On the 10th August 2001, Verisign Inc., the company responsible for running the .com shared registry system, dropped a massive bomb-shell. They announced the immediate suspension of the "batch" release of deleted domain names. In one swift action, they put the entire expiring domains industry ‘on hold’ until further notice.
So what prompted this drastic action by Verisign? In Domain Name Goldrush Part 3, I reported that ICANN registrars had got in on the expiring domains game. Some were pre-auctioning falling names in an attempt to grab them for their own customers. Others were renting out their registry connections to domain speculators. Still others, it was rumoured, were grabbing valuable names for themselves before auctioning them to the highest bidders, or stockpiling them for future use – activites which are expressly against ICANN rules.
The wild, wild, west it really was.
Verisign Hits Back
This led Verisign to announce on the 16th July that they would cap each ICANN registrar to 256K bandwidth or 250 simultaneous RRPs, a move designed to prevent the repeated excesses of a few rogue registrars.
But apparently, the abuses not only continued, but became even worse. It was rumoured that some registrars had attempted 1500 registrations for a single name in one second! This kind of abuse prevented normal customers from successfully registering domain names, and it soon became obvious that something had to be done…
The End… or Just the Beginning?
The August 10th announcement from Verisign was by no means totally unexpected. In fact, some are even applauding it, saying that Verisign have restored law and order to the domain name wild west. But hold on a minute, something isn’t quite right here. Firstly, why weren’t the measures that were introduced back on the 16th July effective, even partially, in halting the abuse?
Secondly, and more importantly, Verisign/ICANN know exactly which registrars were abusing the system, day after day, week after week. They have detailed records to prove it. They have even written emails to the offending registrars asking them to stop.
In Domain Name Goldrush Part 3, Dan Halloran, the Chief Registrar Liaison at ICANN said he was "confident that the registry operator has in place the policies and technology that it needs to ensure fair access. Any repeated or intentional abuse will undoubtedly be dealt with very strongly by the registry operator."
So why on earth did Verisign choose to shut down the whole system rather than deal with it as ICANN thought they should have done, through punishment of offending registrars? Whatever their reasoning, we now find ourselves left in domain name limbo, where potentially hundreds of thousands of domain names that should be released for you and I to register will instead be stock-piled by the registry. They say this stock-piling will end "once a satisfactory plan is implemented to return them to the pool of available names, [and] under which all registrars receive equivalent access as required by VeriSign GRS’s registry agreement with ICANN."
So, if punishing rogue registrars is not seen as a viable option, what other solutions are there? Many have put forward ideas. A few of the more popular ones include:
1) Auction Expiring Names
Some have suggested the establishment of a system that would allow interested parties to bid for expiring domain names. Using this method, names would no longer ‘drop’ back into the available name pool, but would be bought instead using market principles. This is a reasonable idea which would obviously eradicate the shared registry abuse, but it still has serious potential drawbacks:
- It would take many many months to set up such a system that was fair to the registry, ICANN registrars and consumers. In the meantime, the stockpile of expired domain names would start to number in the millions.
- Any radically new system has the potential for malfunction and abuse. In particular, auction systems on the Net have always been less than 100% transparent. Ask anyone who’s bought or sold names at domain auction sites like Afternic. When you’re dealing with millions of names worth tens of millions of dollars, you have to get it right first time. Otherwise the fallout has the potential to be horrendous – and to take years to clean up.
2) Use Technology to Control Access to the Shared Registry
Since we’re talking about a shared registry system here, it should be obvious that the most sensible way to deal with the problem is to employ technology to put real, physical limits on each ICANN registrar. This way, they could each be allocated a suitable amount of bandwidth and number of registry connections within any given time period.
Surely such rate-limiting technology has to exist – Verisign themselves claimed to have put such measures in place on the 16th July. If these measures failed, we can only conclude that their technical competence is questionable. Either that, or their efforts were half-hearted for economic or political reasons, as now they’re arguing that they tried technology but it didn’t work, and it’s therefore not a viable solution.
3) Release Domain Names at Random Times
Verisign, the registrar, currently release all their expired domain names in batches each morning, hence the term the ’6.30 AM domain name goldrush’. The details of these names are known up to five days in advance to domain speculators. But this ‘batch release’ system is unique to Verisign. Other registrars delete their names in real-time, not more than 45 days after the domain’s original expiry date. These names are then immediately available for registration.
Some parties have suggested that Verisign should adopt the same system that other registrars use, which would eliminate the massive number of registration attempts that are made most mornings during the goldrush hour.
The problem with this solution is fundamental: parties trying to grab domain names do so using automated scripts. These script are what cause the shared registry to collapse with the frequency that it does, and they don’t cost anything to run. If Verisign stopped dropping their names in batches, name grabbers would simply leave these scripts running for days on end, in the hope that a name would get deleted. If thousands of parties ran name-grabbing scripts continuously for days or weeks at a time, this would almost inevitably lead to the melt-down of the shared registry system.
4) Collaboration between Registrars
SnapNames have a service called Snap-Back(TM) which allows anyone to ‘back order’ a domain name on a first-come, first-served basis, for $49. SnapNames already have several major registrars as partners, including Verisign and eNom. If others were to join in, a situation could evolve whereby collaboration, rather than confrontation, was the order of the day. But in a world of cut-throat competition between ICANN registrars in every corner of the globe, such widespread co-operation may be an elusive goal. In particular, smaller registrars with limited site traffic might feel they can make more money by grabbing names for customers directly, rather than partnering with SnapNames.
Those are some of the main options. If you have any suggestions of your own, please feel free to send them to me at firstname.lastname@example.org, and I will forward them to the appropriate parties for consideration.
So when will all this stuff get decided? There’s a quarterly ICANN conference coming up, from September 7th to 10th in Montevideo, Uruguay. We can expect some major progress there, so if you’ve got any sparkling ideas about how to distribute expiring domains, make sure you send them in soon!
Be sure to read Part 5…