Subscribe to RSS Feed

03|20|2008 05:09 pm EDT

Anti-Trust Complaint Filed Against ICANN, Registerfly and Enom

by Adam Strong in Categories: ICANN / Policy

Tags: , , , , , ,

03|22|2010 02:09 pm EDT

Iron Mountain to Provide Additional Audit Services for Registrar Data Deposits to ICANN

by Frank Michlick in Categories: ICANN / Policy

Tags: , , , , , ,

When ICANN introduced the mandatory Registrar Data Escrow (RDE) for registrars in 2007, the program was a direct result of the problems experienced with the registrar RegisterFly. ICANN requires all registrars to deposit a copy of their whois information with an approved RDE provider in order to protect registrants from the loss of their domain. The system is trying to encourage registrars to deposit the underlying whois information for domains under whois privacy (which was one of the issues at Registerfly, since some of the ownership data was lost). Registrars under the old Registrar Accreditation Agreement (RAA) can still deposit whois proxy information, but the new RAA forces registrars to inform their registrants if this is the case.

In November of 2007, ICANN selected Iron Mountain as the preferred provider for RDE services. While registrars are free to select another (ICANN approved) provider, most, if not all, chose to go with Iron Mountain, also since there would be no additional cost involved. Today Iron Mountain announced in a press release, that it now offers an audit service for the submitted information.

With the ICANN Deposit Audit Service (IDAS) application, Iron Mountain systematically audits registrar escrow deposits, measures the integrity of those deposits, and reports the results to ICANN. The new application supplements Iron Mountain’s Registrar Data Escrow service. With this service, domain name registrars periodically escrow their registration information records to safeguard these intellectual property assets. Because the registration data is placed in an escrow account with Iron Mountain and verified through the IDAS application, it can be effectively retrieved by ICANN in the event of a technical, operational, or business failure of a registrar.

The additional reports will be used by ICANN to audit compliance of registrars. Details on how the audit works were not provided, but it can be assumed that the deposited data would be verified and compared with zonefile and registry records, since bulk querying the whois-servers of registrars would be against their terms of use.

“The goal of the data escrow program is to help ensure the security and stability of the Domain Name System by protecting the data associated with registered domain names in a secure escrow account,” said Mike Zupke, ICANN’s registrar liaison manager. “Iron Mountain’s Deposit Audit Service is the next step in a full range of programs and procedures that will work to safeguard registrants and maintain Internet stability.”

Disclaimer: This article has been syndicated from DomainCocoon’s corporate blog. Frank Michlick, Editor at DNN, also is founder of DomainCocoon.

01|03|2008 04:35 am EDT

2007 The Year In Domain Name News

by Adam Strong in Categories: Featured


June 2007 marked the debut of Domain Name News. So although we were not able to cover all the stories of 2007, we decided to put together our first annual recap of the past year in domain name news. What would you say the big stories in 2007 were? What news changed the space or made an impact ? We talked with a few dozen friends and associates active in the domain space to help solidify our ideas. What we found was that most of the top stories we had begun writing about were the same ones that resonated with them in recapping the year. Their help was much appreciated in solidifying our ideas. You all know who you are are, thanks for the help! Happy New Year and enjoy our “Year in Domain Name News


12|22|2007 11:10 pm EDT

Registrar Belgium Domains Locked Out of Registry

by Adam Strong in Categories: Legal Issues


Domain Name News has received an email from domain registrar Belgium Domains informing their clients and customers that the registrar has been locked out of the registry at Verisign. The lockout was spurred by the ongoing legal battles between the registrar and plaintiffs claiming trademark infringement. Plaintiffs, including Dell and Yahoo, received a court order to lock all of the domains at the registry and Belgium Domains is unable to administer any of the domains.

The email leaves customers in the dark on issues such as renewing or transferring domains and it remains unclear from the email what customers can do about their domains and who is currently in charge of administering them. This case will likely set a precedent in what happens when a registrar gets into legal trouble. If customers who are uninvolved in the case are prevented from managing their domain names, as seems to be the case, this action may need to be re-evaluated and measures put in to place to insure that there isn’t another “registerfly” sort of fiasco again.

Dear Registrant:

We have the unhappy duty of informing you that on October 10, 2007, Dell, Inc., Alienware, Inc., and Yahoo! Inc., filed lawsuits against BelgiumDomains and two other registrars. The plaintiffs allege that a small percentage of the domain names we have registered for our clients have names confusingly similar to their trademarks. However, instead of bringing their complaints in open court, the plaintiffs proceeded in secrecy, inflicting tremendous damage on BelgiumDomains and the other defendants.

The worst of those injuries also affects our customers. VeriSign advised us that the plaintiffs obtained a court order forcing VeriSign, our registry, to lock most of the domain names we have registered on behalf of our registrants. Currently, BelgiumDomains is unable to administer those locked accounts. We cannot provide you further details as the order locking all of these domains is still sealed.

We have retained Newman Dichter , one of the leading firms in domain-related legal disputes and we are confident that we will ultimately prevail. However, at this early stage, we cannot predict how long the court orders affecting your domain names will remain in place. As we learn more, we will keep you informed as to the status of the domain names you have registered with us.

Please accept BelgiumDomains’ sincere apology for this completely unpredictable turn of events. Rest assured that we take our responsibilities to you and your account seriously and are working aggressively to remedy this unfortunate and unfair situation as soon as possible. If you have any questions, do not hesitate to contact us or our attorneys.

Legal Team
BelgiumDomains, LLC

11|28|2007 04:28 pm EDT

ICANN Chooses Iron Mountain For Registrar Data Escrowing

by Adam Strong in Categories: ICANN / Policy


Iron Mountain Inc announced in a press release today that it’s technology division has been chosen by ICANN as the data escrow back-up for the over 900 ICANN accredited registrars.

