Slashdot Mirror
ICANN Moves To Disable Domain Tasting
jehnx writes "Following Google's crackdown on 'domain tasters', ICANN has voted unanimously to eliminate the free period that many domain buyers have been taking advantage of. At the same meeting they also discussed Network Solutions' front running but took no action on it."
Good.
(all other posts after this are either wrong or repeating)
I live in constant fear of the Coming of the Red Spiders.
Network Solutions recently released a comment on their supposedly unscrupulous business practices. They claim that their automatic registration of domain names that were searched for was an effort to stem the problem of domain tasters. I have a hard time believing that.
Or domain kiting? In tasting, customers register the domain for 5 days and use that up and then let it expire. In kiting, they delete the domain before the grace period is up and then re-register for another 5 day grace for the same domain.
My blog
I expected to see a 'suddenoutbreakofcommonsense' tag on this one, but maybe I saw it before it had time to be tagged.
In this case, it doesn't seem to be a sudden outbreak, though... Reading the notes (yeah, I RTFA) I can see that with the possible exception of Bruce Tonkin (who dropped off the call because of possible conflict of interest, thus making him a good guy no matter his opinion on this matter) everyone agreed that any measure except removing of the Add Grace Period (AGP) would be ineffective and only cause other harm to the community.
It's also obvious from the notes that they've spent no little time thinking about this, and they had their arguments ready. And when talking was done, they were ready to do the right thing. All of them, unanimously.
It was unclear whether the 21-day period was in effect, though... They talked about having to notify the public of policy changes 21 days in advance or more. Even if it is, 3 weeks is pretty short.
"If you make people think they're thinking, they'll love you; But if you really make them think, they'll hate you." - DM
Is domain tasting really the most important problem that ICANN could sink its teeth into?
.com, .net, .org, .info domains). But yet they chose to remain toothless in all but the most very extreme cases of bad registrar services.
I say no.
ICANN has the role of accreditation of domain name registrars themselves (particularly for
Bad registrars, such as pacnames.com, yesnic.com, and more recently mouzz.com, are willing partners in the international spamming epidemic. They have or still do sell domains to computer criminals, willingly accepting bogus data from these criminals in exchange for a kickback.
If ICANN really wants to make a positive difference on the internet, they need to flex their muscle and make use of their ability to un-accredit bad registrars. Why they continue to neglect the opportunity to do so is beyond me.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Now, we just need all the rest of the ccTLD registries to do the same, and spammers' lives will get that little bit harder.
Is the fact that last night I was searching for a sprayfoam insulation company in maryland (using google), and the very first link that came up, was a domain taster domain registered 3 days prior to yesterday, that only had ads and click through sites on it...
It was most annoying, but the fact it came up as the first link, means google really should do soemthing about sites abusing the ranking systems and not just people abusing the adsense program.
I came, I conquered, I coredumped
Its a good move, but im still waiting to see some more action against domain squatters. It is so infuriating to have a good idea for a website, only to have 99% of the possible/good domain names being taken and being part of some advertizement network. And I just refuse to pay them.
Ofcourse, in economic terms, it would probably be worth it in the long run if you have a very good idea to pay some extra for the better domain name. But its like paying for "protection" money because the alternative is worse...
If pacnames, yesnic and mouzz are getting kickbacks from the criminals, maybe they are sending a cut to ICANN.
My blog
I wonder what impact this will have on registrars such as GoDaddy.com who (according to Wikipedia) have 55.1 million domain names registered a year of which 51.5 million are canceled and refunded just before the 5 day grace period.
While GoDaddy.com doesn't get to keep that money, it does generate a revenue flow. That is, GoDaddy.com must return the money, but there's no requirement to cut a check that day. It may be a week or three before GoDaddy.com has to cut a refund check. In the meantime they have money to work with much like banks do. Most businesses operate on revenue flow and not strictly the net balance they have available at any one time.
If ICANN drops this grace period and domain tasters drop away (possible if unlikely) that leaves GoDaddy.com with 51.5 million domains at $10 per domain (or $515 million) in revenue flow that just dried up. That's a lot of money to just disappear from your business finances.
IANAA, but I think that this decision will have the most impact on large registrars. Perhaps a one day grace period for people who honestly made a mistake would have been more appropriate. One day is not enough to get a domain properly "tasted" because it takes about that long for the DNS entry to propagate through the network, and by the time it was out the domain would either be permanent or gone.
...and that's the way the cookie crumbles.
Don't taste me, bro!
"You'll get nothing, and you'll like it!"
If you have a good idea for a website, pick a unique, memorable name, not an obvious one. Who's the number one auction site; auction.com or eBay? Who's the number one on-line bookseller; books.com or Amazon? What is an ebay anyway? What does a river in Brazil have to do with books? Nothing, it doesn't matter, most people are going to find your website through Google anyway rather than typing in a URL.
Support Right To Repair Legislation.
I wonder how many of these 'domain tasters' are just registering domains to use in spam and phishing scams. Considering how often the URL changes on the spam I get (that is obviously from the same originator) I would imagine that's what they're doing. If that's the case, I expect the elimination of domain tasting to at least change the way spam is set up, perhaps making some of it easier to detect.
In any case, domain tasting is a very antiquated system almost designed to be abused, and should have been dropped long ago.
One step back from the wrong direction they've been heading for years.
