8(b). State the specific national or other jursidiction that defines the type of entity identified in 8(a).
8(c). Attach evidence of the applicant's establishment.
9(a). If applying company is publicly traded, provide the exchange and symbol.
9(b). If the applying entity is a subsidiary, provide the parent company.
Starbucks (HK) Limited is an indirect wholly-owned subsidiary of PCCW Limited, of which the shares are listed on The Stock Exchange of Hong Kong Limited (Stock Code: 0008)
9(c). If the applying entity is a joint venture, list all joint venture partners.
11(a). Name(s) and position(s) of all directors
Hui Hon Hing, Susanna
Lee Hoi Yee, Janice
11(b). Name(s) and position(s) of all officers and partners
Chu Mee Lai, Helen
11(c). Name(s) and position(s) of all shareholders holding at least 15% of shares
HKT Media International (Cayman Islands) Limited
11(d). For an applying entity that does not have directors, officers, partners, or shareholders: Name(s) and position(s) of all individuals having legal or executive responsibility
Applied-for gTLD string
13. Provide the applied-for gTLD string. If an IDN, provide the U-label.
14(a). If an IDN, provide the A-label (beginning with "xn--").
14(b). If an IDN, provide the meaning or restatement of the string
in English, that is, a description of the literal meaning of the string in the
opinion of the applicant.
14(c). If an IDN, provide the language of the label (in English).
14(c). If an IDN, provide the language of the label (as referenced by ISO-639-1).
14(d). If an IDN, provide the script of the label (in English).
14(d). If an IDN, provide the script of the label (as referenced by ISO 15924).
14(e). If an IDN, list all code points contained in the U-label according to Unicode form.
15(a). If an IDN, Attach IDN Tables for the proposed registry.
15(b). Describe the process used for development of the IDN tables submitted, including consultations and sources used.
15(c). List any variant strings to the applied-for gTLD string according to the relevant IDN tables.
16. Describe the applicant's efforts to ensure that there are no known operational or rendering problems concerning the applied-for gTLD string.
If such issues are known, describe steps that will be taken to mitigate these issues in software and other applications.
The Registry anticipates the introduction of this TLD without operational or rendering problems other than general Universal TLD Acceptance issues.
The Registry has conducted investigation into the operational and rendering issues of the TLD Based on the findings, the Registry is confident that the launch and operation of this TLD present no known challenges. The rationale for this opinion includes:
- The string is not complex and is represented in standard ASCII characters and follows relevant technical, operational and policy standards;
- The string length is within the lengths currently supported in the root and by ubiquitous Internet programs such as web browsers and mail applications;
- There are no new standards required for the introduction of this TLD;
- No onerous requirements are being made on registrars, registrants or Internet users.
17. (OPTIONAL) Provide a representation of the label according to the International Phonetic Alphabet (http://www.langsci.ucl.ac.uk/ipa/).
18(a). Describe the mission/purpose of your proposed gTLD.
now TV (http:⁄⁄www.now-tv.com⁄) is a pay TV service launched since 2003. With a customer base of over 1.1 million, it is now the largest pay TV platform in Hong Kong (over 50% penetration of the market) and one of the largest IPTV service providers in the world. now TV currently distributes over 180 channels, including both internationally recognized, top-class channels like HBO, Star Movies, Fox Movies Premium, BBC Knowledge, Discovery, Nat Geo, etc; as well as a whole array of our “now” branded, self produced channels tailored to the viewing needs of the local HK market, including now news, now Business News Channel, now HK, now Sports channels, now Entertainment, etc.
now TV, in addition to being an established brand name in the HK market, is also fast gaining recognition in the international market – with our plans to widely distribute our “now”-branded channels to overseas market
It is essential that the brand value that has been established in Hong Kong and international markets is properly safeguarded with the domain registration, and that .now or .nowTV is preserved for the access of information and content around now TV⁄ “now” branded services both in Hong Kong and around the world.
A. Advance Constructive Competition
We believe that the introduction of the “.nowtv” TLD helps us remain competitive in the dynamically growing global media industry.
B. Enhance Consumer Trust
By protecting our brand and ensuring that it is not mis-used in anyway by third parties as a TLD, we help support the enhancement of consumer trust in the DNS. More importantly, Internet end users will be able to use the “.nowtv” TLD to connect directly with us, further enhancing consumer confidence and trust.
Furthermore, now TV intends to work with competent registry front-end and back-end service providers which can implement the registry systems in compliance with the ICANN specifications and in accordance with the technical responses to #22-44, so that the Registry can ensure a secure and stable implementation of the “.nowtv” TLD that supports consumer trust.
C. Promote Consumer Choice
The introduction of “.nowtv” allows consumers to choose to connect with now TV directly through the TLD. Furthermore, now TV is hoping to leverage the “.nowtv” TLD to provide innovative services that enhance the user experience.
18(b). How proposed gTLD will benefit registrants, Internet users, and others
“.nowtv”, will be used to host information about now TV branded services, both in Hong Kong and international markets. It is also intended to be a domain through which now TV branded service customers in Hong Kong would be able to retrieve their account profile information, set recording instructions or confirm subscription request for content available on now TV branded services.
Therefore, to now TV, the domains of “.nowTV” will become an indispensible medium of communication with both its customers and its target market.
To internet users, the domains of “.nowTV” will be a more direct way of reaching the company and its services with a better user experience as they don’t need to memorize otherwise longer or indirect URL. They just have to remember the brand name in order to access the content and manage their accounts.
1. Goals of the TLD
An important goal of the TLD is the safeguard of the intellectual property right of the “now TV” brand.
The Group places great importance on brand protection. We have been investing heavily in protecting the Group’s intellectual properties, including trademarks and domains. A comprehensive set of brand protection measurements and policy has been established within the group. Together with external trademark lawyers, an in-house Group Legal office, Brand Management division and Risk Management division jointly manage the Group’s brand and IP portfolio including trademarks, goodwill and domains, etc. Through the years, now TV, its parent company and its sub-brands have established strong brand recognition in the customers’ mind and in the industry. We have received awards from different local and overseas organizations including APICTA International, Frost & Sullivan Asia Pacific, etc.
For now TV, the establishment of the “.nowtv” TLD on the Internet safeguards our brand’s intellectual property right and enable opportunities from potential expansion of business. now TV has invested substantially in the online areas and will continue to do so.
2. Differentiation and Innovation
The utilization of the “.nowtv” TLD by nowTV is in itself a differentiation and innovation we set ourselves apart from our competitors.
now TV is Hong Kong’s leading pay-TV operator and one of the world’s largest commercial deployments of IPTV. It carries more than 190 HD and SD channels of local, Asian and international programming, with half of them being brought to Hong Kong viewers exclusively.
now TV also has a stable of self-produced channels. The Cantonese-speaking now NEWS channel and now Business News channel provide 24-hour coverage of what is happening around the world. now Hong Kong channel offers infotainment programs and talk shows by local celebrities in a style that is unique in Hong Kong. Sports fans will also find a variety of offerings on the seven now SPORTS channels.
Our international sports and entertainment programming includes the exclusive live broadcast in Hong Kong of the Liga de Futbol Profesional (ʺLa Ligaʺ) for soccer fans, as well as HBO and Star Movies for film lovers, to name but a few.
now TV is excited to explore new and innovative uses of subdomain names directly under the “.nowtv” TLD. At the same time, as a TLD Registry, now TV understands the importance to maintain a reliable, advanced and operationally sound TLD registry that safeguards the security and stability of the Internet.
The primary users of the gTLD will be within the Group with businesses serving several million business and consumer accounts.
3. Improving User Experience
To Internet users, “.nowtv” domains provide a more direct way of reaching the company with a better user experience as they will be able to access now TV information and services directly, e.g. www.sports.nowtv.
now TV is one of the key businesses under PCCW Limited, the initial plan is to consider deployment of the gTLD by the Group and its subsidiaries. It might cover the websites and the personalized email addresses. The latest number of employees of the Group is 20,100+ worldwide with the majority located in Hong Kong. Not all of the employees will use their own domain name, rather departments or business units within the group.
The potential expansion of the gTLD could apply to individual business units of the Group for their marketing promotion or customer acquisition purposes serving over several million customers. E.g. our business customers could be using the sub domain under the gTLD to run their business. We have had similar experiences in running our directory business (YP.com.hk and biz.com.hk) by offering sub domains to our customers at a minimal cost.
4. Registration Policies Supporting the Goals to Drive User Benefits
While we are not planning for the “.nowtv” TLD to be open for external registrations, in the case that future expansion happens, the Registry is dedicated to upholding its reputation as a socially responsible TLD. As such, beyond the basic ICANN requirements, the Registry intends to put in place a comprehensive Sunrise and Startup process as well as effective Abuse Prevention and Rights Protection Mechanisms to strengthen the orderly and stable introduction of the TLD.
5. Privacy and Confidentiality Protection
Measures to protect the privacy and any confidential information of registrants and users will be consistent with other existing broad generic gTLDs. This ensures a sense of coherence from users and registrants and reinforces the goals of making IDN not an alternative but a given.
18(c). Describe operating rules to eliminate or minimize social costs or financial resource costs, various types of consumer vulnerabilities.
now TV is one of the key businesses under PCCW Limited, a company listed on the Stock Exchange of Hong Kong – HKEX, stock code: 0008. You may see from the financial reports provided on www.pccw.com that PCCW is financially strong and we do not foresee any difficulties in funding future operations.
At PCCW, we have a Risk Management department and other internal controls in place to supervise the usage and operation should we decide to widely use the gTLD.
At the moment, there’s no immediate plan to offer the gTLD to specific external communities.
In the case we decide to offer the “.nowtv” TLD for external communities, the Registry is committed to introducing the “.nowtv” TLD in an orderly manner to minimize the social costs and maximize the social value of the TLD. The Registry shall be able to develop and implement a comprehensive startup process that would include, besides Sunrise and Landrush processes, other rights protection mechanisms to ensure the orderly introduction of the TLD. More detailed explanation of the overall startup process is included in #29.
In response to the question specifically:
1. Mechanisms for Resolving Multiple Applications to a Domain
A comprehensive Sunrise and Landrush program will be put in place at the launch of the TLD if we are to decide to offer the TLD to the public. The competent registry front-end and back-end service provider shall have experience and knowledge in the development of a suitable Sunrise and Landrush program that complies with Specification 7 of the new gTLD agreement as a minimum and will also include additional rights protection mechanisms as well as mechanisms for resolving multiple applications to a domain when the TLD is first launched. More detailed explanation of the approach is included in #29.
After Sunrise and Landrush, in the cases of contention against abusive registrations, the Registry will adhere to the UDRP and URS procedures.
2. Cost Benefits for Registrants
Should we decide to offer the gTLD to the public, we may implement periodic cost reduction programs to encourage the adoption of the TLD by registrants. Introductory programs may also be important to drive awareness and interest in the TLD as well.
3. Contractual Commitments to Registrants
The Registry will abide by the ICANN Registry Agreement requirements as well as ICANN Consensus Policies, including offering domain registrations for periods of one to ten years at the discretion of the registrar upon GoLive if we decide to offer the gTLD to the public.
Besides policies and rules implemented by the Registry, the applicant believes that prudent operations as an economically viable and socially responsible TLD operator is an important mitigation of increased social costs as a new gTLD is being introduced. The Registry will leverage the knowledge and expertise from its competent registry front-end and back-end service providers to ensure that a substantial portion of the costs for operating the registry is managed in variable costs leveraging the economies of scale from already established operations and focus on delivering value to registrants and consumers with the introduction of the “.nowtv” and its mission and features.
Other Operating Rules Which Eliminate Or Minimise Social Costs
Abusive registrations will be prevented through having in place and enforcing a robust anti-abuse policy; this policy is described in detail in the response to Question 28. The competent back-end registry service provider shall have extensive experience and responsive mechanism to defend against DDOS attacks as well as preventive measures against abusive spamming, phishing, etc. Above and beyond the Trademark Clearing House requirements, additional abuse prevention and rights protection mechanisms will be put in place.
19. Is the application for a community-based TLD?
20(a). Provide the name and full description of the community that the applicant is committing to serve.
20(b). Explain the applicant's relationship to the community identified in 20(a).
20(c). Provide a description of the community-based purpose of the applied-for gTLD.
20(d). Explain the relationship between the applied-for gTLD string and the community identified in 20(a).
20(e). Provide a description of the applicant's intended registration policies in support of the community-based purpose of the applied-for gTLD.
20(f). Attach any written endorsements from institutions/groups representative of the community identified in 20(a).
21(a). Is the application for a geographic name?
Protection of Geographic Names
22. Describe proposed measures for protection of geographic names at
the second and other levels in the applied-for gTLD.
Q 22 Geographic Names Protection
The Registry is committed to following the GAC advice and Specification 5 of the New gTLD Agreement in the protection of geographic names for registrations under the TLD.
More specifically, the Registry commits to:
a) Adopt, before the new gTLD is introduced, appropriate procedures for blocking, at no cost and upon demand of governments, public authorities or IGOs, names with national or geographic significance at the second level of the TLD
b) Ensure procedures to allow governments, public authorities or IGOs to challenge abuses of names with national or geographic significance at the second level of the TLD
Building on the experience from other gTLDs in their handling of country and government related names, the Registry may develop and establish policies for:
1) obtaining and maintaining a list of names with national or geographic significance to be reserved (at no cost to governments) upon the demand of governments, public authorities or IGOs should we decide to offer the gTLD to external communities;
2) process for registrants to apply for and for the Registry to obtain consent from the respective government, public authorities or IGOs in the releasing of such reserved geographic names; and
The procedures may be similar to the management of governmental reserved names for a competent registry, e.g. .ASIA (Section 3.4 of http:⁄⁄dot.asia⁄policies⁄DotAsia-Reserved-Names--COMPLETE-2007-08-10.pdf). In summary:
I) The Registry will adhere to the New gTLD Registry Agreement Specification 5 requirements regarding 2. Two-Character Labels as well as 5. Country and Territory Names;
II) Should we decide to offer the gTLDs to external communites and before the launch of the TLD, the Registry may also proactively reach out to governments around the world, especially through GAC members (and ccTLD managers where appropriate), to solicit from them their demand for reserving any names with national or geographic significance at the second level of the TLD;
III) The Registry will develop mechanisms and maintain a list of governmental reference contacts, especially through correspondence with GAC members and ccTLD managers where appropriate. The corresponding reference contact(s) may be contacted in case a registration request is received for a governmental reserved name. If the consent from the governmental contact is received, the registration request will be approved. The domain will nevertheless remain in the reserved names list so that in case the registration lapses, the domain will not be released into the available pool, but will require the same approval process to be registered.
