Every 3 months a special ceremony takes place in which new cryptographic “Zone Signing Keys” are being signed, which will be used the next quarter to secure the root DNS zone. These DNSSEC keys are the basis of every DNSSEC-protected domain name. A copy of the “Key Signing Key” required for this, is kept at two secure locations in the US. In order to be able to use it, multiple steps need to be taken during a lengthy ceremony, including the opening of two safes by IANA/ICANN staff. February 12th such a ceremony should have taken place. Since the expected life time of the safes had been reached, IANA had scheduled for them to be replaced. For one of the safes, the expected life time turned out to be extremely accurate: while trying to open it, the lock mechanism refused to cooperate.

Sectigo (formerly known as Comodo) is one of the leading providers for certificates. Such certificates are used to encrypt internet traffic going to websites and mailservers. Sectigo is now recalling almost 6000 certificates, all of which were issued to companies from The Netherlands. The recall action was announced Wednesday. Affected clients have less than one week to install a new certificate. On January 28 the old certificates will be revoked and websites on which the certificate has not been replaced will refuse to load.

Last week over 350.000 .uk domain names have (finally) been claimed by their rightful owner. Over the last 3 weeks combined, there were even well over one million .uk domain names registered. That’s much more than for example the 271.000 .uk names registered during the 52 weeks of 2018.

Almost exactly 5 years ago, direct registrations under .uk were launched. Prior to that time, only registrations under subdomains like or were possible. Owners of a (or,,…) however had their name reserved for them free of charge for the first 5 years. Because of this, most stuck with their domain name and didn’t bother registering (and starting to pay for) the same name under .uk.

The Irish registry IEDR is currently carrying out a public consultation asking if it should loosen its registration rules or not. Currently, in order to register a .ie domain name, you need to proof a link with Ireland and to have a claim on the domain name you want to register. This claim can be a registered trade mark or a company name, which are easy to verify. But it could just as well be something more vague like a type of service you plan to offer in the future. The new plan would be to still require proof of a bond with Ireland, but if you can proof such an Irish link, then you may register any .ie domain name.

Without anybody noticing, the .cd-registry recently became an abandoned ghost registry adrift. For many years, the registry was run by one person who originated from Congo, but is now employed by a South-African university. According to contacts with the Congolese government, they wanted to bring back the management of the .cd domain space to within Congo and the South-African administrator left the ship abandoned before a take-over could be arranged.

The Norwegian registry NORID carried out some small alterations to their terms and conditions. One of which is to also allow the usage of the accented letter ï (i umlaut) in .no domain names. Apparently they only now discovered that this letter is being used in one of the official languages spoken in Norway, exactly 13 years after allowing the usage of accented letters for .no domain names.

After about 5 years of bickering behind the scenes and over 3 years after the first new gTLD’s went live, .africa is finally ready to launch. It took so long before the launch was possible because there were two applicants for this TLD. Both claimed to have support from African countries, but reasonably soon it became clear that the bid coming from the registry also running (ZACR) was the more sound bid.