Technical Details and Vendor Advice

Verisign recently released a report highlighting a key security concern surrounding the new gTLD roll-out:  Intranet extensions like .local or .home.  How can such seemingly innocuous (and even comforting) words represent a serious security concern?

Apparently, the answer is when the formerly “homegrown” Intranet extensions are also launched in the world wide web as Internet extensions.

FairWinds Managing Partner Phil Lodico observes that some large enterprises have and continue to use “generic” TLDs within their networks. Because these TLDs are specific to a company’s own network, one enterprise in New York City could have an internal TLD named .local and another enterprise in Boston could have a completely separate .local on its network. The two networks are not connected, and so it doesn’t matter that there are two .local TLDs.

However, as Versign points out, some of these internal networks received digital certificates for their internal TLDs. (An example of a digital certificate is the little lock, or Secure Sockets Layer (SSL), that appears at the bottom of a webpage to indicate that it is safe to complete a financial transaction from that site.) In the example of .home, a disgruntled employee with access to one of the network-specific SSLs on .home could spoof a credential for a website such as Nike.HOME or HSBC.HOME.   In the reverse scenario, an employee of a company with an Intranet that uses a soon to be “real” Internet TLD could be vulnerable to an attack if they attempt to access their Intranet version of “.home” while outside of the network.

In this parallel cyberspace scenario, is it the internal network’s problem that they created an Intranet using a generic extension when ICANN has stated since its inception that there would be new gTLDs – some of which would be generic?  Or is it ICANN’s fault because it oversees the entire space?  Ultimately, Lodico concludes, the burden lies on the Intranet network operators and ICANN leadership.  Cyber space is comprised of both and must safely coexist.

Where’s Keanu Reeves - er, Neo - when you need him?

The Trademark Clearinghouse (TMCH) is poised to open Tuesday of next week, which means that March 26 will be the first day that brands or their agents can register their trademarks with Deloitte's system.  That’s the FIRST day, not the last.

In fact, there is no deadline for registering trademarks. The TMCH will accept registrations on a rolling basis, as trademark owners submit them. It is up to the trademark owner to decide when it will register, and this is a decision that should be driven by each trademark owner's particular protection needs.

For example, if a company is concerned about its presence in Internationalized Domain Names (IDN) – in non-Latin scripts such as Cyrillic, Japanese, Arabic, or Hindi – they should plan to file their trademarks early because the IDNs will be delegated first.

Deloitte’s announcement this week indicates that, even if ICANN is able to meet the projected April 23 date for the first new gTLD delegations, the Sunrise periods for those gTLDs may not take place until late May. Thus, trademark owners should, for the most part, plan on registering their marks in the two months after March 26.

Other TMCH timeline changes made after vigorous debate with ICANN stakeholders:

Trademark Claims service extended from 60 to 90 days

The Trademark Claims Service (more detail here) alerts both the registrant and the registry when someone tries to buy a domain that is an “Identical Match” to a trademark found in the TMCH.

This notification system originally was set to run for 60 days after general registration opens in that gTLD. Registry Operators had the option to run it longer. Now, the notification system will be required to run for at least 90 days.

The Impact:

This change provides an extra 30-day cushion. The Trademark Claim Service is an alert system and does not block an attempted registration. So it might stop some registrants from registering “Identical Match” domain names, but it will do little more than slow down more determined cybersquatters.

Clearinghouse will accept previously abusive registrations

Each trademark owner can submit up  to 50 "domain labels" that were registered abusively in the past. For example, if FairWinds Partners filed a successful UDRP complaint to reclaim FairWWindsPartners.TLD, then it could submit "FairWWindsPartners" to the TMCH. The trademark owner has to prove that the "domain label" was registered abusively by showing a successful URDP complaint that resulted in a domain transfer to the trademark owner.

The Impact:

The TMCH will become the repository of more than just "identical matches," at least for the purposes of the Claims service. Claims notices will be sent to the registrant and the rightful owner whenever there is any attempt to register "domain labels" as domain names. Again, the benefit of the Trademark Claims Service is limited, but it provides a broader scope of protection.

Each Sunrise period will be preceded by a 30-day notice

The Sunrise period will allow trademark owners to register domains that are identical matches to their trademark before cybersquatters have the chance to register the domains. Now, 30 days before the Sunrise, gTLD Registry Operators will have to inform the public of the timing and rules of the Sunrise.

