Owners of sub-domain name registrations under the unofficial .GB.COM extension, operated by CentralNic, were shocked to discover that their domain names were suddenly no longer resolving and the domain name <gb.com> had apparently been taken over by a new company called GB.COM Ltd.
As a result of this all internet traffic to domain names registered under .GB.COM began redirecting to a holding page set up by GB.COM Ltd., instead of resolving to domain name registrants’ usual websites.
CentralNic, the company responsible for the operation of domain name registrations under .GB.COM, also offers domain name registrations under several other unofficial extensions such as .EU.COM, .UK.COM and .COM.DE, to name but a few.
These domain name extensions offered by CentralNic are not recognised by the Internet Corporation for Assigned Names and Numbers (ICANN) as official country code Top Level Domain (ccTLD) extensions.
They are in fact second level domain name registrations such as <eu.com>, <uk.com> which are owned by CentralNic. CentralNic then subsequently "registers" domain names to customers under these unofficial extensions by creating third level domain names.
Thus there is an inherent risk with any domain name registrations under these unofficial extensions as registrants are entirely dependent upon CentralNic ensuring that its domain name registrations (such as <gb.com> et al) are renewed in a timely manner and are secure from third party interference.
Unfortunately this doesn’t appear to have been the case with <gb.com>, resulting in thousands of domain name registrants having their websites and email services go down at the end of July this year.
The background to this domain name is an interesting tale. The domain name was registered to GB.COM Ltd., but was used by CentralNic as one of their unofficial domain name extensions and was hosted on CentralNic's domain name servers. The company GB.COM Ltd. is owned by a Mr Stephen Dyer who was one of the founders of CentralNic, but he left CentralNic in 2004 after the business was sold to new investors. However, it appears that Mr Dyer retained control of the domain name <gb.com> after he left.
It seems that without warning to CentralNic or to any of its clients, Mr Dyer changed the domain name servers for <gb.com> on 31 July 2011 and pointed the domain name to a temporary holding page. In addition to this a wildcard DNS record was also set up to re-direct all internet traffic related to the domain name <gb.com> to this holding page.
As a result of this anyone seeking to access a website associated with a sub-domain registered under <gb.com> was directed to a GB.COM Ltd. holding page informing internet users that they should register with GB.COM Ltd. in order to restore access to their websites.
The situation was remedied on 2 August 2011 with service restored to domain name registrations under <gb.com> and the domain name servers for <gb.com> were switched back to servers maintained by CentralNIC.
A statement issued by CentralNic revealed that <gb.com> had been the subject of an ongoing dispute between CentralNic and GB.COM Ltd. since 2004 and the re-delegation of <gb.com> appears to be related to this dispute. As such some commentators are questioning whether CentralNIC should have even been offering domain name registrations under <gb.com> while there were such issues surrounding the ownership of the domain name.
The furore surrounding <gb.com> and the issues experienced by registrants under this unofficial extension is a timely reminder of the perils of using such domain names for business critical websites and key online functionality such as email.
Should the domain name being used for the unofficial extension be compromised due to non-renewal or hijacked by a third party then all domain name registrations associated with it will also be compromised, resulting in the loss of internet traffic, potential loss of email and customer confusion at the very least.
It is for this reason that Hogan Lovells has consistently warned potential registrants of domain names under these unofficial extensions of the perils involved and advises securing such domain names for brand protection purposes only. Indeed, we would advise any clients to conduct a review of their online infrastructure to ensure that there are no business critical functions associated with any such domain names within their organisation.