Expansion of Top-Level Domains Hits a Snag

By Samuel Greengard

Over the years, the World Wide Web has evolved into an indispensable tool for communication, commerce and more. The original .com domain, which was introduced in 1985, has mushroomed into 22 primary top-level domains in the United States and more than 300 top-level domains worldwide. Unfortunately, this still isn’t adequate to satisfy the demands of an increasingly virtual world.

Now, the Internet Corporation for Assigned Names and Numbers (ICANN) is in the process of adding approximately 1,400 new top-level domains, which is likely to occur soon. On one hand, these new domains will alleviate a severe shortage of virtual real estate. On the other hand, a number of large companies—including the likes of PayPal and VeriSign—have expressed concerns that the current structure presents a threat to major brand names.

“The Internet has become a crucial part of the marketing system, and the structure is about to be substantially altered,” says Dan Jaffe, group executive vice president at the Association of National Advertisers (ANA). “Under the current proposal, there is growing pressure for defensive registrations.”

The basic problem, he says, is that the proposed expansion doesn’t allow companies to register their exact trade name as a secondary domain (the portion of the URL that appears to the left of the dot) before opening up the system.

“If there is no low-cost way to register and protect a trade name, we will see an extraordinarily complicated and time-consuming situation unfold,” Jaffe says. The situation could hit medium and small businesses even harder—as well as many charitable organizations—because many don’t have the systems and resources to monitor and manage multiple domain registrations. What’s more, the situation could involve multiple countries with varying laws and different languages.

In fact, the situation could lead to serious security issues. The ability to spoof a legitimate address or name could become much easier. For example, an e-mail from Wellsfargo.corp or Wellsfargo.bank wouldn’t necessarily mean that the message is from the bank. “Verifying ownership of the domain could become a significant challenge,” Jaffe says.

VeriSign, the largest registrar of domains on the Web, noted in a recent report that ICANN’s current proposal could produce numerous security and stability holes. “The recent disclosure of issues with Internal Name Certificates, and the broader implications of new gTLDs to parties that rely on the Internet DNS, will be far-reaching if these issues are not addressed by ICANN in a timely manner,” the firm noted. VeriSign has requested additional testing, pilots and field trials, along with more stringent guidelines about who can register domains and how the process takes place.

ICANN did not respond to Baseline‘s requests for a comment on this matter.

Says ANA’s Jaffe: “There is a need to delay implementation until things can be done right. Otherwise, we are likely to see a new wave of cyber-squatting, type-squatting and phishing issues that are going to make the current problems seem insignificant by comparison.”