Back

29 Rights Protection Mechanisms

gTLDFull Legal NameE-mail suffixDetail
.CROWNCrown Equipment Corporationcrown.comView
1 MECHANISMS DESIGNED TO PREVENT ABUSIVE REGISTRATIONS

Rights protection is a core objective of Crown Equipment Corp. Crown Equipment Corp will implement and adhere to any rights protection mechanisms (RPMs) that may be mandated from time to time by ICANN, including each mandatory RPM set forth in the Trademark Clearinghouse model contained in the Registry Agreement, specifically Specification 7. Crown Equipment Corp acknowledges that, at a minimum, ICANN requires a Sunrise period, a Trademark Claims period, and interaction with the Trademark Clearinghouse with respect to the registration of domain names for the .CROWN gTLD. It should be noted that because ICANN, as of the time of this application submission, has not issued final guidance with respect to the Trademark Clearinghouse, Crown Equipment Corp cannot fully detail the specific implementation of the Trademark Clearinghouse within this application. Crown Equipment Corp will adhere to all processes and procedures to comply with ICANN guidance once this guidance is finalized.

As described in this response, Crown Equipment Corp will implement a Sunrise period and Trademark Claims service with respect to the registration of domain names within the .CROWN gTLD. Certain aspects of the Sunrise period and⁄or Trademark Claims service may be administered on behalf of Crown Equipment Corp by Crown-approved registrars or by subcontractors of Crown Equipment Corp, such as its selected backend registry services provider, Verisign.

The .CROWN gTLD will be operated pursuant to the Specification 9 exempt guidelines provided by ICANN and will be managed exclusively within the company and only company resources will be advertised on the domain. At this time, Crown Equipment has no intention of offering third party domain registrations upon the gTLD. Nevertheless, if services such as a Sunrise Period and Trademark Claim service are required, Crown will use Verisign and⁄or Network Solutions’ programs. Any engagement for the implementation and provision of such services shall be in compliance with all ICANN-mandated regulations, agreements, guidance and policies, as it is of paramount importance of the Crown Equipment to protect the rights of all rightsholders.

Sunrise Period. As provided by the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook, the Sunrise service pre-registration procedure for domain names continues for at least 30 days prior to the launch of the general registration of domain names in the gTLD (unless Crown Equipment Corp decides to offer a longer Sunrise period).

During the Sunrise period, holders of marks that have been previously validated by the Trademark Clearinghouse receive notice of domain names that are an identical match (as defined in the ICANN Applicant Guidebook) to their mark(s). Such notice is in accordance with ICANN’s requirements and is provided by Crown Equipment Corp either directly or through Crown-approved registrars.

Crown Equipment Corp requires all registrants, either directly or through Crown-approved registrars, to i) affirm that said registrants meet the Sunrise Eligibility Requirements (SER) and ii) submit to the Sunrise Dispute Resolution Policy (SDRP) consistent with Section 6 of the Trademark Clearinghouse model. At a minimum Crown Equipment Corp recognizes and honors all word marks for which a proof of use was submitted and validated by the Trademark Clearinghouse as well as any additional eligibility requirements as specified in Question 18.

During the Sunrise period, Crown Equipment Corp and⁄or Crown-approved registrars, as applicable, are responsible for determining whether each domain name is eligible to be registered (including in accordance with the SERs).

Trademark Claims Service. As provided by the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook, all new gTLDs will have to provide a Trademark Claims service for a minimum of 60 days after the launch of the general registration of domain names in the gTLD (Trademark Claims period).

During the Trademark Claims period, in accordance with ICANN’s requirements, Crown Equipment Corp or the Crown-approved registrar will send a Trademark Claims Notice to any prospective registrant of a domain name that is an identical match (as defined in the ICANN Applicant Guidebook) to any mark that is validated in the Trademark Clearinghouse. The Trademark Claims Notice will include links to the Trademark Claims as listed in the Trademark Clearinghouse and will be provided at no cost.

