monopoly situation which they have used as a licence to print money while delivering barely acceptable service. The way they used to allow domains to sit in limbo for ages if someone failed to renew their registration was scandalous. This may still happen - but I have not had exprience with it recently. But even if this is fixed, the fact that it was allowed to happen for so long is unforgiveable.

The fact that they routinely use fear tactics to try and trick registrants who have placed a domain with another registrar into re-registering through them is sharp business bordering on fraud.

Someone should take the TLD from them, or competition should be introduced.

Any government "domain tax" could barely be more punitive than Nominet's pricing.

UK government theatens domain name industry, 'Get your house in order or we'll step in and take over'! - joe90d

joe90d — Fri, 19 Dec 2008 15:59:52 +0100

Do not worry its just an ideal threat... They will be too busy running our banking sector, watching CCTV cameras just in case I drive into an offensive parking spot!

However should the government get there hands on the control of internet domain space, I shudder to think what next... A domain tax, domain censorship. Consider a situation where a whistle-blower puts up his own blog on the net, or look at how the Obama campaign was run. I am sure that the powers that be are worried, and quite rightly so. Someone may actually get to say something they dont like about their policies, and just use the net effectively as a political tool.

I think though that more realistic management of domain space is a good thing. So many domains so little time. It would be so much easier to determine the content of domains by a more structured domain system.

UK government theatens domain name industry, 'Get your house in order or we'll step in and take over'! - Wendy (Gandi)

Wendy (Gandi) — Thu, 11 Dec 2008 11:39:04 +0100

Hi Scott

Thanks for your input.

Yes Nominet's process is outdated. To be fair to Nominet they are aware of this and are addressing their paper based processes. In Feb 2009 they are changing their renewal process to an email only system rather than old fashioned posted forms! I would hope they'll address their transfer process shortly.

UK government theatens domain name industry, 'Get your house in order or we'll step in and take over'! - Scott Barnham

Scott Barnham — Fri, 05 Dec 2008 11:31:54 +0100

Much as I dislike government regulation of anything Internet related, I think Nominet is doing a lousy job.

I've had to transfer some .co.uk domains from other people recently and it is far more difficult and bureaucratic than transferring a .com. Nominet requires paper forms and an admin fee of GBP10 + VAT to change the whois details. Changing the IPS tag - i.e. transferring to another registrar - is not enough.

As an organisation, Nominet seems very bureaucratic and old-world. Their online system is weak. They require printed forms and company letterhead instead of simple emailed confirmation links.

I don't necessarily want to see the government step in, but I do want Nominet to get its act together.

Launching of .TEL - Full opening on March 24th at 4 PM (Paris time) - Nicolas (Gandi)

Nicolas (Gandi) — Wed, 03 Dec 2008 14:23:54 +0100

That's just the Sunrise price to protect your brand...price in march will be between 8 (E rates) and 14€

Launching of .TEL - Full opening on March 24th at 4 PM (Paris time) - Zhang

Zhang — Thu, 27 Nov 2008 08:25:53 +0100

It is true $130 Excl Tax? Very expensive domain name.

With $130, I can have a domain names, plus 1GB blog, plus 1GB Email (Referring to Gandi's), plus still have $115 saving on my bank account. Not just a single page showing my information.

But anyway, I would like to see how it work. If people uses it, maybe I'll try it.

Just my 2 cents.

Launching of .TEL - Full opening on March 24th at 4 PM (Paris time) - Nicolas (Gandi)

Nicolas (Gandi) — Wed, 26 Nov 2008 20:53:15 +0100

Prices (in Sunrise) are available here : https://www.gandi.net/domaine/prix/...
The registration period in Sunrise is forced to 3 years by the registry, processing fees are included in our price.

Launching of .TEL - Full opening on March 24th at 4 PM (Paris time) - padawan

padawan — Wed, 26 Nov 2008 11:29:54 +0100

I couldn't find the amount of the processing fee for the Sunrise period anywhere. How much is it?

Why domain name services are not all equal - Colin

Colin — Fri, 21 Nov 2008 10:55:24 +0100

Well, I've just completed transfer of my two personal domain names (mine and my wife's) from another registrar to Gandi. The previous registrar didn't try to rip me off, but its administrative interface was a usability hell ridden with bugs, and any DNS change was really, really painful to complete.
I went to Gandi because I already knew it, for it is the registrar of my workplace's professional domain names, and I knew the service is good.

