28 Abuse Prevention and Mitigation
Prototypical answer:
gTLD | Full Legal Name | E-mail suffix | Detail | .bloomberg | Bloomberg IP Holdings LLC | bloomberg.net | View |
All figures, tables and diagrams referenced in the following response can be found in the attachment titled “bloomberg_.string_Q28 Figures”.
COMPREHENSIVE ABUSE POLICIES, WHICH INCLUDE CLEAR DEFINITIONS OF WHAT CONSTITUTES ABUSE IN THE TLD, AND PROCEDURES THAT WILL EFFECTIVELY MINIMIZE POTENTIAL ABUSE IN THE TLD
Bloomberg IP Holdings, LLC (“BIP”) intends to use the 〈.bloomberg〉 gTLD for register domain names for Bloomberg-related entities. BIP will be the only entity allowed to register domain names in the gTLD. We will exercise complete control of the gTLD, ensuring that no other may register names ending in 〈.bloomberg〉. This single point of control will help us eliminate fraudulent registrations in the gTLD and allow us to rapidly react to any reports of abuse in the gTLD.
BIP has elected to partner with Verisign to provide back-end services for the 〈.bloomberg〉 registry. In making this decision, BIP recognized that Verisign already possesses a production-proven registry system that can be quickly deployed and smoothly operated over its robust, flexible and scalable world-class infrastructure. In particular, Verisign acts as the operator for the key internet registries of the .com and .net domains. These existing registry services will be leveraged for the 〈.bloomberg〉 registry.
〈.bloomberg〉 Abuse Prevention and Mitigation Implementation Plan
Strong abuse prevention of a new gTLD will be an important benefit to the internet community. BIP and its back-end registry services provider, Verisign, agree that a registry must not only aim for the highest standards of technical and operational competence, but also must act as a steward of the space on behalf of the Internet community and ICANN in promoting the public interest. Verisign brings to this effort extensive experience establishing and implementing registration policies. BIP will leverage Verisign’s experience in the Internet space, as well as experience as a registry and registrar, to help BIP combat abusive and malicious domain activity within the new gTLD space.
One public interest function of a responsible domain name registry is working toward the eradication of abusive domain name registrations, including but not limited to, those resulting from:
Illegal or fraudulent actions
Spam
Phishing
Pharming
Distribution of malware
Fast flux hosting
Botnets
Distribution of child pornography
Trademark abuse
Online sale or distribution of illegal pharmaceuticals
Specifically, although traditionally botnets have used Internet Relay Chat (IRC) servers to control registry and the compromised PCs, or bots, for DDoS attacks and the theft of personal information, an increasingly popular technique known as fast-flux DNS allows botnets to use a multitude of servers to hide a key host or to create a highly-available control network. This ability to shift the attacker’s infrastructure over a multitude of servers in various countries creates an obstacle for law enforcement and security researchers to mitigate the effects of these botnets. But, a point of weakness in this scheme is its dependence on DNS for its translation services. By taking an active role in researching and monitoring these sorts of botnets, BIP’s partner, Verisign, has developed the ability efficiently to work with law enforcement and security communities to begin a new phase of mitigation of these types of threats.
Policies and Procedures to Minimize Abusive Registrations
A registry must have the policies, resources, personnel and expertise to combat abusive DNS practices. As BIP’s registry provider, Verisign is at the forefront of the prevention of such abusive practices and is one of the few currently existing registry operators to have actually developed and implemented an active “Domain Takedown Policy.” Verisign also believes that a strong program is essential given that registrants have a reasonable expectation that they are in control of the data associated with their domains, especially its presence in the DNS zone. Because domain names are sometimes used as mechanisms to enable illegitimate activities on the Internet, often the best preventative measure to thwart these attacks is to remove the names completely from the DNS before they can impart harm, not only to the domain name registrant, but also to millions of unsuspecting Internet users.
Removing the domain name from the zone has the effect of shutting down all activity associated with the domain name, including the use of all websites and email. The use of this technique should not be entered into lightly. BIP, through its registry provider Verisign, has an extensive, defined, and documented process for taking the necessary action of removing a domain from the zone when its presence poses a threat to the security and stability of the infrastructure of the Internet or the 〈.bloomberg〉 registry.
Abuse Point of Contact
As required by the Registry Agreement, BIP will establish and publish on its website a single abuse point of contact responsible for addressing inquiries from law enforcement and the public related to malicious and abusive conduct. 〈.bloomberg〉 will also provide such information to ICANN prior to the delegation of any domain names in the TLD. This information shall consist of, at a minimum, a valid email address dedicated solely to the handling of malicious conduct complaints and a telephone number and mailing address for the primary contact. We will ensure that this information is kept accurate and up to date and that any changes will be provided to ICANN in a timely manner. In addition, with respect to inquiries from ICANN-Accredited registrars, our registry services provider, Verisign, will have an additional point of contact, as it does today, to handle requests by registrars related to abusive domain name practices.
Policies for Handling Complaints Regarding Abuse
One of the key policies of the 〈.bloomberg〉 gTLD is its Acceptable Use Policy, which clearly delineates the types of activities that constitute “abuse” and the repercussions associated with an abusive domain name registration. This policy will be incorporated into the applicable Registry-Registrar Agreement and reserve the right for the registry to take actions appropriate to the type of abuse. This will include locking down the domain name, preventing any changes to the contact and name server information associated with the domain name, placing the domain name “on hold” rendering the domain name non-resolvable, transferring to the domain name to another registrar and⁄or in cases in which the domain name is associated with a law enforcement investigation, substituting name servers to collect information about the DNS queries to assist the investigation.
BIP will adopt a final Acceptable Use Policy that clearly defines the types of activities that will not be permitted in the gTLD and reserves the right of BIP to lock, cancel, transfer or otherwise suspend or take down domain names violating the Acceptable Use Policy and allow BIP, where and when appropriate, to share information with law enforcement. Each ICANN-Accredited Registrar must agree to pass through the Acceptable Use Policy to its Resellers (if applicable) and ultimately to the gTLD registrants. Below is BIP’s initial Acceptable Use Policy that we will use in connection with the 〈.bloomberg〉 gTLD.
〈.bloomberg〉 Acceptable Use Policy
This Acceptable Use Policy gives BIP the ability to quickly lock, cancel, transfer or take ownership of any 〈.bloomberg〉 domain name, either temporarily or permanently, if the domain name is being used in a manner that appears to threaten the stability, integrity or security of the Registry or any of its registrar partners and⁄or that may put the safety and security of any registrant or user at risk. The process also allows BIP to take preventive measures to avoid any such criminal or security threats.
The Acceptable Use Policy may be triggered through a variety of channels, including, among other things: private complaint, public alert, government or enforcement agency outreach, and the on-going monitoring by BIP and its partners. In all cases, BIP or its designees will alert BIP’s registrar partners about any identified threats, and will work closely with them to bring offending sites into compliance.
The following are some (but not all) activities that may be subject to rapid domain compliance:
- Phishing: the attempt to acquire personally identifiable information by masquerading as a website other than 〈.bloomberg〉’s own;
- Pharming: the redirection of Internet users to websites other than those the user intends to visit, usually through unauthorized changes to the Hosts file on a victim’s computer or DNS records in DNS servers;
-Dissemination of Malware: the intentional creation and distribution of ʺmaliciousʺ software designed to infiltrate a computer system without the owner’s consent, including, without limitation, computer viruses, worms, key loggers, and Trojans;
-Fast Flux Hosting: a technique used to shelter Phishing, Pharming and Malware sites and networks from detection and to frustrate methods employed to defend against such practices, whereby the IP address associated with fraudulent websites are changed rapidly so as to make the true location of the sites difficult to find;
-Botnetting: the development and use of a command, agent, motor, service or software implemented to: (1) remotely control the computer or computer system of an Internet user without his⁄her knowledge or consent, and (2) generate direct denial of service (DDOS) attacks;
-Malicious Hacking: the attempt to gain unauthorized access (or exceed the level of authorized access) to a computer, information system, user account or profile, database or security system;
-Child Pornography: the storage, publication, display and⁄or dissemination of pornographic materials depicting individuals under the age of majority in the relevant jurisdiction.
BIP reserves the right, in its sole discretion, to take any administrative and operational actions necessary, including the use of computer forensics and information security technological services, among other things, in order to implement the Acceptable Use Policy. In addition, BIP reserves the right to deny, cancel or transfer any registration or transaction, or place any domain name(s) on registry lock, hold or similar status, which it deems necessary, in its discretion: (1) to protect the integrity and stability of the registry; (2) to comply with any applicable laws, government rules or requirements, requests of law enforcement, or any dispute resolution process; (3) to avoid any liability, civil or criminal, on the part of BIP as well as its affiliates, subsidiaries, officers, directors, and employees; (4) per the terms of the registration agreement; or (5) to correct mistakes made by BIP or any Registrar in connection with a domain name registration. BIP also reserves the right to place upon registry lock, hold or similar status a domain name during resolution of a dispute.
Taking Action against Abusive and⁄or Malicious Activity
BIP is committed to ensuring that those domain names associated with abuse or malicious conduct in violation of the Acceptable Use Policy are dealt with in a timely and decisive manner. BIP shall take action against any domain names being used to threaten the stability and security of the gTLD, or that are part of a real-time investigation by law enforcement.
Once a complaint is received from a trusted source third-party, or detected by BIP, BIP will use commercially reasonable efforts to verify the information in the complaint. If that information can be verified to the best of the ability of BIP, the sponsoring registrar will be notified and be given 12 hours to investigate the activity and either taking down the domain name by placing the domain name on hold, deleting the domain name in its entirety, or providing a compelling argument to BIP to keep the name in the zone. If the registrar has not taken the requested action after the 12-hour period (i.e., is unresponsive to the request or refuses to take action), BIP will place the domain on “ServerHold.” Although this action removes the domain name from the gTLD zone, the domain name record still appears in the gTLD Whois database so that the name and entities can be investigated by law enforcement or concerned third parties.
Coordination with Law Enforcement
With the assistance of Verisign as its back-end registry services provider, BIP can readily meet its obligations under the Registry Agreement where required to take reasonable steps to investigate and respond to reports from law enforcement and governmental and quasi-governmental agencies of illegal conduct in connection with the use of its 〈.bloomberg〉 gTLD. BIP will respond to legitimate law enforcement inquiries within one business day from receiving the request. Such response shall include, at a minimum, an acknowledgement of receipt of the request, questions or comments concerning the request, and an outline of the next steps to be taken by BIP for rapid resolution of the request.
In the event such request involves any of the activities that can be validated by BIP and involves the type of activity set forth in the Acceptable Use Policy, the sponsoring registrar will then be given 12 hours to investigate the activity further and either take down the domain name by placing the domain name on hold or by deleting the domain name in its entirety or providing a compelling argument to the registry to keep the name in the zone. If the registrar has not taken the requested action after the 12-hour period (i.e., is unresponsive to the request or refuses to take action), BIP will place the domain on “ServerHold.”
Proposed Measures for Removal of Orphan Glue Records
Although orphan glue records often support correct and ordinary operation of the Domain Name System (DNS), registry operators will be required to remove orphan glue records (as defined at http:⁄⁄www.icann.org⁄en⁄committees⁄security⁄sac048.pdf) when provided with evidence in written form that such records are present in connection with malicious conduct. Verisignʹs registration system is specifically designed to not allow orphan glue records. Registrars are required to delete⁄move all dependent DNS records before they are allowed to delete the parent domain.
To prevent orphan glue records, Verisign performs the following checks before removing a domain or name server:
Checks during domain delete:
Parent domain delete is not allowed if any other domain in the zone refers to the child name server.
If the parent domain is the only domain using the child name server, then both the domain and the glue record are removed from the zone.
Check during explicit name server delete:
Verisign confirms that the current name server is not referenced by any domain name (in-zone) before deleting the name server.
Zone-file impact:
If the parent domain references the child name server AND if other domains in the zone also reference it AND if the parent domain name is assigned a serverHold status, then the parent domain goes out of the zone but the name server glue record does not.
If no domains reference a name server, then the zone file removes the glue record.
