Feeds

EU domain registry hijacked, claims GoDaddy

Hundreds of shell domain registering companies bent system

  • alert
  • submit to reddit

Top three mobile application threats

Europe's brand new .eu top level domain has been hijacked, according to one of the internet's leading registrars.

GoDaddy CEO Bob Parsons has laid into .eu registry owner EURid for approving hundreds of what he calls "phantom" registrars who have walked away with the bulk of the 1.4m .eu domains registered since the domain was opened to the public earlier this week.

In a blog post, Parsons accused EURid of "grand manipulation and lax administration" for allowing hundreds of companies to be registered with the same contact details. The way the process worked, each registered company was effectively put in a line and was entitled to make a bid for a single .eu domain. If the domain was available, it was given to the company, if not, it wasn't. That registrar then was sent to the back of the line to queue up again.

However, out of the 1,570 accredited registrars, we have calculated that at least 630 were not separate registrars. One company in New York - whose backers Parsons claims to know - are responsible for at least 350. This meant effectively that one company had several hundred times its usual opportunity to get hold of particular .eu domains.

Not only is this unfair, says Parsons, but it will most likely lead to the end users paying much more for a .eu domain because the company behind it will charge more and/or auction the domain. It wasn't just the New York company either: there were 58 registrars from Vancouver approved that were the same company; 57 from Bellevue, Washingon; 32 from Portland, Oregon; 32 from Elsbethen in Austria; 18 from Nijmegen in the Netherlands, and 12 from Stanberg and Regensburg in Germany.

However, EURid has rejected the charge that these are no more than phantom companies. "Each registrar had to show us proof of the company registration," a EURid spokesman said. "They had to sign a registrar agreement, follow the regulations, show proof of their existence, and deposit 10,000 euros."

EURid had to "treat everyone on an equal basis", he claimed, answering Parsons' suggestion that only established registrars should have been entitled to register .eu domains, with the assertion that the process needed competition.

Each shell registrar had provided bona fide documentation that it was a separate company to EURid, and if they are in breach of the signed registrar contract, they will have the domain names they have registered put on hold, EURid confirmed. But this still leaves EURid open to accusations that it failed to close a loophole that has allowed unscrupulous companies to walk away with the lion's share of Europe's own top level domain.

Despite the controversy, many observers remain amazed at .eu's success. With 1.7m domains now registered in total, it has established itself as the internet's seventh biggest registry in just under a week. ®

Related link

Bob Parsons' blog post

3 Big data security analytics techniques

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.