Prior to registration of said domain name, Crown Equipment Corp or the Crown-approved registrar will require each prospective registrant to provide the warranties dictated in the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook. Those warranties will include receipt and understanding of the Trademark Claims Notice and confirmation that registration and use of said domain name will not infringe on the trademark rights of the mark holders listed. Without receipt of said warranties, the Crown Equipment Corp or the Crown-approved registrar will not process the domain name registration.

Following the registration of a domain name, the Crown-approved registrar will provide a notice of domain name registration to the holders of marks that have been previously validated by the Trademark Clearinghouse and are an identical match. This notice will be as dictated by ICANN. At a minimum Crown Equipment Corp will recognize and honor all word marks validated by the Trademark Clearinghouse.
Crown Equipment will at all times use the Trademark Clearinghouse as a resource to determine whether its registrations are in conflict with the existing rights of third parties and, in the event of any conflict, will act in accordance with all relevant rights protection mechanisms, including, without limitation those described in Specification 7 of the ICANN-Registry Operator Registry Agreement
2 MECHANISMS DESIGNED TO IDENTIFY AND ADDRESS THE ABUSIVE USE OF REGISTERED NAMES ON AN ONGOING BASIS

In addition to the Sunrise and Trademark Claims services described in Section 1 of this response, Crown Equipment Corp implements and adheres to RPMs post-launch as mandated by ICANN, and confirms that registrars accredited for the .CROWN gTLD are in compliance with these mechanisms. Certain aspects of these post-launch RPMs may be administered on behalf of Crown Equipment Corp by Crown-approved registrars or by subcontractors of Crown Equipment Corp, such as its selected backend registry services provider, Verisign.

The .CROWN gTLD will be operated pursuant to the Specification 9 exempt guidelines provided by ICANN and will be managed exclusively within the company and only company resources will be advertised on the domain. At this time, Crown Equipment has no intention of offering third party domain registrations upon the gTLD. Nevertheless, if services such as a Sunrise Period and Trademark Claim service are required, Crown will use Verisign and⁄or Network Solutions’ programs. Any engagement for the implementation and provision of such services shall be in compliance with all ICANN-mandated regulations, agreements, guidance and policies, as it is of paramount importance of the Crown Equipment to protect the rights of all rightsholders.

These post-launch RPMs include the established Uniform Domain-Name Dispute-Resolution Policy (UDRP), as well as the newer Uniform Rapid Suspension System (URS) and Trademark Post-Delegation Dispute Resolution Procedure (PDDRP). Where applicable, Crown Equipment Corp will implement all determinations and decisions issued under the corresponding RPM.

After a domain name is registered, trademark holders can object to the registration through the UDRP or URS. Objections to the operation of the gTLD can be made through the PDDRP.

The following descriptions provide implementation details of each post-launch RPM for the .CROWN gTLD:

• UDRP: The UDRP provides a mechanism for complainants to object to domain name registrations. The complainant files its objection with a UDRP provider and the domain name registrant has an opportunity to respond. The UDRP provider makes a decision based on the papers filed. If the complainant is successful, ownership of the domain name registration is transferred to the complainant. If the complainant is not successful, ownership of the domain name remains with the domain name registrant. Crown and entities operating on its behalf adhere to all decisions rendered by UDRP providers.
• URS: As provided in the Applicant Guidebook, all registries are required to implement the URS. Similar to the UDRP, a complainant files its objection with a URS provider. The URS provider conducts an administrative review for compliance with filing requirements. If the complaint passes review, the URS provider notifies the registry operator and locks the domain. A lock means that the registry restricts all changes to the registration data, but the name will continue to resolve. After the domain is locked, the complaint is served to the domain name registrant, who has an opportunity to respond. If the complainant is successful, the registry operator is informed and the domain name is suspended for the balance of the registration period; the domain name will not resolve to the original website, but to an informational web page provided by the URS provider. If the complainant is not successful, the URS is terminated and full control of the domain name registration is returned to the domain name registrant. Similar to the existing UDRP, Crown and entities operating on its behalf adhere to decisions rendered by the URS providers.
• PDDRP: As provided in the Applicant Guidebook, all registries are required to implement the PDDRP. The PDDRP provides a mechanism for a complainant to object to the registry operator’s manner of operation or use of the gTLD. The complainant files its objection with a PDDRP provider, who performs a threshold review. The registry operator has the opportunity to respond and the provider issues its determination based on the papers filed, although there may be opportunity for further discovery and a hearing. Crown Equipment Corp participates in the PDDRP process as specified in the Applicant Guidebook.