Resourcing Plans
Details related to resourcing plans for the initial implementation and ongoing maintenance of BIP’s abuse plan are provided in Section 2 of this response.
Measures to Promote Whois Accuracy
BIP views Whois accuracy as key to the efficient administration of the Internet and of domains. Because BIP will be the only permitted registrant, Whois information will be accurate and complete. Nevertheless, BIP will adopt a policy of authentication, regular monitoring of registration data, and expected use by registrars in order to ensure Whois accuracy.
Authentication of Registrant Information
Registrant verification and authentication will be an inherent step in development of the 〈.bloomberg〉 domain. Each application for a 〈.bloomberg〉 domain name will be manually authenticated with an authority at BIP prior to registration. Therefore, the quality of the 〈.bloomberg〉 Whois information is anticipated to be accurate and reliable.
Regular Monitoring of Registration Data for Accuracy and Completeness
Verisign, BIP’s selected backend registry services provider, has established policies and procedures to encourage registrar compliance with ICANN’s Whois accuracy requirements. Verisign provides the following services to BIP for incorporation into its full-service registry operations.
Registrar self certification.
The self-certification program consists, in part, of evaluations applied equally to all operational ICANN accredited registrars and conducted from time to time throughout the year. Process steps are as follows:
Verisign sends an email notification to the ICANN primary registrar contact, requesting that the contact go to a designated URL, log in with his⁄her Web ID and password, and complete and submit the online form. The contact must submit the form within 15 business days of receipt of the notification.
When the form is submitted, Verisign sends the registrar an automated email confirming that the form was successfully submitted.
Verisign reviews the submitted form to ensure the certifications are compliant.
Verisign sends the registrar an email notification if the registrar is found to be compliant in all areas.
If a review of the response indicates that the registrar is out of compliance or if Verisign has follow-up questions, the registrar has 10 days to respond to the inquiry.
If the registrar does not respond within 15 business days of receiving the original notification, or if it does not respond to the request for additional information, Verisign sends the registrar a Breach Notice and gives the registrar 30 days to cure the breach.
If the registrar does not cure the breach, Verisign terminates the Registry-Registrar Agreement (RRA).
Whois data reminder process. Verisign regularly reminds registrars of their obligation to comply with ICANN’s Whois Data Reminder Policy, which was adopted by ICANN as a consensus policy on 27 March 2003 (http:⁄⁄www.icann.org⁄en⁄registrars⁄wdrp.htm). Verisign sends a notice to all registrars once a year reminding them of their obligation to be diligent in validating the Whois information provided during the registration process, to investigate claims of fraudulent Whois information, and to cancel domain name registrations for which Whois information is determined to be invalid.
Use of Registrars
BIP will use its corporate registrar to register names in the 〈.bloomberg〉 gTLD. As BIP will be the only registrant, there will be no need for any other registrars.
In the unlikely event that this model changes, as part of our Registry Registrar Agreement with any registrar, we will require the registrar to ensure the accuracy and completeness of Whois data on behalf of the applicant. Such procedures may include random audits which, if not ultimately verified, may lead to cancellation of domain registrations.
BIP will require registrars to publish for applicants the following recommendations regarding Whois accuracy:
Review your Public Whois Information - You can review your Whois information by simply selecting the link at the bottom of this page. If you have several domains with [Registrar], you may prefer to access your user account and view all of your domains on one screen. If no changes are required, then no further action is required;
Review your Private Customer Record - We recommend that you login and review your private customer record periodically. This is used to send renewal notices to your private postal address and customer email address;
Updating Whois Information - Please follow these steps to update your WHOIS information. [Registrar to insert specific information on how to update WHOIS records]; and
Replacing a Whois Contact - If you would like to replace a contact, select the link for modifying the domain name. You can either re-use an existing contact you own or create a new one to use.
Malicious or Abusive Behavior Definitions, Metrics, and Service Level Requirements for Resolution
As described in Response 1.2 above, BIP is committed to ensuring that those domain names associated with abuse or malicious conduct in violation of the Acceptable Use Policy are dealt with in a timely and decisive manner. BIP shall take action against any domain names being used to threaten the stability and security of the TLD, or that are part of a real-time investigation by law enforcement.
