THE DOMAIN NAME INDUSTRY BRIEF VOLUME 11 ISSUE 2 AUGUST 2014

Similar documents
THE DOMAIN NAME INDUSTRY BRIEF VOLUME 11 ISSUE 1 APRIL 2014

THE DOMAIN NAME INDUSTRY BRIEF VOLUME 10 - ISSUE 1 - APRIL 2013

THE DOMAIN NAME INDUSTRY BRIEF VOLUME 11 ISSUE 3 DECEMBER 2014

The DOMAIN NAME INDUSTRY BRIEF VOLUME 8 - ISSUE 3 - AUGUST 2011

STATE OF DNS AVAILABILITY REPORT

The Internet Ecosystem and ICANN!! Steve Stanford University, Center for Information and Society! 29 April 2013!

FAQ (Frequently Asked Questions)

Innovating with the Domain Name System: From Web to Cloud to the Internet of Things

The Domain Name. Volume 7 - Issue 1 - february 2010

Before the. Committee on Energy and Commerce Subcommittee on Communications and Technology United States House of Representatives

DomainWire. Edition 11 Q Council of European National Top level Domain Registries -

IANA Functions to cctlds Sofia, Bulgaria September 2008

The Domain Name Industry Brief Volume 4 - Issue 4 - June 2007

Telecom and Internet Regulatory Challenges and Opportunities Names, Numbers, Internet Governance

D o m a in Name. Council of European National Top level Domain Registries - Edition 4 - May 2013

Internet Technical Governance: Orange s view

Intelligent Infrastructure for Security

DEAR VERISIGN STOCKHOLDERS:

The Domain Name Industry Brief

PLAN FOR ENHANCING INTERNET SECURITY, STABILITY, AND RESILIENCY

Final. Dr. Paul Twomey President and Chief Executive Officer Internet Corporation for Assigned Names and Numbers (ICANN)

Current Counter-measures and Responses by the Domain Name System Community

New gtld Basics New Internet Extensions

Computer Networks: Domain Name System

DNS Security FAQ for Registrants

CYBERSECURITY INESTIGATION AND ANALYSIS

Securing DNS Infrastructure Using DNSSEC

DEAR VERISIGN STOCKHOLDERS:

The IANA Functions. An Introduction to the Internet Assigned Numbers Authority (IANA) Functions

Security related proposals in the DAG v3

Internet Security and Resiliency: A Collaborative Effort

Kim Davies Internet Assigned Numbers Authority

ICANN STRATEGIC PLAN JULY 2012 JUNE 2015

CentralNic Privacy Policy Last Updated: July 31, 2012 Page 1 of 12. CentralNic. Version 1.0. July 31,

ACCEPTABLE USE AND TAKEDOWN POLICY

Measures to Protect (University) Domain Registrations and DNS Against Attacks. Dave Piscitello, ICANN

The domain name market in Afnic Domain Name Industry Report

The Domain Name Industry Brief Volume 5 Issue 5 September 2008

Root zone update for TLD managers Mexico City, Mexico March 2009

ARTE TLD REGISTRATION POLICY

DNS Cache Poisoning Vulnerability Explanation and Remedies Viareggio, Italy October 2008

.Brand TLD Designation Application

DNS Security Survey for National Computer Security Incident Response Teams December 2010

.tirol Anti-Abuse Policy

Phishing Trends Report

2014 IANA FUNCTIONS CUSTOMER SERVICE SURVEY RESULTS. Survey by Ebiquity Report by Leo Vegoda & Marilia Hirano

An introduction to IANA Presentation Notes

Domain Name Control Considerations

SAC 044 A Registrant s Guide to Protecting Domain Name Registration Accounts

SAC 049 SSAC Report on DNS Zone Risk Assessment and Management

ftld Registry Services Security Requirements December 2014

.bbva TLD Registration Policy

DOMAIN NAME DAY. + Helsinki; 14 th February; Nigel Hickson, ICANN

2015 IANA Functions Customer Service Survey Results

The future of International SEO. The future of Search Engine Optimization (SEO) for International Business

Before the DEPARTMENT OF COMMERCE Internet Policy Task Force

2008 DNS Cache Poisoning Vulnerability Cairo, Egypt November 2008

the DAshBoARD elebrating 25 Years January to June 2010 C of.org Bi-AnnuAl DomAin name RepoRt on.org, the public interest ReGistRy

The Canadian Internet Registration Authority (CIRA) manages a 100% up time service - the.ca domain name registry for over 2.