IV) The Registry will maintain an ongoing process for adding and updating governmental reserved names as they are demanded by governments, public authorities or IGOs.
In accordance with Specification 5 of the New gTLD Registry Agreement, the registry operator must initially reserve all geographic names at the second level, and at all other levels within the TLD at which the registry operator provides for registrations.
In accordance with Specification 5 of the New gTLD Registry Agreement, the registry operator will initially reserve all qualified geographic names at the second level, and at all other levels within the TLD at which the registry operator provides for registrations. The Registry will compile and establish a comprehensive master list of all qualified geographic names and place them into the Reserved Names list. Names on this reserved list will not be accepted for general registrations from the registry system.
The following explains the system behaviour for reserved names: - regular domain create commands to reserved names will be rejected - domain check commands will also return as unavailable for registration - Whois queries for reserved names that are not activated will receive responses indicated that they are reserved - Whois queries for reserved names that are activated will receive responses similar to other registered domains - reserved names that are not activated will not appear in the DNS - reserved names that are activated will be delegated in the DNS
Further, with the support of its future registry services providers, the Registry will actively participate in the development of appropriate process and policies for governments, public authorities or IGOs to challenge abuses of names with national or geographic significance. As an important stakeholder in the Registry, DotAsia Organisation (through Namesphere) will be supporting the efforts as well. DotAsia has been a pioneer of protective measures for new gTLDs, especially in its handling of governmental reserved names and its engagement with different stakeholders to develop rapid suspension policies, which provided part of the genesis of what is now standardized for new gTLDs as the URS (Uniform Rapid Suspension) process. Similar administrative processes may be explored and developed for supporting challenge processes for abuses of names with national or geographic significance.
23. Provide name and full description of all the Registry Services to be provided.
23 Registry Services
The Registry will select a competent registry back-end service provider that has experience in complying with ICANN requirements and will be able to deliver on these specifications. The Registry also intends to select a competent registry front-end service provider with knowledge of developing and implementing appropriate registry policies.
Registry services for this TLD will be performed by the future registry back-end provider to deliver secure, stable and reliable registry services. This TLD will utilize an existing, proven team and platform for registry services with: • A stable and secure, state-of-the-art, EPP-based SRS with ample storage capacity, data security provisions and scalability • A reliable, 100% available DNS service (zone file generation, publication and dissemination) tested to withstand severe DDoS attacks and dramatic growth in Internet use; • A WHOIS service that is flexible and standards compliant, with search capabilities to address both registrar and end-user needs; includes consideration for evolving standards, such as RESTful, or draft-kucherawy-wierds; •Introduction of IDNs in the popular languages across the TLDs it serves; • A registry platform that is both IPv6 and DNSSEC enabled; • An experienced, respected team of professionals active in standards development of innovative services such as DNSSEC and IDN support • Methods to limit domain abuse, remove outdated and inaccurate data, and ensure the integrity of the SRS, and; • Customer support and reporting capabilities to meet financial and administrative needs, e.g., call center support, integration support, billing, and daily, weekly, and monthly reporting.
The future registry back-end and front-end service providers will support this TLD in accordance with the specific policies and procedures of the Registry (the “registry operator”), leveraging a proven registry infrastructure that is fully operational, staffed with professionals, massively provisioned, and immediately ready to launch and maintain this TLD.
The below response includes a description of the registry services to be provided for this TLD, additional services provided to support registry operations, and an overview of the registry back-end services provider’s approach to registry management.
Registry services to be provided To support this TLD, the registry back-end and front-end service providers and the Registry will offer the following registry services, all in accordance with relevant technical standards and policies: • Receipt of data from registrars concerning registration for domain names and nameservers, and provision to registrars of status information relating to the EPP-based domain services for registration, queries, updates, transfers, renewals, and other domain management functions. Please see our responses to questions #24, #25, and #27 for full details, which we request to be incorporated here by reference. • Operation of the registry DNS servers: The DNS system, run and managed by the registry back-end provider, will be a massively provisioned DNS infrastructure that utilizes among the most sophisticated DNS architecture, hardware, software and redundant design created. The registry back-end service provider’s will have an industry-leading system to work in a seamless way to incorporate nameservers from any number of other secondary DNS service vendors. Please see our response to question #35 for full details, which we request to be incorporated here by reference. • Dissemination of TLD zone files: the registry back-end service provider’s distinctive architecture shall allow for real-time updates and maximum stability for zone file generation, publication and dissemination. Please see our response to question #34 for full details, which we request to be incorporated here by reference. • Dissemination of contact or other information concerning domain registrations: A port 43 WHOIS service with basic and expanded search capabilities with requisite measures to prevent abuse. Please see our response to question #26 for full details, which we request to be incorporated here by reference. • Internationalized Domain Names (IDNs): Ability to support all protocol valid Unicode characters at every level of the TLD, including alphabetic, ideographic and right-to-left scripts, in conformance with the ICANN IDN Guidelines. Please see our response to question #44 for full details, which we request to be incorporated here by reference. • DNS Security Extensions (DNSSEC): A fully DNSSEC-enabled registry, with a stable and efficient means of signing and managing zones. This includes the ability to safeguard keys and manage keys completely. Please see our response to question #43 for full details, which we request to be incorporated here by reference.
Each service will meet or exceed the contract service level agreement. All registry services for this TLD will be provided in a standards-compliant manner.
The registry back-end service provider will address security in every significant aspect – physical, data and network as well as process. The registry back-end service provider will approach security permeating every aspect of the registry services provided. A dedicated security function exists within the company to continually identify existing and potential threats, and to put in place comprehensive mitigation plans for each identified threat. In addition, a rapid security response plan exists to respond comprehensively to unknown or unidentified threats. The specific threats and mitigation plans are defined in our response to question #30(b); please see that response for complete information. In short, the registry back-end service provider will be committed to ensuring the confidentiality, integrity, and availability of all information.
New registry services
No new registry services are planned for the launch of this TLD.
Additional services to support registry operation Numerous supporting services and functions facilitate effective management of the TLD. These support services will also be supported by the registry back-end provider, including: • Customer support: comprehensive phone and e-mail support for customers to address any access, update or other issues they may encounter. This includes assisting the customer identification of the problem as well as solving it. Customers include registrars and the registry operator, but not registrants except in unusual circumstances. Customers have access to a web-based portal for a rapid and transparent view of the status of pending issues. • Financial services: billing and account reconciliation for all registry services according to pricing to be established in the future
Reporting is an important component of supporting registry operations. The registry back-end service provider will provide reporting to the registry operator and registrars, and financial reporting, which are similar to the following:
Reporting provided to registry operator The registry back-end service provider will provide an extensive suite of reports to the registry operator, including daily, weekly and monthly reports with data at the transaction level that enable the registry operator to track and reconcile at whatever level of detail preferred. The registry back-end service provider will provide the exact data required by ICANN in the required format to enable the registry operator to meet its technical reporting requirements to ICANN.
In addition, the registry back-end provider will offer access to a data warehouse capability that will enable near real-time data. This can be arranged by informing the registry back-end service provider regarding who should have access. The registry back-end service provider’s data warehouse capability will enable drill-down analytics all the way to the transaction level.
Reporting available to registrars The registry back-end service provider will provide an extensive suite of reporting to registrars. Specifically, the registry back-end services provider will provide daily, weekly and monthly reports with detail at the transaction level to enable registrars to track and reconcile at whatever level of detail they prefer.
Reports will be provided in standard formats, facilitating import for use by virtually any registrar analytical tool. Registrar reports will be available for download via a secure administrative interface. A given registrar will only have access to its own reports. These will include the following: • Daily Reports: Transaction Report, Billable Transactions Report, and Transfer Reports; • Weekly: Domain Status and Nameserver Report, Weekly Nameserver Report, Domains Hosted by Nameserver Weekly Report, and; • Monthly: Billing Report and Monthly Expiring Domains Report.
Weekly registrar reports will be maintained for each registrar for four weeks. Weekly reports older than four weeks will be archived for a period of six months, after which they will be deleted.
Financial reporting Registrar account balances will be updated real-time when payments and withdrawals are posted to the registrarsʹ accounts. In addition, the registrar account balances will be updated as and when they perform billable transactions at the registry level.
The registry back-end service provider will provide Deposit⁄Withdrawal Reports that are updated periodically to reflect payments received or credits and withdrawals posted to the registrar accounts.
The following reports will also be available: a) Daily Billable Transaction Report, containing details of all the billable transactions performed by all the registrars in the SRS, b) daily e-mail reports containing the number of domains in the registry and a summary of the number and types of billable transactions performed by the registrars, and c) registry operator versions of most registrar reports (for example, a daily Transfer Report that details all transfer activity between all of the registrars in the SRS).
Registry support The registry back-end service provider for this TLD will be dedicated to managing the technical operations and support of this TLD in a secure, stable and reliable manner and will work closely with the Registry to review specific needs and objectives of this TLD. The resulting comprehensive plans are illustrated in technical responses #24-44, based on the Registry requirements. The registry service provider and the Registry also worked out the financial responses for this application which demonstrate cost and technology consistent with the size and objectives of this TLD.
Demonstration of Technical & Operational Capability
24. Shared Registration System (SRS) Performance
THE RESPONSE FOR THIS QUESTION USES ANGLE BRACKETS (THE “〈” and “〉” CHARACTERS, or < and >), WHICH ICANN INFORMS US (CASE ID 11027) CANNOT BE PROPERLY RENDERED IN TAS DUE TO SECURITY CONCERNS. HENCE, THE ANSWER BELOW AS DISPLAYED IN TAS MAY NOT RENDER THE FULL RESPONSE AS INTENDED. THEREFORE, THE FULL ANSWER TO THIS QUESTION IS ALSO ATTACHED AS A PDF FILE, ACCORDING TO SPECIFIC GUIDANCE FROM ICANN UNDER CASE ID 11027.
24 SRS Performance
The future registry back-end service provider will operate a state-of-the-art EPP-based Shared Registration System (SRS) that is secure, stable and reliable. The SRS is a critical component of registry operations that must balance the business requirements for the registry and its customers, such as numerous domain acquisition and management functions. The SRS will meet or exceed all ICANN requirements given that the registry back-end service provider will: • Operate a secure, stable and reliable SRS which updates in real-time and in full compliance with Specification 6 of the new gTLD Registry Agreement; • be committed to continuously enhancing our SRS to meet existing and future needs; • Exceed contractual requirements and will perform in compliance with Specification 10 of the new gTLD Registry Agreement; • Provide SRS functionality and staff, financial, and other resources to more than adequately meet the technical needs of this TLD, and; • Manage the SRS with a team of experienced technical professionals who can seamlessly integrate this TLD into the registry platform and support the TLD in a secure, stable and reliable manner.
Description of operation of the SRS, including diagrams The registry back-end service provider’s SRS will provide the same advanced functionality as that used in the existing gTLD registries. The registry system will be standards-compliant and utilize proven technology, ensuring global familiarity for registrars, and it will be protected by massively provisioned infrastructure that mitigates the risk of disaster.
EPP functionality is described fully in our response to question #25; please consider those answers incorporated here by reference. An abbreviated list of the registry back-end service provider’s SRS functionality includes: • Domain registration: registration of names in the TLD, in both ASCII and IDN forms, to accredited registrars via EPP and a web-based administration tool. • Domain renewal: services that allow registrars the ability to renew domains under sponsorship at any time. Further, the registry performs the automated renewal of all domain names at the expiration of their term, and allows registrars to rescind automatic renewals within a specified number of days after the transaction for a full refund. • Transfer: efficient and automated procedures to facilitate the transfer of sponsorship of a domain name between accredited registrars. Further, the registry enables bulk transfers of domains under the provisions of the Registry-Registrar Agreement. • RGP and restoring deleted domain registrations: support for the Redemption Grace Period (RGP) as needed, enabling the restoration of deleted registrations. • Other grace periods and conformance with ICANN guidelines: support for other grace periods that are evolving as standard practice inside the ICANN community. In addition, the registry system supports the evolving ICANN guidelines on IDNs.
The registry back-end service provider will also support the basic check, delete, and modify commands.
As required for all new gTLDs, the registry back-end service provider will provide “thick” registry system functionality. In this model, all key contact details for each domain will be stored in the registry. This will allow better access to domain data and provide uniformity in storing the information.
The registry back-end service provider’s SRS will continue to comply with global best practices including relevant RFCs, ICANN requirements, and this TLD’s respective domain policies. The registry back-end service provider will have fully documented and tested policies and procedures, and our highly skilled team members will be active participants of the major relevant technology and standards organizations, so ICANN can be assured that SRS performance and compliance are met. Examples of a similar SRS system and network architecture are provided in response to questions #31 and #32; please consider those answers incorporated here by reference.
SRS servers and software Should we decide to offer the gTLD to the external communities, we intend to follow a similar framework as follows :
All applications and databases for this TLD will run in a virtual environment currently hosted by a cluster of servers equipped with the latest Intel Westmere multi-core processors. (It is possible that by the time this application is evaluated and systems deployed, Westmere processors may no longer be the “latest”; the registry back-end service provider’s policy will be to use the most advanced, stable technology available at the time of deployment.) The data for the registry will be stored on storage arrays of solid state drives shared over a fast storage area network. The virtual environment allows the infrastructure to easily scale both vertically and horizontally to cater to changing demand. It also facilitates effective utilization of system resources, thus reducing energy consumption and carbon footprint.
The network firewalls, routers and switches support all applications and servers. Hardware traffic shapers will be used to enforce an equitable access policy for connections coming from registrars. The registry system accommodates both IPv4 and IPv6 addresses. Hardware load balancers accelerate TLS⁄SSL handshaking and distribute load among a pool of application servers.
Each of the servers and network devices will be equipped with redundant, hot-swappable components and multiple connections to ancillary systems. Additionally, comprehensive support agreements with a quick response time at all our data centers will guarantee replacement of failed parts in the shortest time possible.
Examples of a similar system and network devices used: • Servers: Cisco UCS B230 blade servers • SAN storage arrays: IBM Storwize V7000 with Solid State Drives • SAN switches: Brocade 5100 • Firewalls: Cisco ASA 5585-X • Load balancers: F5 Big-IP 6900 • Traffic shapers: Procera PacketLogic PL8720 • Routers: Juniper MX40 3D • Network switches: Cisco Nexus 7010, Nexus 5548, Nexus 2232
These system components are upgraded and updated as required, and have usage and performance thresholds which trigger upgrade review points. In each data center, there is a minimum of two of each network component, a minimum of 25 servers, and a minimum of two storage arrays.
