The story of stolen Slovak national top level domain .SK

Being a Czech, I’m really proud of our national top level domain operator, an association named CZ.NIC. Not only do they perfectly operate the registry while still improving security and reliability, but they also, among other activities, develop great and well known open source software like the domain registry FRED, Knot DNS daemon, or BIRD internet routing daemon, which powers two thirds of all Internet exchange points. They even developed a fully open source home router, Turris Omnia, with automatic updates and other unique features. All of that just as a side product of operating the national top level domain .CZ.

The Slovak nation, our closest neighbor, with whom we shared one country until 1993, is not that lucky. Their top level domain registry is a private company that abuses its monopoly. It operates under a contract with the government of Slovakia that cannot be terminated without the company’s consent. All as a result of a fraud that happened back in 1999.

How to steal the top level domain

When Czechoslovakia dissolved on the 1st January 1993, two new TLDs, .CZ and .SK, were delegated to the newly established countries, while the Czechoslovak TLD .CS started its sunset. The Slovak government delegated the operation of .SK to SANET, Slovak academic network operator. They then sub-delegated operation of the domain to an informal group named EUnet Slovakia, based at the Faculty of Mathematics and Physics of Comenius University in Bratislava. The delegation in the ICANN registry looked like this:

Registrant: Slovakia top-level domain (SK-DOM)
EUnet Slovakia
Comenius University
MFF UK, Computer Centre Mlynska dolina
842 15 Bratislava Slovakia

In 1995, the people operating the TLD at Comenius University started the takeover attempt by renaming their private company Softwarehouse, s. r. o. (s. r. o. stands for limited liability company) to EUnet Slovakia s. r. o., which was similar to the name of the informal group taking care of the registry. In addition, they relocated the company to a small leased office on the premises of Comenius University so they would share the postal address. Then, in 1999, they asked ICANN to do a minor adjustment of the delegation — delete “Comenius University” and add “s. r. o.” after “EUnet Slovakia.

ICANN made the change in good faith as a simple minor adjustment to refine the address. In reality, this was the point where the private company had overtaken the .SK domain operation from the informal non-profit group. Nine days after this change, on 19th August 1999, the company was sold to another, Euroweb International USA, located in the United States of America. The fraudulent takeover was successful.

The need of a new registration system

Immediately after taking over the registry, the new owners started negotiating the need of a new registration system — at that moment, a domain name in .SK was still free of charge, available to any legal person residing in Slovakia. The new system introduced a domain registration fee, which would allow the new owners to monetize their investment. It was put into operation in 2002. Since then, almost nothing has changed.

The current website of .SK registry hasn’t changed much since 2002.

The problem gets noticed

In 2004, the Slovak government and community realized what happened to their national domain. The ministry of transport, post and telecommunications sent a letter to ICANN asking for help. ICANN sent a negotiator, who proposed establishing an association for the national domain, which would engage all the stakeholders. Such association was indeed established on 2nd February 2004, and three-way negotiations between the government, the association, and Euroweb began.

Obviously, Euroweb was not willing to let the domain go, but the pressure from the government and the association was too big. In the end, they sold the company back to Slovakia, which suspended the negotiations. The company SK-NIC was established, owned by telecommunications carrier SWAN, associated with another company named Danubiatel.

Contract sealed by the government

The new owners of the domain soon realized they were operating the registry without any contract with the Slovak Republic. They therefore started intense lobbying in the government. In 2006, Pavol Prokopovič, the then minister of telecommunications, signed the contract with SK-NIC on the last day of his term.

This contract has established the SK-NIC committee with 7 members — three representing the community, two government representatives, and two representatives from SK-NIC. The contract can be terminated only with the agreement of all committee members, which makes such termination virtually impossible.

Money-making machine with no innovations

The Slovak national top level domain is like the exact opposite of .CZ. Not only does it lack an English version of the SK-NIC website and support for DNSSEC technology, but the registration system also does not have any API. Registrars have to create web-scraping robots to be able to automatically register domain names for their customers.

There were also few outages when the whole TLD disappeared from the Internet for a while. If somebody wants to change the owner of the domain, or just change the delegation to a new server, they have to write a request, sign it in front of a notary, and then send it to SK-NIC via regular post.

Also, the domain is still not open to foreigners. If a foreigner wants to register a domain name ending with .SK, they have to either open a company in Slovakia or ask a registrar for proxy-registration. Such mode of registration is already used in more than one half of all domains.

SK-NIC for sale

Lately, the pressure on SK-NIC started growing again. Its current owners may have decided that holding a company with guaranteed yearly income of more than four million euros is just not worth the pressure anymore; furthermore, they now own the fourth Slovakian mobile carrier. Thus, they decided to offer it to an investor. There are now ongoing negotiations with a British company named CentralNic, Ltd., which would like to include .SK to its quite large domain portfolio.

CentralNic operate a few new generic TLDs, as well as some special second level domains like .COM.DE and two country-code top level domains: .LA and .PW.

The domain .LA is designated for the Southeast Asian country of Laos. CentralNic is, however, marketing this TLD as “World’s first city TLD” for the city of Los Angeles, as well as a TLD designated for Latin America. What’s worse, the company has seized many valuable names in the TLD, and sells them for much higher than regular prices — as a registry, they are able to seize any domain name without any costs. Most internet communities consider such practices of domaining undesirable. Many registries (including CZ.NIC, for example) are actively trying to fight this.

Another ccTLD operated by CentralNic is .PW. Again, a domain designated originally to the Republic of Palau, an island in the Pacific Ocean, is marketed as an acronym for “Professional Web.” According to Symantec, this TLD is growing in popularity as a source of spam. Again, nothing a proper registry would be proud of.

Will the domain ever return to the community?

Obviously, the Slovak internet community doesn’t like the prospects of losing the Slovak national domain to a company like CentralNic. They started a petition to return the .SK domain to the people of Slovakia, and are now trying to push the Slovak government to negotiate better conditions for the operation of the TLD.

However, strong personal relationships between the government and SK-NIC do not make this effort simple. For instance, Patrik Krauspe, current consultant of the Slovak government, is a former SK-NIC managing director. Also, the general public often does not understand the fundamental problem in having the national domain operated by a private company without strong (self-)regulation.

Let’s hope that our Slovak friends’ attempts to make the Slovak Internet a better place will come to a successful end.

Acknowledgement

This story is based on a talk by Ondrej Jombík from Platon Technologies at the IT17 conference. There is also a Czech version of this story at Root.cz.