Or can anyone here name me one not-advertisement-related reason for "domain tasting"? The only use I've ever read about is registering the domain and checking if you get enough hits on it to run your ads with enough profit, before you commit yourself.
Assorted stuff I do sometimes: Lemuria.org
Along with many others, I deplored Network Solutions' preemptive domain registration which took advantage of domain tasting. However as a former beneficiary of the present domain tasting policy, I can see at least one benefit to consumers (and businesses) that gets overlooked because of the audacity of Network Solutions' behavior.
About a year ago I registered a domain that had a transliteration of a foreign word. I discovered, within a few hours, that my transliteration was not the preferred spelling (for example, "perogi" as opposed to the preferred "pirogi"). I asked my registrar to refund my money for the first domain and registered the domain with the preferred spelling.
Honest mistake and no one was harmed in the process of deleting the undesired domain. Sure, I could have researched that transliterated word before registration but it simply did not occur to me that a spelling which in my day (yeah, I'm over 40) was correct would have been superseded. (Sort of like finding out BBQ is actually spelled "barbecue".)
blog
I don't know US law, but I'm pretty sure this is illegal in one way or another.
If I were someone who loses a legitimate domain name I wanted to register to such fraud, I'd go to court and demonstrate how NSI systematically abuses its power of being able to register domains for free in order to force people to register domains through them. I'm sure even if it's not extortion, it's anti-competitive at least...
Who is General Failure and why is he reading my hard disk?
Domains taste like chicken.
The significance of this may not be obvious to everyone so let me explain. The TTL (Time To Live) value is part of the SOA (Start of Authority) in a DNS zone file. The TTL value is how the administrator of the authoritative NS tells the client's DNS resolver to cache the DNS responses. Ie, if I lookup the MX for blah.com and the TTL is 300 then I will cache that response for 5 minutes and I'll use that cached response for any subsequent queries until the TTL expires. I won't bug you or waste your bandwidth until then. It's a way of reducing load on the authoritative NSs and keep from wasting bandwidth across the Internet for redundant queries (think of a caching HTTP proxy).
The effect of the registrar's taking this step manifests itself when the domain gets renewed. The domain is renewed as soon as service is interrupted and the problem is discovered. The registrar submits updates to Verisign for the COM zone file twice a day. Depending on when the domain was renewed with respect to when the registrar sends the updates as well as the SOA values (that control caching) dictate how long it will be before the domain is functional again. The registrar, Spirit Domains, chose to set the TTL to something between 24 and 72 hours. That's 1-3 days for the math challenged among us. That's absurdly long. I contend that most renewals of expired domains happen within 1-12 hours of the expiration for domains that are actually used. Why any registrar would choose to use a TTL longer than an hour or two is beyond me. I can understand the concern of the load this would put on their NSs. The answer is simple though. For the first day set the TTL to 1hr. On the second day set the TTL to 6 hours. On day 3 set it to 12 hours. On day 7 set it to whatever you want. 98% of expired domains that are going to be renewed would surely be done within 3 days. That would keep the MTTR for the function of the domain down to a reasonable level. 24-72hrs is not a reasonable level.
I called Spirit Domains to chew on them earlier this morning. The guy I spoke with said that he didn't know why that TTL value was chosen but that it was what they always used. He said it was definitely between 24 and 72 hours. That's horse shit. On top of that, in the temp zone they created also had a MX record. It was the MX record that had the extra high TTL of +48hrs. Even if the NS records expired in 24 hours the MX records would have still been cached and would have still been pointed at Spirit Domains SMTP blackhole: grey-area.mailhostingserver.com.
In short I would like to see ICANN address the problem of what registrars put in their expired domain zone files. The TTLs should be kept low and increment slowly. Their should not be a MX record under any circumstances.
That is a valid point, certainly. However, for many of the criminals, there are some obvious patterns involved. In particular, the criminals generally purchase several dozen (or more?) domains in a single day. If you are aware of a good reason why a legitimate business or individual would want to do such a thing, I'm interested in hearing it.
Second, many of these criminals do keep the same name and registration data as they move from one registrar to another. For example, "Leo Kuvayev" has been using the alias "Alex Rodrigez" (note the spelling) for several years now. And over the past three registrars, he as always claimed to live in Lappeenranta, Finland.
So if the registrar started by taking notice of the red flag that should come up when someone registers a large number of domains with very different names, and then they took 5 seconds to do a google search on the contact data, they'd see that they are selling to a known criminal.
If I was on that jury that was trying to convict the registrar of negligence, I'd need to see some more direct evidence showing that it was practical for them to screen criminals, and that it was part of their responsibilities.
ICANN does state that the registrars are obligated to keep valid WHOIS records on the domains they sell. And it really isn't that hard for them to check against publicly available data on their customers when they get unusual requests.
I'm even willing to concede that they shouldn't be expected to check every Tom, Dick, Harry, and Jane that buys a domain. When I've checked the WHOIS records of the spamvertised domains that I see, I would say that over 80% of spamvertised domains are registered to less than 5% of all spamvertised domain registrants, and through less than 2% of all accredited registrars. If the registrars were at least held accountable to check the data on their customers that make unusually large purchases, we could do a lot to stem the current problem.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
The downside to this is that .com needs to be international and some countries have pretty strange looking addresses. I had a customer have his domain disabled every year when someone would look at the address (roughly translated as three houses over from the post office) and disable the domain for having a fake address even though the customer was getting mail at that address.