Technical components of the SRS include the following items, continually checked and upgraded as needed: SRS, WHOIS, web admin tool, DNS, DNS distributor, reporting, invoicing tools, and deferred revenue system (as needed).
All hardware is massively provisioned to ensure stability under all forecast volumes from launch through “normal” operations of average daily and peak capacities. Each and every system application, server, storage and network device is continuously monitored by the registry back-end service provider’s Network Operations Center for performance and availability. The data gathered is used by dynamic predictive analysis tools in real-time to raise alerts for unusual resource demands. Should any volumes exceed established thresholds, a capacity planning review is instituted which will address the need for additions well in advance of their actual need.
SRS diagram and interconnectivity description As with all core registry services, the SRS is run from a global cluster of registry system data centers, located in geographic centers with high Internet bandwidth, power, redundancy and availability. All of the registry systems will be run in a 〈n+1〉 setup, with a primary data center and a secondary data center. For detailed site information, please see a similar framework and our responses to questions #32 and #35. Registrars access the SRS in real-time using EPP.
A sample of the registry back-end service provider’s SRS technical and operational capabilities (displayed in Figure 24-a) include: • Geographically diverse redundant registry systems; • Load balancing implemented for all registry services (e.g. EPP, WHOIS, web admin) ensuring equal experience for all customers and easy horizontal scalability; • Disaster Recovery Point objective for the registry is within one minute of the loss of the primary system; • Detailed and tested contingency plan, in case of primary site failure, and; • Daily reports, with secure access for confidentiality protection.
As per similar examples showed in Figure 24-a, the SRS contains several components of the registry system. The interconnectivity ensures near-real-time distribution of the data throughout the registry infrastructure, timely backups, and up-to-date billing information.
The WHOIS servers are directly connected to the registry database and provide real-time responses to queries using the most up-to-date information present in the registry.
In this framework, the committed DNS-related EPP objects in the database will be made available to the DNS Distributor via a dedicated set of connections. The DNS Distributor extracts committed DNS-related EPP objects in real time and immediately inserts them into the zone for dissemination.
The registry back-end service provider’s system is architected such that read-only database connections will be executed on database replicas and connections to the database master (where write-access is executed) will be carefully protected to ensure high availability.
This interconnectivity is monitored, as is the entire registry system, according to the plans detailed in our response to question #42.
Synchronization scheme Another similar example may apply would be the registry databases which will be synchronized both within the same data center and in the backup data center using a database application called Slony. For further details, please see a similar framework and the responses to questions #33 and #37. Slony replication of transactions from the publisher (master) database to its subscribers (replicas) works continuously to ensure the publisher and its subscribers remain synchronized. When the publisher database completes a transaction the Slony replication system ensures that each replica also processes the transaction. When there will be no transactions to process, Slony “sleeps” until a transaction arrives or for one minute, whichever comes first. Slony “wakes up” each minute to confirm with the publisher that there has not been a transaction and thus ensures subscribers are synchronized and the replication time lag is minimized. The typical replication time lag between the publisher and subscribers depends on the topology of the replication cluster, specifically the location of the subscribers relative to the publisher. Subscribers located in the same data center as the publisher are typically updated within a couple of seconds, and subscribers located in a secondary data center are typically updated in less than ten seconds. This ensures real-time or near-real-time synchronization between all databases, and in the case where the secondary data center needs to be activated, it can be done with minimal disruption to registrars.
SRS SLA performance compliance The registry back-end service provider will have a track record of delivering on the demanding ICANN SLAs, and will continue to provide secure, stable and reliable service in compliance with SLA requirements as specified in the new gTLD Registry Agreement, Specification 10, a similar framework is presented in Figure 24-b.
On behalf of the Registry, the registry back-end service provider, which is expected to provide this robust functionality and have extensive experience in supporting a thick TLD registry with a strong performance history will meet or exceed the performance metrics in Specification 10 of the new gTLD Registry Agreement. The registry back-end service provider’s services and infrastructure will be designed to scale both vertically and horizontally without any downtime to provide consistent performance as this TLD grows. The registry back-end service provider’s architecture will also be massively provisioned to meet seasonal demands and marketing campaigns. The registry back-end service provider’s experience will also need to give high confidence in the ability to scale and grow registry operations for this TLD in a secure, stable and reliable manner.
SRS resourcing plans The registry back-end service provider will be focused on delivering secure, stable and reliable registry services. There will be management and staff with extensive experience in designing and launching the registry systems and expanding the number of TLDs supported while maintaining strict service levels for the implementation and on-going maintenance of this TLD. The registry back-end service provider will operate in a matrix structure, which will allow its staff to be allocated to various critical functions in both a dedicated and a shared manner. With a team of specialists and generalists, the registry back-end service provider’s project management methodology will allow efficient and effective use of our staff in a focused way.
A large team will contribute to the management of the SRS code and network that will support this TLD. The SRS team will be composed of Software Engineers, Quality Assurance Analysts, Application Administrators, System Administrators, Storage Administrators, Network Administrators, Database Administrators, and Security Analysts. In addition to these team members, the registry back-end service provider will also utilize trained project management staff to maintain various calendars, work breakdown schedules, utilization and resource schedules and other tools to support the technical and management staff. The team will both deploy this TLD on the infrastructure, and maintain it. The registry back-end service provider’s team will have experience in managing multiple registry transitions and other new TLD launches, which illustrate its ability to securely and reliably deliver regularly scheduled updates as well as a secure, stable and reliable SRS service for this TLD.
25. Extensible Provisioning Protocol (EPP)
THE RESPONSE FOR THIS QUESTION USES ANGLE BRACKETS (THE “〈” and “〉” CHARACTERS, or < and >), WHICH ICANN INFORMS US (CASE ID 11027) CANNOT BE PROPERLY RENDERED IN TAS DUE TO SECURITY CONCERNS. HENCE, THE ANSWER BELOW AS DISPLAYED IN TAS MAY NOT RENDER THE FULL RESPONSE AS INTENDED. THEREFORE, THE FULL ANSWER TO THIS QUESTION IS ALSO ATTACHED AS A PDF FILE, ACCORDING TO SPECIFIC GUIDANCE FROM ICANN UNDER CASE ID 11027.
The future registry back-end service provider will have to be a pioneer and innovator in the use of EPP.. The registry back-end service provider will have a track record of supporting TLDs on standards-compliant versions of EPP. It will also operate the EPP registrar interface as well as a web-based interface for this TLD in accordance with RFCs and global best practices. In addition, the registry back-end service provider will maintain a proper OT&E (Operational Testing and Evaluation) environment to facilitate registrar system development and testing.
The registry back-end service provider’s EPP technical performance will meet or exceed all ICANN requirements as demonstrated by: • A completely functional, state-of-the-art, EPP-based SRS that currently meets the needs of various gTLDs and will meet this new TLD’s needs; • A track record of success in developing extensions to meet client and registrar business requirements such as multi-script support for IDNs; • Supporting multiple ICANN gTLDs on EPP • EPP software that is operating today and has been fully tested to be standards-compliant; • Proven interoperability of existing EPP software with ICANN-accredited registrars, and; • An SRS that currently processes over 200 million EPP transactions per month. The EPP service will be offered in accordance with the performance specifications defined in the new gTLD Registry Agreement, Specification 10.
EPP Standards The future registry system will comply with the following revised versions of the RFCs and operate multiple ICANN TLDs. .The systems will be tested by our Quality Assurance (“QA”) team for RFC compliance, and will have to be used by registrars for an extended period of time: • 3735 - Guidelines for Extending EPP • 3915 - Domain Registry Grace Period Mapping • 5730 - Extensible Provisioning Protocol (EPP) • 5731 - Domain Name Mapping • 5732 - Host Mapping • 5733 - Contact Mapping • 5734 - Transport Over TCP • 5910 - Domain Name System (DNS) Security Extensions Mapping for the Extensible Provisioning Protocol (EPP)
This TLD will support all valid EPP commands. The following EPP commands are in operation today and will be made available for this TLD. See attachment #25a for a similar example of the base set of EPP commands and examples of the registry back-end service provider’s XSD schema files, which define all the rules of valid, RFC compliant EPP commands and responses that the registry back-end service provider will support. Any customized EPP extensions, if necessary, will also conform to relevant RFCs.
The registry back-end service provider’s staff members shall have actively participated in the Internet Engineering Task Force (IETF) process that finalized the new standards for EPP. It will also continue to actively participate in the IETF and will stay abreast of any updates to the EPP standards.
EPP software interface and functionality The registry back-end service provider will provide all registrars with a free open-source EPP toolkit. It will provide this software for use with both Microsoft Windows and Unix⁄Linux operating systems. This software, which includes all relevant templates and schema defined in the RFCs, is available on sourceforge.net and will be available through the registry operator’s website.
The registry back-end service provider’s SRS EPP software will comply with all relevant RFCs and include similar functionality as follows: • EPP Greeting: A response to a successful connection returns a greeting to the client. Information exchanged can include: name of server, server date and time in UTC, server features, e.g., protocol versions supported, languages for the text response supported, and one or more elements which identify the objects that the server is capable of managing; • Session management controls: 〈login〉 to establish a connection with a server, and 〈logout〉 to end a session; • EPP Objects: Domain, Host and Contact for respective mapping functions; • EPP Object Query Commands: Info, Check, and Transfer (query) commands to retrieve object information, and; • EPP Object Transform Commands: five commands to transform objects: 〈create〉 to create an instance of an object, 〈delete〉 to remove an instance of an object, 〈renew〉 to extend the validity period of an object, 〈update〉 to change information associated with an object, and 〈transfer〉 to manage changes in client sponsorship of a known object.
It is expected that 100% of the top domain name registrars in the world have software that has already been tested and certified to be compatible with the registry back-end service provider’s SRS registry. The registry back-end service provider’s EPP Registrar Acceptance Criteria examples are available in attachment #25b, EPP OT&E Criteria.
Free EPP software support The registry back-end service provider will analyze and diagnose registrar EPP activity log files as needed and will be available to assist registrars who may require technical guidance regarding how to fix repetitive errors or exceptions caused by misconfigured client software.
Registrars are responsible for acquiring a TLS⁄SSL certificate from an approved certificate authority, as the registry-registrar communication channel requires mutual authentication; the registry back-end service provider will acquire and maintain the server-side TLS⁄SSL certificate. The registrar is responsible for developing support for TLS⁄SSL in their client application. The registry back-end service provider will provide free guidance for registrars unfamiliar with this requirement.
Registrar data synchronization There are two methods available for registrars to synchronize their data with the registry: • Automated synchronization: Registrars can, at any time, use the EPP 〈info〉 command to obtain definitive data from the registry for a known object, including domains, hosts (nameservers) and contacts. • Personalized synchronization: A registrar may contact technical support and request a data file containing all domains (and associated host (nameserver) and contact information) registered by that registrar, within a specified time interval. The data will be formatted as a comma separated values (CSV) file and made available for download using a secure server.
EPP modifications There are no unique EPP modifications planned for this TLD.
All ICANN TLDs must offer a Sunrise as part of a rights protection program. The registry back-end service provider will use EPP extensions that allow registrars to submit trademark and other intellectual property rights (IPR) data to the registry. These extensions are: • An 〈ipr:name〉 element that indicates the name of Registered Mark. • An 〈ipr:number〉 element that indicates the registration number of the IPR. • An 〈ipr:ccLocality〉 element that indicates the origin for which the IPR is established (a national or international trademark registry). • An 〈ipr:entitlement〉 element that indicates whether the applicant holds the trademark as the original “OWNER”, “CO-OWNER” or “ASSIGNEE”. • An 〈ipr:appDate〉 element that indicates the date the Registered Mark was applied for. • An 〈ipr:regDate〉 element that indicates the date the Registered Mark was issued and registered. • An 〈ipr:class〉 element that indicates the class of the registered mark. • An 〈ipr:type〉 element that indicates the Sunrise phase the application applies for.
Note that some of these extensions might be subject to change based on ICANN-developed requirements for the Trademark Clearinghouse.
EPP resourcing plans The registry back-end service provider will be focusing on delivering secure, stable and reliable registry services. There will be management and staff with extensive experience in designing and launching the registry systems and expanding the number of TLDs where necessary. The registry back-end service provider will operate in a matrix structure, which will allow its staff to be allocated to various critical functions in both a dedicated and a shared manner. With a team of specialists and generalists, the registry back-end service provider’s project management methodology will allow efficient and effective use of our staff in a focused way.
The registry back-end service provider’s team members will directly contribute to the management and development of the EPP based registry systems. It will be an active member of IETF and will have a long documented history developing and enhancing EPP. These contributors may include include developers and QA engineers focused on maintaining and enhancing EPP server side software.These engineers will work directly with business staff to timely address existing needs and forecast registry⁄registrar will ensure the EPP software is effective today and into the future. A team of data analysts will work with the EPP software system to ensure that the data flowing through EPP is securely and reliably stored in replicated database systems. In addition to the EPP developers, QA engineers, and data analysts, other EPP contributors will include: Technical Analysts, the Network Operations Center and Data Services team members.
The future registry back-end services provider will operate the WHOIS (registration data directory service) infrastructure in accordance with RFCs and global best practices Designed to be robust and scalable, the registry service provider’s WHOIS service shall have a track record in exceeding contractual requirements. It shall have extended search capabilities, and methods of limiting abuse.
The WHOIS service operated by the registry back-end service provider will meet and exceed ICANN’s requirements. Specifically, the registry back-end serviceprovider will: • Offer a WHOIS service made available on port 43 that is flexible and standards- compliant; • Comply with all ICANN policies, and meeting or exceeding WHOIS performance requirements in Specification 10 of the new gTLD Registry Agreement; • Enable a Searchable WHOIS with extensive search capabilities that offers ease of use while enforcing measures to mitigate access abuse, and; • Employ a team with significant experience managing a compliant WHOIS service.
Such extensive knowledge and experience managing a WHOIS service will enable the registry back-end service provider to offer a comprehensive plan for this TLD that meets the needs of constituents of the domain name industry and Internet users. The service will be tested by our QA team for RFC compliance, and will be used by registrars and many other parties for an extended period of time. The registry back-end service provider’s WHOIS service should be able to serve a substantial number of WHOIS queries per month, with the capacity already built in to handle an order of magnitude increase in WHOIS queries, and the ability to smoothly scale should greater growth be needed.