Acceptable Use Policy

Radix Reserved Names Policy

Verisign/ICANN Proposal in Response to NTIA Request

Acceptable Use Policy and Terms of Service

The Future of the Internet

Domain Name Registration Agreement

Why Managed DNS Services

Detecting Search Lists in Authoritative DNS

Response to Solicitation Number: SA R-P0-016

GENERAL* POLICY OF AKKY S DOMAIN NAMES. Policy to be enforced as from May 5 th, 2012.

Year End Results for FY10 Trimester Goals Color Key: T1 T2 T3

Guidance for Preparing Domain Name Orders, Seizures & Takedowns

NATIONAL CREDIT UNION ADMINISTRATION 1775 Duke Street, Alexandria, VA 22314

.IBM TLD Registration Policy

Draft WGIG Issue Paper on the Multilingualization of

DNSSEC - Why Network Operators Should Care And How To Accelerate Deployment

DOMAIN NAME SECURITY EXTENSIONS

.ASIA Reserved Names Policies

Acceptable Use (Anti-Abuse) Policy

An Analysis of the Most Infringed Terms within Domain Names

Best Practices for Protecting your Online Brand. Gretchen Olive Baltimore ACC November 15, 2007

Overview of DNSSEC deployment worldwide

ICANN: achievements and challenges of a multi-stakeholder, bottom up, transparent model

<.bloomberg> gtld Registration Policies

DomainWire. Edition 13 Q Council of European National Top level Domain Registries -

Code of Conduct Exemption Request Form

DNSSEC. Introduction. Domain Name System Security Extensions. AFNIC s Issue Papers. 1 - Organisation and operation of the DNS

Domain Name Registration Agreement

14. Privacy Policies Introduction

NAME. Internationalized Domain Names (IDNs) -.IN Domain Registry. Policy Framework. Implementation

5 DNS Security Risks That Keep You Up At Night (And How To Get Back To Sleep)

Domain Name Market Briefing. 24 June 2012

SECURITY TRENDS & VULNERABILITIES REVIEW 2015

1. The following terms and conditions apply to the domain registration Service: 1. You acknowledge and recognize that the domain name system and the

Countering Insider Threats Jeremy Ho

THE MASTER LIST OF DNS TERMINOLOGY. First Edition

WHITE PAPER BENEFITS AND BARRIERS OF BRINGING A SMALL BUSINESS ONLINE: PERSPECTIVES FROM GLOBAL SMALL BUSINESSES

Expert Q&A on Brand Protection in the Expanded gtld Program

DNSSEC: A Vision. Anil Sagar. Additional Director Indian Computer Emergency Response Team (CERT-In)

Submission of the.au Domain Administration Ltd (auda) to the Australian Government's Cyber Security Review

Distributed Systems. 22. Naming Paul Krzyzanowski. Rutgers University. Fall 2013

Transcription:

THE DOMAIN NAME INDUSTRY BRIEF VOLUME 11 ISSUE AUGUST 1 THE VERISIGN DOMAIN REPORT AS A GLOBAL LEADER IN DOMAIN NAMES AND INTERNET SECURITY, VERISIGN REVIEWS THE STATE OF THE DOMAIN NAME INDUSTRY THROUGH A VARIETY OF STATISTICAL AND ANALYTICAL RESEARCH. VERISIGN PROVIDES THIS BRIEFING TO HIGHLIGHT IMPORTANT TRENDS IN DOMAIN NAME REGISTRATION, INCLUDING KEY PERFORMANCE INDICATORS AND GROWTH OPPORTUNITIES, TO INDUSTRY ANALYSTS, MEDIA AND BUSINESSES.