Please keep it this way!

ICANN - domain name extension liberalisation - who benefits? - mc

mc — Sun, 16 Nov 2008 10:39:48 +0100

There was an undetected (?) dose of sarcasm in my opening paragraph. While non-profit ICANN may not stand to cash in, this non-profit has a history of acting more like the US Dept. of Commerce in preparing the ground for various undesirable practices that certainly don't benefit those simple souls that 1) buy a domain name 2) develop a web site and 3) run a business based on it. New "innovations" are geared toward feeding the continued expansion of the secondary markets that we love to hate.

ICANN - domain name extension liberalisation - who benefits? - Dominic Search

Dominic Search — Sat, 15 Nov 2008 13:15:24 +0100

Interesting stuff, and I largely agree with Joe's analysis.

Partial liberalisation of the domain space has never made long-term sense to me. New domains that have no intrinsically useful meaning within the domain hierarchy are simply a benefit to the domain registration industry... they offer little of value to anyone else. Either we stick with the original ccTLDs plus gTLDs with some limited but genuinely useful expansion, or we abandon the entire domain hierarchy and go for full liberalisation.

Think mass-market fully personalisable online identifiers. Sure this presents some major technical and legal hurdles, but as some of you may remember in the 1990's http://en.wikipedia.org/wiki/Altern... had an alternative DNS root that did exactly this (they came a sticky end after an audacious hijacking of the official Internic domain during a public dispute).

--------------------

At this point perhaps I should share a story with you that has relevance here. Apologies for its length... it started small, but you know how these things grow. Hopefully you'll find it an interesting read about a part of the Net's lesser-known history

In a former life I was involved with ICANN's first wave of domain liberalisation back in 2000. I wrote the technical parts of the application for http://www.coop/ while working for a now defunct UK ISP that specialised in the Public, Social Enterprise, and not-for-profit sectors ( http://en.wikipedia.org/wiki/Poptel - a 'pedia entry that so needs improving).

On 01/08/2000 when ICANN opened the tender process to expand the TLD space, Poptel happened to be in a position to respond. However ICANN didn't exactly make the process easy... they wouldn't say how many new TLDs they would be approving, and gave only scant information on the criteria by which applications would be assessed (probably because they would only know after a looking at all the applications). Oh, and they charged 100,000 USD per TLD for the privilege. We applied for two (dot-coop and dot-union). The applications were paid by our investment company (Sum International) and the two sponsoring organisations ( http://www.ncba.coop & http://www.icftu.org/ respectively).

Our applications are archived at http://www.icann.org/en/tlds/co-op1... and http://www.icann.org/en/tlds/union1... if anyone is interested in the gory details of becoming an accredited registry operator. Remember this was ground breaking stuff with no precedent or ready-made solutions - I had to invent the technology architecture from scratch in a couple of weeks knowing that we'd probably have to tear it up and start again if we won. That was fine because I like difficult and creative challenges, and it seemed highly improbable that we would win anyway =)

Incidentally, http://tucows.com/ developed what became http://opensrs.com/ as part of their own application for another TLD (I forget which). We suggested a partnership or even a licensing deal from them, but they felt they had a strong hand and we had little to offer them, so they declined. On one level this was an accurate assessment... except perhaps for the http://www.nominet.org.uk/ factor (who by contrast were fantastically helpful). Founding chairman Dr Willie Black and current CEO Lesley Cowley loved the idea that a small slightly anarchic British worker co-operative was up for playing with the big boys in the ICANN game. We gained Nominet's full support, and they were the designated fail-over operator should we go bankrupt (an ICANN requirement).

Judgement Day was the 2nd AGM of ICANN's Board on 16/11/2000 (the same meeting at which "the father of the Internet" http://en.wikipedia.org/wiki/Vinton... was elected Chairman of ICANN and then presided over the TLD deliberations). It was a tense day in our office. First dot-union was rejected for being too much of a political hot potato... it had attracted intense negative lobbying by corporate interests in the USA, and the discussions about it at the ICANN meeting were describe to us as being "heated".

