Tuesday, September 25, 2018

In English shall we?

This is a complete interview from Andrew Allemann (from Domain Name Wire) giving full details on the .BEST new gTLD project.

Innovation
Again, and for the first time in the history of domain names, an innovation is brought here since we're not talking about domains only: the acquisition of the .BEST registry adds cryptocurrency and the development of a new kind of social network to this acquisition.

Questions answered
Andrew Allemann comes with targeted questions and gets answers on how the project is funded and by who, why it is so important to have a "decentralized" social network, what the reviews are going to be and how they will be rewarded, Cyril Fremont also gives market figures and explains why this new business model makes sense today.

An example, based on figures,  comparing Facebook to this new social network is also given in this interview.

In English this time: listen to the podcast.

Monday, September 24, 2018

The .BEST new gTLD: more details are given

This is a one hour podcast giving all details about what the .BEST social network is going to be and how users will be able to generate an income from it. Note that this publication was already posted on CircleId.

100,000,000 users
Yes, you read that correctly, we're talking about a potential of 100,000,000 million users by 2022, and that means millions of ".best" domain names. In this major project, two ventures are identified: the .BEST registry itself, which comes as the tool to develop an innovative social network.

Details are given
Cyril Fremont gives lots of details on how his social network, focusing on reviews, is going to be different from Google Reviews, Facebook, Yelp and TripAdvisors. If one would be tempted to think that ... well, "that's just going to be another social network", then, I strongly suggest to listen carefully the part of the interview on the decentralization of this network. I already interviewed Cyril Fremont in July 2018 and did not pay attention to this but the fact that this social network is decentralized answers a very important legal question: registrant's data will be hosted in their country of residence. GDPR, are you listening?

Unexpected questions
Another interesting aspect of this interview is that Cyril Fremont met with 6 high-tech experts on several subjects from different industries: questions were not written in advance and these specialists hit him with unexpected questions such as:
  • How will you pay people?
  • How will you ensure that reviews won't be fake?
  • How will you have users to come to that network?
  • How do you finance such a project? And you will learn about:
    • An ongoing $10,000,000 operation to finance the bootstrap of the social network;
    • An ICO of $20,000,000 to finance the next stage of the social network).
  • How is the team built around this innovative project and… a few names are given.
I suggest to listen to his answers in this podcast (in French). The social network will be launched in January 2019.

Update: another interview was recently given in English.

Friday, September 21, 2018

A dotBrand Email is a Seal

In August the 14th of 2018, we relayed the information that Canon email addresses would use a ".canon" domain name ending. Changing the domain name extension for websites is one thing but changing emails...is something else.


A ".brand" domain name is seal
We've already explained the benefit of using a personalized domain name, ending in the name of a trademark for a website: it clarifies things and a user can be certain that he has reached the right website and no copy, or competitor or squatter, of it. Due to the prohibitive new gTLD application fee of $185,000, it makes it hard for squatters to follow.

A good example to show would that website from Gucci (the famous luxury Trademark): https://www.diventafornitore.gucci/. The domain name extensions ending in ".gucci" is the seal since there's no mistake, nor doubt, about where the consumer has reached out to: it is the Gucci Trademark.

If some Trademarks, to have applied for their own domain name extension, start to use their dotBrand new gTLD for their websites, only one has announced its intention to change all of its emails: the Canon Trademark just did that.

A ".brand" email is a seal
It is possible to fake an email: I receive spam coming from my own personalized email sometimes and my spam filter just knows it and does the rest. It means that any spammer with a little knowledge knows how to fake an email but the purpose of using such method is just to send emails for spam, not get a response so we're not really concerned here since the real benefit of using a ".brand" email is to send AND receive emails.

Spammers also often use typos in domain names (they also now use homoglyphs more and more) but they can do that creating second level domains only (what comes right before the extension), not first domains (the extension) and that's where the huge difference is.

When receiving an email from a domain name ending in ".com" (for example), anything that comes before the ".com" extension could have been created by anyone; and so the email could come from...anyone, unless the receiver is certain that it comes from the right person AND that it is not an homoglyph. The truth is that this does not happen very often but it happens and it could happen to you. Banks and other major Trademarks from all industries face such spam sent to their clients daily.

When receiving an email ending in the name of a Trademark like Canon just announced it, no one can create a domain name ending in that same Trademark but the Trademark itself which applied for it at the ICANN as a .BRAND new gTLD (specification 13). It then blocks instantly hackers and squatters from the possibility to do the same. Canon explains:
"Because ".canon" can only be used by Canon Group companies and services as well as related organizations, visitors to sites that use the TLD can easily confirm their authenticity and be assured that the information they contain is reliable."
Welcome to the future of secured email.

Hey wait...
What if an entrepreneur applied for a Trademark similar to the Canon one and decided to sell these domain names to the public? Good question...have a look here then ;-)

Thursday, September 20, 2018

The LinkedIn new gTLD group is changing

Recently, LinkedIn informed group owners about a few changes on how groups will now work and on how can participants benefit more from being members. We are approaching the 3,000 participants but still, the level of participation remains low so I hope that the below will be of interest.

What's changing
What LinkedIn recently changed to the groups:
  1. Groups are now accessible from the LinkedIn mobile application: note that this is something truly useful but I have not yet found how to do this. Since these changes are recent, it should be a matter of days.
  2. Unless I missed something, it is not possible to send a weekly email to the members of the group anymore.
  3. You are encouraged to invite people and again, publishing content related to new gTLDs (only) is open to anyone as long as you stick to the subject. I just block domainers who try to sell their domain names.
  4. When sharing content from other sites, it is recommended to add a question to the content you are sharing to invite discussion.
Reminder
We now pay attention to publishing all content to the Google+ Community, which is another communication channel that we maintain on a daily basis.

The new gTLD group is free to access. You can join and contribute here.

Tuesday, September 18, 2018

Most abused TLDs are not new gTLDs

I often read critics about new gTLDs but most of the time, they come from the ".com" domaining industry and those investors who can't sell their domain names anymore because new gTLDs have now flooded the market.

Most abused TLDs
While reading a French article on the .BZH new gTLD, I discovered the existence of the SURBL list of most abused TLDs and I was not surprised to read that the most abused TLD is ".com". The reason for this is obvious to me: it's been there forever and trademarks want to make no mistake starting something online. Trademarks often look for their ".com" first, instead of searching for something that offers more precision...but things are changing.


The SURBL list
The SURBL list is a good indicator and in today's report (Tue Sep 18 08:00:12 UTC 2018 - updated every hour), it clearly shows that ".com" leads in terms of abuses. In this top 10 of most abused TLDs:
  • The .COM comes first on top of the list;
  • Country code Top Level Domains (ccTLDs) are present with 6 ccTLDs;
  • Other legacy TLDs such as ".net", ".biz", ".info" and ".org" are listed too (that counts as 4 legacy TLDs);
  • Then we have 9 new gTLDs, which comes as no surprise since they offer the advantage of availability, with an important number of new extensions to have launched at the same time (hundreds of them).
Confusing new gTLDs: the next list
I recently read that article from FairWinds Partners, entitled "How Cybersquatters Capitalize on Typos and How to Protect Your Brand". I recommend this reading since ccTLDs are a serious risk when it comes to securing a ".com" domain name...but I doubt that ".com" si the future.

If the future is with new gTLDs - and that's my strong feeling - I think that it is time to add that the typos risk might become second with the introduction of hundreds of extensions: similar TLDs such as ".cam" and ".com", ".casa" and ".cash" or again ".fun" and ".fund" are the new risk to consider when registering a domain name since the problem will not be the type but the exact same second level domain in a different extension. I compiled a list of similar new gTLDs that I strongly suggest to check prior to registering any domain name.

My opinion on this
I have personally redirected my old ".com" domain name to my new ".consulting" one since I do...consulting: not because ".com" is the most abused TLD, but because it makes more sense to me. And by the way, I do Consulting, not "com": whatever it means.