Additional Measures Specific to Rights Protection. The .CROWN gTLD will be operated pursuant to the Specification 9 exempt guidelines provided by ICANN and will be managed exclusively within the company and only company resources will be advertised on the domain. At this time, Crown Equipment has no intention of offering third party domain registrations upon the gTLD. Nevertheless, if services such as a Sunrise Period and Trademark Claim service are required, Crown will use Verisign and⁄or Network Solutions’ programs. Any engagement for the implementation and provision of such services shall be in compliance with all ICANN-mandated regulations, agreements, guidance and policies, as it is of paramount importance of the Crown Equipment to protect the rights of all rightsholders. Crown Equipment Corp provides additional measures against potentially abusive registrations. These measures help mitigate phishing, pharming, and other Internet security threats. The measures exceed the minimum requirements for RPMs defined by Specification 7 of the Registry Agreement as well as in the response to question #28 and included in its attached Abuse Prevention and Mitigation Implementation Plan and are available at the time of registration. These measures include:



• Rapid Takedown or Suspension Based on Court Orders: Crown Equipment Corp complies promptly with any order from a court of competent jurisdiction that directs it to take any action on a domain name that is within its technical capabilities as a TLD registry. These orders may be issued when abusive content, such as child pornography, counterfeit goods, or illegal pharmaceuticals, is associated with the domain name.
• Anti-Abuse Process: Crown Equipment Corp implements an anti-abuse process that is executed based on the type of domain name takedown requested. The anti-abuse process is for malicious exploitation of the DNS infrastructure, such as phishing, botnets, and malware.
• Authentication Procedures: Verisign, Crown Equipment Corp’s selected backend registry services provider, uses two-factor authentication to augment security protocols for telephone, email, and chat communications.
• Malware Code Identification: This safeguard reduces opportunities for abusive behaviors that use registered domain names in the gTLD. Registrants are often unknowing victims of malware exploits. As Crown Equipment Corp’s backend registry services provider, Verisign has developed proprietary code to help identify malware in the zones it manages, which in turn helps registrars by identifying malicious code hidden in their domain names.
• DNSSEC Signing Service: Domain Name System Security Extensions (DNSSEC) helps mitigate pharming attacks that use cache poisoning to redirect unsuspecting users to fraudulent websites or addresses. It uses public key cryptography to digitally sign DNS data when it comes into the system and then validate it at its destination. The .CROWN gTLD is DNSSEC-enabled as part of Verisign’s core backend registry services.

3. RESOURCING PLANS

Resource Planning

Crown will look primarily at the Director and IT Operations Manager for any issues surrounding RPM. Again, since Crown is not going to allow third party registrations, we do not anticipate any RPM claims. In addition to these individuals, Crown Equipment will support implementation of these policies through the provision of their resources as well as additional outside resources on an as-needed basis. Additional support will be directed from corporate and will include access to a law department, finance department, information systems, technical support, human resources and such other administrative support that may be required. In particular, we anticipate using outside advisors and lawyers to assist in managing any disputes which must be resolved. Once the top level domain has been awarded, we do not anticipate disputes beyond what is frequently encountered in operating the .com. However, given the expanded opportunities associated with operating the top level domain, we have increased the likelihood of disputes, take down notices or such other matters and increased the .com dispute resolution budget. We will utilize outside advisors to provide the additional talent and resources and specialized knowledge that we cannot cost effectively maintain internally. Projected costs associated with these resources are further discussed in the response to Question 47 below.

