This morning, it was announced that Verisign and the US Department of Commerce had come to an agreement that allows Verisign to continue to operate the .com domain for another six years.

What was missing from that contract was the hot topic of conversation this morning – Verisign no longer has the right to four price increases of 7% over the term of the agreement. In other words, .com domains will likely remain prices at $7.85 until November, 2018 when the new agreement comes up for renewal again.

Verisign does have the right to increase prices if they can prove “extraordinary” expense resulting from and attack or threat of attack on the security or stability of the DNS. Any price increase would require Verisign to prove that the increase served the public interest before the Department of Commerce would approve.

Verisign could also seek a price increase if it could prove that market conditions no longer warranted the new restrictions that are put in place with this agreement. Again, that would require Department of Commerce approval.

Tucows’ Take

Elliot Noss, Tucows President and CEO, says that the new agreement between the Department of Commerce and Verisign “rights a wrong in the last contract.”

Tucows has been very outspoken about .com pricing, and we were clear at the time of the last renewal that we did not believe Verisign should have been given the right to price increases.

It’s good news for registrants and the Internet as a whole.

Elliot also suggests that the new contract could even turn out to be good for Verisign going forward. The previous contract provided them with an opportunity to raise prices. As a public company with a fiduciary responsibility to maximize shareholder value, Elliot notes that investors, who often think in the short term, would put immense pressure on Verisign to exercise those price increases.

He goes on to suggest that having the option to raise prices four times in the next six years may have turned into a competitive disadvantage for Verisign given the new gTLDs coming online within the next 12 to 18 months.

By not having price increases available to them as a way to grow revenues, Verisign is will be driven to more efficiency and innovation. Certainly, the conference call Verisign hosted this morning featured a lot of talk of innovation, patents, and the addition of new value-added and revenue generating services like Distributed Denial of Service attack protection.

One thing is for sure, and perhaps this is the most important part of the contract extension announcement: Verisign continuing to be the operator of the .com extension for the next six years is great news for everyone. Verisign has proven itself to be an exceptionally good operator of the root. From a technology and service perspective, .com is clearly in good hands.

You can read the US Department of Commerce statement here.

The Internet belongs to all of us and impacts every aspect of our lives. CIRA’s election process provides Canadians and .CA Members an opportunity to take a leadership role in the development of the Internet of the future to ensure it continues to be an open and accessible public resource.

As a CIRA Member, this is your opportunity to vote for the individuals who will take part in developing strategies and policies for Canada’s Internet– your Internet.

Why is voting important in the 2011 CIRA Elections?

By voting, you are choosing Canada’s Internet leaders and helping to build CIRA into a leading-edge organization that strives for excellence as a registry and supports Canadians and .CA Members in building their online presence in the global digital economy.

Not sure who to vote for?

While the decision is ultimately yours to make, we endorse the candidates listed below. As a board member, I am confident that each have the skills and experience necessary to assist the board with its important work this coming term and have already demonstrated a strong commitment to Canada’s Internet community.

Member Nominated Candidates

• Greg Makuch
• Tom Williams

Nominating Committee Candidates

• Bill St. Arnaud
• Eric Boehm
• Gary Evans

Vote in three easy steps:

1. Access the 2011 Election website.
2. Confirm your identity – Complete the Member or Member Representative declaration (depending on your membership status), then submit.
3. Select up to four Candidates– Once the declaration is submitted, select up to THREE Candidates from the Nomination Committee slate and ONE Candidate from the Members’ slate, then submit. Volià!

If you have any questions about the election process or the qualifications to vote, drop us a line in the comments.

Last night in San Francisco, California, VeriSign celebrated the .com 25 – the people and companies that, over the past 25 years, helped shape the web as we know it. This was part of the 25YearsOf.com celebration. In addition to the .com 25, Verisign also recognized a select group of Domain Pioneers. We’re proud that Tucows, and Elliot Noss, Tucows President and CEO, were on that select list of those recognized as pioneering people and companies in the domain name space.

VeriSign visited our Toronto offices a few weeks back to give Elliot the opportunity to talk about how the Internet has impacted his life, and about where he sees things heading in the future:

The Internet is people

Look back all the way back to 1994, when Tucows.com software library launched in Flint, Michigan, you’ll see that there was a focus within Tucows around the idea that the Internet is made up not of wires and routers, but of people.