Monday, September 17, 2018

The .BEST new gTLD and SEO Whitepaper

This is a whitepaper published by the .BEST new gTLD registry. I particularly like the title used in the presentation: "The untold truth". This is an extract of the content that you will find in this document:
  1. Why choose a .BEST domain name;
  2. What is the .BESt new gTLD;
  3. Examples of possible domains names on .EST;
  4. Why ".BEST"?
  5. Best and Food;
  6. Best and Products;
  7. Best and Entertainments,
  8. Best and Services;
  9. Best and Co;
  10. Google Trends score:
    1. Score: 97/100;
    2. Best vs Price.
  11. HOT: dotBEST and SEO:
    1. .BEST and Google;
    2. .BEST and CTR (Click Through Rate);
    3. .BEST and Bounce rate;
    4. .BEST and Dwell Time (time on site);
    5. .BEST and Pages Per Visit;
    6. .BEST and Conversion rate;
    7. Conclusion.
  12. Examples of ".best" domains indexed in google.

Download the White Paper here.


Wednesday, September 5, 2018

Second UPDATE: Registries and Law Enforcement Agencies

It often requires a court order for an accredited registrar or a registry (ccTLDs, legacy and new gTLDs) to respond to a security threat and when going through an online procedure, it can take...months.

Procedures to stop a phishing operation for example have to go through filling several online forms or sending an email to a registry or a registrar, then wait for something to happen. Such situations are a nonsense since a phishing operation should and could be stopped instantly by "taking down" the domain name.

Changing the status of a domain at the registry level can stops the domain name hosting the phishing operation from working and investigations can then start.

Why are procedures blocking simple things like stopping a phishing or homograph attack from being possible when this could be done instantly? Threats attempts are not going stop, and they're not going to decrease neither.

Law enforcement agencies
These agencies don't do things to be more profitable, nor they have a financial interest in doing their job. They don't work for a client, and if they have one, it is the civil society: these agencies contribute to tracking criminals, stopping pedophiles, terrorists and other persons who think that they can hide behind a fake profile or a domain name.

These agencies should be treated differently when contacting a registry since they contribute to saving lives and not increase the income of a private company.

A dedicated point of contact
Registries seat on top of the pyramid when it comes to domain name infringement: they are the legal entity to take the technical action on a domain name: they can press the button for something to happen FAST.

I often contact registries and found almost no direct contact for law enforcement agencies, which have to stand in line and use the standard contact forms or abuse emails. I believe that this could change since phishing and homograph attacks are becoming more and more sophisticated. The increasing number of new gTLDs won't help lowering these threats in the future.

The ICANN answer
I asked ICANN the following question: "Which working group at ICANN can help national law enforcement agencies to work on the creation of a direct contact at registries for major threats?"

If I noticed that such point of contacts exist at an extremely limited number of registries, I also noticed that such question could be raised at the ICANN for the benefit of consumers. The ICANN answered me and I was offered to look at a certain number of organizations:
  • The Anti-Phishing Working Group, which did not answer the last email that I sent them when I informed them about an ongoing phishing operation (this organization requires a payment of a membership);
  • The Messaging Malware and Mobile Anti-Abuse Working Group that I never heard about and which also requires a membership payment too. They wrote "Recommendations for Preserving Investments in New Generic Top-Level Domains (gTLDs)" in January 2018;
  • The At Large Community (ALAC) which is "the primary organizational home for the voice and concerns of the individual Internet user in the ICANN processes". As a long time contributor to this community ("new gTLDs topic"), I didn't know that I was already in the place to have my question answered so I have questioned the ALAC staff.
Update
The staff answered me with the below:

"Thank you for your inquiry. Your topic of interest is broad, and several groups within ICANN discuss these issues.
Might I point you to related working group pages, where you may familiarize yourself with their issues and determine the best fit:
In addition, there is a page on the ICANN website with resources for Registry Operators. Please let me know if we may assist you further."

As expected, the answer received was fast and if I doubt that the GAC will help, the Security and Stability Advisory Committee (SSAC) might do so, so I sent a third email to the SSAS staff with this question: "I have the question below and wonder where national law enforcement agencies should debate to raise this question. Is the SSAC working group the right place where to start a debate and incite registries to provide a point of contact dedicated to national law enforcement agencies?"

Second update and final
ICANN answered me the below and I have to admit that...they answer fast for such an important organization. Surprisingly, following the publication of this post, I was contacted by "users" who have similar questions and...well...you don't need to know about the rest ;-)
The answer from ICANN:
I wish I had been given the name of a person to contact directly because, as you might have understood, I don't just do this for fun; but I guess that I'll dig i the SSR direction.