Next up for discussion was dot-coop for http://en.wikipedia.org/wiki/Co-ope... an arcane organisational structure that was off the lobbyist radar in the USA, but at the time very much on the political agenda in the UK. New Labour came to power in 1997 promising a "Third Way" ( http://en.wikipedia.org/wiki/Third_...) ), and then struggled to define what the hell they actually meant. For a while they latched onto the co-operative movement as being an answer, and Peter (now Lord) Mandelson, until recently the EU's Trade Minister, was citing the Co-op Bank, John Lewis Partnership, and Poptel as notable examples of successful British Third Way companies.

However I suspect it was just the relief of having their first non-contentious application to discuss that lead to ICANN's rapid approval of our 2nd application... and so we became one of only seven new first-wave registry operators. Privately ICANN told us that Nominet's support was an important factor in our favour. I fell off my chair at the news... and then promptly resigned (let's just say I jumped before things got nasty). Tucows lost their application, however their subsequent success with http://opensrs.com/ is highly commendable and I suspect far more profitable than dot-coop will ever be.

But there-in lies the difference... whilst dot-coop & dot-union were designed to generate healthy trading surpluses for the registry operator, they were not in themselves ever going to be the big money earners. Both were sponsored, meaning the rules governing domain registration were to be strictly set by a sponsoring body for the benefit of their defined constituency (in this case restricted to accredited coops / trade unions to provide clear & verifiable authenticity of their online identity). This keeps out the speculator & squatters, but greatly reduces the demand and so increases the percentage of overheads that must be recovered with each domain transaction (hence the very high cost of dot-coop domains at around £80 + VAT each).

Our vision was to leverage the TLDs and our position / reputation within the target sectors to create a wide range of related organisational IT services that we knew our clients wanted (or were about to want) - a technology platform that included domains, outsourced billing, payment processing, business directories, identity verification, services aggregation, VOIP, unified messaging, content management, and a whole host of other typical buzzwordz of the time. Our bold conception was that Dotcoop was the totemic representation of the wider http://en.wikipedia.org/wiki/Social... movement - it was the Internet flagship for an alternative business model to the rampant consumerism as embodied by Dotcom. Heady stuff. Exciting times. Shame the dream never got to be market-tested...

A combination of bad organisation habits (from Poptel's long and strange past), internal stresses (from near bankruptcy to a £2.5m capitalisation, and staff growth from 20 to 60, all within 9 months), a dysfunctional management structure until too late (all too common in third-sector organisations), and the bursting of the Dotcom bubble caused Poptel to spectacularly implode a year or so later. The Dotcoop Registry was run as a separate company and the TLD went live on 21/11/2001. After the fractioning of Poptel into several splinter companies, and with great irony, the registry was for a while effectively controlled by the venture-capital investor, Sum International. Eventually it was bought by the co-op movement and is still in operation today.

ICANN - domain name extension liberalisation - who benefits? - Joe

Joe — Fri, 14 Nov 2008 16:02:45 +0100

Hi Wes, I'm not sure WVHs reply was quite the attack on US sentiment that you took it to be. The US should be very much admired for its role in supporting and sponsoring many of the valued 'global' institutions, e.g. NATO, WTO, World Bank and indeed ICANN itself, that are mostly based and take funding from the US itself.

It is admirable that with its reasonably unique position in global politics as the established superpower that the US supports these 'global' institutions though it does not always agree with them.

I agree with your point that 'government' control of the internet would be tricky, as you rightly put - which government would you trust it with? Which is why ICANN exists as a 'global' institution, and should be supported in this way. ICANN needs to find its voice and be more bold in representing the views of the 'users', though I can appreciate this can be tricky with different interest groups, including those focused solely on profiting from the web.

I think this was the point WVH was making, that we should be careful about not trying to exploit and profit from everything, and should place limits on ourselves. In much the same way that we have national parks and reserves to stop the exploitation of the planet, perhaps we need stronger rules to stop the exploitation and pollution of the name space.

I don't think this is a US problem, but a global problem. The internet is too big to be considered the property of a single country (though again, as you say much of the initial technology was sponsored by the US), it is now a shared resource for all of us, and the distribution of DNS would ensure that it would continue to function even if whole countries were taken offline.

