Internet Heavyweight's Security Blunders: gTLDs Gone Wrong

The Internet Corporation for Assigned Names and Numbers - ICANN, to you and me - has come clean over a bug in their software that led to the leaking of personal information. ICANN are currently in the process of offering 'generic top level domains' to wealthy bidders. Unfortunately, due to a problem with the TLD application system, applicants were able to view confidential information on their competitors.

Note: This article was published in June 2012.


What Are gTLDs?
Generic top level domains allow business (and private users, provided they have the cash!) to buy the rights to use a unique URL extension - .google, for instance, or .security. These extensions not only allow companies to stand out with a unique URL related to their industry ( is an example that has been thrown around a lot since ICANN announced this service last year) but with the new wider range of URLs offer businesses a wider range of ways to market themselves.

Difficult Birth
Sadly, the registration system's launch has been far from smooth. ICANN announced early on that three hundred to a thousand new gTLDs could be put in place per year, with the registration period for the first wave ending on April 12th 2012. Instead of closing the registration system on April 12th as planned and moving onto the evaluation phase, ICANN were instead forced to put a stop to applications, as news of the bug broke.

Applicants for a specific extension were, in some instances, displayed details of rival bids for that and other extensions. Rather than continue on schedule after coming under fire over this flaw in the system, ICANN announced plans to refund the full cost to any applicants who were shown to have been affected by the system malfunction.

The Price Is Right
Surprisingly though - or perhaps not, as the case may be - ICANN have experienced another setback since then. Registration for gTLDs, which was supposed to reopen on May 8th, had been pushed back once more, to May 22nd - giving applicants just 8 days to register their interest in a specific domain extension.

The service is sure to prove popular, in spite of the tremendous price attached to each gTLD and the proven instability of the registration system. Companies that have already signed up to be a part of the scheme include both Canon and Google. For corporate heavyweights such as these, the $185,000 application fee is relatively negligible - but they're also joined by at least another 800 parties claiming to have put forward payments for a gTLD.

These sizeable fees are sure to rack up quite a profit for ICANN - and it doesn't stop at the initial payment, either. Applicants who are successful in their bid for a particular gTLD extension will also find themselves saddled with an annual maintenance fee for this new domain of $25,000.

Perhaps ICANN will be investing this impressive revenue stream back into correcting the security problems in their software, ahead of their final release of the gTLD application process. If they're hoping to hold onto those juicy cheques from business investing in their services, they should give it some serious thought.
Author About
Akhilesh Sharma maintains and writes Tweak And Trick. He is a technology enthusiast and a science student.
You can contact him at

Featured Posts