Tucows.com used a network of thousands and thousands of mirrors – mostly Internet Service Providers – who provided a local copy of the Tucows software library to their customers as an additional feature on top of an Internet connection. In 1999 Tucows extended this network of relationships by adding domain name registrations to the mix through OpenSRS. We leveraged the existing relationships that we had in the Tucows network to build out a global network of domain sellers who used the OpenSRS backend to power sales and management of domain names to their customers.

These days much is made of Web 2.0 and the social qualities of the Internet. But the truth is that the Internet has always been a synergy of technology and people. Without the physical interconnections, the Internet wouldn’t exist and conversely, without the Internet, many of these social connections wouldn’t be possible.

What was originally a way to connect computer networks to computer networks quickly morphed into a way to interconnect the billions of people on planet earth with each other at the speed of light. Mobile, ubiquitous Internet access leads to a more social Internet which empowers people through the Internet.

This generation of kids who grew up with the Internet have come to expect to be able to access it on demand, wherever they might be. They forge relationships with each other via the web, they communicate via the web and they seem to be constantly connected to each other via the web.

Much thanks goes to VeriSign for putting together the 25YearsOf.com initiative. We’re honoured to be recognized as part of this select group of Pioneers. It’s a testament to vision that both Elliot and Tucows as a whole share–that the Internet is more than a vast physical network but that it is an extension, and an extender of social interactions between people that makes the world wide web so incredible and powerful.

Some experiences in the last couple weeks have me thinking about the need for registrars to rethink their approach to the secondary market for domain names and how we deal with each other when high-value domain names are hijacked. In this post I would like to briefly examine this and make a specific suggestion that I believe will help in credibility and therefore efficiency.

There is no question that the secondary market for domain names has become much more efficient. The number of transactions involving high-value domain names has greatly increased which can be seen simply by looking at the weekly results from Buy Domains and Sedo (for the purposes of this post I am thinking about transactions greater than $500). We can also see greater efficiency with the maturing of the various listing services (DDN, DLS, MLS) and with greater integration by registrars of secondary market domain names in their domain name search results.

The last few years have seen a huge increase in the importance of the secondary market for domain registration relative to the whole domain name economy. While many of the major players are the same, there are also important differences and those differences require some fresh thinking about how to make the secondary market more efficient and more effective.

Of course as this market becomes more lucrative it attracts more “bad guys”. Anecdotally, all the large registrars are seeing increases in the number of hijacking attempts. When aimed at registrars themselves, these seem to be well dealt with, but when these hijackings stem from a hack aimed at third-party email services there is little that registrars can do at a system security level.

We have been involved in two situations recently, one where we were in receipt of a domain name that was thought to be obtained illegally and one where a registrant of ours had a third-party email address compromised. In the first, we worked with the losing registrar and, with the proper protections, returned the domain name to them. In the other, the gaining registrar felt their obligation was to their customer who claimed to have obtained the allegedly stolen domain name from a third-party. They would not help us at first instance. I expect this latter situation to be worked out but it did have me thinking.

With the secondary market the players are different. There is essentially no registry involvement and, probably more importantly, there is no formal role for ICANN to play other than as it relates to its contracts. As well there are additional players, specifically owners of high-value names and the various secondary market marketplaces.

These secondary market transactions are of a much higher dollar value than those in the primary market. They warrant a different approach.

Of course there are best practices and additional security measures and services that all owners of valuable domain names should avail themselves of. I expect these services to greatly increase in both scope and sophistication in the coming year. And of course their adoption will not be universal.

I believe that registrars should develop a more standardized approach as to how they deal with these situations. We should set out appropriate practices. Of course there will be exceptions and of course any guidelines cannot be too proscriptive. BUT if we are effective in doing this we will accomplish two things. First, we will make the market safer for those customers who own high-value domain names. Second, we will make things much more difficult for those who attempt to steal the property of those rightful owners AND for those who provide liquidity for the hijackers by buying the stolen property, often with little repercussions.

