How did .agakhan, .ismaili and .imamat get their own TLDs?

52 aerodog 78 8/29/2025, 7:15:55 PM data.iana.org ↗

Comments (78)

jkaplowitz · 3h ago

Presumably way the same as .google and all the other special-purpose organization-specific domains.

Blame ICANN for allowing any public or private organization who can meet the requirements to buy and operate a gTLD back in 2012: https://newgtlds.icann.org/en/applicants/global-support/faqs...

And as per another comment in this thread, they’re doing another round of this in 2026: https://news.ycombinator.com/item?id=45068328

827a · 2h ago

The fact that private entities can monopolize gTLDs, including words that aren't even made-up or reasonably copy-written (e.g. the MAN group in Europe owns .man) was an embarrassing and dishonorable decision by ICANN. I'm all for having tons of weird, awesome gTLDs, and I'm even for brand-specific gTLDs like .google, but the cost these entities should incur by asking for one to be created is: Anyone can use it.

1. A set number of slots should be opened every 10 years (e.g. 250 new gTLDs every ten years).

2. Entities submit bids for the gTLD slots, in terms of dollars. The 250 highest bids win.

3. If your entity wins a slot, you submit the gTLD you want, and there's a public comment period where claims against the gTLD being created are heard (e.g. if you own the copyright in some jurisdiction and someone else is trying to register it, submit a claim).

4. If it passes, your entity is allowed to register a set number of TLDs on the gTLD (e.g. 100) before anyone else gets access. This is what you bought: The fact that the gTLD exists, and the first 100 domain names on it without competition).

5. It then becomes a real gTLD.

Some variant of this is how it always should have worked, and entities like Google should be forced into a sophie's choice: They could fight .google indefinitely, win, and it'll never become a gTLD, or they could sponsor it, claim the first N domain names, but otherwise make it available to everyone. Of course, they might actually have valid jurisdictional claims against anyone else who tries to register a .google domain on copyright grounds, so maybe they fight and win in the courts against anyone who tries to use it; but the point is that it shouldn't be ICANN's decision.

Daviey · 2h ago

What should happen with the proceeds of the sales?

Is the highest bidder really the best custodian of a tld?

Why have a quota of, as you say, 250 every 10 years? What does this do to help, what issues does it address?

righthand · 1h ago

Quotas are sometimes applied to create value of a simple asset aka scarcity (or a bureaucrat tax). Think limited number of taxi medallions or street vendor or liquor licenses. That makes the medallion/license/gtld hold value.

JoshTriplett · 1h ago

> Think limited number of taxi medallions or street vendor or liquor licenses.

Those are not particularly compelling examples in favor of such a thing.

righthand · 1h ago

I’m not making an argument for quotas, just explaining why they usually are included. It’s a cheap way to add “market” value to something aka scarcity.

The issue would occur in the suggested system when ICANN decides to one day stop creating 250 domain names down to 25 domain names or some such change that increases the value of the gtlds to ridiculous numbers only the wealthy/well-connected can afford.

Daviey · 42m ago

Why is the goal to artificially increase the value of tld's?

burnt-resistor · 39m ago

The cost for a gTLD used to be $1-2 million USD. I wonder if it is still the same pay-to-play racket for rich people and corporations.

sidewndr46 · 2h ago

how can someone copyright a TLD?

hkt · 1h ago

He probably means trademark, eg, .google

carl_dr · 3h ago

Genuine question: why “blame”? Does it really matter?

postquantumfax · 3h ago

DNS allows search so we really should have started rejecting everything that isn't qualified with an end dot as punishment to ICANN.. Instead random common names might be treated differently on every network to make sure these people can't issue certs that will be trusted for them in your own network, etc.

Now prioratizing unambiguos naming would be somewhat acceptable if ICANN was tacobell and just a steward of naming on the side.

dc396 · 2h ago

I'm not sure what you mean by "DNS allows search" -- by the usual definition of "search", the DNS doesn't: it is a lookup mechanism. I'm also not sure who "we" are in your idea or what you mean by "qualified with an end dot": all domains that get looked up implicitly have a "." (a zero length label that signifies the end of the query name) if it isn't explicit.

postquantumfax · 2h ago

resolv.conf-> search

If you are not a consumer on an ISP emulating dialup it is quite likely that a popular name in a naming convention I.e. 'mercury' resolves to something for you and something for someone at a different firm (mercury.intranet.[firm].not-so-stupid-tld). A cert is possibly not a fully qualified one so when ICANN gives away mercury you need to append .asshat to everything ICANN names.