WHOIS system description and diagram The registry back-end service provider’s WHOIS system, (examples depicted in figure 26-a), is designed with robustness, availability, compliance, and performance in mind. Additionally, the system has provisions for detecting abusive usage (e.g., excessive numbers of queries from one source). The WHOIS system is generally intended as a publicly available single object lookup system. The registry back-end service provider will use an advanced, persistent caching system to ensure extremely fast query response times.
The registry back-end service provider will develop restricted WHOIS functions based on specific domain policy and regulatory requirements as needed for operating the business (as long as they are standards compliant). It will also be possible for contact and registrant information to be returned according to regulatory requirements. The WHOIS database will support multiple string and field searching through a reliable, free, secure web-based interface.
Data objects, interfaces, access and lookups Registrars can provide an input form on their public websites through which a visitor is able to perform WHOIS queries. The registry operator will also be able to provide a Web-based search on its site. The input form will be able to accept the string to query, along with the necessary input elements to select the object type and interpretation controls. This input form sends its data to the port 43 WHOIS server. The results from the WHOIS query are returned by the server and displayed in the visitor’s Web browser. The key purpose of the Web interface is to provide a user-friendly interface for WHOIS queries.
The registry back-end service provider will provide WHOIS output and a similar example can be found in Specification 4 of the new gTLD Registry Agreement. The output for domain records generally consists of the following elements: • The name of the domain registered and the sponsoring registrar; • The names of the primary and secondary nameserver(s) for the registered domain name; • The creation date, registration status and expiration date of the registration; • The name, postal address, e-mail address, and telephone and fax numbers of the domain name holder; • The name, postal address, e-mail address, and telephone and fax numbers of the technical contact for the domain name holder; • The name, postal address, e-mail address, and telephone and fax numbers of the administrative contact for the domain name holder, and; • The name, postal address, e-mail address, and telephone and fax numbers of the billing contact for the domain name holder. The following is some possible additional features that may be present in the registry back-end service provider’s WHOIS service: • Support for IDNs, including the language tag and the Punycode representation of the IDN in addition to Unicode Hex and Unicode HTML formats; • Enhanced support for privacy protection relative to the display of confidential information.
The registry back-end service provider will also provide sophisticated WHOIS search functionality that includes the ability to conduct multiple string and field searches.
Query controls For all WHOIS queries, a user is required to enter the character string representing the information for which they want to search. The object type and interpretation control parameters to limit the search may also be specified. If object type or interpretation control parameter is not specified, WHOIS will search for the character string in the Name field of the Domain object.
WHOIS queries are required to be either an ʺexact searchʺ or a ʺpartial search,ʺ both of which are insensitive to the case of the input string.
An exact search specifies the full string to search for in the database field. An exact match between the input string and the field value is required.
A partial search specifies the start of the string to search for in the database field. Every record with a search field that starts with the input string is considered a match. By default, if multiple matches are found for a query, then a summary containing up to 50 matching results is presented. A second query is required to retrieve the specific details of one of the matching records.
If only a single match is found, then full details will be provided. Full detail consists of the data in the matching object as well as the data in any associated objects. For example: a query that results in a domain object includes the data from the associated host and contact objects.
WHOIS query controls fall into two categories: those that specify the type of field, and those that modify the interpretation of the input or determine the level of output to provide. Each is described below.
The following keywords restrict a search to a specific object type: • Domain: Searches only domain objects. The input string is searched in the Name field. • Host: Searches only nameserver objects. The input string is searched in the Name field and the IP Address field. • Contact: Searches only contact objects. The input string is searched in the ID field. • Registrar: Searches only registrar objects. The input string is searched in the Name field. By default, if no object type control is specified, then the Name field of the Domain object is searched.
In addition, the registry back-end service provider’s WHOIS systems will perform and respond to WHOIS searches by registrant name, postal address and contact names. Deployment of these features will be provided as an option to the registry operator, based upon registry policy and business decision making.
Figure 26-b presents an example that the keywords that modify the interpretation of the input or determine the level of output to provide.
By default, if no interpretation control keywords are used, the output will include full details if a single match is found and a summary if multiple matches are found.
Unique TLD requirements There are no unique WHOIS requirements for this TLD.
Sunrise WHOIS processes All ICANN TLDs must offer a Sunrise as part of a rights protection program. The registry back-end service provider will use EPP extensions that allow registrars to submit trademark and other intellectual property rights (IPR) data to the registry. The following corresponding data will be displayed in WHOIS for relevant domains: • Trademark Name: element that indicates the name of the Registered Mark. • Trademark Number: element that indicates the registration number of the IPR. • Trademark Locality: element that indicates the origin for which the IPR is established (a national or international trademark registry). • Trademark Entitlement: element that indicates whether the applicant holds the trademark as the original “OWNER”, “CO-OWNER” or “ASSIGNEE”. • Trademark Application Date: element that indicates the date the Registered Mark was applied for. • Trademark Registration Date: element that indicates the date the Registered Mark was issued and registered. • Trademark Class: element that indicates the class of the Registered Mark. • IPR Type: element that indicates the Sunrise phase the application applies for.
IT and infrastructure resources All the applications and databases for this TLD will run in a virtual environment hosted by a cluster of servers equipped with the latest Intel Westmere multi-core processors (or a more advanced, stable technology available at the time of deployment). The registry data will be stored on storage arrays of solid-state drives shared over a fast storage area network. The virtual environment allows the infrastructure to easily scale both vertically and horizontally to cater to changing demand. It also facilitates effective utilization of system resources thus reducing energy consumption and carbon footprint.
The applications and servers are supported by network firewalls, routers and switches. The WHOIS system accommodates both IPv4 and IPv6 addresses.
Each of the servers and network devices are equipped with redundant hot-swappable components and multiple connections to ancillary systems. Additionally, comprehensive support agreements with a quick response time at all our data centers guarantee replacement of failed parts in the shortest time possible.
Examples of the models of system and network devices used will be: • Servers: Cisco UCS B230 blade servers • SAN storage arrays: IBM Storwize V7000 with Solid State Drives • Firewalls: Cisco ASA 5585-X • Load balancers: F5 Big-IP 6900 • Traffic shapers: Procera PacketLogic PL8720 • Routers: Juniper MX40 3D • Network switches: Cisco Nexus 7010, Nexus 5548, Nexus 2232
There will be at least four virtual machines (VMs) offering WHOIS service. Each VM will run at least two WHOIS server instances - one for registrars and one for the public. All instances of the WHOIS service is made available to registrars and the public are rate limited to mitigate abusive behavior.
Frequency of synchronization between servers Registration data records from the EPP publisher database will be replicated to the WHOIS system database on a near-real-time basis whenever an update occurs.
Specifications 4 and 10 compliance The WHOIS service for this TLD will meet or exceed the performance requirements in the new gTLD Registry Agreement, Specification 10. Figure 26-c provides an example of the estimated measurements and commitments. The registry back-end service provider shall have a track record of exceeding WHOIS performance and a skilled team to ensure this continues for all TLDs under management.
The WHOIS service for this TLD will meet or exceed the requirements in the new gTLD Registry Agreement, Specification 4.
RFC 3912 compliance The registry back-end service provider will operate the WHOIS infrastructure in compliance with RFCs and global best practices
The registry back-end service provider will maintain a registry-level centralized WHOIS database that contains information for every registered domain and for all host and contact objects. The WHOIS service will be available on the Internet standard WHOIS port (port 43) in compliance with RFC 3912. The WHOIS service contains data submitted by registrars during the registration process. Changes made to the data by a registrant will be submitted to the registry back-end service provider by the registrar and are reflected in the WHOIS database and service in near-real-time, by the instance running at the primary data center, and in under ten seconds by the instance running at the secondary data center, thus providing all interested parties with up-to-date information for every domain. This service is compliant with the new gTLD Registry Agreement, Specification 4.
The WHOIS service maintained by the registry back-end service provider will be authoritative and complete, as this will be a “thick” registry (detailed domain contact WHOIS is all held at the registry); users do not have to query different registrars for WHOIS information, as there is one central WHOIS system. Additionally, visibility of different types of data is configurable to meet the registry operator’s needs.
Searchable WHOIS The registry back-end service provider will offer the below similar plan which allows searchable WHOIS on a web-based Directory Service. Partial match capabilities will be offered on the following fields: domain name, registrar ID, and IP address. In addition, the registry back-end service provider’s WHOIS systems will perform and respond to WHOIS searches by registrant name, postal address and contact names.
Providing the ability to search important and high-value fields such as registrant name, address and contact names increases the probability of abusive behavior. An abusive user could script a set of queries to the WHOIS service and access contact data in order to create or sell a list of names and addresses of registrants in this TLD. Making the WHOIS machine readable, while preventing harvesting and mining of WHOIS data, will be a key requirement integrated into the registry back-end service provider’s WHOIS systems. For instance, the registry back-end service provider will limit search returns to 50 records at a time. If bulk queries were ever necessary (e.g., to comply with any applicable laws, government rules or requirements, requests of law enforcement, or any dispute resolution process), the registry back-end service provider will make such query responses available to carefully screened and limited staff members at the registry operator (and customer support staff) via an internal data warehouse. The registry back-end service provider’s WHOIS system will accommodate anonymous access as well as pre-identified and profile-defined uses, with full audit and log capabilities.
The WHOIS service has the ability to tag query responses with labels such as “Do not redistribute” or “Special access granted”. This may allow for tiered response and reply scenarios. Further, the WHOIS service is configurable in parameters and fields returned, which allow for flexibility in compliance with various jurisdictions, regulations or laws.
The registry back-end service provider will offer exact-match capabilities on the following fields: registrar ID, nameserver name, and nameserver’s IP address (only applies to IP addresses stored by the registry, i.e., glue records). Search capabilities will be fully available, and results will include domain names matching the search criteria (including IDN variants). The registry back-end service provider will manage abuse prevention through rate limiting and CAPTCHA (described below). Queries do not require specialized transformations of internationalized domain names or internationalized data fields.
Please see “Query Controls” above for details about search options and capabilities.
Deterring WHOIS abuse The registry back-end service provider will adopt best practices to prevent abuse of the WHOIS service: e.g. rate limiting and CAPTCHA.
Abuse of WHOIS services on port 43 and via the Web is subject to an automated rate-limiting system. This ensures that uniformity of service to users is unaffected by a few parties whose activities abuse or otherwise might threaten to overload the WHOIS system.
Abuse of web-based public WHOIS services is subject to the use of CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) technology. The use of CAPTCHA ensures that uniformity of service to users is unaffected by a few parties whose activities abuse or otherwise might threaten to overload the WHOIS system. The registry operator will adopt a CAPTCHA on its Web-based WHOIS.
Data mining of any sort on the WHOIS system is strictly prohibited, and this prohibition is published in WHOIS output and in terms of service.
For rate limiting on IPv4, there are configurable limits per IP and subnet. For IPv6, the traditional limitations do not apply. Whenever a unique IPv6 IP address exceeds the limit of WHOIS queries per minute, the same rate-limit for the given 64 bits of network prefix that the offending IPv6 IP address falls into will be applied. At the same time, a timer will start and rate-limit validation logic will identify if there are any other IPv6 address within the original 80-bit(⁄48) prefix. If another offending IPv6 address does fall into the ⁄48 prefix then rate-limit validation logic will penalize any other IPv6 addresses that fall into that given 80-bit (⁄48) network. As a security precaution, the registry back-end service provider will not disclose these limits.
Pre-identified and profile-driven role access allows greater granularity and configurability in both access to the WHOIS service, and in volume⁄frequency of responses returned for queries.
The registry back-end service provider’s staff shall be key participants in the ICANN Security & Stability Advisory Committee’s deliberations and outputs on WHOIS, including SAC003, SAC027, SAC033, SAC037, SAC040, and SAC051. The registry back-end service provider’s staff shall be active participants in both technical and policy decision making in ICANN, aimed at restricting abusive behavior.
WHOIS staff resourcing plans The registry back-end service provider will be focusing on delivering secure, stable and reliable registry services. There will be management and staff with extensive experience in designing and launching the registry systems and expanding the number of TLDs where necessary. The registry back-end service provider will operate in a matrix structure, which allows its staff to be allocated to various critical functions in both a dedicated and a shared manner. With a team of specialists and generalists, the registry back-end services provider’s project management methodology will allow efficient and effective use of our staff in a focused way.
Within the registry back-end service provider, there will be a competent team to develop and maintain the compliant WHOIS systems. They will keep pace with access requirements, thwart abuse, and continually develop software. Of these resources, approximately two staffers will be typically required for WHOIS-related code customization. Other resources will provide quality assurance, and operations personnel will maintain the WHOIS system itself. This team will be responsible for the implementation and on-going maintenance of the new TLD WHOIS service.
27. Registration Life Cycle
THE RESPONSE FOR THIS QUESTION USES ANGLE BRACKETS (THE “〈” and “〉” CHARACTERS, or < and >), WHICH ICANN INFORMS US (CASE ID 11027) CANNOT BE PROPERLY RENDERED IN TAS DUE TO SECURITY CONCERNS. HENCE, THE ANSWER BELOW AS DISPLAYED IN TAS MAY NOT RENDER THE FULL RESPONSE AS INTENDED. THEREFORE, THE FULL ANSWER TO THIS QUESTION IS ALSO ATTACHED AS A PDF FILE, ACCORDING TO SPECIFIC GUIDANCE FROM ICANN UNDER CASE ID 11027.
27 Registration Lifecycle
The future registry back-end service provider shall have experience in managing registrations for many years and providing support to comprehensive registration lifecycle services including the registration states, all standard grace periods, and can address any modifications required with the introduction of any new ICANN policies.
This TLD will follow the ICANN standard domain lifecycle, as is currently implemented in TLDs such as .ORG and .INFO. The below response includes: a diagram and description of the lifecycle of a domain name in this TLD, including domain creation, transfer protocols, grace period implementation and the respective time frames for each; and the existing resources to support the complete lifecycle of a domain.
A similar example is depicted in Figure 27-a, prior to the beginning of the Trademark Claims Service or Sunrise IP protection program[s] where the registry back-end service provider will support the reservation of names in accordance with the new gTLD Registry Agreement, Specification 5.
Registration period After the IP protection programs and the general launch, eligible registrants may choose an accredited registrar to register a domain name. The registrar will check availability on the requested domain name and if available, will collect specific objects such as, the required contact and host information from the registrant. The registrar will then provision the information into the registry system using standard Extensible Provisioning Protocol (“EPP”) commands through a secure connection to the registry backend service provider.
