Featured Domains


ICANN security group warns against Emoji domain names

SSAC says emoji domain are like 😈, gives 👎 to their registration.

Emoji domain names have received some press over that last year thanks, in part, to .ws allowing registrations of emoji domain names.

Now, the ICANN Security and Stability Advisory Committee (SSAC) has published a report (pdf) warning against the use of these domain names.

The brief report notes that emoji in domain names are not allowed under the Internationalized Domain Names in Applications (IDNA) standard. They aren’t universally accepted and do not work across all devices.

They can also be difficult to decipher. Many emoji look similar to each other and some emoji can be “glued” together using a special zero width joiner (ZWJ) code point.

This creates a major problem:

The whole point of an identifier is to specify something unambiguously—this thing, as distinct from all other things. To a user, a single unmodified emoji might look exactly the same as its “glued together” counterpart, and systems that do not support emoji composition using a ZWJ will display the individual components of a “glued together” emoji as a sequence of separate emoji, with results that may visually be very different from what was intended. This is acceptable for interpersonal communication, particularly when it is augmented by shared context, but it is not acceptable for Internet identifiers, particularly DNS root labels that must be unambiguously resolved independent of any context.

Furthermore, Unicode 8.0 allows variants of emojis that change skin tone. This can make it even more confusing.

Emoji with different skin tones can be difficult to tell apart.

Another issue with emoji domain names is accessibility for visually impaired people.

The SSAC concludes its report with two recommendations:

Recommendation 1: Because the risks identified in this Advisory cannot be adequately mitigated without significant changes to Unicode or IDNA (or both), the SSAC recommends that the ICANN Board reject any TLD (root zone label) that includes emoji.

Recommendation 2: Because the risks identified in this Advisory cannot be adequately mitigated without significant changes to Unicode or IDNA (or both), the SSAC strongly discourages the registration of any domain name that includes emoji in any of its labels. The SSAC also advises registrants of domain names with emoji that such domains may not function consistently or may not be universally accessible as expected.

DomainAgents. What should you sell your domain for? Read our Domain Market Report Now. Sponsored.

Get Our Newsletter

Stay up-to-date with the latest analysis and news about the domain name industry by joining our mailing list.

No spam, unsubscribe anytime.

Reader Interactions


    Leave a Comment

  1. Jon Roig says

    Hi there… I’m Jon, the guy behind i❤️.ws. We’ve registered a ton of Emoji Domains.

    This report is the beginning of a conversation and I largely agree with its conclusions.

    There’s no doubt that there are issues with homonym attacks in Emoji Domains, but that threat also exists in the dotcom world. As someone pointed out on twitter, there’s”http://weed.com , http://weed.com (xn--eed-v6x) & http://WEED.com (xn--58dxa0a)”

    Heck, dotcom even allows hieroglyphic domains.

    Personally, I think the way forward for Emoji Domains is to white list a clear, unambiguous set of emoji: ❤️⭐️⚽️ …etc… and get rid of all the skin color modifiers.

    After that, you end up with a clear and universal set of hundreds of emoji, totally useful in worldwide communication. People send hundreds of millions of Emoji txt messages every day, so it’s not like this is a new, unfamiliar concept to mobile phone users.

    For our part, we’re going to publish an open standard and start warning people when they register confusable emoji.

  2. steve brady says

    Are these compliant with Handicapped Accessibility Standards for those using a Braille keyboard? Many rely on converting the alphabet to sound in order to see the internet. How will these characters each uniquely translate to audio? Otherwise Emojis exclude the blind from participating.

  3. steve brady says

    Had I read the article prior to posting my previous comment I would have seen the issue of visual impairment has been raised. In all fairness, as soon as I saw the headline my concerns were the same. Nevermind.

  4. Page Howe says

    well summarized, ICANN says not ready enough for emoji’s to be right of the dot. probably right for now

    Innovation may happen outside the ICANN purvue in the cctlds, but the marketplace likes global languages on hundred of millions of devices, popular with kids and on mobile, and likes visual emotional messaging.

    Emojis in .ws are our only color domain names, and our only visual domain names on major keyboards, great for mobile and my kids finally think something im doing is cool.

    Until more devices are on board, and white space or banned characters dealt with maybe emoji are in beta, but like gmail still being in beta – can still be used hundreds of millions of times daily and globally.

    and like uber using unlicensed taxi drivers and amazon not collecting sales tax, the market and regulatory bodies may be at odds for years. – but innovation finds a way.

    the IDN’s at the root of the zero width rejoinder issue are distinctly different domains – one being a hypotheical XN–123, one being XN–1234fgtgrdt5

    so its still one domain name, one nameserver IP, and links and emails go where they are supposed to.

    thanks Andrew for he link to the report

    Page Howe

  5. Marty says

    I can’t be bothered reading the report as the conclusions seem unjustified.

    My current impression of these conclusions and having read the intro and body of this report as that it’s short sighted.

    Fair enough about the main issues they flagged.

    However, I’ve been involved with the new TLDs and when I consider how flawed this process was and how money influenced the process I have to question the legitimacy of these findings.

    I consider this report and ICANN rubbish but that’s a personal so we don’t get confused.

    Have a look at how ICANN managed religious domains and you will see how biased this corporation appears.

  6. Page Howe says

    interesting reading the other SSAC reports, i respect the independence of this group to even fault ICANN and the IETF for its role in the instability of the naming system currently in December

    Finding 2: More specifically, the SSAC finds that the lack of adequate coordination
    among the activities of several different groups contributes to the domain namespace
    instability identified in Finding 1:

    • ICANN, in its role as coordinator of the allocation and assignment of names in the root zone of the Domain Name System,17 by inviting applications for new toplevel domains without specifying unambiguous criteria for determining whether a given string may or may not be (or potentially become) a top-level domain name label;

    • the Internet Engineering Task Force (IETF), in its role as the Standards
    Development Organization for the DNS protocol, by reserving some domain
    names for special use;18 and

    • other individuals and organizations, by using independently selected domain
    names in environments that cannot reliably be distinguished from the environment in which domain names are resolved by reference to the global DNS root.19

  7. Darryl Lopes says

    Using Google Translate and text to speak, the audio will state, when using the pizza slice emoji “Pizza slice” https://translate.google.com/#auto/en/%F0%9F%8D%95

    Emoji domain names should not be any different, even though the Puny code would have xn--vi8h as the subset code, the text will be the same, if not emojis will actually have a beneficial factor for blind people because they are already categorized in the emoji preset keyboard along with other food: Furthermore search in Google: https://www.google.com/search?q=%F0%9F%8D%95&oq=%F0%9F%8D%95&aqs=chrome..69i57j69i59j0l4.311j0j4&sourceid=chrome&ie=UTF-8

  8. Filippa says


    Very interesting post that you can use emoji in domain names.
    How do you enter the domains when using a normal keyboard and not a smarphone?

    Will Google index these domains if I register and use an emoji domain?

  9. Doru Tarita says


    I think we can´t misunderstand the meaning of this emoji domain names!

  10. Joseph Peterson says

    Some emojis are ambiguous and risky. OK. For important domain functions, shun those.

    Are some emojis unambiguous? Or is the ambiguity manageable through a defensive domain registration strategy? If Yes to either of those questions, then people would be safe to use that subset of emojis.

    I don’t know the answers, since I’m unfamiliar with “glueing” emojis together – which the ICANN report singles out as a risk factor. If “glueing” makes 1 emoji indistinguishable from X many other emoji combinations, then we’d need to know how big X is.

Domain Name Wire | Domain Name News
%d bloggers like this: