Tag Archives: Google

New TLDs, Registrant, Registrar, Registry

Google Commences Early Access Program for .PAGE Ahead of GA on 9 October

Google’s fifth open new gTLD commenced its Early Access Program on 2 October with a new tier commencing each day until 6 October at 16:00 UTC, each tier with a lower price. Tier 5, which is the final and cheapest tier commencing on 6 October lasts 3 days. Then on 9 October General Availability commences with the standard fee.

.page is being promoted as an ideal domain name for all occasions… a generic top level domain!

Google is promoting security as a top priority for all Google Registry’s domains, including .page. To help keep information safe, all .page websites require an SSL certificate, which helps keep connections to .page domain names secure and helps protect against things like ad malware and tracking injections. Both .page and .app, which launched in May, will help move the web to an HTTPS-everywhere future.

Google also has a claims period that runs indefinitely, during which trademark owners will receive notification when their marks are registered as domains.

Google has listed 10 interesting things some people and businesses are already doing on .page:

  1. Ellen.Page is the website of Academy Award®-nominated actress and producer Ellen Page that will spotlight LGBTQ culture and social causes.
  2. Home.Page is a project by the digital media artist Aaron Koblin, who is creating a living collection of hand-drawn houses from people across the world. Enjoy free art daily and help bring real people home by supporting revolving bail.
  3. ChristophNiemann.Page is the virtual exhibition space of illustrator, graphic designer, and author Christoph Niemann.
  4. Web.Page is a collaboration between a group of designers and developers who will offer a monthly online magazine with design techniques, strategies, and inspiration.
  5. CareerXO.Page by Geek Girl Careers is a personality assessment designed to help women find tech careers they love.
  6. TurnThe.Page by Insurance Lounge offers advice about the transition from career to retirement.
  7. WordAsImage.Page is a project by designer Ji Lee that explores the visualizations of words through typography.
  8. Membrane.Page by Synder Filtration is an educational website about spiral-wound nanofiltration, ultrafiltration, and microfiltration membrane elements and systems.
  9. TV.Page is a SaaS company that provides shoppable video technology for ecommerce, social media, and retail stores.
  10. Navlekha.Page was created by Navlekhā, a Google initiative that helps Indian publishers get their content online with free authoring tools, guidance, and a .page domain for the first 3 years. Since the initiative debuted at Google for India, publishers are creating articles within minutes. And Navlekhā plans to bring 135,000 publishers online over the next 5 years.
Registrant, Registrar, Registry

Early Access Period for .PAGE Commences October

Google is launching the Early Access Period, a form of a Landrush period, from 2 October for their latest new gTLD, .page. Over the EAP, prices will gradually get lower each day until Tier 5, which is the lowest price tier and which runs for 3 days. General Availability will commence on 9 October at the standard fee.

The 5 different price tiers in .page’s EAP, start with the highest tier and decrease each day as follows:

  • 2018-10-02 16:00 UTC — Tier 1 begins (highest price tier)
  • 2018-10-03 16:00 UTC — Tier 2 begins
  • 2018-10-04 16:00 UTC — Tier 3 begins
  • 2018-10-05 16:00 UTC — Tier 4 begins
  • 2018-10-06 16:00 UTC — Tier 5 begins (lowest price tier, lasts 3 days)
  • 2018-10-09 16:00 UTC — GA begins (no more additional one-time fee).

In addition to EAP, where prices vary depending on the registrar, there are also premium domains. These domains have higher prices that are independent of EAP. These premium prices apply to renewals as well as initial registrations, and also apply in GA.

Currently the Sunrise period for trademark holders is underway for .page, which has been running since 27 August and finishes on 2 October.

The .page new generic top level domain is Google’s fifth open TLD. Google is promoting it as an easy option for building a simple, more secure online presence. .page is for anyone who wants to create a new website online, including entrepreneurs, publishers, developers, businesses and students.

New TLDs, Registrant, Registrar

Google Launching .PAGE Sunrise on 27 August

Google is launching their fifth open new gTLD – .page – with a Sunrise period that commences on 27 August.

Google wants the .page new generic top level domain to be one that makes it easy to build a simple, more secure online presence. .page is aimed at anyone who wants to create a new website online, including entrepreneurs, publishers, developers, businesses, and students.

Here are the important dates to be aware of in 2018:

  • 27 Aug – 2 Oct: Sunrise period where trademark holders who have submitted their trademark to the Trademark Clearinghouse can register .page domains.
  • 2 Oct – 9 Oct: Early Access period where anyone can register available .page domains for an extra fee, which decreases leading up to General Availability.
  • 9 Oct and onwards: General Availability where anyone can register available .page domains.

There is a claims period will run indefinitely, during which trademark owners will receive notification when their marks are registered as domains.

New TLDs, Registrant, Registrar, Registry

Kaboom! .APP Surges Past 100,000 Within 2 Days of GA

[update: .app registrations have surged past 168,000 according to the latest nTLDstats figures]

Google’s .app has caught the imagination of registrants with close to 125,000 registrations after 2 days of general availability. It is likely it already had the largest number of registrations prior to GA, around 17,000, and it’s initial GA launch is likely the largest of any of the new gTLDs. Continue reading Kaboom! .APP Surges Past 100,000 Within 2 Days of GA

New TLDs, Registrant, Registrar, Registry

Google to Launch .APP Sunrise On 29 March

Google’s fourth open new gTLD, .app, is launching its Sunrise period on 29 March for almost 5 weeks.

.app is billed as a more secure domain for apps. From games to news to education to business, .app is aimed at being the perfect home to promote apps on the web and a great place to showcase a unique and trustworthy destination.

The important dates for .app are:

  • 29 Mar to 1 May: Trademark holders can register .app domains during the Sunrise period
  • 1 May to 8 May: Anyone can register available .app domains for an extra fee (known as the “Early Access” period).
  • 8 May onwards: General Availability commences and anyone can register available .app domains.

There will also be a claims period that will run indefinitely, during which trademark owners will receive notification when their marks are registered as domains.

The .app new gTLD will also have the added security protocol of HSTS for all domain names registered under it.

“The HTTPS Strict Transport Security (HSTS) preload list is built in to all major browsers (Chrome, Firefox, Safari, Internet Explorer/Edge, and Opera)”, explained Google in a post on their security blog. “It consists of a list of hostnames for which browsers automatically enforce HTTPS-secured connections. For example, gmail.com is on the list, which means that the aforementioned browsers will never make insecure connections to Gmail; if the user types http://gmail.com, the browser first changes it to https://gmail.com before sending the request. This provides greater security because the browser never loads an http-to-https redirect page, which could be intercepted.”

“The HSTS preload list can contain individual domains or subdomains and even top-level domains (TLDs), which are added through the HSTS website. The TLD is the last part of the domain name, e.g., .com, .net, or .org. Google operates 45 TLDs, including .google, .how, and .soy. In 2015 we created the first secure TLD when we added .google to the HSTS preload list, and we are now rolling out HSTS for a larger number of our TLDs, starting with .foo and .dev.”

“The use of TLD-level HSTS allows such namespaces to be secure by default. Registrants receive guaranteed protection for themselves and their users simply by choosing a secure TLD for their website and configuring an SSL certificate, without having to add individual domains or subdomains to the HSTS preload list. Moreover, since it typically takes months between adding a domain name to the list and browser upgrades reaching a majority of users, using an already-secured TLD provides immediate protection rather than eventual protection. Adding an entire TLD to the HSTS preload list is also more efficient, as it secures all domains under that TLD without the overhead of having to include all those domains individually.”

HSTS is a step on from HTTPS. “Connections to websites are encrypted using HTTPS, which prevents Web traffic from being intercepted, altered, or misdirected in transit. [Google] have taken many actions to make the use of HTTPS more widespread, both within Google and on the larger Internet.”

In all there were 13 applications for .app including from Afilias, Amazon and Nu Dot Co (which was the vehicle through which Verisign obtained .web). In the end, Google won with a bid of $25,001,000, the third highest amount paid for a new generic top level domain behind GMO Registry’s bid of $41,501,000 for .shop and Nu Dot Co’s $135,000,000 for .web.

Google applied for over 50 new gTLDs including their own .google and .goog. They have also launched .how and .soy to the general public. Looking ahead, Google also has plans to launch .dev in 2018, but hasn’t publicly announced dates yet.

Opinion, Registrant

Google’s Chrome To Mark All HTTP Sites As Insecure Come July

Google is one of the many companies doing their bit to make the internet more secure. A significant milestone will occur in July 2018 for users of their Chrome browser when all HTTP websites will be marked as insecure with the release of Chrome 68 as they strongly advocate that sites adopt HTTPS encryption, according to a post on the Google Security Blog.

For the past several years there has been gradual change as Google chips away at improving web security. One of those was their strong advocacy that sites adopt HTTPS encryption. And within the last year, they’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure”. So beginning July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.