When the domain is created, the standard five day Add Grace Period begins, the domain and contact information are available in WHOIS, and normal operating EPP domain statuses will apply. Other common specifics regarding registration rules for an active domain will include: • The domain must be unique; • Restricted or reserved domains cannot be registered; • The domain can be registered from 1-10 years; • The domain can be renewed at any time for 1-10 years, but cannot exceed 10 years; • The domain can be explicitly deleted at any time; • The domain can be transferred from one registrar to another except during the first 60 days following a successful registration or within 60 days following a transfer; and, Contacts and hosts can be modified at any time.
The following examples describe the domain status values recognized in WHOIS when using the EPP protocol following RFC 5731. • OK or Active: This is the normal status for a domain that has no pending operations or restrictions. • Inactive: The domain has no delegated name servers. • Locked: No action can be taken on the domain. The domain cannot be renewed, transferred, updated, or deleted. No objects such as contacts or hosts can be associated to, or disassociated from the domain. This status includes: Delete Prohibited ⁄ Server Delete Prohibited, Update Prohibited ⁄ Server Update Prohibited, Transfer Prohibited, Server Transfer Prohibited, Renew Prohibited, Server Renew Prohibited. • Hold: The domain will not be included in the zone. This status includes: Client Hold, Server Hold. • Transfer Prohibited: The domain cannot be transferred away from the sponsoring registrar. This status includes: Client Transfer Prohibited, Server Transfer Prohibited.
The following examples describe the registration operations that apply to the domain name during the registration period. a. Domain modifications: This operation allows for modifications or updates to the domain attributes to include: i. Registrant Contact ii. Admin Contact iii. Technical Contact iv. Billing Contact v. Host or nameservers vi. Authorization information vii. Associated status values A domain with the EPP status of Client Update Prohibited or Server Update Prohibited may not be modified until the status is removed. b. Domain renewals: This operation extends the registration period of a domain by changing the expiration date. The following rules apply: i. A domain can be renewed at any time during its registration term, ii. The registration term cannot exceed a total of 10 years. A domain with the EPP status of Client Renew Prohibited or Server Renew Prohibited cannot be renewed. c. Domain deletions: This operation deletes the domain from the Shared Registry Services (SRS). The following rules apply: i. A domain can be deleted at any time during its registration term, if the domain is deleted during the Add Grace Period or the Renew⁄Extend Grace Period, the sponsoring registrar will receive a credit, ii. A domain cannot be deleted if it has “child” nameservers that are associated to other domains. A domain with the EPP status of Client Delete Prohibited or Server Delete Prohibited cannot be deleted. d. Domain transfers: A transfer of the domain from one registrar to another is conducted by following the steps below. i. The registrant must obtain the applicable 〈authInfo〉 code from the sponsoring (losing) registrar. • Every domain name has an authInfo code as per EPP RFC 5731. The authInfo code is a six- to 16-character code assigned by the registrar at the time the name was created. Its purpose is to aid identification of the domain owner so proper authority can be established (it is the ʺpasswordʺ to the domain). • Under the Registry-Registrar Agreement, registrars will be required to provide a copy of the authInfo code to the domain registrant upon his or her request. ii. The registrant must provide the authInfo code to the new (gaining) registrar, who will then initiate a domain transfer request. A transfer cannot be initiated without the authInfo code. • Every EPP 〈transfer〉 command must contain the authInfo code or the request will fail. The authInfo code represents authority to the registry to initiate a transfer. iii. Upon receipt of a valid transfer request, the registry automatically asks the sponsoring (losing) registrar to approve the request within five calendar days. • When a registry receives a transfer request the domain cannot be modified, renewed or deleted until the request has been processed. This status must not be combined with either Client Transfer Prohibited or Server Transfer Prohibited status. • If the sponsoring (losing) registrar rejects the transfer within five days, the transfer request is cancelled. A new domain transfer request will be required to reinitiate the process. • If the sponsoring (losing) registrar does not approve or reject the transfer within five days, the registry automatically approves the request. iv. After a successful transfer, it is strongly recommended that registrars change the authInfo code, so that the prior registrar or registrant cannot use it anymore. v. Registrars must retain all transaction identifiers and codes associated with successful domain object transfers and protect them from disclosure. vi. Once a domain is successfully transferred the status of TRANSFERPERIOD is added to the domain for a period of five days. vii. Successful transfers will result in a one year term extension (resulting in a maximum total of 10 years), which will be charged to the gaining registrar. e. Bulk transfer: the registry back-end service provider will support bulk transfer functionality within the SRS for situations where ICANN may request the registry to perform a transfer of some or all registered objects (includes domain, contact and host objects) from one registrar to another registrar. Once a bulk transfer has been executed, expiry dates for all domain objects remain the same, and all relevant states of each object type are preserved. In some cases the gaining and the losing registrar as well as the registry must approved bulk transfers. A detailed log is captured for each bulk transfer process and is archived for audit purposes. The Registry will support ICANN’s Transfer Dispute Resolution Process. The Registry will work with the registry back-end service provider to respond to Requests for Enforcement (law enforcement or court orders) and will follow that process.
Should we offer the gTLD to external communities, the below plan will be implemented. :
1. Auto-renew grace period The Auto-Renew Grace Period displays as AUTORENEWPERIOD in WHOIS. An auto-renew must be requested by the registrant through the sponsoring registrar and occurs if a domain name registration is not explicitly renewed or deleted by the expiration date and is set to a maximum of 45 calendar days. In this circumstance the registration will be automatically renewed by the registry system the first day after the expiration date. For example, if a Delete, Extend, or Transfer occurs within the AUTORENEWPERIOD the following rules apply: i. Delete. If a domain is deleted the sponsoring registrar at the time of the deletion receives a credit for the auto-renew fee. The domain then moves into the Redemption Grace Period with a status of PENDING DELETE RESTORABLE. ii. Renew⁄Extend. A domain can be renewed as long as the total term does not exceed 10 years. The account of the sponsoring registrar at the time of the extension will be charged for the additional number of years the registration is renewed. iii. Transfer (other than ICANN-approved bulk transfer). If a domain is transferred, the losing registrar is credited for the auto-renew fee, and the year added by the operation is cancelled. As a result of the transfer, the expiration date of the domain is extended by minimum of one year as long as the total term does not exceed 10 years. The gaining registrar is charged for the additional transfer year(s) even in cases where a full year is not added because of the maximum 10 year registration restriction.
2. Redemption grace period During this period, a domain name will be placed in the PENDING DELETE RESTORABLE status when a registrar requests the deletion of a domain that is not within the Add Grace Period. A domain will remain in this state for up to 30 days, for example, and will not be included in the zone file. The only action a registrar can take on a domain is to request that it be restored. Any other registrar requests to modify or otherwise update the domain will be rejected. If the domain is restored it moves into PENDING RESTORE and then OK. After 30 days if the domain is not restored it will move into PENDING DELETE SCHEDULED FOR RELEASE before the domain is released back into the pool of available domains.
3. Pending delete During this period, a domain name will be placed in PENDING DELETE SCHEDULED FOR RELEASE status for five days, and all Internet services associated with the domain will remain disabled and domain cannot be restored. After five days the domain is released back into the pool of available domains.
Other grace periods All ICANN required grace periods will be implemented in the registry back-end service provider’s system including the Add Grace Period (AGP), Renew⁄Extend Grace Period (EGP), Transfer Grace Period (TGP), Auto-Renew Grace Period (ARGP), and Redemption Grace Period (RGP). The lengths of grace periods are configurable in the registry system. At this time, the grace periods will be implemented following other gTLDs such as .ORG. More than one of these grace periods may be in effect at any one time. The following are accompanying grace periods to the registration lifecycle.
Add grace period The Add Grace Period displays as ADDPERIOD in WHOIS and is set to five calendar days following the initial registration of a domain. If the domain is deleted by the registrar during this period, the registry provides a credit to the registrar for the cost of the registration. If a Delete, Renew⁄Extend, or Transfer operation occurs within the five calendar days, the following rules apply. i. Delete. If a domain is deleted within this period the sponsoring registrar at the time of the deletion is credited for the amount of the registration. The domain is deleted from the registry backend service provider’s database and is released back into the pool of available domains. ii. Renew⁄Extend. If the domain is renewed within this period and then deleted, the sponsoring registrar will receive a credit for both the registration and the extended amounts. The account of the sponsoring registrar at the time of the renewal will be charged for the initial registration plus the number of years the registration is extended. The expiration date of the domain registration is extended by that number of years as long as the total term does not exceed 10 years. iii. Transfer (other than ICANN-approved bulk transfer). Transfers under Part A of the ICANN Policy on Transfer of Registrations between registrars may not occur during the ADDPERIOD or at any other time within the first 60 days after the initial registration. Enforcement is the responsibility of the registrar sponsoring the domain name registration and is enforced by the SRS.
Renew ⁄ extend grace period The Renew ⁄ Extend Grace Period displays as RENEWPERIOD in WHOIS and is set to five calendar days following an explicit renewal on the domain by the registrar. If a Delete, Extend, or Transfer occurs within the five calendar days, the following rules apply: i. Delete. If a domain is deleted within this period the sponsoring registrar at the time of the deletion receives a credit for the renewal fee. The domain then moves into the Redemption Grace Period with a status of PENDING DELETE RESTORABLE. ii. Renew⁄Extend. A domain registration can be renewed within this period as long as the total term does not exceed 10 years. The account of the sponsoring registrar at the time of the extension will be charged for the additional number of years the registration is renewed. iii. Transfer (other than ICANN-approved bulk transfer). If a domain is transferred within the Renew⁄Extend Grace Period, there is no credit to the losing registrar for the renewal fee. As a result of the transfer, the expiration date of the domain registration is extended by a minimum of one year as long as the total term for the domain does not exceed 10 years. If a domain is auto-renewed, then extended, and then deleted within the Renew⁄Extend Grace Period, the registrar will be credited for any auto-renew fee charged and the number of years for the extension. The years that were added to the domain’s expiration as a result of the auto-renewal and extension are removed. The deleted domain is moved to the Redemption Grace Period with a status of PENDING DELETE RESTORABLE.
Transfer Grace Period The Transfer Grace period displays as TRANSFERPERIOD in WHOIS and is set to five calendar days after the successful transfer of domain name registration from one registrar to another registrar. Transfers under Part A of the ICANN Policy on Transfer of Registrations between registrars may not occur during the TRANSFERPERIOD or within the first 60 days after the transfer. If a Delete or Renew⁄Extend occurs within that five calendar days, the following rules apply: i. Delete. If the domain is deleted by the new sponsoring registrar during this period, the registry provides a credit to the registrar for the cost of the transfer. The domain then moves into the Redemption Grace Period with a status of PENDING DELETE RESTORABLE. ii. Renew⁄Extend. If a domain registration is renewed within the Transfer Grace Period, there is no credit for the transfer. The registrarʹs account will be charged for the number of years the registration is renewed. The expiration date of the domain registration is extended by the renewal years as long as the total term does not exceed 10 years.
This TLD may conduct auctions for certain domain names. The registry back-end service provider will manage the domain name auction using existing technology. Upon the completion of the auction, any domain name acquired will then follow the standard lifecycle of a domain.
Registration lifecycle resources The registry back-end service provider will be focusing on delivering secure, stable and reliable registry services. There will be management and staff with extensive experience in designing and launching the registry systems and expanding the number of TLDs where necessary. The registry back-end service provider will operate in a matrix structure, which will allow its staff to be allocated to various critical functions in both a dedicated and a shared manner. With a team of specialists and generalists, the registry back-end service provider’s project management methodology will allow efficient and effective use of our staff in a focused way. Virtually all the registry back-end service provider’s resources will be involved in the registration lifecycle of domains.
There are a few areas where registry staff will devote resources to registration lifecycle issues: a. Supporting Registrar Transfer Disputes. The registry operator will have a compliance staffer to handle these disputes as they arise; they are very rare in the existing gTLDs. b. The registry back-end service provider will have its development and quality assurance departments on hand to modify the grace period functionality as needed, if ICANN issues new Consensus Policies or the RFCs change.
The registry back-end service provider will have ample staff members in these departments.
28. Abuse Prevention and Mitigation
28 Abuse Prevention and Mitigation
The Registry, working with the future registry back-end and front-end service providers will take the requisite operational and technical and administrative steps to promote WHOIS data accuracy, limit domain abuse, remove outdated and inaccurate data, and other security measures to ensure the integrity of the TLD. The specific measures will include, but are not limited to: • Posting a TLD Anti-Abuse Policy that clearly defines abuse, and provide point-of-contact information for reporting suspected abuse; • Committing to rapid identification and resolution of abuse, including suspensions; • Ensuring completeness of WHOIS information at the time of registration; • Publishing and maintaining procedures for removing orphan glue records for names removed from the zone, and; • Establishing measures to deter WHOIS abuse, including rate-limiting, determining data syntax validity, and implementing and enforcing requirements from the Registry-Registrar Agreement.
Abuse policy The Anti-Abuse Policy stated below will be enacted under the contractual authority of the future registry operator through the Registry-Registrar Agreement, and the obligations will be passed on to and made binding upon registrants. This policy will be posted on the TLD web site along with contact information for registrants or users to report suspected abuse.
The policy is designed to address the malicious use of domain names. The registry operator and its registrars will make reasonable attempts to limit significant harm to Internet users. This policy is not intended to take the place of the Uniform Domain Name Dispute Resolution Policy (UDRP) or the Uniform Rapid Suspension System (URS), and it is not to be used as an alternate form of dispute resolution or as a brand protection mechanism. Its intent is not to burden law-abiding or innocent registrants and domain users; rather, the intent is to deter those who use domain names maliciously by engaging in illegal or fraudulent activity.
Repeat violations of the abuse policy will result in a case-by-case review of the abuser(s), and the registry operator shall reserve the right to escalate the issue, with the intent of levying sanctions that are allowed under the TLD anti-abuse policy.
The below policy is an example of the recent version of the policy that has been used by the .INFO registry since 2008, and the .ORG registry since 2009. It has proven to be an effective and flexible tool.
