ICANN Invent A Whole Universe Of Mess

In case you hadn’t heard/didn’t care, ICANN have authorised the creation of arbitrary privately-controlled top-level domains. So what does this mean?

Well, the happy hippy theory fun about it all is that suddenly there’s the capacity for pretty much anybody (well, anybody with a particularly deep wallet, and – for now – a demonstrable business plan) to set up their own top-level domain. A top-level domain is the bit at the end of a domain name, like .com, .net, or .org. The idea is that this will increase the number of providers from whom you, as a consumer, can choose to purchase your domain from, as well as giving you more choice – someday, I’ll probably get the opportunity to buy dan.q, for example, or scatman.dan.

Of course, it’ll take a long, long time before people start understanding that these things really are domain names. There’s still a certain stigma attached to not being a .com, because many web users will guess the dot-com domain names first. The success of the “no www.” campaign has been hampered mostly because people do think, in general, that web site addresses have to start with www. and have to end with .com, .co.uk, or another one of a handful of extensions they’re familiar with. If Jo Public sees e.mail written on an advertisement without (or perhaps even with) a http://, www., or both, in front of it, they won’t have a clue that what they’re looking at is a domain name. And how often do you actually use a .biz or a .mobi, and they’ve been around for a while now?

A bigger problem, though, is the capacity for phishing attacks. Apart from their ability to sue my arse off, what’s to stop me becoming the registrar for .microsoft, .paypal, or .natwest. If I sent a large spam attack out suggesting that people get a critical update from https://www.windowsupdate.microsoft/, I’ll bet that at least 50% of the people who click the link will go on to download whatever malware I want them to and become part of my zombie network.

It’ll only take one such event – and perhaps less – for ICANN to start being very, very careful about who it gives top-level domains to. And with all of the applications they could potentially get, they’ll quickly get bogged down in administering the top-level domain system. There’ll be backlogs of months or even years on new top-level domains, a lack of trust of them, and people will still continue to play with .coms for decades to come.

It’ll all work out in the end, I’m sure (although I anticipate a punch-up between ICANN and New.net – which ICANN will win, of course – in the near future). But I’m just not sure we should be letting the unwashed masses loose on their own TLDs quite yet.