Resource Planning Specific to Backend Registry Activities

Verisign, Crown Equipment Corp’s selected backend registry services provider, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. Verisign routinely adjusts these staffing models to account for new tools and process innovations. These models enable Verisign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, Verisign derived the necessary personnel levels required for this gTLD’s initial implementation and ongoing maintenance. Verisign’s pricing for the backend registry services it provides to Crown Equipment Corp fully accounts for cost related to this infrastructure, which is provided as Line IIb.G, Total
Critical Registry Function Cash Outflows, within the Question 46 financial projections response.

Verisign employs more than 1,040 individuals of which more than 775 comprise its technical work force. (Current statistics are publicly available in Verisign’s quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, Verisign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving Verisign’s ability to align personnel resource growth to the scale increases of Verisign’s TLD service offerings.
Verisign projects it will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support the implementation of RPMs:
• Customer Affairs Organization: 9
• Customer Support Personnel: 36
• Information Security Engineers: 11

To implement and manage the .CROWN gTLD as described in this application, Verisign, Crown Equipment Corp’s selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, Verisign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.

When usage projections indicate a need for additional staff, Verisign’s internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, Verisign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as Verisign holds all contributing staff members accountable to the same procedures that guide its execution of the Internet’s largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, Verisign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.
gTLDFull Legal NameE-mail suffixDetail
.bwayKey GTLD Holding Incwolfe-sbmc.comView
1. Mechanisms Designed to Prevent Abusive Registrations
Rights protection is a core objective of Applicant. Applicant will implement and adhere to any rights protection mechanisms (RPMs) that may be mandated from time to time by ICANN, including each mandatory RPM set forth in the Trademark Clearinghouse model contained in the Registry Agreement, specifically Specification 7. Applicant acknowledges that, at a minimum, ICANN requires a Sunrise period, a Trademark Claims service, and interaction with the Trademark Clearinghouse with respect to the registration of domain names for the Applicant’s TLD. It should be noted that because ICANN, as of the time of this application submission, has not issued final guidance with respect to the Trademark Clearinghouse, Applicant cannot fully detail the specific implementation of the Trademark Clearinghouse within this application. Applicant will adhere to all processes and procedures to comply with ICANN guidance once this guidance is finalized.

As described in this response, Applicant will implement a Sunrise period and Trademark Claims service with respect to the registration of domain names within the Applicant’s TLD. Certain aspects of the Sunrise period and⁄or Trademark Claims service may be administered on behalf of Applicant by Applicant-approved registrars or by subcontractors of Applicant, such as its selected backend registry services provider, Verisign.

Applicant is committed to implementing all the rights protection mechanisms developed and approved by ICANN in addition to any other mechanisms or protections that may be necessary to effectively protect trademark holders’ (and other rightsholders’) rights. Indeed, one of Applicant’s core objectives is the protection of the rights of both the Applicant and of third parties. To that effect, the Applicant’s TLD has policies and practices which minimize abusive registration activities and other activities that affect the legal rights of others, and which further provide safeguards against unauthorized, unqualified and inappropriate registrations and ensure compliance with ICANN policies.

Applicant intends to request from ICANN an exemption from Specification 9 of the Registry Operatory Registry Agreement. As such, Applicant intents to function in such a way that all domain name registrations in the TLD shall be registered to and maintained by Applicant and Applicant will not sell, distribute or transfer control of domain name registrations to any party that is not an Affiliate of Applicant as defined in the ICANN-Registry Operator Registry Agreement. All domain name registrations intended to be used within Applicant’s registry will be registered to and controlled and maintained by Applicant and for the benefit of Applicant and its users, parents, sisters and Affiliates. This will prevent fraudulent entities from obtaining a registration. As the Applicant will be the only registrant approved, there will be no risk of registration of a name by an entity which does not have such a legal name or is not commonly known by such a name. This will minimize cybersquatters and⁄or domain prospectors and will eliminate the possibility of abusive overreaching applications (i.e., requesting domains which do not reflect the name of the entity (legal or commonly known)).