TLD Anti-Abuse Policy The following Anti-Abuse Policy is effective upon launch of the TLD. Malicious use of domain names will not be tolerated. The nature of such abuses creates security and stability issues for the registry, registrars, and registrants, as well as for users of the Internet in general. The registry operator’s definition of abusive use of a domain may include, without limitation, the following: • Illegal or fraudulent actions; • Spam: The use of electronic messaging systems to send unsolicited bulk messages. The term applies to email spam and similar abuses such as instant messaging spam, mobile messaging spam, and the spamming of web sites and Internet forums; • Phishing: The use of counterfeit web pages that will be designed to trick recipients into divulging sensitive data such as personally identifying information, usernames, passwords, or financial data; • Pharming: The redirecting of unknowing users to fraudulent sites or services, typically through, but not limited to, DNS hijacking or poisoning; • Willful distribution of malware: The dissemination of software designed to infiltrate or damage a computer system without the ownerʹs informed consent. Examples include, without limitation, computer viruses, worms, keyloggers, and Trojan horses. • Malicious fast-flux hosting: Use of fast-flux techniques with a botnet to disguise the location of web sites or other Internet services, or to avoid detection and mitigation efforts, or to host illegal activities. • Botnet command and control: Services run on a domain name that will be used to control a collection of compromised computers or ʺzombies,ʺ or to direct distributed denial-of-service attacks (DDoS attacks); • Illegal Access to Other Computers or Networks: Illegally accessing computers, accounts, or networks belonging to another party, or attempting to penetrate security measures of another individualʹs system (often known as ʺhackingʺ). Also, any activity that might be used as a precursor to an attempted system penetration (e.g., port scan, stealth scan, or other information gathering activity).
Pursuant to the Registry-Registrar Agreement, the registry operator shall reserve the right at its sole discretion to deny, cancel, or transfer any registration or transaction, or place any domain name(s) on registry lock, hold, or similar status, that it deems necessary: (1) to protect the integrity and stability of the registry; (2) to comply with any applicable laws, government rules or requirements, requests of law enforcement, or any dispute resolution process; (3) to avoid any liability, civil or criminal, on the part of the registry operator, as well as its affiliates, subsidiaries, officers, directors, and employees; (4) per the terms of the registration agreement and this Anti-Abuse Policy, or (5) to correct mistakes made by the registry operator or any registrar in connection with a domain name registration. The registry operator shall also reserve the right to place upon registry lock, hold, or similar status a domain name during resolution of a dispute.
The policy stated above will be accompanied by notes about how to submit a report to the registry operator’s abuse point of contact, and how to report an orphan glue record suspected of being used in connection with malicious conduct (see below).
Furthermore, adopting the process included in the Registry-Registrar agreement (similar examples would be : http:⁄⁄dot.asia⁄accreditationdocs⁄DotAsia-RRA-2010-02-01.pdf), the Registry will also include in its Registry-Registrar agreement a clause to specify that all registrations will be to submit to proceedings for expedited suspension processes of domain names:
For example, (3.9.11) Submit to proceedings commenced under other dispute policies as set forth by a registry from time to time in the Registry Policies, including but not limited to expedited processes for suspension of a domain name by claims sought by intellectual property right holders, Internet engineering and security experts or other competent claimants in the purpose of upholding the stability, security and integrity of the registry.
Abuse point of contact and procedures for handling abuse complaints The registry operator will establish an abuse point of contact. This contact will be a role-based e-mail address of the form “[email protected][tld]”. This e-mail address will allow multiple staff members to monitor abuse reports on a 24x7 basis, and then work toward closure of cases as each situation calls for. For tracking purposes, the registry operator will have a ticketing system with which all complaints will be tracked internally. The reporter will be provided with the ticket reference identifier for potential follow-up. The registry back-end service provider will integrate its existing ticketing system with the registry operator’s to ensure uniform tracking and handling of the complaint. This role-based approach has been used successfully by ISPs, e-mail service providers, and registrars for many years, and is considered a global best practice.
The registry operator’s designated abuse handlers will then evaluate complaints received via the abuse system address. They will decide whether a particular issue is of concern, and decide what action, if any, is appropriate.
In general, the registry operator will find itself receiving abuse reports from a wide variety of parties, including security researchers and Internet security companies, financial institutions such as banks, Internet users, and law enforcement agencies among others. Some of these parties may provide good forensic data or supporting evidence of the malicious behavior. In other cases, the party reporting an issue may not be familiar with how to provide such data or proof of malicious behavior. It is expected that a percentage of abuse reports to the registry operator will not be actionable, because there will not be enough evidence to support the complaint (even after investigation), and because some reports or reporters will simply not be credible.
The security function includes a communication and outreach function, with information sharing with industry partners regarding malicious or abusive behavior, in order to ensure coordinated abuse mitigation across multiple TLDs.
Assessing abuse reports requires great care, and the registry operator will rely upon professional, trained investigators who are versed in such matters. The goals will be accuracy, good record-keeping, and a zero false-positive rate so as not to harm innocent registrants.
Different types of malicious activities require different methods of investigation and documentation. Further, the registry operator expects to face unexpected or complex situations that call for professional advice, and will rely upon professional, trained investigators as needed.
In general, there will be two types of domain abuse that must be addressed: a) Compromised domains. These domains have been hacked or otherwise compromised by criminals, and the registrant is not responsible for the malicious activity taking place on the domain. For example, the majority of domain names that host phishing sites will be compromised. The goal in such cases is to get word to the registrant (usually via the registrar) that there is a problem that needs attention with the expectation that the registrant will address the problem in a timely manner. Ideally such domains do not get suspended, since suspension would disrupt legitimate activity on the domain. b) Malicious registrations. These domains will be registered by malefactors for the purpose of abuse. Such domains will be generally targets for suspension, since they have no legitimate use.
The standard procedure is that the registry operator will forward a credible alleged case of malicious domain name use to the domain’s sponsoring registrar with a request that the registrar investigate the case and act appropriately. The registrar will be provided evidence collected as a result of the investigation conducted by the trained abuse handlers. As part of the investigation, if inaccurate or false WHOIS registrant information is detected, the registrar is notified about this. The registrar will be the party with a direct relationship with—and a direct contract with—the registrant. The registrar will also have vital information that the registry operator will not, such as: • Details about the domain purchase, such as the payment method used (credit card, PayPal, etc.); • The identity of a proxy-protected registrant; • The purchaser’s IP address; • Whether there is a reseller involved, and; • The registrant’s past sales history and purchases in other TLDs (insofar as the registrar can determine this).
Registrars do not share the above information with the registry operators due to privacy and liability concerns, among others. Because they have more information with which to continue the investigation, and because they have a direct relationship with the registrant, the registrar is in the best position to evaluate alleged abuse. The registrar can determine if the use violates the registrar’s legal terms of service or the registry Anti-Abuse Policy, and can decide whether or not to take any action. While the language and terms vary, registrars will be expected to include language in their registrar-registrant contracts that indemnifies the registrar if it takes action, and allows the registrar to suspend or cancel a domain name; this will be in addition to the registry Anti-Abuse Policy. Generally, registrars can act if the registrant violates the registrar’s terms of service, or violates ICANN policy, or if illegal activity is involved, or if the use violates the registry’s Anti-Abuse Policy.
If a registrar does not take action within a time period indicated by the registry operator (usually 24 hours), the registry operator might then decide to take action itself. At all times, the registry operator reserves the right to act directly and immediately if the potential harm to Internet users seems significant or imminent, with or without notice to the sponsoring registrar.
The registry operator will be prepared to call upon relevant law enforcement bodies as needed. There will be certain cases, for example, Illegal pharmacy domains, where the registry operator will contact the Law Enforcement Agencies to share information about these domains, provide all the evidence collected and work closely with them before any action will be taken for suspension. The specific action is often dependent upon the jurisdiction of which the registry operator, although the operator in all cases will adhere to applicable laws and regulations.
When valid court orders or seizure warrants are received from courts or law enforcement agencies of relevant jurisdiction, the registry operator will order execution in an expedited fashion. Compliance with these will be a top priority and will be completed as soon as possible and within the defined timelines of the order. There will be certain cases where Law Enforcement Agencies request information about a domain including but not limited to: • Registration information • History of a domain, including recent updates made • Other domains associated with a registrant’s account • Patterns of registrant portfolio
Requests for such information is handled on a priority basis and sent back to the requestor as soon as possible. The registry back-end service provider will set a goal to respond to such requests within 24 hours.
The registry operator may also engage in proactive screening of its zone for malicious use of the domains in the TLD, and report problems to the sponsoring registrars. The registry operator could take advantage of a combination of the following resources, among others: • Blocklists of domain names and nameservers published by organizations such as SURBL and Spamhaus. • Anti-phishing feeds, which will provide URLs of compromised and maliciously registered domains being used for phishing. • Analysis of registration or DNS query data [DNS query data received by the TLD nameservers.]
The registry operator will keep records and track metrics regarding abuse and abuse reports. These will include: • Number of abuse reports received by the registry’s abuse point of contact described above; • Number of cases and domains referred to registrars for resolution; • Number of cases and domains where the registry took direct action; • Resolution times; • Number of domains in the TLD that have been blacklisted by major anti-spam blocklist providers, and; • Phishing site uptimes in the TLD.
Removal of orphan glue records By definition, orphan glue records used to be glue records. Glue records are related to delegations and are necessary to guide iterative resolvers to delegated nameservers. A glue record becomes an orphan when its parent nameserver record is removed without also removing the corresponding glue record. (Please reference the ICANN SSAC paper SAC048 at: http:⁄⁄www.icann.org⁄en⁄committees⁄security⁄sac048.pdf.) Orphan glue records may be created when a domain (example.tld) is placed on EPP ServerHold or ClientHold status. When placed on Hold, the domain is removed from the zone and will stop resolving. However, any child nameservers (now orphan glue) of that domain (e.g., ns1.example.tld) will be left in the zone. It is important to keep these orphan glue records in the zone so that any innocent sites using that nameserver will continue to resolve. This use of Hold status is an essential tool for suspending malicious domains.
The registry back-end service provider will observe the following procedures, which are being followed by other registries and are generally accepted as DNS best practices. These procedures are also in keeping with ICANN SSAC recommendations.
When a request to delete a domain is received from a registrar, the registry first checks for the existence of glue records. If glue records exist, the registry will check to see if other domains in the registry are using the glue records. If other domains in the registry are using the glue records then the request to delete the domain will fail until no other domains are using the glue records. If no other domains in the registry are using the glue records then the glue records will be removed before the request to delete the domain is satisfied. If no glue records exist then the request to delete the domain will be satisfied.
If a registrar cannot delete a domain because of the existence of glue records that are being used by other domains, then the registrar may refer to the zone file or the “weekly domain hosted by nameserver report” to find out which domains are using the nameserver in question and attempt to contact the corresponding registrar to request that they stop using the nameserver in the glue record. The registry operator does not plan on performing mass updates of the associated DNS records.
The registry operator will accept, evaluate, and respond appropriately to complaints that orphan glue is being used maliciously. Such reports should be made in writing to the registry operator, and may be submitted to the registry’s abuse point-of-contact. If it is confirmed that an orphan glue record is being used in connection with malicious conduct, the registry operator will have the orphan glue record removed from the zone file. The registry back-end service provider will have the technical ability to execute such requests as needed.
Methods to promote WHOIS accuracy The creation and maintenance of accurate WHOIS records is an important part of registry management. As described in our response to question #26, WHOIS, the registry operator will manage a secure, robust and searchable WHOIS service for this TLD.
WHOIS data accuracy The registry operator will offer a “thick” registry system. In this model, all key contact details for each domain name will be stored in a central location by the registry. This allows better access to domain data, and provides uniformity in storing the information. The registry operator will ensure that the required fields for WHOIS data (as per the defined policies for the TLD) will be enforced at the registry level. This ensures that the registrars will be providing required domain registration data. Fields defined by the registry policy to be mandatory will be documented as such and must be submitted by registrars. The registry back-end service provider’s registry system verifies formats for relevant individual data fields (e.g. e-mail, and phone⁄fax numbers). Only valid country codes will be allowed as defined by the ISO 3166 code list. The registry back-end service provider’s WHOIS system will be extensible, and capable of using the VAULT system, described further below.
Similar to the centralized abuse point of contact described above, the registry operator can institute a contact email address which could be utilized by third parties to submit complaints for inaccurate or false WHOIS data detected. This information will be processed by the registry back-end service provider and forwarded to the registrars. The registrars can work with the registrants of those domains to address these complaints. The registry back-end service provider will audit registrars on a yearly basis to verify whether the complaints being forwarded are being addressed or not. This functionality, available to all registry operators, is activated based on the registry operator’s business policy.
The registry back-end service provider will also incorporate a spot-check verification system where a randomly intended set of domain names will be checked periodically for accuracy of WHOIS data. The registry back-end service provider’s system incorporates such a verification system whereby 1% of total registrations or 100 domains, whichever number is larger, will be spot-checked every month [“whereby…every month” is too specific and delete?] to verify the domain name registrant’s critical information provided with the domain registration data. The registry back-end service provider, which may have a highly qualified corps of engineers and a full support function, will have the capacity to integrate such spot-check functionality into this TLD, based on the registry operator’s business policy. Note: This functionality will not work for proxy protected WHOIS information, where registrars or their resellers have the actual registrant data. The solution to that problem lies with either registry or registrar policy, or a change in the general marketplace practices with respect to proxy registrations.
Finally, the registry back-end service provider’s registry systems will have a sophisticated set of billing and pricing functionality which aids the registry operators who decide to provide a set of financial incentives to registrars for maintaining or improving WHOIS accuracy. For instance, it is conceivable that the registry operator may decide to provide a discount for the domain registration or renewal fees for validated registrants, or levy a larger cost for the domain registration or renewal of proxy domain names. The system will have the capability to support such incentives on a configurable basis, towards the goal of promoting better WHOIS accuracy.
Role of registrars As part of the RRA (Registry Registrar Agreement), the registry operator will require the registrar to be responsible for ensuring the input of accurate WHOIS data by their registrants. The Registrar⁄Registered Name Holder Agreement will include a specific clause to ensure accuracy of WHOIS data, and to give the registrar rights to cancel or suspend registrations if the Registered Name Holder fails to respond to the registrar’s query regarding accuracy of data. ICANN’s WHOIS Data Problem Reporting System (WDPRS) will be available to those who wish to file WHOIS inaccuracy reports, as per ICANN policy (http:⁄⁄wdprs.internic.net⁄ ).
Controls to ensure proper access to domain functions Several measures will be in place in the registry system to ensure proper access to domain functions, including authentication provisions in the RRA relative to notification and contact updates via use of AUTH-INFO codes.
IP address access control lists, TLS⁄SSL certificates and proper authentication will be used to control access to the registry system. Registrars are only given access to perform operations on the objects they sponsor.