EXECUTIVE SUMMARY The first quarter of 1 closed with a base of million domain name registrations across all toplevel domains (TLDs), an increase of five million domain names, or 1. percent over the fourth quarter of 1. Registrations have grown by 19. million, or. percent, year over year. 1 The base of country-code top-level domains (cctlds) was 1.1 million domain names, a.9 percent increase quarter over quarter, and a 1.1 percent increase year over year. The.com and.net TLDs experienced aggregate growth, reaching a combined total of approximately 18. million domain names in the adjusted zone in the first quarter of 1. This represents a percent increase year over year. As of March 1, 1, the base of registered names in.com equaled 11. million names, while.net equaled 1. million names. Mobile commerce sales are up 1 PERCENT from Q1 1 New.com and.net registrations totaled 8. million during the first quarter of 1. In the first quarter of 1, new.com and.net registrations totaled 8.8 million. The order of the top TLDs in terms of zone size changed slightly when compared to the fourth quarter, as.ru (Russia) moved up a ranking from the ninth largest TLD to the eighth largest TLD, resulting in.info moving down one ranking to ninth largest TLD. All other TLDs in the top maintained their rankings. The largest TLDs in order by zone size were.com,.tk (Tokelau),.de (Germany),.net,.uk (United Kingdom),.org,.cn (China),.ru (Russian Federation),.info and.nl (Netherlands). As of March 1, 1, there were 198 new generic TLDs (gtlds) delegated into the root; 1 of which were delegated during the first quarter of 1. LARGEST TLDs BY ZONE SIZE Source: Zooknic, Q1 1; Verisign, Q1 1; Centralized Zone Data Service, Q1 1 1 8 9.com (TOKELAU).tk (GERMANY).de.net (UNITED KINGDOM).uk.org (CHINA).cn (RUSSIAN FEDERATION).ru.info (NETHERLANDS).nl 1 MILLIONS 1 The gtld and cctld data cited in this report are estimates as of the time this report was developed, and is subject to change as more complete data is received. Total includes cctld Internationalized Domain Names.. Any difference between the sum of these numbers and the total figure for the domain name base is due to rounding..tk is a free cctld that provides free domain names to individuals and businesses. Revenue is generated by monetizing the expired domain names. Domain names no longer in use by the registrant or are expired are taken back by the registry and the residual traffic is sold to advertisement networks. http://www.businesswire.com/news/home/118/en/freenom-closes-m-series-funding#.uxeugnjdv9s The number of delegated new gtlds is published by ICANN. http://newgtlds.icann.org//en/program-status/delegated-strings Mobile commerce sales performance is published by Internet Retailer Magazine: http://www.internetretailer.com/1//1/mobile-commerce-sales-are-1-q1--retailers

gtld BREAKDOWN BY ZONE SIZE As of March 1, 1, there were a total of gtlds in the root, with approximately 19 million registrations. The top largest gtlds by zone size were.com,.net,.org,.info,.biz,.mobi,.asia,.cat,.tel and.name. Largest gtlds by Zone Size, in Millions Source: Centralized Zone Data Service, Q1 1 1 8 9.com.net.org.info.biz.mobi.asia.cat.tel.name 1 MILLIONS At the end of the first quarter of 1, 198 new gtlds were available for registration. New gtld registrations totaled,91, or. percent of total gtld registrations. The largest new gtlds by zone size were.guru,.berlin,.photography,.tips,.today,.email,.technology,.company,.directory and.clothing. Largest NEW gtlds by Zone Size, in Thousands Source: Centralized Zone Data Service, Q1 1 1 8 9.guru.berlin.photography.tips.today.email.technology.company.directory.clothing THOUSANDS The total number of gtlds and their registrations is published through the Centralized Zone Data Service: https://czds.icann.org/en