While in Korea this week for the ICANN meeting I will have the opportunity to meet with representatives of most of the major registrars. We all have an interest in making the market cleaner and more efficient. It is still early days and I have no doubt that this will be warmly received as would any input from other interested parties.

In addition to the news release about our new service, YummyNames, we’ve also put together a short video explaining what YummyNames is all about with Bill Sweetman, General Manager, YummyNames:

And we also have a social media release (SMR) which is a special webpage loaded with nearly a dozen videos, images, quotes and links about the announcement. You can view that here.

Of course, we’d also like to invite you over to the brand new YummyNames website where you can try a search or two and see what the portfolio has to offer.

As we pointed out last week, the Canadian Internet Registration Authority (CIRA) which operates the .ca registry, is about to introduce some big changes to its existing WHOIS policies. The changes are largely associated with what information WHOIS databases, registrars and resellers are able to disclose about registrants.

These upcoming changes will have a pretty significant impact on some of our .CA policies. Specifically:
Our public WHOIS database, like CIRA’s, will protect registrant information by default. All personal information about individual registrants will be kept private, including the name of the Registrant and the name and any contact information.

• Registrants have the ability to disable WHOIS privacy from the CIRA registrant interface if they choose to do so. It is enabled by default.
• Corporations and organizations will have the option to request similar WHOIS protection in special circumstances. It is disabled by default.
• Interested third parties will still be able to contact the registrant by using a contact form available on CIRA‚Äôs website (similar to other WHOIS privacy services).
• Resellers will be required to keep registrant information confidential, revealing personal information via telephone or otherwise under very specific circumstances only.

These changes will come into effect on June 10. CIRA will begin messaging registrants about the upcoming changes this week.

After much deliberation and consultation (in other words, in true Canadian fashion), the Canadian Internet Registration Authority (CIRA) has announced that WHOIS Privacy will go into effect on .ca domain names beginning June 10th, 2008.

The CIRA approach to WHOIS privacy is quite interesting and demonstrates a clear desire to protect the privacy of Registrants. There is full information on the new policies at the CIRA website.

In his Law Bytes column in today’s Toronto Star, Michael Geist calls the new policy “a model for domain name registries around the world.”

Geist goes on to suggest that CIRA is now in a global leadership position on the issue of registrant privacy. Geist writes, “With more than a million Canadian domain name registrations, the resolution of the whois issue ensures that the Canadian domain name space is set for continued growth as it now features a “privacy advantage” over other domains struggling to strike a similar compromise.”

What makes the CIRA policy different is that WHOIS privacy is enabled by default for individual domain owners. Registrants have to specifically opt-out with CIRA to have their information displayed. In contrast, the registration information for corporate domain holders is shown by default, however, they can opt-out and hide the information in what CIRA calls special circumstances.

As you would expect, we’ll be fully complying with the new policies. We’ll have more on how things will work from both a Registrar and from the Reseller perspective soon.

Domain name renewal schemes are nothing new – we’ve been dealing with them for years – but we figured it wouldn’t be a bad idea to bring them to your attention once again. A quick Google search brings up thousands of examples.

The usual tactic, known as domain slamming, is fairly basic – unethical companies mine WHOIS records for Registrant information and domain expiry dates. Then, months in advance, they contact the Registrant either by mail or email with a very official looking and sounding document or message that tells them to protect their valuable name by renewing early. A Google Images search brings up a couple of scanned examples.

Of course, when the Registrant sends the cheque or pays by credit card, thinking they are doing the right thing, what actually happens is that a Registrar transfer is initiated. The Registrant will then blindly go through the steps to complete the transfer, again thinking they are doing the right thing to protect their valuable domain name.

Combatting this is really fairly simple. I spoke with Paul Karkas, our Compliance Manager, who has been dealing with this kind of thing for years and has a few recommendations for resellers:

1. WHOIS Privacy. This is the absolute best protection. It stops the practice dead in its tracks as there is no way for to contact the Registrant directly. Encourage your customers to take advantage of WHOIS Privacy and the protection it offers. Tucows includes WHOIS Privacy for free as part of our domains package.
2. Domain locking. A locked domain can’t be transferred, again, preventing the domain slam. The transfer attempt may generate a support call by the Registrant to remove the lock, in which case you have the perfect opportunity to make sure the transfer is legitimate.
3. Communication. Let your customers know about this practice and ensure that your customers know who you are and who their Registrar is. Clearly spell out your communication policies surrounding renewals (i.e. “We never send mail invoices reminding you to renew.”) before the scammers have a chance to spread their mis-information.