Every domain will have a unique AUTH-INFO code. The AUTH-INFO code is a 6- to 16-character code assigned by the registrar at the time the name is created. Its purpose is to aid identification of the domain owner so proper authority can be established. It is the ʺpasswordʺ to the domain name. Registrars must use the domain’s password in order to initiate a registrar-to-registrar transfer. It is used to ensure that domain updates (update contact information, transfer, or deletion) are undertaken by the proper registrant, and that this registrant is adequately notified of domain update activity. Only the sponsoring registrar of a domain has access to the domain’s AUTH-INFO code stored in the registry, and this is accessible only via encrypted, password-protected channels.
Information about other registry security measures such as encryption and security of registrar channels are confidential to ensure the security of the registry system. The details and similar examples can be found in the response to question #30b.
Validation and abuse mitigation mechanisms The registry back-end service provider is expected to have developed advanced validation and abuse mitigation mechanisms. Examples of these capabilities and mechanisms are described below. These services and capabilities are discretionary and may be utilized by the registry operator based on their policy and business need.
The registry back-end service provider will have the ability to analyze the registration data for known patterns at the time of registration. A database of these known patterns will be developed from domains and other associated objects (e.g., contact information) which have been previously detected and suspended after being flagged as abusive. Any domains matching the defined criteria can be flagged for investigation. Once analyzed and confirmed by the domain anti-abuse team members, these domains may be suspended. This provides proactive detection of abusive domains.
Provisions will be made available to enable the registry operator to only allow registrations by pre-authorized and verified contacts. These verified contacts are given a unique code that can be used for registration of new domains.
Registrant pre-verification and authentication One of the systems that could be used for validity and identity authentication is VAULT (Validation and Authentication Universal Lookup). It utilizes information obtained from a series of trusted data sources with access to billions of records containing data about individuals for the purpose of providing independent age and id verification as well as the ability to incorporate additional public or private data sources as required. Various verification elements can be used. Examples might include applicant data such as name, address, phone, etc. Multiple methods could be used for verification include integrated solutions utilizing API (XML Application Programming Interface) or sending batches of requests.
• Verification and Authentication requirements would be based on TLD operator requirements or specific criteria. • Based on required WHOIS Data; registrant contact details (name, address, phone) • If address⁄ZIP can be validated by VAULT, the validation process can continue in the key countries • If in-line processing and registration and EPP⁄API call would go to the verification clearinghouse and return up to 4 challenge questions. • If two-step registration is required, then registrants would get a link to complete the verification at a separate time. The link could be specific to a domain registration and pre-populated with data about the registrant. • If WHOIS data is validated a token would be generated and could be given back to the registrar which registered the domain. • WHOIS data would reflect the Validated Data or some subset, i.e., fields displayed could be first initial and last name, country of registrant and date validated. Other fields could be generic validation fields much like a “privacy service”. • A “Validation Icon” customized script would be sent to the registrants email address. This could be displayed on the website and would be dynamically generated to avoid unauthorized use of the Icon. When clicked on the Icon would should limited WHOIS details i.e. Registrant: jdoe, Country: ABC, Date Validated: March 29, 2011, as well as legal disclaimers. • Validation would be annually renewed, and validation date displayed in the WHOIS.
Abuse prevention resourcing plans The registry back-end service provider will be focusing on delivering secure, stable and reliable registry services. There will be management and staff with extensive experience in designing and launching the registry systems and expanding the number of TLDs where necessary. The registry back-end service provider will operate in a matrix structure, which will allow its staff to be allocated to various critical functions in both a dedicated and a shared manner. With a team of specialists and generalists, the registry back-end service provider’s project management methodology will allow efficient and effective use of staff in a focused way. Abuse prevention and detection may be a function that is staffed across the various groups inside the registry back-end services provider, and requires a team effort when abuse is either well hidden or widespread, or both. While all of the registry back-end services provider’s employees are charged with responsibility to report any detected abuse, the engineering and analysis teams shall provide specific support based on the type of abuse and volume and frequency of analysis required. The registry back-end services provider’s security and support teams shall have the authority to initiate mitigation.
The registry back-end service provider will develop advanced validation and abuse mitigation mechanisms. Examples of these capabilities and mechanisms are described below. These services and capabilities are discretionary and may be utilized by the registry operator based on their policy and business need.
This TLD’s anticipated volume of registrations in the first three years of operations is listed in response #46. The registry back-end service provider and the registry operator’s anti-abuse function anticipates the expected volume and type of registrations, and together will adequately cover the staffing needs for this TLD. The registry operator will maintain an abuse response team, which may be a combination of internal staff and outside specialty contractors, adjusting to the needs of the size and type of TLD. The team structure planned for this TLD is based on years of experience responding to, mitigating, and managing abuse for TLDs of various sizes. The team will generally consist of abuse handlers (probably internal), a junior analyst, (either internal or external), and a senior security consultant (likely an external resource providing the registry operator with extra expertise as needed). These responders will be specially trained in the investigation of abuse complaints, and will have the latitude to act expeditiously to suspend domain names (or apply other remedies) when called for.
The exact resources required to maintain an abuse response team will change with the size and registration procedures of the TLD. An initial abuse handler is necessary as a point of contact for reports, even if a part-time responsibility. The abuse handlers monitor the abuse email address for complaints and evaluate incoming reports from a variety of sources. A large percentage of abuse reports to the registry operator may be unsolicited commercial email. The designated abuse handlers can identify legitimate reports and then decide what action is appropriate, either to act upon them, escalate to a security analyst for closer investigation, or refer them to registrars as per the above-described procedures. A TLD with rare cases of abuse would conform to this structure.
If multiple cases of abuse within the same week occur regularly, the registry operator will consider staffing internally a security analyst to investigate the complaints as they become more frequent. Training an abuse analyst requires 3-6 months and likely requires the active guidance of an experienced senior security analyst for guidance and verification of assessments and recommendations being made.
If this TLD were to regularly experience multiple cases of abuse within the same day, a full-time senior security analyst would likely be necessary. A senior security analyst capable of fulfilling this role should have several years of experience and able to manage and train the internal abuse response team.
The abuse response team will also maintain subscriptions for several security information services, including the blocklists from organizations like SURBL and Spamhaus and anti-phishing and other domain related abuse (malware, fast-flux etc.) feeds. The pricing structure of these services may depend on the size of the domain and some services will include a number of rapid suspension requests for use as needed.
For a large TLD, regular audits of the registry data are required to maintain control over abusive registrations. When a registrar with a significant number of registrations has been compromised or acted maliciously, the registry operator may need to analyze a set of registration or DNS query data. A scan of all the domains of a registrar will be conducted only as needed. Scanning and analysis for a large registrar may require as much as a week of full-time effort for a dedicated machine and team.
29. Rights Protection Mechanisms
29 Rights Protection Mechanisms
At the moment, there’s no immediate plan to offer the gTLD to external communities. In case we decide to offer the TLD for external communities, we may implement the following plan. The Registry is committed to a comprehensive strategy on Rights Protection Mechanisms (RPM). The Registry draws from the successful experience and knowledge of the RPM measures implemented for the gTLD in the past , especially in its acclaimed Sunrise process and its contributions to rapid suspension policies.
The Registry does not intend to provide open general registrations. However, if the Registry at any point in time decides to do so, we may implement the following which describes the comprehensive RPM policies and processes that the Registry along with its future registry back-end and front-end service providers may put in place.
29.1 Sunrise and Startup Processes
A comprehensive Sunrise and startup process is the key to successful RPMs. A successful Sunrise program not only provides priority to rights holders, but also sends a clear message to the market that the TLD is serious about RPMs, thereby further deterring abusive registrations.
The Sunrise process provides for the introduction of the TLD in an orderly and equitable manner. Its purpose is to give reasonable protection and priority to stakeholders and certain prior rights holders, as well as to deter abusive and bad faith registrations. The Sunrise policies are also designed to facilitate reliability for ICANN Accredited Registrars and fair competition amongst registrants. It is intended to create a stable and effective launch and registration process for the benefit of various stakeholders and the Internet community at large.
The Registry would target to achieve 0 disputes and also 100% satisfaction (satisfied or very satisfied) in an online poll of Intellectual Property Rights (IPR) practitioners, the Registry may implement a thorough and multi-phased Sunrise and startup process similar to that of the other registry.
Shall the Registry offer the gTLD to external communities , a comprehensive set of Sunrise policies may be put in place in addition to the standard Sunrise and Trademark Claims services as specified in SPECIFICATION 7: MINIMUM REQUIREMENTS FOR RIGHTS PROTECTION MECHANISMS, of the New gTLD Registry Agreement. The Sunrise policies may follow a similar framework of the .ASIA Sunrise Policies (http:⁄⁄dot.asia⁄policies⁄DotAsia-Sunrise-Policies--COMPLETE-2007-08-10.pdf), in so far as it does not conflict with the specification 7.
29.1.1 Standard Sunrise and Trademark Claims Services
As a basic commitment, the Registry may implement the requirements from Specification 7 of the New gTLD Registry Agreement, and in accordance to the relevant Trademark Clearing House (TMCH) Sunrise and Trademark Claims services.
For this standard Sunrise, the Registry may establish, at a minimum, the eligibility requirements verified by Clearinghouse data, and incorporate a Sunrise Dispute Resolution ⁄ Challenge Policy. The standard Sunrise eligibility requirements include: (i) ownership of a mark that satisfies the criteria set forth in section 7.2 of the Trademark Clearing House specifications, (ii) description of international class of goods or services covered by registration; (iii) representation that all provided information is true and correct; and (iv) provision of data sufficient to document rights in the trademark.
The Registry believes that these form only the very basic layer of RPM and may consider adding significant measures on top of the standard process to ensure that prior rights of others are not abused.
In terms of Sunrise, Specification 7 and the TMCH descriptions only provide a basic framework for Trademark holders to protect names that are identical to their trademark. The Registry believes that additional protection is important and can be efficiently and effectively put in place with a multi-phased Sunrise program. 29.1.2 Auction Process
An important part of the success of the other registry’s Sunrise program is the use of auction in the resolution of contention. It is known that many Trademarks are similar or identical because of the different jurisdictions and different classes. Therefore, it is inevitable that there would be some competition among rights holders to certain names. A complete Sunrise program requires a contention resolution mechanism that works to reduce the tension of competition and resolve the issue in a stable and orderly manner.
29.1.3 Sunrise Challenge (Dispute Resolution) Process
Besides a contention resolution process, an important part of any Sunrise process is a well developed Sunrise Challenge Process to ensure the integrity of the Sunrise program. The Sunrise Challenge Process is important such that after the allocation of a Sunrise name, there will be a period of time where legitimate rights owners can challenge the legitimacy and eligibility of a registrant based on the Sunrise policies to a domain name.
29.1.4 Additional Protection Mechanisms for Sunrise
In addition to the basic “identical” match of a Trademark to a domain name applied for during the Sunrise period, the Registry intends to follow the successful example of the other registry to include additional types of matches, for example: - Exceptions for registered mark (tm, sm, etc.) type or entity type (ltd, inc, etc.) identifiers - Exceptions for the TLD string (i.e. allowing marks containing the TLD string to omit that substring) - Considerations for commonly used short forms and omission of locality indications - Acceptance of standard Romanization and Transliterations for Company Names - Extended protection for trademarks + the class of the trademark (e.g. “BRAND Shoes” or “BRAND Computers”, etc.)
These considerations allow trademark holders priority registration opportunity to protect names that are important and related to them.
Shall the Registry decide to offer the TLD for external communities, it may also consider developing specialized phases targeted to provide priority registration periods for the community that the Registry may be primarily serving. For example, in a registry’s Sunrise, Asian businesses and registered companies are allowed to participate in one of the phases of the Sunrise program ahead of the general availability of the domain. This allows many Asian businesses who may not have a registered trademark to make use of the Sunrise process to protect their name.
29.1.5 Proactive Outreach and Specialized Programs
Furthermore, on top of the Sunrise program, a Pioneer Domains Program may be put in place to provide even further protection for prior rights holders while maintaining a strong balance against users’ rights.
Two features of the Pioneer programs for rights holders include: 1) the ability to apply for typo or other variant forms of their trademark to improve protection; 2) the use of the Pioneer Domains Challenge process to protect against abuse.
The Registry intends to put in place a pioneer domains program similar to the other registry, such as the .ASIA Pioneer Domains Program (http:⁄⁄pioneer.domains.asia⁄ascii⁄policies.html). Together with the Pioneer Domains Program, a Pioneer Domains Challenge Process may be put in place (http:⁄⁄pioneer.domains.asia⁄ascii⁄challenge.html).
29.2 UDRP, URS and other Suspension Processes
While the Startup process, including the multi-phased Sunrise program provides a proactive process for prior rights holders to protect their names under the TLD in a priority registration process, RPMs after the allocation and delegation of a second level domain under the TLD is equally important.
29.2.1 UDRP Implementation
The Registry may comply with and put in place mechanisms to ensure the enforcement of UDRP decisions. These will include provisions within the Registry-Registrar Agreements (RRA) with Accredited Registrars to ensure that they have adequate provisions in their Registration agreement with registrants to submit to UDRP proceedings, as well as to work closely with Accredited registrars in the implementation of UDRP decisions and required actions through the URS process.
29.2.2 URS Implementation
The Registry may comply with and put in place mechanisms to ensure the enforcement of URS decisions. These include provisions within the Registry-Registrar Agreements (RRA) with Accredited Registrars to ensure that they have adequate provisions in their Registration agreement with registrants to submit to URS proceedings, as well as to work closely with Accredited registrars in the implementation of URS decisions and required actions through the URS process.
The future registry operator may implement decisions rendered under the URS on an ongoing basis. Per the URS policy posted on ICANN’s Web site as of this writing, the registry operator will receive notice of URS actions from the ICANN-approved URS providers. These emails will be directed immediately to the registry operator’s support staff, who will be responsible for creating a ticket for each case, and for executing the directives from the URS provider. All support staff will receive pertinent training.
The registry operator’s support staff will retain all copies of emails from the URS providers, assign them a tracking or ticket number, and will track the status of each opened URS case through to resolution via spreadsheet or database.
The registry operator’s support staff will execute further operations upon notice from the URS providers. The URS provider is required to specify the remedy and required actions of the registry operator, with notification to the registrant, the complainant, and the registrar.