So, international politics aside, what do you want from the domain space? Are you completely free market focused, or do you believe it should be regulated with some protection? Even free market economists believe in the case for regulation regarding scarce natural resources where there is some scope for protection to the benefit of us all (e.g. parks, areas of natural beauty). Is the name space like this, or is it something else?

ICANN - domain name extension liberalisation - who benefits? - Joe

Joe — Fri, 14 Nov 2008 15:33:05 +0100

Hi mc, I think we're in agreement aren't we? My point is that the liberalisation is probably unnecessary and will only fuel ad sites and domain speculation. So yes we would appeal to ICANN for some common sense and as a top 30 global registrar, we hope our views would be heard. We're interested in a functional domain market that meets the needs of real customers, not speculators. It may be less popular view among registrars, but that is what we believe.

ICANN will certainly generate fees from this, though as a not for profit organisation, I don't think it is trying to 'profit' from it, as it has no shareholders to benefit. The money will ultimately be funnelled back into the domain infrastructure (as they themselves say "If fee collection exceeds ICANN expenses, the community will be consulted as to how that excess is to be used").

It is unclear where the pressure for this move has come from, other than the desire to 'liberalise' as an apparent end with intrinsic worth. It may come from vested interest groups (registrars, speculators) who will both profit from it. But in terms of the end user interest, I can't see it. If the domains held by auctions and speculators were returned to the pool, there really would be enough to go around without the need for further extensions.

So I hope that makes our views clearer and you can see why it's not so surprising that we would feel this way and want to represent the interests of our 'real' customers. Thanks,

Joe

ICANN - domain name extension liberalisation - who benefits? - mc

mc — Fri, 14 Nov 2008 11:21:48 +0100

I find it slightly puzzling that someone in the domain industry actually appeals to ICANN for some common sense on behalf of customers who use and rely upon their domain names (for other things than speculation). Does ICANN stand to make a buck here? Yes, they do. What were your misgivings again?

What we are seeing is the creation of the same boundless derivative structures that eventually brought down the financial markets.

While domain squatting may be the core of the problem, I will give you a related example: do a Google search these days, say for a small business, and you easily end up with page after page of portal pages that have these wonderful directories lifted from public records and stuffed with ads. After a few clicks on these, you may come across a listing that includes the actual domain for the business you sought (who may or may not have paid to enhance their listing in said directory). Not only does it make Google far less effective, it pollutes the entire internet landscape with middlemen who offer little but monetized _redirections_ through a space already equipped with fully functional addresses.

ICANN - domain name extension liberalisation - who benefits? - Wes Peters

Wes Peters — Thu, 13 Nov 2008 05:14:47 +0100

Nameless Doofus said:
There never should have been any TLDs beyond the country-specific ones...
This is just Amer... eh... capitalism to its worst</quote>

Ahem. OK, if you don't like our DNS, or our Internet, go make your own. It works (sort of) for China.

I believe the domain market is one thing that could actually benefit
from being under government control instead of being liberalised,
commercialised and thrown for the lions (spammers, speculators,
phishers, etc).

Uhhh, ok, I'll bite. Whose government? *Your* government? Hahahahahahaha, now you're an internet comedian! I wouldn't trust the administration of DNS to *my* government, let alone yours. Here, how 'bout we delegate some little two-letter subdomain to your country, whatever that is, and you have can *your*government administer that. Oh, wait, it probably already does. Fine. If you don't like that the Global, er, American DNS works, just stay out of .com, or .info, or whatever other piece of internet real estate causes you so much heartburn.

That said, I'm selling my house this afternoon so I can raise the capital to become the registrar for the .OMG GTLD. W00t! I win!

ICANN - domain name extension liberalisation - who benefits? - WVH

WVH — Tue, 11 Nov 2008 15:36:45 +0100

I'm completely with Gandi on this one. The last thing we need is more domain names being bought up by shady companies and turned into billboards forever. There never should have been any TLDs beyond the country-specific ones. This would also have kept the juridical scope clear in case of disputes. This is just Amer... eh... capitalism to its worst, turning everything into commodities for sale and rent, while there is a clear need for rules and responsibility to end the abuse. I believe the domain market is one thing that could actually benefit from being under government control instead of being liberalised, commercialised and thrown for the lions (spammers, speculators, phishers, etc).