In the event that Applicant is not granted an exemption from Specification 9, Applicant will partner with a corporate registrar with expertise in running a registry to support such efforts. Applicant intends to partner with its current corporate registrar or one of similar technical capability and expertise and allocate the appropriate funds and human resources to ensure that both itself, as the registry operator, and its selected registrar are at all times in compliance with ICANN guidelines.

At the appropriate time, between post-submission of this application and prior to the Applicant’s TLD launch, Applicant will identify, determine and engage the proper service provider (e.g., Applicant-approved registrar and⁄or selected backend registry services provider, Verisign) to support its provision of the Sunrise period and Trademark Claims service. Any engagement for the implementation and provision of such services shall be in compliance with all ICANN-mandated regulations, agreements, guidance and policies, as it is of paramount importance of the Applicant to protect the rights of all rightsholders.

Sunrise Period. As provided by the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook, the Sunrise service pre-registration procedure for domain names continues for at least 30 days prior to the launch of the general registration of domain names in the gTLD (unless Applicant decides to offer a longer Sunrise period).

During the Sunrise period, holders of marks that have been previously validated by the Trademark Clearinghouse receive notice of domain names that are an identical match (as defined in the ICANN Applicant Guidebook) to their mark(s). Such notice is in accordance with ICANN’s requirements and is provided by Applicant either directly or through Applicant-approved registrars.

Applicant requires all registrants, either directly or through Applicant-approved registrars, to i) affirm that said registrants meet the Sunrise Eligibility Requirements (SER), and ii) submit to the Sunrise Dispute Resolution Policy (SDRP) consistent with Section 6 of the Trademark Clearinghouse model. At a minimum, Applicant recognizes and honors all word marks for which a proof of use was submitted and validated by the Trademark Clearinghouse as well as any additional eligibility requirements as specified in Question 18.

During the Sunrise period, Applicant and⁄or Applicant-approved registrars, as applicable, are responsible for determining whether each domain name is eligible to be registered (including in accordance with the SERs). As the Applicant will be the only registrant under Applicant’s TLD, and the Applicant will comply with all policies and directives of the Trademark Clearinghouse and all other relevant rights protections mechanisms related to accepted and acknowledged rightsholders, there will be no risk of threats to the rights of third parties as third party registrations will not be permitted.

Trademark Claims Service. As provided by the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook, all new gTLDs will have to provide a Trademark Claims service for a minimum of 60 days after the launch of the general registration of domain names in the gTLD (Trademark Claims period).

During the Trademark Claims period, in accordance with ICANN’s requirements, Applicant or the Applicant-approved registrar will send a Trademark Claims Notice to any prospective registrant of a domain name that is an identical match (as defined in the ICANN Applicant Guidebook) to any mark that is validated in the Trademark Clearinghouse. The Trademark Claims Notice will include links to the Trademark Claims as listed in the Trademark Clearinghouse and will be provided at no cost.

Prior to registration of said domain name, Applicant or the Applicant-approved registrar will require each prospective registrant to provide the warranties dictated in the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook. Those warranties will include receipt and understanding of the Trademark Claims Notice and confirmation that registration and use of said domain name will not infringe on the trademark rights of the mark holders listed. Without receipt of said warranties, the Applicant or the Applicant-approved registrar will not process the domain name registration.

Following the registration of a domain name, the Applicant-approved registrar will provide a notice of domain name registration to the holders of marks that have been previously validated by the Trademark Clearinghouse and are an identical match. This notice will be as dictated by ICANN. At a minimum Applicant will recognize and honor all word marks validated by the Trademark Clearinghouse.

As Applicant will be the single and only registrant under Applicant’s TLD, Applicant will be the only party to whom compliance with the Trademark Clearinghouse will apply. Applicant will at all times use the Trademark Clearinghouse as a resource to determine whether its registrations are in conflict with the existing rights of third parties and, in the event of any conflict, will act in accordance with all relevant rights protection mechanisms, including, without limitation those described in Specification 7 of the ICANN-Registry Operator Registry Agreement.