“The vast majority of ICANN’s accredited registrars offer high levels of service and integrity; however, as we have seen, there is the risk that poorly performing registrars can hurt registrants significantly,” said Dr. Paul Twomey, President and CEO of ICANN. “ICANN has selected Iron Mountain Digital as its escrow agent to help implement the Registrar Data Escrow program, a sensible and practical measure to protect registrants by storing and safeguarding a backup copy of domain name registration data in escrow.”

Data escrowing can be used in any number of situations such as a registrar losing accreditation, failing, going out of business, etc. Data escrowing is required by every registrar as part of the terms of accreditation. The former registrar implosion showed the importance of having back-up information. As the company management dealt with internal conflicts, many domain registrants were left in the dark about the future of their domains. ICANN has been working to implement safeguards and measures to prevent any possible future issues with registrar related problems.

10|28|2007 09:00 pm EDT

ICANN meeting in LA begins, 1/4 to 1/3 of the meetings closed to the public

by Frank Michlick in Categories: Events, ICANN / Policy


Today the ICANN meeting in Los Angeles begins. With Vincent Cerf stepping down as ICANN chairman, will this also be the continuation of change? While many additional members of the domain industry are attending this year’s conference, it still looks like ICANN would like to keep many things under cover as Karl Auerbach notices on his CaveBear Blog:

Wow, somewhere between one quarter and one third of all of the meetings are closed to the public! Well, we have long known that ICANN takes its responsibility to be open and transparent with more than a few grains of salt. But this seems far more secrecy than is normal, even for ICANN.

But look at this this: The meeting of the At Large Advisory Committee (ALAC) is closed to the public! The meeting of the ICANN’s company union is closed to its own membership. One would hope that this is a misprint. (Not that it matters much – I consider the ALAC to be a fraud upon the public and merely a means for ICANN to have a story, plausible to those who don’t dig deeper, that ICANN has a means for the public to have a say in what ICANN does.)

The Internet Commerce Association (ICA) and several of it’s members will be attending the ICANN meeting as well.

The author expects changes coming out of this meeting. One of these changes will most likely be related to purchasing companies that own existing registrars. These changes are based upon the Registerfly disaster, a registrar that went out of business and left it’s registrants without the ability to renew or manage their names. Registerfly had also purchased an existing registrar, Unified Names, in order to become ICANN accredited. The contract modifications will most likely mean that a company that buys an existing registrar will also have to meet certain ICANN requirements.

07|02|2007 05:41 pm EDT

Through Thick & Thin: ICANN RFP for Registrar Data Escrow Services

by Frank Michlick in Categories: Editorial, ICANN / Policy, Legal Issues, Registrars


picture of rolodexAs a result of the Registerfly disaster, ICANN has been collecting proposals for Registrar Data Escrow Services that ensure that if a registrar goes out of business, the registrant’s and doman data is protected and available to ICANN. Let us take a closer look at what actually happened at RegisterFly that caused ICANN to issue this RFP and then look to see if the proposed solution is a viable and workable answer to this problem.

Registerfly failed to provided the services that they charged registrants for, they failed to pay their suppliers (registries etc) so that in the end their ICANN accreditation was revoked. In order to take care of the registants’ needs, ICANN asked Registerfly to provide their registrant’s data to them.

Initially RegisterFly started out as a reseller of eNom and occasionally other registrars, such as Tucows. They built their own system that connected them to to the registrar’s APIs. Much of their programming was actually done by the owner, Kevin Medina, himself. When RegisterFly bought an ICANN accreditation, they switched to using the Logicboxes system and later migrated to the Tucows OpenHRS Registrar solution. RegisterFly also offered their own domain privacy service, ProtectFly. After RegisterFly went out of business, their customers were taken over by GoDaddy.

Secure DataIn order to understand the problem with whois data, we need to take a closer look at how the registries, the entities that operate the TLDs work, and how whois data is stored. For the generic Top Level Domains (com/net/org/info/biz), there are two types of whois databases operated by the registry: Thick & Thin. A thick registry such as .INFO will hold all the contact infomation for a domain in the registry database itself and a thin registry will only hold a reference to the registrar’s whois that contains that information. Both types of databases contain the nameservers, create date, last updated date, expiry date as well as some status information. The problem: The largest generic TLDs, com & net, are thin registries and rely on the registar to hold and provide the contact information for a domain.

So the Registrar Data Escrow Service is supposed to obtain data from the registrars on a regular basis in order to hold it in escrow in case there is an operational problem with a registrar or the regulator (ICANN), for whatever reason, needs access to the data.

One of the problems the RFP fails to address adequately are whois privacy services. This is a problem that RegisterFly registrants were also facing, since we know of some cases where RegisterFly apparently a) used their own whois information on orders processed on behalf of registrants and b) the original registrant information was not stored when whois privacy was purchased. A Data Escrow Service with optional fields for the registrars that provide whois privacy service does not seem sufficient to address this potential issue.

LockNow one thing that really strikes me as odd, is that the escrow service and whois privacy are not offered by the registries. The thick registries already hold the correct registrant data, and I am hoping that they already backup their data on a regular basis. The only part that is missing is some sort of whois privacy flag, that displays other contacts in the whois output. As for com & net, while the registry recently migrated to the protocol normally used for thick registries (they migrated from RRP to EPP), they still do not hold the contact information on the registry level.

.ORG (PIR/operated by Afilias) actually is an example of a successful migration from a thin to a thick registry – even the biggest challenge (migrating all the registrar data into the registry whois database) was completed without major problems. So why is VeriSign not taking the opportunity to fix this problem once and forever by converting the COM/NET registry to a thick registry. Who knows who the next registrar will be to go belly up and how many domain owners will be affected this time.

(images from