Developers have been transitioning their sites to HTTPS and making the web safer for everyone. Progress last year was incredible, and it’s continued since then:

  • Over 68% of Chrome traffic on both Android and Windows is now protected
  • Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
  • 81 of the top 100 sites on the web use HTTPS by default.

Mozilla’s Firefox is also moving along similar lines. In January 2017 on their Security Blog, they noted “we would like to see all developers use HTTPS for their websites.” In January 2017 with the launch of Firefox 51, they began “to clearly highlight risk to the user … web pages which collect passwords but don’t use HTTPS will display a grey lock icon with a red strike-through in the address bar.”

“In upcoming releases (currently Mozilla has moved 7 versions to version 58 today), Firefox will show an in-context message when a user clicks into a username or password field on a page that doesn’t use HTTPS. That message will show the same grey lock icon with red strike-through, accompanied by a similar message, ‘This connection is not secure. Logins entered here could be compromised.’”

In the future, “to continue to promote the use of HTTPS and properly convey the risks to users, Firefox will eventually display the struck-through lock icon for all pages that don’t use HTTPS, to make clear that they are not secure. As our plans evolve, we will continue to post updates but our hope is that all developers are encouraged by these changes to take the necessary steps to protect users of the Web through HTTPS.”

New TLDs, Registrant, Registrar, Registry

.BANK and .INSURANCE To Be First New gTLDs to Implement HSTS… After Google

.fTLD Registry Services has announced they will be implementing a security protocol known as HSTS – HTTP Strict Transport Security – to their .bank and .insurance new gTLDs. They will be the first registry to implement HSTS across an entire top level domain outside of Google.

Implementing HSTS at the TLD level means all domain names registered under it will be secure and there will be secure connections between web browsers and all .bank and .insurance websites. As a result, domain name registrants and customers will automatically receive the security benefits of HSTS without needing to take any additional steps to be covered.

fTLD’s new generic top level domains will be added to the preload list on 18 January. Once added to the list, leading web browsers will honour the policy in subsequent updates, including Chrome, Firefox, Internet Explorer/Edge and Safari.

“The HTTPS Strict Transport Security (HSTS) preload list is built in to all major browsers (Chrome, Firefox, Safari, Internet Explorer/Edge, and Opera)”, explained Google in a post on their security blog, and reported in Domain Pulse in October 2017. “It consists of a list of hostnames for which browsers automatically enforce HTTPS-secured connections. For example, gmail.com is on the list, which means that the aforementioned browsers will never make insecure connections to Gmail; if the user types http://gmail.com, the browser first changes it to https://gmail.com before sending the request. This provides greater security because the browser never loads an http-to-https redirect page, which could be intercepted.”

“The HSTS preload list can contain individual domains or subdomains and even top-level domains (TLDs), which are added through the HSTS website. The TLD is the last part of the domain name, e.g., .com, .net, or .org. Google operates 45 TLDs, including .google, .how, and .soy. In 2015 we created the first secure TLD when we added .google to the HSTS preload list, and we are now rolling out HSTS for a larger number of our TLDs, starting with .foo and .dev.

“The use of TLD-level HSTS allows such namespaces to be secure by default. Registrants receive guaranteed protection for themselves and their users simply by choosing a secure TLD for their website and configuring an SSL certificate, without having to add individual domains or subdomains to the HSTS preload list. Moreover, since it typically takes months between adding a domain name to the list and browser upgrades reaching a majority of users, using an already-secured TLD provides immediate protection rather than eventual protection. Adding an entire TLD to the HSTS preload list is also more efficient, as it secures all domains under that TLD without the overhead of having to include all those domains individually.”

HSTS is a step on from HTTPS. “Connections to websites are encrypted using HTTPS, which prevents Web traffic from being intercepted, altered, or misdirected in transit. [Google] have taken many actions to make the use of HTTPS more widespread, both within Google and on the larger Internet.”

Google started “defaulting to HTTPS for Gmail and starting the transition to encrypted search by default” in 2010. “In 2014, [Google] started encouraging other websites to use HTTPS by giving secure sites a ranking boost in Google Search. In 2016, [Google] became a platinum sponsor of Let’s Encrypt, a service that provides simple and free SSL certificates. Earlier this year [Google] announced that Chrome will start displaying warnings on insecure sites, and we recently introduced fully managed SSL certificates in App Engine.”

And going forward Google “would like to see TLD-wide HSTS become the security standard for new TLDs.”