Only a little more than week after ICANN shut down DomainCannon, the agency has de-accredited two more registrars: ISPREG LTD and SBNames Ltd. The companies lost their accreditation after failing to renew their agreement with ICANN.

Considering the firms did not renew their contracts, they were probably already failing to begin with. According to ICANN, the registrars’ domains will be transferred to a more responsible registration provider in 30 days.

Although de-accreditation has no real effect on domain owners once names are transferred, it is still a good idea to research whatever registrar you decide to use. Personally, I always like to stick with a well-known company over a new start-up with no reputation.

Source | Domain News
Photo | Flickr

Continue reading: Two registrars lose ICANN accreditation

If you want to stay in business as a domain registrar, owing ICANN a large sum of money is never a good idea. Neither is having an unresolvable website. New Orleans-based registrar DomainCannon made both these mistakes, however. It not only owes the agency $186,598.39 in overdue accreditation fees, but is so out of whack that its website has been down for some time.

In light of both these things, ICANN has shut down the registrar. The 11,729 domains its customers own will likely be transferred to a more responsible company. It looks as though DomainCannon will fire no more.

Source | Domain Name Wire

Continue reading: ICANN shuts down delinquent domain registrar

Depending on the extension you plan on registering, a domain can be obtained either through a registry or a registrar. The two words are very similar and it is important to know the difference between them.

For the record, a registry is the operator of a domain extension. For example, Afilias owns the rights to and runs .info. TLDs are typically operated by private companies. Government agencies sometimes handle the administration of ccTLDs, but often times outsource their operation to a firm.

A registrar, on the other hand, is an agent authorized to handle a domain registration– the middle man between you and the registrar. This is the place where you search for a domain and make payment. Many registrars are multi-million dollar companies. Some offer web hosting as well.

On some extensions, there are no registrars and all registrations are handled through the registry. Others are a mix of both. But on most, a domain must be bought through a registrar.

Continue reading: Domain name registration

Yesterday we covered reseller hosting, but you may have also noticed that there is something called a domain reseller.

Domain resellers are simply proxies to real registrars. They are not accredited by ICANN, but instead offer domains through a third party. Many small to medium-sized web hosts are domain resellers. Individuals can also resell domains, but if they don’t already have a large customer base on hand, making bank is a challenge.

That being said, there is nothing wrong with buying a name through a reseller, but you will pay a higher price. Resellers always mark prices up higher than a registrar and don’t always offer the same promotions. Buy domains directly from the registrar instead.

Photo | annaOMline

Continue reading: What is a domain reseller?

Mary Landesman, senior security researcher at ScanSafe believes that three major waves of SQL injection attacks may be linked, originating from the same attacker. Approximately 80,000 Chinese, 67,000 U.S., and 40,000 Indian websites are still infected by a botnet due to SQL injection attacks. At one point, millions of Chinese sites were compromised. Landesman says the attacks were the work of the same attacker because of similar domain name registration information and methods used.

“It’s the thread of the domain names being used,” Landesman says. Seven of these “mal-domains” — a term coined by Landesman to describe domain names used solely to build Internet infrastructure to spread malware or otherwise cause harm — were registered under the same name and address (which are clearly bogus, being not more than gibberish).

Most of the domains were registered to a major registrar, which is uncharacteristic of such attacks. Usually attackers choose lesser-known or less reputable registrars in order to slip through unnoticed. The problem is the system, Landesman says, which allows people to register domain names using completely false information with procedure for verifying identity.

Source: Network World
Photo: Flickr

Continue reading: Web Attacks May Be Linked

It happens all too often. You have a lapse and forget to renew your domain name registration. One day you go to your website to find it filled with text link ads instead of your content. Re-registering should be simple, but ICANN’s At-Large-Advisory Committee (ALAC) reports that the methods available to consumers who want to recover their expired domains “have proven to be ineffective.”

The current system involves a 45-day auto-renew grace period. After the grace period ends, the registrar deletes the domain, and it enters a 30-day redemption grace period. At this point no website will appear when trying to access the domain. The registrant can still renew the domain at this point through their current registrar.

ICANN’s consultation asks: “whether adequate opportunity exists for registrants to redeem their expired domain names; whether expiration-related provisions in typical registration agreements are clear and conspicuous enough; [and] whether adequate notice exists to alert registrants of upcoming expirations.”

They are also considering whether there needs to be some type of notification system as the domains progress through each grace period and face deletion. Furthermore, registrars are allowed to sell domains in the auto renew period to third parties. That is often when you will see your domain suddenly appear with ads. Then when you try to register it again, the new owner might try to sell it for you for a high price. The ALC intends to evaluate all of these issues.

Source: Out-Law.com

Continue reading: ICANN Plans to Rethink Expired Domain Recovery

In recent news, two school teachers at Pace High School in Florida, USA are under investigation for publicly promoting their religion. The news has caused an upsurge in searches for the school’s website and sites related to the controversy. The school’s website can be found at the domain: pacehighschool.net. If someone types in pacehighschool.com, however, he will be met with quite a surprise.

