Only about a month ago we reported about a big recall of certificates organised by Sectigo. They would be revoking about 6000 certificates, mostly owned by Dutch companies. They gave a 6-day notice.
Let’s encrypt just responded with “hold my beer”, announcing to revoke 3 million certificates with only a 5-day notice.
Every 3 months a special ceremony takes place in which new cryptographic “Zone Signing Keys” are being signed, which will be used the next quarter to secure the root DNS zone. These DNSSEC keys are the basis of every DNSSEC-protected domain name. A copy of the “Key Signing Key” required for this, is kept at two secure locations in the US. In order to be able to use it, multiple steps need to be taken during a lengthy ceremony, including the opening of two safes by IANA/ICANN staff. February 12th such a ceremony should have taken place. Since the expected life time of the safes had been reached, IANA had scheduled for them to be replaced. For one of the safes, the expected life time turned out to be extremely accurate: while trying to open it, the lock mechanism refused to cooperate.
Sectigo (formerly known as Comodo) is one of the leading providers for certificates. Such certificates are used to encrypt internet traffic going to websites and mailservers. Sectigo is now recalling almost 6000 certificates, all of which were issued to companies from The Netherlands. The recall action was announced Wednesday. Affected clients have less than one week to install a new certificate. On January 28 the old certificates will be revoked and websites on which the certificate has not been replaced will refuse to load.
Last week over 350.000 .uk domain names have (finally) been claimed by their rightful owner. Over the last 3 weeks combined, there were even well over one million .uk domain names registered. That’s much more than for example the 271.000 .uk names registered during the 52 weeks of 2018.
Almost exactly 5 years ago, direct registrations under .uk were launched. Prior to that time, only registrations under subdomains like .co.uk or .org.uk were possible. Owners of a .co.uk (or .org.uk, .net.uk,…) however had their name reserved for them free of charge for the first 5 years. Because of this, most stuck with their .co.uk domain name and didn’t bother registering (and starting to pay for) the same name under .uk.
The Irish registry IEDR is currently carrying out a public consultation asking if it should loosen its registration rules or not. Currently, in order to register a .ie domain name, you need to proof a link with Ireland and to have a claim on the domain name you want to register. This claim can be a registered trade mark or a company name, which are easy to verify. But it could just as well be something more vague like a type of service you plan to offer in the future. The new plan would be to still require proof of a bond with Ireland, but if you can proof such an Irish link, then you may register any .ie domain name.
Without anybody noticing, the .cd-registry recently became an abandoned ghost registry adrift. For many years, the registry was run by one person who originated from Congo, but is now employed by a South-African university. According to contacts with the Congolese government, they wanted to bring back the management of the .cd domain space to within Congo and the South-African administrator left the ship abandoned before a take-over could be arranged.
The Norwegian registry NORID carried out some small alterations to their terms and conditions. One of which is to also allow the usage of the accented letter ï (i umlaut) in .no domain names. Apparently they only now discovered that this letter is being used in one of the official languages spoken in Norway, exactly 13 years after allowing the usage of accented letters for .no domain names.
After about 5 years of bickering behind the scenes and over 3 years after the first new gTLD’s went live, .africa is finally ready to launch. It took so long before the launch was possible because there were two applicants for this TLD. Both claimed to have support from African countries, but reasonably soon it became clear that the bid coming from the registry also running .co.za (ZACR) was the more sound bid.
About two years ago we reported that the Dutch registry might be allowed to run the .bv domain name extension. This actually is the country code of the Bouvet Island, but since this is a completely inhabited island, the domain name extension has never been taken into active use. With Bouvet Island being a dependency of Norway, the Norwegian registry NORID is responsible for the .bv extension. Because there is no local market for .bv, they had been negotiating with the Dutch registry SIDN about handing over .bv management to them. “BV” in Dutch is the same as for example “Ltd” in English or “GmbH” in German.
Old habits die hard. And that clearly is true for what people are used to in the domain name market. While 100’s of new extensions have been launched the past few years, most people stick to what they know. There is some clear proof of this with the .uk extension. This was launched two years ago as the replacement for .co.uk. Nominet, the registry behind both .co.uk and .uk, put everything into place so that owners of a .co.uk domain name would be able to make a smooth transition towards .uk. Two years later, it turns out that hardly anybody has actually made the switch.