(Two firms have an unambiguous situation because they don't trust each others private roots but they both trust a cert issued for the public trust as a fqdn which is why TLDs expanding is a form of theft/breakage against every intranet..)

dc396 · 1h ago

Ah, resolver (not DNS) search paths. They were a really bad idea that can and do lead to leaked queries that can result in all sorts of unpleasantness and risks.

As for certs, AFAIK, you can't get a certificate for a non-fqdn from a public CA since 2015.

arcfour · 1h ago

Run your own DNS then, if you're using your own DNS? Why are your queries for internal systems leaking out to the internet?

postquantumfax · 1h ago

If icann sells www as a tld domain then your use of www as a machine name you may refer to unqualified is a risk because virtually every piece of software in the world respects public issuance until you delete it all if you can.

The DNS naming confusion was largely dealt with by having a small number of TLDs and rarely referring to complex things like partially specified subdomains, but every once in a while a fool named their machine com, org, or net. (Though these as subdomains were far more toxic.)

dc396 · 1h ago

You might want to look at the "domain" directive of resolv.conf and the concept of "split horizon DNS".

postquantumfax · 28m ago

I've done plenty of interesting things but a distributed correction attempt for ICANN's incompetence is never going to be adequate. You can read their own work on gTLDs in the past to know they understand this.

dc396 · 5m ago

Accusing ICANN of incompetence when you can't be bothered to configure your DNS to avoid leaking queries to the root is an interesting approach.

sidewndr46 · 2h ago

all the ISPs I've used just resolve any possible DNS query to an IP anyways, so I'm not really sure what it matters

ahoka · 3h ago

Hot take: TLDs should not exist but parking domains should not be allowed.

hsbauauvhabzb · 1h ago

And cost if domains should increase near exponentially with the more you own. One domain? $10/year, two domains: $50, three: $250, etc.

ionwake · 3h ago

yes blame. ofcourse it matters. tld use to be good insight into the purpose of the website. IE, google.com, or wikipedia.org

justusthane · 3h ago

With some exceptions (.gov, .edu, for example), it has never actually meant anything. Anyone can register a .com, .net, or .org for any purpose.

jrflowers · 3h ago

Those tlds still exist. The existence of butts.adult doesn’t create confusion about oxfam.org

bigyabai · 3h ago

https://en.wikipedia.org/wiki/Tragedy_of_the_commons

NoMoreNicksLeft · 3h ago

Spamming up namespaces for "commercial" purposes is never a good thing.

lysace · 3h ago

Time for another DNS root system. Maybe. /s

JdeBP · 3h ago

The Open Root Server Confederation has long since been wound up. But some of the other alternative root servers are still around even now. One example:

https://wiki.opennic.org/opennic/dot

derefr · 3h ago

Presumably, they submitted a gTLD application to ICANN and paid the — at the time — USD$180k evaluation fee. They likely also made arrangements with some existing registrar to host the actual name servers, rather than doing so themselves.

They may or may not have then had the evaluation fee refunded to them, under the Applicant Support Program (https://newgtldprogram.icann.org/en/application-rounds/round...).

gerikson · 3h ago

> The Ismaili Imamat is a supra-national entity, representing the succession of Imams since the time of the Prophet Muhammad.

(https://ismaili.imamat/#introduction)

The Aga Khan is the leader of the Ismaili Imamat.