The latter domain points to a pornographic website, and their Whois information is hidden. The only indication of who might own the domain is that they registered it with a Canadian registrar. Parents and others looking for the school’s actual website have complained, but officials of the Santa Rosa school district and even the Santa Rosa County Sheriff claim there is nothing they can do.

Under the UDRP established by ICANN, individuals and organizations have the right to contest domains that are confusingly similar to their trademarks. But it is unlikely that the school district registers trademarks of the names of their schools. Nevertheless, they could still file a complaint against the owners of pacehighschool.com. It would seem at this point, the school district has nothing to lose by trying and much to lose by doing nothing.

Source: Santa Rosa Press Gazette

Continue reading: School Prayer Controversy Heats Up

Imagine: you discover a domain you want to register and check to see if it’s available at your registrar’s website. It is, but you decide to sleep on the idea and purchase the name in the morning. Come the next day, it’s taken! What happened?

This phenomena might just be a case of bad luck, or an instance of domain front-running, a highly unethical practice in which a registration company registers domains looked up by customers. Taking advantage of the standard 5-day grace period allowed by ICANN during which a domain can be deleted for little or no charge, the registrar can taste the name and either keep it or delete it depending on its value.

Domainers have cried foul about this problem since it became an issue nearly three years ago. ICANN recently looked into it, however, and did not discover any instances of domain front-running among registrars. The practice has become less prevalent mainly because the rules regarding the 5-day deletion policy were changed in 2008.

Before, the entire purchase price was refunded, including a 20 cent administrative fee charged by ICANN. Now, this fee is not refunded. For one or two registrations, this makes little difference. But for someone who tastes 10,000 domains a day, it drives them out of business.

Probably the best view on the matter is that before the new policy was introduced, domain front-running was a problem. Today, domain experts consider it to be virtually nonexistent.

Continue reading: Does domain front-running exist?

ICANN announced yesterday that they had sent notices to three domain registrars informing them that their accreditation would not be renewed. According to the documents available on ICANN’s website, the registrars have violated the conditions of the RAA (Registrar Accreditation Agreement). The reasons and details of the violations are explained in each letter.

The first registrar, based in New York, failed to provide accessible Whois information on their domains, a service required by the RAA. ICANN sent a letter to them on July 17, but the registrar failed to respond. Since then, they have activated their Whois service but still do not have all of the required information available. The second registrar failed to escrow gTLD registration, which is apparently a database containing certain domain data. They failed to submit the data and did not respond to ICANN’s requests. They also failed to pay their ICANN fees.

The final registrar also failed to escrow gTLD and pay their ICANN accreditation fees. In all three cases, ICANN informed the registrars that their accreditation will be allowed to expire, but they can renew if they remedy the problems. Assuming that does not happen in time, ICANN will begin procedures to transition the domains from the non-compliant registrars.

Source: ICANN
Photo: Flickr

Continue reading: ICANN Revokes Accreditation of Three Registrars

Despite all the security measures online payment systems provide, the reality is Internet shoppers are never 100% safe. Last week one of the largest domain registrars in the United States reported a security breach that affects some 573,928 customers.

The incident involved a piece of malicious code running on servers associated with affiliates of the registrar- companies who sell its domains under a different business name. The breach opened on March 12 of this year and once detected, was closed on June 8.

The good in all of this is that the registrar was honest enough to report the breach and has promised to compensate victims for any fraudulent account activity or identify theft that takes place. So far none has been reported.

Source | Credit FYI

Continue reading: Data breach occurs at registrar

One issue of contention among domainers lately is when the new gTLD system is introduced next year, should price caps be placed on the extensions?

Currently, ICANN forces price caps on all TLDs, including .com, and limits registration terms to ten years. This helps ensure customers get a fair deal and prevents registrar abuse.

In the gTLD Guidebook 2.0, a manual of sorts for the new system, ICANN implicitly states there will be no price controls, stating that price caps would be too hard to enforce given the global nature of domains. However, it does state that the issue is open to debate and registrars will be required to notify customers at least 6 months in advance before increasing prices.

The problem here is if ICANN lets gTLD companies name whatever price pleases them, what about registrars selling .coms and other TLDs? I think that gTLD sponsors should be able to set the price, but ICANN seems to have dug itself into a hole here. Just another reason why I think more oversight is needed in Marina Del Rey.

Source | The Domains

Continue reading: Should there be price caps on new gTLDs?

The micro-blogging giant Twitter has handed over management of its domain portfolio to an Australian registrar. It includes a two-year, deal during which the company will manage all of Twitter’s domains. It is a common practice for registrars to provide single portals for customers who need to manage multiple domains.

With this deal, however, the registrar will not simply provide registration services. It will actually look after the domains, renew domains before the expire, and register new ones that suit the company’s interests. Usually this is something done in-house by a company’s IT department. In some cases this can lead to problems when a single individual has control of a company’s domain.

This may be the indication of a new trend, where companies outsource their domain management to IT specialists, allowing them to focus more on their actual sites and services. Such a service would also be helpful for companies involved in trademark disputes. It is unclear if that is part of the Twitter packaged deal.

Continue reading: Twitter Outsources Domain Name Portfolio