As per the URS guidelines, if the complainant prevails, the “registry operator shall suspend the domain name, which shall remain suspended for the balance of the registration period and would not resolve to the original web site. The nameservers shall be redirected to an informational web page provided by the URS provider about the URS. The WHOIS for the domain name shall continue to display all of the information of the original registrant except for the redirection of the nameservers. In addition, the WHOIS shall reflect that the domain name will not be able to be transferred, deleted or modified for the life of the registration.”
29.2.3 Other Suspension Programs
In addition to the basic dispute and suspension programs, the Abuse Prevention Mechanisms as described in #28 as well as the geographical names reservation processes described in #22, the Registry, may follow something similar to the other registry’s practice to explore appropriate suspension mechanisms and challenge processes to further improve the protection to prior rights holders.
Given the focus of the TLD, the Registry may also consider and explore adopting other relevant forums for domain dispute resolution. For example, the Registry may explore the adoption of relevant ccTLD dispute resolution processes or any other industry arbitration processes relevant to the use to broaden the protection of the legitimate prior rights of others in the registration of domain names in the TLD. These measures will be put in place in addition to and definitely not in replacement of the basic requirements of submitting to UDRP, URS and other ICANN policies.
29.2.4 Post-Delegation Dispute Resolution Process (PDDRP)
While the Registry is confident that its processes and policies will be effective in curbing abusive registrations, and that it has the knowledge and capabilities to implement and enforce such measures, the Registry is fully prepared to work with ICANN should a PDDRP be initiated.
The Registry will comply with the process and, along with the back-end and front-end registry service providers, will try our best to fulfil all ICANN requirements through a PDDRP.
29.2.5 Rights protection resourcing plans
The registry back-end service provider will be focusing on delivering secure, stable and reliable registry services. There will be management and staff with extensive experience in designing and launching the registry systems and expanding the number of TLDs where necessary.. The registry back-end service provider will operate in a matrix structure, which will allow its staff to be allocated to various critical functions in both a dedicated and a shared manner. With a future team of specialists and generalists, the registry back-end service provider’s project management methodology will allow efficient and effective use of our staff in a focused way.
Supporting RPMs requires several departments within the registry operator as well as within the registry back-end service provider. The implementation of Sunrise and the Trademark Claims service and on-going RPM activities will pull from a team of the registry back-end service provider’s staff members of the engineering, product management, development, security and policy teams and the support staff of the registry operator. Resources may also be assigned by the registry front-end service provider for the registry operator, No additional hardware or software resources are required to support this as the registry back-end service provider shall have fully-operational capabilities to manage abuse..
29.3 Meeting & Exceeding Requirements
29.3.1 Capabilities and Knowledge
The Registry shall be supported by the future front-end services provider which will have the experience of managing a dispute free startup of a gTLD registry to develop the Sunrise and Startup processes as well as agreements and other administrative proceedings to ensure effective, efficient and implementable enforcement of such policies and processes.
A dedicated team which will comprise members from the registry front-end service provider, the Registry and the registry back-end service provider may be convened to ensure that policy as well as technical capabilities are in place to support the RPMs.
29.3.2 Compliance with Specification 7
The Registry will try our best to comply with Specification 7 of the New gTLD Registry Agreement, and plans to implement additional RPM on top of the basic requirements of Specification 7.
29.3.3 Plans for Meeting Compliance with Contractual Requirements
The Registry, along with the front-end and back-end service providers will work to ensure that contractual compliance is met. Besides the basic requirements in Specification 7, the Registry intends to consult with ICANN through the process as additional RPMs are put in place to ensure that they also comply with contractual requirements. With the expertise and extensive experience of our future partners, the Registry will try our best to ensure that it may meet and comply with all the ICANN contractual requirements.
The following are the examples which may be memorialized and be made binding via the Registry-Registrar and Registrar-Registrant Agreements:
The registry may reject a registration request or a reservation request, or may delete, revoke, suspend, cancel, or transfer a registration or reservation under the following criteria: a. to enforce registry policies and ICANN requirements; each as amended from time to time; b. that is not accompanied by complete and accurate information as required by ICANN requirements and⁄or registry policies or where required information is not updated and⁄or corrected as required by ICANN requirements and⁄or registry policies; c. to protect the integrity and stability of the registry, its operations, and the TLD system; d. to comply with any applicable law, regulation, holding, order, or decision issued by a court, administrative authority, or dispute resolution service provider with jurisdiction over the registry; e. to establish, assert, or defend the legal rights of the registry or a third party or to avoid any civil or criminal liability on the part of the registry and⁄or its affiliates, subsidiaries, officers, directors, representatives, employees, contractors, and stockholders; f. to correct mistakes made by the registry or any accredited registrar in connection with a registration; or g. as otherwise provided in the Registry-Registrar Agreement and⁄or the Registrar-Registrant Agreement.
29.3.4 Consistency with Technical, Operational and Financial Approach
The use of pending Create along with other registry system features may ensure that Sunrise and other startup processes could be processed in a standards based manner. I
Note that some of the extensions might be subject to change based on ICANN-developed requirements for the Trademark Clearinghouse and also specific implementation of the Sunrise process at the Registry.
29.3.5 Committed Resource to Carry out plans
The registry back-end and front-end services providers respectively shall have teams prepared and dedicated with capacity and capability to implement a comprehensive Sunrise and Startup process as well as the additional RPM measures that the Registry intends to put in place.
29.3.6 Rights Protection as A Core Objective
Based on the in depth discussion and commitment to the multitude of RPM features as well as a multi-phased startup process to ensure the stable and orderly introduction of the TLD, the Registry believes that it has demonstrated its commitment to rights protection as a core objective.
Beyond RPMs, the comprehensive geographical names protection program as explained in #22 further demonstrates the dedication of the Registry towards the protection of the prior rights of others.
29.3.7 Effective Mechanisms in Addition to Requirements in Registry Agreement
The policies and processes proposed by the Registry are proven and time tested to be effective in curbing abusive registrations. The Registry may follow a similar process used by other registry’s sunrise processes which have been highly regarded by the industry and yielded high satisfaction rating from an online poll of Intellectual Property Rights practitioners.
Much of the approach will be tested and proven successful before the launch of the TLD. The success of the process can be observed by the limitation or following of the processes, including the multi-phased startup, the auction based contention resolution, as well as the Pioneer Domains Program (i.e. an Request for proposal -- RFP -- type process) are now commonly used processes when a TLD is launched or certain section of names are released by a TLD (e.g. 1 and 2 character names in existing gTLDs).
30(a). Security Policy: Summary of the security policy for the proposed registry
30a Security Policy (Public)
The answer to question #30a is provided based on the intended back-end provider of registry services for this TLD.
The future registry back-end service provider will aggressively and actively protect the registry system from known threats and vulnerabilities, and will deploy an extensive set of security protocols, policies and procedures to thwart compromise. The registry back-end service provider will have robust and detailed plans to be continually updated and tested to ensure new threats are mitigated prior to becoming issues. The registry back-end service provider will continue rigorous security measures of which the examples include: • Multiple layers of security and access controls throughout registry and support systems; • 24x7 monitoring of all registry and DNS systems, support systems and facilities; • Unique, proven registry design that ensures data integrity by granting only authorized access to the registry system, while meeting performance requirements; • Detailed incident and problem management processes for rapid review, communications, and problem resolution, and; • Yearly external audits by independent, industry-leading firms, as well as twice-yearly internal audits.
Security policies and protocols The registry back-end service provider will include security in its services, including facilities, hardware, equipment, connectivity⁄Internet services, systems, computer systems, organizational security, outage prevention, monitoring, disaster mitigation, and escrow⁄insurance, from the original design, through development, and finally as part of production deployment. Examples of threats and the confidential and proprietary mitigation procedures are detailed in our response to question #30(b).
There are several important aspects of the security policies and procedures to note: • the registry back-end service provider’s DNS infrastructure will be massively provisioned as part of its DDoS mitigation strategy, thus ensuring sufficient capacity and redundancy to support new gTLDs. • Diversity is an integral part of all of our software and hardware stability and robustness plan, thus avoiding any single points of failure in our infrastructure. • Access to any element of our service (applications, infrastructure and data) will only be provided on an as-needed basis to employees and a limited set of others to fulfill their job functions. The principle of least privilege is applied. • All registry components – critical and non-critical – will be monitored 24x7 by staff at our NOCs, and the technical staff will have detailed plans and procedures that have stood the test of time for addressing even the smallest anomaly. Well-documented incident management procedures will be in place to quickly involve the on-call technical and management staff members to address any issues.
The registry back-end service provider will follow the guidelines from the ISO 27001 Information Security Standard (Reference: http:⁄⁄www.iso.org⁄iso⁄iso_catalogue⁄catalogue_tc⁄catalogue_detail.htm?csnumber=42103 ) for the management and implementation of its Information Security Management System. The registry back-end service provider will also utilize the COBIT IT governance framework to facilitate policy development and enable controls for appropriate management of risk (Reference: http:⁄⁄www.isaca.org⁄cobit). Best practices defined in ISO 27002 will be followed for defining the security controls within the organization. The registry back-end service provider will continually look to improve the efficiency and effectiveness of our processes, and will follow industry best practices as defined by the IT Infrastructure Library, or ITIL (Reference: http:⁄⁄www.itil-officialsite.com⁄).
The registry back-end service provider’s registry system will be located within secure data centers that implement a multitude of security measures both to minimize any potential points of vulnerability and to limit any damage should there be a breach. The example of its characteristics of these data centers can be found in our response to question #30(b).
The registry back-end services provider’s registry system may have a number of multi-layered measures to prevent unauthorized access to its network and internal systems. Before reaching the registry network, all traffic will be required to pass through a firewall system. Packets passing to and from the Internet are inspected, and unauthorized or unexpected attempts to connect to the registry servers are both logged and denied. Management processes will be in place to ensure each request is tracked and documented, and regular firewall audits will be performed to ensure proper operation. 24x7 monitoring will be in place and, if potential malicious activity is detected, appropriate personnel will be notified immediately.
The registry back-end service provider may follow a similar set of security procedures of other registries to allow maximum security on each of its servers, including disabling all unnecessary services and processes and regular application of security-related patches to the operating system and critical system applications. Regular external vulnerability scans will be performed to verify that only services intended to be available are accessible.
Regular detailed audits of the server configuration will be performed to verify that the configurations comply with current best security practices. Passwords and other access means will be changed on a regular schedule and revoked whenever a staff member’s employment is terminated.
Access to registry system Access to all production systems and software will be strictly limited to authorized operations staff members. Access to technical support and network operations teams where necessary will be read only and limited only to components required to help troubleshoot customer issues and perform routine checks. Strict change control procedures will be in place and will be followed each time a change is required to the production hardware⁄application. User rights are kept to a minimum at all times. In the event of a staff member’s employment termination, all access will be removed immediately.
The registry back-end service provider’s applications will use encrypted network communications. Access to the registry server will be controlled. The registry back-end service provider will allow access to an authorized registrar only if each of the authentication factors matches the specific requirements of the requested authorization. These mechanisms will also be used to secure any web-based tools that allow authorized registrars to access the registry. Additionally, all write transactions in the registry (whether conducted by authorized registrars or the registryʹs own personnel) will be logged.
EPP connections will be encrypted using TLS⁄SSL, and mutually authenticated using both certificate checks and login⁄password combinations. Web connections are encrypted using TLS⁄SSL for an encrypted tunnel to the browser, and authenticated to the EPP server using login⁄password combinations.
All systems will be monitored for security breaches from within the data center and without, using both system-based and network-based testing tools. The registry back-end service provider will use traffic shaping technologies to prevent attacks from any single registrar account, IP address, or subnet. This additional layer of security will reduce the likelihood of performance degradation for all registrars, even in the case of a security compromise at a subset of registrars.
Periodic audits of policies and procedures will be performed to ensure that any weaknesses are discovered and addressed. Aggressive escalation procedures and well-defined Incident Response management procedures will allow that decision makers are involved at early stages of any event.
In short, security will be a consideration in every aspect of business at the registry back-end service provider which will have a track record of secure, stable and reliable service.
Independent assessment Supporting operational excellence as an example of security practices, the registry back-end service provider may perform a number of internal and external security audits each year of the existing policies, procedures and practices.
Shall the Registry offer the TLD for external communities, the registry back-end service provider will perform internal security audits twice a year. These assessments will constantly be expanded based on risk assessments and changes in business or technology. Additionally, the registry back-end service provider will consider engaging an independent third-party security organization, such as PivotPoint Security, to perform external vulnerability assessments and penetration tests on the sites hosting and managing the Registry infrastructure. These assessments will be performed with major infrastructure changes, release of new services or major software enhancements. These independent assessments will be performed at least annually. An example of a report from a recent assessment is attached with our response to question #30(b).
The registry back-end service provider may engage security companies specializing in application and web security testing to allow the security of web-based applications offered by the registry back-end service provider, such as the Web Admin Tool (WAT) for registrars and registry operators.
Finally, the registry back-end service provider will consider engaging a security services division to perform ISO 27002 gap assessment studies so as to review alignment of the registry back-end service provider’s procedures and policies with the ISO 27002 standard.
Special TLD considerations Shall the Registry offer the TLD for external communities, the registry back-end service provider’s rigorous security practices will be regularly reviewed; if there is a need to alter or augment procedures for this TLD, they will be done so in a planned and deliberate manner.
Commitments to registrant protection The registry back-end service provider understands registrant security concerns. The registry back-end service provider will support a “thick” registry system in which data for all objects are stored in the registry database that is the centralized authoritative source of information.• Any confidential information stored within the registry will remain confidential; • The interaction between their registrar and the registry back-end service provider will be secure; •• The registry system will abide by all polices, including those that address registrant data; • the registry back-end service provider will not introduce any features or implement technologies that compromise access to the registry system or that compromise registrant security.
To protect any unauthorized modification of registrant data, the registry back-end service provider will mandate TLS⁄SSL transport (per RFC 5246) and authentication methodologies for access to the registry applications shall the Registry offer the TLD for external communities. Authorized registrars are required to supply a list of specific individuals (five to ten people) who are authorized to contact the registry. Each such individual is assigned a pass phrase. Any support requests made by an authorized registrar to registry customer service are authenticated by registry customer service. All failed authentications are logged and reviewed regularly for potential malicious activity. This prevents unauthorized changes or access to registrant data by individuals posing to be registrars or their authorized contacts.
These items reflect an understanding of the importance of balancing data privacy and access for registrants, both individually and as a collective, worldwide user base.
Security resourcing plans Please refer to our response to question #30b for security resourcing plans.