cctld BREAKDOWN OF ZONE SIZE Total cctld registrations were approximately 1.1 million in the first quarter of 1 with the addition of. million domain names, or a.9 percent increase compared to the fourth quarter of 1. This is an increase of approximately 1. million domain names, or 1.1 percent, from a year ago. Among the largest cctlds, four exceeded percent overall quarter-overquarter growth: Tokelau (8. percent), Argentina (. percent), India (1. percent) and Colombia (1. percent). This marks four straight quarters where Tokelau has exceeded percent growth. 1.1 MILLION cctlds up.9% quarter over quarter As of March 1, 1, there were 8 global cctld extensions delegated in the root (including Internationalized Domain Names), with the top cctlds comprising.8 percent of all cctld registrations. Largest cctlds by Zone Size, in Millions Source: Zooknic, Q1 1 For further information on the Domain Name Industry Brief methodology, please refer to the last page of the report. 1 (TOKELAU).tk (GERMANY).de (UNITED KINGDOM).uk (CHINA).cn (RUSSIAN FEDERATION).ru (NETHERLANDS).nl (EUROPEAN UNION).eu 8 (BRAZIL).br 9 (ARGENTINA).ar (AUSTRALIA).au 1 MILLIONS 9 9 PERCENT PERCENT of.com websites are in English 8 More than of networks are compromised in some way 9 Internet users send MILLION emails per minute The number of cctld extensions cited in this report is published by IANA. 8 Source: Verisign. 9 Source: Mary Meeker s 1 Internet trends report: http://www.kpcb.com/insights/1-internet-trends?_ga=1.1.1119.189 The number of emails sent per minute is published by Domo and reported by Mashable: http://mashable.com/1///data-online-every-minute/?utm_cid=mash-com-tw-main-link

DNS QUERY LOAD During the first quarter of 1, Verisign s average daily Domain Name System (DNS) query load was 8 billion across all TLDs operated by Verisign, with a peak of billion. Compared to the previous quarter, the daily average increased. percent and the peak increased. percent. Year over year, the daily average increased 1.8 percent and the peak increased percent. DNS Query Load by Quarter Q1 Q1 1 DNS Peak Day Queries DNS Daily Average Queries 1 Billions 1 Q1 Q Q Q Q1 Q Q Q Q1 8 Q 8 Q 8 Q 8 Q1 9 Q 9 Q 9 Q 9 THE DOMAIN THREAT LANDSCAPE: PROTECTING CRITICAL INFRASTRUCTURE REQUIRES A LAYERED SECURITY APPROACH Because domain names represent online identities, businesses of all sizes have expressed increasing concern over reports of domain name hijacking. Domain name hijacking occurs when perpetrators falsify the registration data for a domain name by transferring the name away from its rightful registrant, thereby gaining unauthorized access to data and control over the namespace. Attackers use a wide range of techniques to hijack domain names, from spyware and keystroke loggers to social engineering, in which scammers impersonate registrants or other entities in the chain of trust in order to gain access to passwords and personal information. Regardless of the technique used, the end-result for registrants is often severe. Once an attacker has full control of a domain name, they have FEATURED ARTICLE Q1 Q Q Q Q1 11 Q 11 Q 11 Q 11 Q1 1 Q 1 Q 1 Q 1 Q1 1 Q 1 Q 1 Q 1 Q1 1 free reign to use it for any number of nefarious purposes, from creating their own scam websites, to hosting watering holes with illegal and dangerous content such as malware, to extorting the original owner. Preventative Measures The danger of domain name hijacking is a threat that can be significantly reduced with proper planning and mitigation techniques. Monitoring Whois change activity, DNS change activity, and establishing and monitoring domain status/domain registry lock services are all techniques that registrants should regularly employ. Additionally, registrants should research their registrar s security offerings and take advantage of the tools they offer. This kind of awareness can go a long way toward mitigating risk of hijacking. Registrants who prioritize maintaining active relationships with their registrars and ensure that their registration data and contact information is up to date can avoid becoming the low hanging fruit that hijackers often target.

Registry locking services Today, there are also additional tools to help registrants protect their domain names. Registry-level Lock Services provide additional levels of authentication between a registry and registrars by helping to prevent unauthorized, unwanted or accidental changes to registered domain names through server-level protection of locked domain names and/or name server records for registrants. For example, Verisign s Registry Lock Service, which is available through registrars for domain names on.com,.net,.tv,.cc and.name, was designed to be used in conjunction with a registrar s proprietary security measures to bring a greater level of security to registrants domain names and help mitigate the potential for domain name hijacking, inadvertent or unintended deletions, transfers or updates. Registry Lock allows registrants to set the conditions under which their registration information can and cannot be changed. At the highest settings, Registry Lock requires direct, human-to-human interaction between registries and the registrant of record in order for a registration to be transferred. Furthermore, Whois lookup tools for registries such as Verisign enable administrators to check if their domains are locked at the registry. By taking advantage of domain locking tools offered by registrars, registrants can make it much less likely for their domain name registrations to be changed without their full knowledge and consent. However, this is not the only precaution necessary to avoid hijacking. DNSSEC Protection From MITM Attacks Given that a single DNS name server can act as the name-toaddress resolution point for thousands or millions of users, the potential impact of Man-in-the-Middle (MITM) attacks can be considerable, and one of the most effective forms of protection from MITM attacks is the Domain Name System Security Extension (DNSSEC). It protects the Internet community from forged DNS data by using public key cryptography to digitally sign authoritative zone data. DNSSEC validation of this data by users provides assurances that the data originated from the stated source and that it was not tampered with in transit. It can also prove that a domain name does not exist. has been instrumental in advancing DNS protocols for security and efficiency. For example, it has worked to enhance the DNS-Based Authentication of Named Entities (DANE) protocol, which builds on the DNSSEC infrastructure to enable cryptographically-secure communications. This technique can be used to exchange cryptographic credentials, such as for more generally enabling signed and encrypted email between Internet users in different organizations. The benefits of DNSSEC deployment are substantial for: The Internet community by improving security protections in the zones that are signed Registrars by allowing them to offer domain signing services to their customers ISPs by increasing the integrity verification capabilities of the data returned to their customers Users by protecting them from DNS vulnerabilities such as cache poisoning and MITM attacks Although DNSSEC enhances DNS security, it s not a comprehensive solution. Other layers of protection, such as DDoS mitigation, security intelligence, Secure Sockets Layer (SSL) encryption and site validation, and two-factor authentication should be used in conjunction with DNSSEC. While the threat of domain name hijacking is very real, organizations can significantly reduce the threat of hijacking through effective tools and the appropriate vigilance. It s critical that registrants consider the DNS registration ecosystem elements (e.g., registrar, DNS providers, registry operators, etc.) as part of their attack surface, know that adversaries see them as potential soft spots, and treat the task of preventing domain name hijacking with as much care as any other asset when performing risk management functions. Verisign implemented DNSSEC in the.com and.net zones to help assure users that the data they receive from their Internet request originated from the stated source and was not modified in transit by malicious actors. Additionally, Verisign

LEARN MORE To subscribe or access the archives for the Domain Name Industry Brief, please go to VerisignInc.com/DNIB. Email your comments or questions to domainbrief@verisign.com. ABOUT VERISIGN As a global leader in domain names and Internet security, Verisign powers the invisible navigation that takes people to where they want to go on the Internet. For more than 1 years, Verisign has operated the infrastructure for a portfolio of top-level domains that today include.com,.net,.tv,.edu,.gov,.jobs,.name and.cc, as well as two of the world s 1 Internet root servers. Verisign s product suite also includes Distributed Denial of Service (DDoS) Protection Services, idefense Security Intelligence Services and Managed DNS. To learn more about what it means to be Powered by Verisign, please visit VerisignInc.com. METHODOLOGY The data presented in this report for cctlds, including quarter-over-quarter and year-over-year metrics, reflects the information available to Verisign at the time of this report and may incorporate changes and adjustments to previously reported periods based on additional information received since the date of such prior reports, so as to more accurately reflect the growth rate of the cctlds. In addition, the data available for this report may not include data for the 8 cctld extensions that are delegated to the root, and includes only the data available at the time of the preparation of this report. The Internet Corporation for Assigned Names and Numbers IDN cctld Fast Track Process enables countries and territories that use languages based on scripts other than Latin to offer users domain names in non-latin characters. The first quarter of 1 was the first quarter that Verisign reported the IDN cctlds which were delegated in the root zone at that time. Recognizing that this growth did not all occur in the first quarter of 1, the changes in domain name registrations for each new TLD were phased in beginning with the quarter that the IDN.IDN variants were initially launched, in order to more closely model the changes in the worldwide domain name growth. Following the initial launch, the quarterly growth rate for previous TLD launches was applied to determine the domain base. These adjustments resulted in a growth curve for each TLD that is typical of historic TLD introduction lifecycles.. For gtld and cctld data cited with Zooknic as a source, the Zooknic analysis uses a comparison of domain name root zone file changes supplemented with Whois data on a statistical sample of domain names which lists the registrar responsible for a particular domain name and the location of the registrant. The data has a margin of error based on the sample size and market size. The cctld data is based on analysis of root zone files. For more information, see ZookNIC.com. Information on or accessible through this website is not part of this report.