They have as good a claim to a TLD as Berlin, if not more.

maxbond · 3h ago

There's also .va for the Vatican and .lds for the Mormon faith (and .mormon), and more generic Christian ones like .church. I didn't find any for other religions on a casual search, perhaps because many of them don't have the same degree of centralization.

dc396 · 2h ago

.VA is a country code TLD, assigned because it is listed in ISO-3166. The others are "generic top-level domains" which had to go through ICANN's new gTLD program, which has a lot of rules (338 pages of them for the 2012 round) and costs a lot of money (US$185K to start with recurrent fees dependent upon the number of registrations). I suspect it isn't about centralization, but rather about perceived cost/benefit ratios.

gerikson · 3h ago

.islam is proposed but contested: https://icannwiki.org/.islam

mikestorrent · 3h ago

The Vatican is a country, so it gets a ccTLD.

maxbond · 3h ago

True but I don't think the distinction matters to the overall point that it's perfectly ordinary for religious institutions to operate a TLD, regardless of the mechanism that allows for it.

kevin_thibedeau · 2h ago

Vatican City is a theocracy, not a religion. You'd technically have to add .uk and many more to the list if you're broadening to all nations with a state religion.

maxbond · 1h ago

It's the central bureaucratic/theocratic function of a major world religion which, it just so happens, is organized as a micronation instead of as a foundation or something like that. The primary function of the UK is not to run the Anglican church, nor is their king generally thought of as their primary leader.

PeterWhittaker · 1h ago

.uk was one of the first!

https://en.m.wikipedia.org/wiki/.uk

(Or did I miss an "/s"?)

Tamer · 2h ago

> ismaili.imamat

So, a quite expensive domain hack? Are they trending again? There's even a list on domainhacks.club

maz1b · 24m ago

FWIW, Google owns .gle, and I emailed both Sundar Pichai and Charleston Registry, but no response of any kind.

My startup is called MedAngle, and we'd love to get medan.gle, but it just left a sour taste in my mouth. Some of these processes are giant black boxes.

uz3snolc3t6fnrq · 3h ago

.george is a pretty funny one. apparently Walmart owns it, so you probably won't be able to register a .george domain any time soon.

https://icannwiki.org/.george

do companies even use these in the wild or are they buying these TLDs for nothing? ".brother", ".canon", ".nokia", ".panasonic", ".playstation", ".xbox", ".xerox"... there's even ".sandvikcoromant", which is some sort of Swedish metalwork company.

kotaKat · 7m ago

https://global.canon/en/c-museum/

Canon does use .canon for a few things, at least.

arcfour · 1h ago

Amazon/AWS use them (.aws), so does Google (.google) but I agree, it is pretty funny how many companies seemed to get on board (out of fear of being left out?) and then...didn't use them for some reason?

0x3f · 1h ago

Google does use theirs for public-facing landing pages even [1], just not uniformly, but that's very on-brand for Google as an org.

Where have you seen .aws in use though?

[1] e.g. https://quantumai.google/

serv0id · 6m ago

https://skillbuilder.aws/

zoover2020 · 56m ago

AWS uses the TLD internally

0x3f · 1h ago

George is the clothing brand of the ASDA supermarket chain in the UK, which Walmart used to own. I'm not sure if it's a brand they use worldwide though; I don't really go to Walmart when in the US. Either way, that's why they own it, presumably.

sudhirb · 3h ago

the icann wiki has some articles for these:

https://icannwiki.org/.agakhan

https://icannwiki.org/.ismaili

https://icannwiki.org/.imamat

ali1ism · 37m ago

I find the the Dutch Bauhaus website ridiculously unnecessary: https://nl.bauhaus

steviedotboston · 29m ago

The Ismaili leaders are super influential and have connections everywhere. They are megawealthy socialites. Basically they wanted the TLDs so they knew who to talk to to make it happen.

andunie · 3h ago

Wasn't it better when only .com mattered? There are thousands of TLDs now and that forces companies to buy multiple, these domain names are not even memorable anymore specifically because of the TLD part.

dc396 · 2h ago

Well, it depends. If all you were interested in was getting a "good" (e.g., short) name in .COM, no.

In the late 90s, when NSF allowed Network Solutions to charge for domain names, people complained that they (now Verisign) had a monopoly, so after a number of fine lunches and dinners in far off exotic places (see https://en.wikipedia.org/wiki/IAHC), there was a proposal to create more top-level domains, created the registry/registrar split, proposed the Uniform Dispute Resolution Policy (primarily for Intellectual Property owners), etc. Then, the US government stepped in and started a process that led to the creation of ICANN.

The whole point of this exercise was to introduce competition into the domain name system. It did with the registry/registrar split and tried with the registries by having multiple rounds of a limited number of new top-level domains. However, the latter was kind of stupid (IMHO): the switching costs for changing TLDs is way too high for the existence of new TLDs to significantly impact Verisign's monopoly -- instead, it created a bunch of monopolies.