The Registrant is only one of the victims in domain slamming. When your customers get taken by fake notices like these, you lose their domain business. But if you take the time to educate your customers, you reap the benefits of a better relationship in which the customer knows that you are on their side, looking out for their interests.

Earlier this week, the ICANN Board recommended making the ICANN fee of $0.20 per domain year non-refundable. Previously, that fee was refundable if the domain was deleted within the five day Add Grace Period (AGP).

Around the same time, Google announced it would drop names consistently added and deleted during the AGP from its AdSense program, making it far more difficult to profit from ads served on those domain names.

We think ICANN’s resolution to introduce a fee is a good first step, but we don’t believe it goes far enough; some tasters will look at a nominal $0.20 fee as a cost of doing business. Add Grace Period abuse could be further diminished or eliminated by substantially shortening the AGP period to 12 hours or less. This would let registrants correct ‘true’ mistakes like spelling errors (which is what the AGP was originally intended for), while significantly curbing the practice of tasting at the same time.

For those of you who aren’t aware of what tasting is, here’s a quick overview: Generic Top Level Domains (also known as ‘gTLDs’) support what is known as an ‘Add Grace Period’ (AGP). Originally designed to correct domain name registration errors like typos and such, the AGP allows registrars to delete any names they register within five days, and receive a full refund.

Over the past several years the AGP has been used largely for profit instead of correcting mistakes. Some registrars register names en masse, display ads on them, measure their traffic, and then see which ones might be profitable to keep. The rest are deleted before the end of the grace period. How many names are deleted? According to an ICANN report, 94% of all .com registrations in January 2007 were deleted. Some registrars even re-register and delete the names over and over, allowing them to essentially keep the names for free.

The result of this practice is short-term trademark infringement, consumer confusion as sites disappear/re-appear (and point to advertising), and a great deal of unnecessary (and potentially dangerous) operational load.

Domain tasting will be one of many issues up for discussion at ICANN’s 31st International Public Meeting, will take place between February 10 and 15. I’ll be heading to India in two weeks and I’ll provide coverage of the meetings here on the Tucows blog.

As¬†James mentioned in yesterday’s post¬†here on the Tucows Blog,¬†Network Solutions Inc.¬†caused quite a furor¬†when they confirmed that they are “front running”¬†(registering domains based on domain searches done by potential registrants).

After a contributor to Domain State broke the story, it was covered on Techmeme, Digg, Slashdot, and a host of individual sites and blogs, etc. and so on. Heck, it even made USA Today.

To be clear, Network Solutions officially denied they were front running:

Although Network Solutions does temporarily register a site a customer searched for, spokeswoman Susan Wade denied there’s anything nefarious afoot. “Network Solutions is not front-running,” she said. Network Solutions holds the domain for up to four days, during which time a customer can register it only from Network Solutions and after which it again becomes generally available if unregistered, Wade said. But that feature, she said, is a “pre-emptive” measure to protect customers–from front-runners. That’s because front-runners can tell when a customer has searched for a domain at Network Solutions, for example because Network Solutions then must check availability at other sites when a customer searches, Wade said.

Respectfully, this is spin. As many of those up in arms about this have pointed out, Network Solutions is effectively saying “we’re pre-emptively front running to help prevent others from front running”. ¬†My guess is most people would say “thanks but no thanks”. I’m concerned however about an aspect of Susan Wade’s statement that others haven’t made much of, namely that registries are involved in Front Running.

“This search data is captured at the various registries. We believe there are registries and/or Internet service providers that may be selling this data to front-runners. So, by holding domains searched on Network Solutions, this pre-empts the search data being captured,” she said.

If Network Solutions has evidence of registries  - or any service provider for that matter Рactually being involved in front running, I urge them to share this information with the Internet community so that we can all make sure that these people are called out for the practice and our customers can be told to avoid them in the future.