Monday, September 3, 2018

LinkedIn: did some cleaning

I have a lot of contacts on LinkedIn and I would easily write that I n-e-v-e-r shared anything with probably 90% of them so I wonder: what's the point in allowing someone to add me in his list of contacts if he has nothing to tell me?

I once asked to someone who added me (and I accepted him to add me to his list) what was the reason for adding me and the guy...just did not answer me.

3,500 contacts?
I have an important list of more than 3,500 contacts and I use LinkedIn exclusively for work. I don't pay attention to the rest: my friends and family usually contact me on Facebook or send me emails...oh...and they call me too.

I've started a little cleaning on LinkedIn and since it is not possible to massively delete contacts - yes, you have to do that one by one on LinkedIn - I have decided to use the method below:
  • Self proclaimed mentors: go away;
  • Indian Seo specialists and marketing experts: go away (note that I have nothing against people from India but I am so spammed by these requests...);
  • No picture? Go away;
  • The word "influencer" (or equivalent) appears in you title? Go away;
  • You've not answered me after 2 messages: go away;
  • Recruiters: go away;
  • You sell wine: go away ;-)
  • You still use a ".com" domain name? go away;
  • Advertising your number of LinkedIn connections in your signature? Go away;
  • .com Domainers domain name investors: go away;
  • You forgot to put a capital letter to your family name: go away;
  • I don't understand more than 50% of what is written in your signature or title? Go away;
  • No personalized message with the reason why you want to add me on LinkedIn: go away;
  • Not in the new gTLD business (or close to it): go away unless you have a serious question.
Limiting to 300 connections = done
I did clean my list of connections and lowered its number of contacts to 300. I think that makes more sense and as a new method, I will try to stick to 300; meaning that I will remove a connection for one gained.

My email can be used to contact me instead (or visit Jovenet Consulting).

Good to know prior to contacting me on LinkedIn
  1. I now refuse LinkedIn incoming connection attempts when there's no introduction message;
  2. A "no" is always acceptable to me as long as I get an answer so I now:
    1. delete contacts who don't answer me;
    2. remove them from groups I moderate on LinkedIn.
"With regards"

The .FAN new gTLD finally launches

I was about to entitle this post "the .FAN new gTLD re-launches" but in fact, it never launched: it existed...but never launched. The new gTLD report dedicated to Singular VS Plural new gTLD tracked registrations since 2016 but the Sunrise Period itself had not been announced and the Trademark Clearinghouse calendar says nothing about it until...recently. That might sound strange but some new gTLDs are in this exact same position: they've existed for years but they've not launched yet (the .CONTACT and .FORUM new gTLDs for example).

When
  • Sunrise Period starts: Tuesday, 2 October, 2018 - 16:00;
  • Sunrise Period ends: Saturday, 1 December, 2018 - 16:00.

What
Extracted from the application submitted to the ICANN, Donuts, which announced the acquisition of the TLD in June 2018, does not say much about the benefit to use a ".fan" domain name: "This TLD is attractive and useful to end-users as it better facilitates search, self-expression, information sharing and the provision of legitimate goods and services. Along with the other TLDs in the Donuts family, this TLD will provide Internet users with opportunities for online identities and expression that do not currently exist." and it also says things like"This TLD is a generic term and its second level names will be attractive to a variety of Internet users. Making this TLD available to a broad audience of registrants is consistent with the competition goals of the New TLD expansion program, and consistent with ICANN’s objective of maximizing Internet participation."

I personally like the descriptiveness ot the TLD since the word "Fan" makes no doubt about what you will find behind such a domain name.

Singular or Plural?
There is another .FANS new gTLD ("fan" with an "s") which already has 1,500 something domain names registered and since the risk is high to use such a domain name without owning the exact same second level domain in both versions of the extension, I would suggest to buy two domain names instead of just one.

Good to know
And if you are a sports' fan, the restricted .SPORT new gTLD launches its Sunrise Period tomorrow.

.BRAND new gTLD Reports are updated once a month: CLICK HERE !