2. Mechanisms Designed to Identify and address the abusive use of registered names on an ongoing basis
In addition to the Sunrise period and Trademark Claims services described in Section 1 of this response, Applicant implements and adheres to RPMs post-launch as mandated by ICANN, and confirms that registrars accredited for the Applicant’s TLD are in compliance with these mechanisms. Certain aspects of these post-launch RPMs may be administered on behalf of Applicant by Applicant-approved registrars or by subcontractors of Applicant, such as its selected backend registry services provider, Verisign.

Applicant will implement and execute all post-launch services listed in this section, all of which shall be administered on behalf of Applicant by Applicant-approved registrars or by subcontractors of Applicant, such as its selected backend registry services provider, Verisign. At the appropriate time, between post-submission of this application and prior to the Applicant’s TLD launch, Applicant will identify, determine and engage the proper service provider (e.g., Applicant-approved registrar and⁄or selected backend registry services provider, Verisign) to support its provision of the Sunrise period and Trademark Claims service. Any engagement for the implementation and provision of such services shall be in compliance with all ICANN-mandated regulations, agreements, guidance and policies, as it is of paramount importance of the Applicant to protect the rights of all rightsholders.

These post-launch RPMs include the established Uniform Domain-Name Dispute-Resolution Policy (UDRP), as well as the newer Uniform Rapid Suspension System (URS) and Trademark Post-Delegation Dispute Resolution Procedure (PDDRP). Where applicable, Applicant will implement all determinations and decisions issued under the corresponding RPM.

After a domain name is registered, trademark holders can object to the registration through the UDRP or URS. Objections to the operation of the gTLD can be made through the PDDRP.

The following descriptions provide implementation details of each post-launch RPM for the Applicant’s TLD:

• UDRP: The UDRP provides a mechanism for complainants to object to domain name registrations. The complainant files its objection with a UDRP provider and the domain name registrant has an opportunity to respond. The UDRP provider makes a decision based on the papers filed. If the complainant is successful, ownership of the domain name registration is transferred to the complainant. If the complainant is not successful, ownership of the domain name remains with the domain name registrant. Applicant and entities operating on its behalf adhere to all decisions rendered by UDRP providers.
• URS: As provided in the Applicant Guidebook, all registries are required to implement the URS. Similar to the UDRP, a complainant files its objection with a URS provider. The URS provider conducts an administrative review for compliance with filing requirements. If the complaint passes review, the URS provider notifies the registry operator and locks the domain. A lock means that the registry restricts all changes to the registration data, but the name will continue to resolve. After the domain is locked, the complaint is served to the domain name registrant, who has an opportunity to respond. If the complainant is successful, the registry operator is informed and the domain name is suspended for the balance of the registration period; the domain name will not resolve to the original website, but to an informational web page provided by the URS provider. If the complainant is not successful, the URS is terminated and full control of the domain name registration is returned to the domain name registrant. Similar to the existing UDRP, Applicant and entities operating on its behalf adhere to decisions rendered by the URS providers.
• PDDRP: As provided in the Applicant Guidebook, all registries are required to implement the PDDRP. The PDDRP provides a mechanism for a complainant to object to the registry operator’s manner of operation or use of the gTLD. The complainant files its objection with a PDDRP provider, who performs a threshold review. The registry operator has the opportunity to respond and the provider issues its determination based on the papers filed, although there may be opportunity for further discovery and a hearing. Applicant participates in the PDDRP process as specified in the Applicant Guidebook.