ICANN - domain name extension liberalisation - who benefits? - Zhang

Zhang — Tue, 11 Nov 2008 02:12:17 +0100

Too many GTLDs is very complicated and costly, specially for small medium companies. Adding 1-3 new GTLDs is good enough, but too many GTLDs will only polluted domain space. CTLD is good, every country have it's own CTLD. One country one CTLD.

ICANN - domain name extension liberalisation - who benefits? - jackbravo

jackbravo — Mon, 10 Nov 2008 16:29:01 +0100

I agree completely with what you said. We shouldn't stand for this, and the state of things is pretty depressing right now. At my company for example we'd love to buy axai.com, but is taken by one of those bill board pages =(.

Damn them!

Why domain name services are not all equal - LC

LC — Mon, 27 Oct 2008 04:49:19 +0100

Wow. Very informative post. Until now, I had been looking at registrars with the lowest prices. This really opened my eyes.

Why domain name services are not all equal - Jakob S

Jakob S — Sat, 25 Oct 2008 21:44:17 +0200

@joe , I'd be happy to tell you the story. Feel free to email me at the email address I used to post my last comment (putting jakob together with mentalized.net works).

I am sure you'll also be able to pull up the story from your support system if you search for that email address

Why domain name services are not all equal - Joe

Joe — Fri, 24 Oct 2008 18:22:44 +0200

@ ret, yes we do try to make sure we represent the customer interests rather than bowing to pressure from comanpies to block domains on even the smallest issue. A claim should be proved and substantiated, and action take as appropriate, not guity until proven innocent.

@ jakob, I'm sorry to hear you can't use us anymore (sounds intriguing). There are other good registrars out there. The smaller companies can offer good value and good terms, just make sure you check the details before you buy!

Thanks,

Joe

Why domain name services are not all equal - Jakob S

Jakob S — Fri, 24 Oct 2008 15:04:41 +0200

Hear hear, Gandi is probably the best registrar I've used. Unfortunately, I can no longer use Gandi for various reasons, and finding a decent alternative is proving quite difficult. I wonder if you Gandi guys and gals can provide any recommendations?

Why domain name services are not all equal - ret

ret — Fri, 24 Oct 2008 14:05:20 +0200

Talk about peace of mind using Gandi. I've heard stories on what happened to a fellow who owned a domain name: someone who was offended at his website content called the registrar with a highly dubious legal claim or whatnot, and that registrar (one of the top registrars, the man who runs it is weird right-wing loudmouth) instantly disabled/locked the domain and froze the account of the domain owner without any regard to due process. I don't ask a registrar be a potential haven for criminal or unethical activity, but at least I know Gandi will stand for due process and my rights as a world citizen (should MY website rub the wrong person the wrong way and they attempt to take revenge).

Why domain name services are not all equal - Joe

Joe — Fri, 24 Oct 2008 11:23:55 +0200

Hi Zhangjia, glad to hear it. We want to keep our customers up to date with what we're doing, and get their feedback and comments so we can make sure we're on the right track. So please do post and let us know when you find something interesting. Thanks,

Joe

Who is Gandi and why should I care about them? - Zhangjia

Zhangjia — Fri, 24 Oct 2008 01:10:37 +0200

Thank you for the information.
It give me clear view about who you are and what you have done.
Great jobs!

Why domain name services are not all equal - Zhangjia

Zhangjia — Fri, 24 Oct 2008 01:07:43 +0200

I love Gandi. I think you are one of the best registrar. Excellent service and support.
Also I love how you communicate with your customers, using Gandibar blog. It give me update on "what happen".
Keep up the wonderful work!

Why domain name services are not all equal - Joe

Joe — Thu, 23 Oct 2008 23:18:10 +0200

Hi Joe, thanks for your very kind comments (and great name). It almost looks like I've written this myself!

Anyway, thanks again, and we hope to continue to bring you and your clients great products and services for many years to come. Take care,

Joe

Why domain name services are not all equal - joed

joed — Thu, 23 Oct 2008 18:36:21 +0200

Gandi is in my opinion the best registrar/ISP around. They consistently provide fabulous service at an excellent price. They never have problems and if they do they are on the ball and get it fixed. Since joining Gandi and setting up our clients domains etc we have never looked back.

Well done all at Gandi!! Keep up the fantastic work!.

Joe.