The Impact:

Trademark owners will have time to prepare to protect their marks with each wave of gTLD launches.

With all the attention and fervor surrounding the gTLDs that are poised to launch as part of the New gTLD Program, it’s easy to forget that other new top-level domains have launched over the past year or so. These include .SX and .CW, the country code extensions for Sint Maarten and Curacao, and .POST, the recently delegated top-level domain sponsored by the Universal Postal Union. According to a recent post on Domain Incite, it’s not just businesses and Internet users who have overlooked these newly launched TLDs – apparently, major browsers have as well. (more...)

As a special holiday treat, FairWinds is releasing the next three videos in its new gTLD series. Today’s videos feature FairWinds’ Engagement Manager Alex White and Samantha Demetriou, Director of Marketing and Communications, explaining ICANN and the various stakeholder groups that make up the ICANN community, with a special focus on the GAC.

This will likely be the last gTLD Strategy post of 2012, so we wish all of our readers a happy and safe holiday season. Check out the last video in the post for a special holiday message from the FairWinds team. For each view, we will make a donation to the St. Jude Children's Research Hospital and the Incredible Teddy Foundation. (more...)

Today kicks off the sale of tickets for ICANN’s Prioritization Draw in Los Angeles, California. The sale will continue until the morning of Monday, December 17. The Draw will take place later that day.

We've explained the Prioritization Draw previously here on the blog, but for a refresher, you can check out the video below, where FairWinds’ consulting associate Molly Burke discusses the details of the Draw. (more...)

If you’re a new gTLD applicant, there is a chance that at some point over the past few weeks, you received a notice from ICANN informing you that your application had been selected to be part of a Clarifying Questions Pilot program. In an August 9 webinar, ICANN pointed out that although the questions that select applicants receive as part of the Pilot are actual questions based on the evaluators’ review of the application in question, the answers that applicants send in will not be counted toward the ultimate evaluation of their applications. Rather, this Pilot program is designed to help ICANN ensure that it gets the Clarifying Question (CQ) process right by asking the right questions to elicit the proper responses from applicants. (more...)

ICANN has long upheld the stance that its role, though critical to the everyday functions of the Internet as we know it, is very limited. In fact, on the Frequently Asked Questions page of ICANN’s website, it says the following:

“ICANN's role is very limited, and it is not responsible for many issues associated with the Internet, such as financial transactions, Internet content control, spam (unsolicited commercial email), Internet gambling, or data protection and privacy.”

This delineation of what exactly it is that ICANN is responsible for and what it is not was stated again by its interim CEO Akram Atallah in a recent Reuters article about the deluge of public comments ICANN has received over who should operate certain religious gTLDs that were applied for as part of the New gTLD Program, namely .BIBLE, .ISLAM and others. While certain comments implore ICANN to make sure that these names do not fall into the “wrong” hands, Atallah told Reuters, “We don't look into whether the Vatican has the right to the .CATHOLIC name. Hopefully, the process will get to a conclusion that is satisfying to the majority.” (more...)

If you read our last gTLD Strategy post, you’re probably sick of hearing about the Trademark Clearinghouse (TMCH) by now. But today is an important day in the ongoing development and implementation of this aspect of the New gTLD Program.

Today and tomorrow, ICANN is hosting a technical summit at the Deloitte offices in Brussels (Deloitte and IBM were selected to develop the TMCH), where representatives from registries and registrars will have the chance to weigh in on many of the technical aspects of the TMCH. This meeting was the result of widespread demand expressed by these two groups during the ICANN Public Meeting in Prague in June. Essentially, their argument boiled down to, “We’re the ones who need to use the TMCH, so we should get a say in how it works.” (more...)

It’s summertime. Your new gTLD applications are in, the jury (or in this case, the ICANN Board) is still out on batching, and Initial Evaluation is just barely underway. We couldn’t blame you if you wanted to kick back, relax, or even sneak off to the beach for a day or two.

Here at FairWinds, we’ll be spending this slight downtime in – where else? – the New gTLD Applicant Guidebook. Most recently, we delved into the pages of the Guidebook to break down the four paths that applications can take once they get through Initial Evaluation. Now, certain applications will inevitably have to go down multiple paths, given their circumstances. But for the sake of this post, we’ll discuss the four separately. (more...)