INDUSTRY EVENTS Upcoming industry events through Sept., 1 WHD.asia: September, 1, Singapore Ninth Annual Internet Governance Forum: September -, 1, Istanbul, Turkey DomainX: September, 1, Hyderabad, India th ISO General Assembly: September -1, 1, Rio de Janeiro, Brazil The Digital Strategy & DotOps Congress: September 18-19, 1, Amsterdam, Netherlands INTA s Internet, Innovation and ICANN: The Evolving Landscape of the Net: September 18-19, 1, San Francisco, California Statements in this announcement other than historical data and information constitute forward-looking statements within the meaning of Section A of the Securities Act of 19 as amended and Section 1E of the Securities Exchange Act of 19 as amended. These statements involve risks and uncertainties that could cause our actual results to differ materially from those stated or implied by such forward-looking statements. The potential risks and uncertainties include, among others, the uncertainty of whether the U.S. Department of Commerce will approve any exercise by us of our right to increase the price per.com domain name, under certain circumstances, the uncertainty of whether we will be able to demonstrate to the U.S. Department of Commerce that market conditions warrant removal of the pricing restrictions on.com domain names and the uncertainty of whether we will experience other negative changes to our pricing terms; the failure to renew key agreements on similar terms, or at all; the uncertainty of future revenue and profitability and potential fluctuations in quarterly operating results due to such factors as restrictions on increasing prices under the.com Registry Agreement, changes in marketing and advertising practices, including those of third-party registrars, increasing competition, and pricing pressure from competing services offered at prices below our prices; changes in search engine algorithms and advertising payment practices; the uncertainty of whether we will successfully develop and market new products and services, the uncertainty of whether our new products and services, if any, will achieve market acceptance or result in any revenues; challenging global economic conditions; challenges of ongoing changes to Internet governance and administration; the outcome of legal or other challenges resulting from our activities or the activities of registrars or registrants, or litigation generally; the uncertainty regarding what the ultimate outcome or amount of benefit we receive, if any, from the worthless stock deduction will be; new or existing governmental laws and regulations; changes in customer behavior, Internet platforms and web-browsing patterns; system interruptions; security breaches; attacks on the Internet by hackers, viruses, or intentional acts of vandalism; whether we will be able to continue to expand our infrastructure to meet demand; the uncertainty of the expense and timing of requests for indemnification, if any, relating to completed divestitures; and the impact of the introduction of new gtlds, any delays in their introduction, the impact of ICANN s Registry Agreement for new gtlds, and whether our gtld applications or the applicants gtld applications for which we have contracted to provide back-end registry services will be successful; and the uncertainty regarding the impact, if any, of the delegation into the root zone of up to 1, new TLDs. More information about potential factors that could affect our business and financial results is included in our filings with the SEC, including in our Annual Report on Form -K for the year ended Dec. 1, 1, Quarterly Reports on Form -Q and Current Reports on Form 8-K. Verisign undertakes no obligation to update any of the forward-looking statements after the date of this announcement. VerisignInc.com 1 VeriSign, Inc. All rights reserved. VERISIGN, the VERISIGN logo, and other trademarks, service marks, and designs are registered or unregistered trademarks of VeriSign, Inc. and its subsidiaries in the United States and in foreign countries. All other trademarks are property of their respective owners. Verisign Public 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information