However, people weren't happy with the "limited number" part of ICANN's efforts to introduce competition in the TLD space, so in 2012, the ICANN community (which anyone can be a part of) opened the flood gates, removed the arbitrary restrictions on how new top-level domains could be created, and we now have over 1500 TLDs.

subarctic · 3h ago

.calvinklein, .homedepot - how do these things get created, can you just go to namecheap.com and make your own tld?

input_sh · 3h ago

If you pay ICANN hundreds of thousands of dollars, you can get basically any .word domain.

I believe the only actual requirement is that it has to be 3 characters or longer, as two characters are reserved for countries.

derefr · 3h ago

Actually, no — it's an evaluation fee, simply to review your application; and they will reject applications that don't meet their criteria.

One of those criteria is that you actually do something with the gTLD — per their FAQ:

> ICANN expects all new gTLDs to be operational. One of the reasons ICANN is opening the top-level space is to allow for competition and innovation in the marketplace. The application process requires applicants to provide a detailed plan for the launch and operation of the proposed gTLD. gTLDs are expected to be delegated within one year of signing a registry agreement with ICANN.

A few highlights from the full evaluation criteria (https://newgtlds.icann.org/sites/default/files/evaluation-qu...):

- They will reject applications made by known cybersquatters

- They will reject your TLD string if it has rendering problems on major OSes (e.g. if its codepoints aren't covered by at least fallback fonts)

- They will reject your registration policies if they're incoherent or unenforceable

- They will reject your application on behalf of a community if you can't provide sufficient references establishing that you actually represent the interests of that community

- They will reject your application if you haven't outlined to their satisfaction a plan for continuity/migration of control of the gTLD from your organization to some other organization in case of the bankruptcy/dissolution/etc of your organization (note: this is a separate thing from the technical considerations of registry fail-over et al, which are more something that most applicants would have a technical registry partner fill out on their behalf)

---

In all, the process actually seems quite thorough — but as with regular domain-name registration, it's a default-accept, not a default-deny, policy. The more arbitrary gTLDs that have been established so far all just-so-happen to be "innocent" of all of the disqualifiers.

Specifically, I think, given the criteria, that any multinational company could probably expect to be able to acquire its own name and trademarks as gTLDs without much fuss; and recognized leaders/stewards of any major religion (or other non-country-endemic sociocultural group) could likely get any jargon term specific to that religion/subculture as a gTLD. Those two cases together cover most of the "weirdness" in approved applications.

One assertion I might make after reviewing the evaluation criteria, is that very few of the criteria look at the gTLD string itself. Almost any gTLD string is a potentially valid registration. Almost all of the evaluation process is set up to establish whether you, the applicant, have a valid claim for stewardship over the given gTLD string.

eastbound · 3h ago

Application fee with ICANN: $185k, non-refundable,

Yearly fee: $25k

Technical backend with Verisign: $200k per year

Add maybe $100k of lawyer fees.

culi · 31m ago

What happens when a company goes under and the yearly fee can no longer be paid? Has a gTLD ever been resigned?

h4ck_th3_pl4n3t · 3h ago

Imagine having the domain cyber[.]threat

Would be kind of cool, most attacked domain on the web, probably

input_sh · 3h ago

I think my top three worst ideas someone actually paid hundreds of thousands of dollars for are .sucks, .ooo, and .hiv.

adzm · 1h ago

.sucks has plenty of potential

whalesalad · 3h ago

you pay ICANN a hefty fee.

https://icannwiki.org/New_gTLD_Program:_Next_Round

mr_mitm · 3h ago

Even this random German insurance reseller (some call it a pyramid scheme) DVAG has its own TLD. You can buy anything with money.

noAnswer · 3h ago

Even EDEKA has its own. :-) https://www.nic.edeka

whatsupdog · 3h ago

How did .catholic and .church get their own gTLDs?

hn_go_brrrrr · 3h ago

Someone paid to register them.

GauntletWizard · 3h ago

All it takes for a TLD these days is a vaugely-legitimate use and about a million dollars[1]. This isn't hard for a large company or state actor to fund; Why would a mid-large religion not be able to?