Additional Measures Specific to Rights Protection. Applicant provides additional measures against potentially abusive registrations, including those articulated in Applicant response to question #28 and included in its attached Abuse Prevention and Mitigation Implementation Plan. These measures help mitigate phishing, pharming, and other Internet security threats. The measures exceed the minimum requirements for RPMs defined by Specification 7 of the Registry Agreement and are available at the time of registration. All measures articulated below will be implemented to the extent and consistent with Applicant response to question #28 and included in its attached Abuse Prevention and Mitigation Implementation Plan, and include:

• Rapid Takedown or Suspension Based on Court Orders: Applicant complies promptly with any order from a court of competent jurisdiction that directs it to take any action on a domain name that is within its technical capabilities as a TLD registry. These orders may be issued when abusive content, such as child pornography, counterfeit goods, or illegal pharmaceuticals, is associated with the domain name.
• Anti-Abuse Process: Applicant implements an anti-abuse process that is executed based on the type of domain name takedown requested. The anti-abuse process is for malicious exploitation of the DNS infrastructure, such as spam, phishing, pharming, fast flux hosting, botnets, and malware.
• Authentication Procedures: Verisign, Applicant’s selected backend registry services provider, uses two-factor authentication to augment security protocols for telephone, email, and chat communications.
• Malware Code Identification: This safeguard reduces opportunities for abusive behaviors that use registered domain names in the gTLD. Registrants are often unknowing victims of malware exploits. As Applicant’s backend registry services provider, Verisign has developed proprietary code to help identify malware in the zones it manages, which in turn helps registrars by identifying malicious code hidden in their domain names.
• DNSSEC Signing Service: Domain Name System Security Extensions (DNSSEC) helps mitigate pharming attacks that use cache poisoning to redirect unsuspecting users to fraudulent websites or addresses. It uses public key cryptography to digitally sign DNS data when it comes into the system and then validate it at its destination. The Applicant’s TLD is DNSSEC-enabled as part of Verisign’s core backend registry services.

3. RESOURCING PLANS
Applicant projects it will use the following personnel roles to support the implementation of RPMs:
o 1 senior level marketing⁄business executive
o 1 technical manager
o 1 administrative professional

To implement and manage the Applicant’s TLD as described in this application, Applicant can scale as needed, and utilize resources provided by our parent company, as defined above. In particular, personnel currently involved in the operation of Applicant’s existing .com business can assist with the needs of this new TLD and may be transitioned over to supporting the TLD as the .com businesses wind down in favor of the new TLD. In addition to these individuals, our parent company will support our implementation of RPMs through the provision of their resources as well as additional outside resources on an as-needed basis. Support from our parent company will include access to a law department, finance department, information systems, technical support, human resources and such other administrative support that may be required. In particular, we anticipate using outside advisors and lawyers to assist in managing any disputes which must be resolved. Once the top level domain has been awarded, we do not anticipate disputes beyond what is frequently encountered in operating the .com. However, given the expanded opportunities associated with operating the top level domain, we have increased the likelihood of disputes, take down notices or such other matters and increased the .com dispute resolution budget. We will utilize outside advisors to provide the additional talent and resources and specialized knowledge that we cannot cost effectively maintain internally. Projected costs associated with these resources are further discussed in the response to Question 47 below.

Resource Planning Specific to Backend Registry Activities

Verisign, Applicant’s selected backend registry services provider, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. Verisign routinely adjusts these staffing models to account for new tools and process innovations. These models enable Verisign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, Verisign derived the necessary personnel levels required for this gTLD’s initial implementation and ongoing maintenance. Verisign’s pricing for the backend registry services it provides to Applicant fully accounts for cost related to this infrastructure, which is provided as Line IIb.G, Total Critical Function Cash Outflows, within the Question 46 financial projections response.

Verisign employs more than 1,040 individuals of which more than 775 comprise its technical work force. (Current statistics are publicly available in Verisign’s quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, Verisign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving Verisign’s ability to align personnel resource growth to the scale increases of Verisign’s TLD service offerings.

Verisign projects it will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support the implementation of RPMs:
• Customer Affairs Organization: 9
• Customer Support Personnel: 36
• Information Security Engineers: 11

To implement and manage the Applicant’s TLD as described in this application, Verisign, Applicant’s selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, Verisign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.

When usage projections indicate a need for additional staff, Verisign’s internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, Verisign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as Verisign holds all contributing staff members accountable to the same procedures that guide its execution of the Internet’s largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, Verisign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.