Registry Lock Post Mortem

| September 18, 2013

Andrew Allemann of Domain Name Wire earlier this week put up a detailed post about Registry Lock stats, using data from DomainTools from the period before the Syrian Electronic Army hack of MelbourneIT. We thought it would be interesting to see if any of the top sites that previously did NOT have Registry Lock, had seen fit to enable it thereafter. So we pulled up the Status details on the Alexa Top 1000 domains, and this is what we found:

Of the approximately 900 sites that did NOT have Registry Lock prior to the SEA hack, only 39 companies have since added Registry Lock to their primary domain. That good news is that is 40% more than prior, the bad news is that there are still over 850 domains that remain unlocked at the registry level.

So who stepped up? A few companies you may have heard of, including: CNN, The Wall Street Journal, HP, Amex, Oracle, IBM and the BBC. There was a predominance of news/journalism sites on the list of 39, not surprising given the prior SEA targets. Oddly, the domain Today.com, owned by NBC, removed Registry Lock last week.

Here is the full list of domains that changed status since August 27th:

RANK DOMAIN
11 amazon.com
23 tumblr.com
39 ask.com
44 imdb.com
59 cnn.com
65 akamaihd.net
74 adobe.com
77 huffingtonpost.com
98 aol.com
116 nytimes.com
160 foxnews.com
237 wsj.com
252 usatoday.com
273 reuters.com
277 washingtonpost.com
305 hp.com
311 xe.com
324 bloomberg.com
360 americanexpress.com
387 techcrunch.com
448 java.com
476 backpage.com
521 monster.com
526 engadget.com
582 oracle.com
608 marketwatch.com
613 twimg.com
633 slate.com
668 eonline.com
682 wired.com
706 mapquest.com
754 businessweek.com
767 sfgate.com
774 patch.com
775 today.com
791 ibm.com
858 bbc.com
891 mysql.com
949 chron.com
1077 cpanel.net
Share

Category: Domain Tools Updates

About the Author ()

Tim Chen is a proven business development and operational executive, having worked in and around Internet and software companies for over 15 years. Tim has been the CEO of DomainTools for four years, appointed during the May 2009 spin out of DomainTools from Thought Convergence, Inc. (TCI). Before joining DomainTools, Tim spent a year as TCI's Vice President of Corporate Development and 2.5 years leading the domain acquisition efforts for Internet REIT, one of the first venture funded domain investment companies. Tim started in the domain world in 2005 by incubating new business ideas with Mark Pincus (Founder of Zynga) and a small team of engineers in San Francisco. Prior to focusing on the domain and DNS communities, Tim spent seven years in business development executive roles with Internet and software companies in the Bay Area, and four years in the Corporate Finance group at J.P. Morgan in New York. Originally from Rochester, New York, Tim is a Phi Beta Kappa graduate of Haverford College, has an MBA from Stanford University, and sits on the board of NewRetirement.com, an automated retirement planning service.

Comments (2)

Trackback URL | Comments RSS Feed

  1. It’s nice to see Registry Lock becoming more popular. VeriSign should be pushed to lower its fees (when ICANN approved the monopoly service, there were no pricing restrictions), and registrars should be encouraged to promote it more.

    If it was priced on a cost-recovery basis, the costs should be minimal, i.e. on the order of $10 to $20 per “unlock” event (with no annual fees to place a domain name on registry lock or to maintain it in a locked state).

    In a properly-designed system, the only time human-verification is really required (and thus when higher costs are faced) is when the registry lock is removed.** Adding it back can and should be totally automated. Removing the lock, and the “out-of-band” verification (by both registrars and the registry) that it requires, is what registrants are ultimately paying for.

    **[To be accurate, there are different fine-grained states of the "lock", e.g. one can in theory prevent transfers, but allow nameserver changes, but in practical terms, I think most users would use the registry lock in an "all-or-nothing" manner, with the coarsest settings]

    Furthermore, to show how low the costs could be, that $10 to $20 per “unlock” event (mentioned above) should apply regardless of the number of domains involved in the event. In other words, the registrar (and registry) could unlock 1, 10, 50, 100, or 1000 or more domains all at once, in a bulk transaction (i.e. with a single out-of-band verification for the entire group of domains). That would lower the cost to end-users considerably, since the registrar could batch the requests if they aren’t urgent. (Urgent requests could still be handled with a batch size of “1″, with the registrant paying more than if it was in a group of say 50 others in a daily batch)

  2. tai youtube says:

    Hello, I read your new stuff daily. Your story-telling style is awesome, keep it up!