[1] https://newgtldprogram.icann.org/en/resources/faqs#6

toast0 · 59m ago

And a time machine. Applications were due in 2012. A new round is starting soon, but it's not clear if it's going to be continuous, or if it will be a single application period again.

andunie · 3h ago

Such a stupid system.

ChrisArchitect · 2h ago

Ask HN:

jlarocco · 2h ago

Is there even a good reason to have TLDs at this point?

dc396 · 2h ago

The DNS is hierarchical. How would you replace TLDs?

withinboredom · 30m ago

namebase.io if you want a crypto backed one.

aerodog · 3h ago

Seriously - how did that go down?

nom · 3h ago

https://gtldresult.icann.org/applicationstatus/applicationde...

mikelitoris · 3h ago

like this: pay the consultants and lawyers, then ICANN. That's it.

bawolff · 1h ago

TLDs were a mistake. We should just get rid of them and have the person's domain at the top level. E.g. instead of news.ycombinator.com have just news.ycombinator

Google will allow only apps from verified developers to be installed on Android (9to5google.com)

Ask HN: The government of my country blocked VPN access. What should I use?

Gemini 2.5 Flash Image (developers.googleblog.com)

FFmpeg 8.0 (ffmpeg.org)

What are OKLCH colors? (jakub.kr)

Dissecting the Apple M1 GPU, the end (rosenzweig.io)

A German ISP changed their DNS to block my website (lina.sh)

Claude for Chrome (anthropic.com)

DeepSeek-v3.1 (api-docs.deepseek.com)

AI tooling must be disclosed for contributions (github.com)

Updates to Consumer Terms and Privacy Policy (anthropic.com)

Show HN: Base, an SQLite database editor for macOS (menial.co.uk)

A visual introduction to big O notation (samwho.dev)

Go is still not good (blog.habets.se)

Comet AI browser can get prompt injected from any site, drain your bank account (twitter.com)

We regret but have to temporary suspend the shipments to USA (olimex.wordpress.com)

U.S. government takes 10% stake in Intel (cnbc.com)

Monodraw (monodraw.helftone.com)

Waymo granted permit to begin testing in New York City (cnbc.com)

Ban me at the IP level if you don't like me (boston.conman.org)

Tesla said it didn't have key data in a fatal crash, then a hacker found it (washingtonpost.com)

Google has eliminated 35% of managers overseeing small teams in past year (cnbc.com)

Michigan Supreme Court: Unrestricted phone searches violate Fourth Amendment (reclaimthenet.org)

Altered states of consciousness induced by breathwork accompanied by music (journals.plos.org)

Scientist exposes anti-wind groups as oil-funded, now they want to silence him (electrek.co)

US Intel (stratechery.com)

Unexpected productivity boost of Rust (lubeno.dev)

Are OpenAI and Anthropic losing money on inference? (martinalderson.com)

Nx compromised: malware uses Claude code CLI to explore the filesystem (semgrep.dev)

Io_uring, kTLS and Rust for zero syscall HTTPS server (blog.habets.se)

Claude Sonnet will ship in Xcode (developer.apple.com)

How to build a coding agent (ghuntley.com)

What makes Claude Code so damn good (minusx.ai)

Framework Laptop 16 (frame.work)

Building the mouse Logitech won't make (samwilkinson.io)

Line scan camera image processing for train photography (daniel.lawrence.lu)

The Therac-25 Incident (2021) (thedailywtf.com)

Proposal to Ban Ghost Jobs (cnbc.com)

The GitHub website is slow on Safari (github.com)

Ask HN: Why hasn't x86 caught up with Apple M series?

I Am An AI Hater (anthonymoser.github.io)

Malicious versions of Nx and some supporting plugins were published (github.com)

Meta might be secretly scanning your phone's camera roll (zdnet.com)

Uncertain<T> (nshipster.com)

A teen was suicidal. ChatGPT was the friend he confided in (nytimes.com)

Manim: Animation engine for explanatory math videos (github.com)

Everything I know about good API design (seangoedecke.com)

We put a coding agent in a while loop (github.com)

95% of Companies See 'Zero Return' on $30B Generative AI Spend (thedailyadda.com)

Show HN: A zoomable, searchable archive of BYTE magazine (byte.tsundoku.io)

How did .agakhan, .ismaili and .imamat get their own TLDs?

Comments (78)