Once a complaint is received from a trusted source third-party, or detected by BIP, BIP shall use commercially reasonable efforts to verify the information in the complaint. If that information can be verified to the best of the ability of BIP, the sponsoring registrar will be notified and be given 12 hours to investigate the activity and either take down the domain name by placing the domain name on hold, by deleting the domain name in its entirety, or providing a compelling argument to BIP to keep the name in the zone. If the registrar has not taken the requested action after the 12-hour period (i.e., is unresponsive to the request or refuses to take action), BIP will place the domain on “ServerHold.”
Although this action removes the domain name from the gTLD zone, the domain name record will still appear in the TLD WHOIS database so that the name and entities can be investigated by law enforcement or concerned third parties.
Controls to Ensure Proper Access to Domain Functions
Access controls are important to BIP to ensure the integrity of the 〈.bloomberg〉 gTLD and efficient functioning of the domains. BIP has applied, in part, because of its desire to obtain domains that can be authenticated and ensured by users to be free from abuse and otherwise not cause consumer confusion. As a result, BIP and its backend service provider shall employ the following controls in order to ensure the proper access to domain functions and administration:
Multi-Factor Authentication
To ensure proper access to domain functions, BIP incorporates Verisign’s Registry-Registrar Two-Factor Authentication Service into its full-service registry operations. The service is designed to improve domain name security and assist registrars in protecting the accounts they manage by providing another level of assurance that only authorized personnel can communicate with the registry. As part of the service, dynamic one-time passwords (OTPs) augment the user names and passwords currently used to process update, transfer, and⁄or deletion requests. These one-time passwords enable transaction processing to be based on requests that are validated both by “what users know” (i.e., their user name and password) and “what users have” (i.e., a two-factor authentication credential with a one-time-password).
Registrars can use the one-time-password when communicating directly with Verisign’s Customer Service department as well as when using the registrar portal to make manual updates, transfers, and⁄or deletion transactions. The Two-Factor Authentication Service is an optional service offered to registrars that execute the Registry-Registrar Two-Factor Authentication Service Agreement. As shown in Figure 28-1, the registrars’ authorized contacts use the OTP to enable strong authentication when they contact the registry. There is no charge for the Registry-Registrar Two-Factor Authentication Service. It is enabled only for registrars that wish to take advantage of the added security provided by the service.
TECHNICAL PLAN THAT IS ADEQUATELY RESOURCED IN THE PLANNED COSTS DETAILED IN THE FINANCIAL SECTION
Resource Planning
BIP will rely upon its backend registry provider, Verisign, to devote the necessary resources to oversee the technical operation of the 〈.bloomberg〉 gTLD. The .bloomberg gTLD will be supported by a cross functional team of BIP professionals. Numbers and types of employees will vary for each function but Web.com projects it will use the following personnel to support the operational requirements of the gTLD:
Technical Project Manager - .5 FTE
Legal and Compliance Officers -1 FTE (2 x .5 FTEs)
BIP believes that the resources will be more than adequate to support the abuse mitigation procedures of the 〈.bloomberg〉 gTLD.
Resource Planning Specific to Backend Registry Activities
Verisign, BIP’s selected backend registry services provider, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. Verisign routinely adjusts these staffing models to account for new tools and process innovations. These models enable Verisign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, Verisign derived the necessary personnel levels required for this gTLD’s initial implementation and ongoing maintenance. Verisign’s pricing for the backend registry services it provides to BIP fully accounts for cost related to this infrastructure, which is provided as “Total Critical Registry Function Cash Outflows” (Template 1, Line IIb.G) within the Question 46 financial projections response.
Verisign employs more than 1,040 individuals of whom more than 775 comprise its technical work force. (Current statistics are publicly available in Verisign’s quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, Verisign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving
Verisign’s ability to align personnel resource growth to the scale increases of Verisign’s TLD service offerings.
Verisign projects it will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support abuse prevention and mitigation:
Application Engineers: 19
Business Continuity Personnel: 3
Customer Affairs Organization: 9
Customer Support Personnel: 36
Information Security Engineers: 11
Network Administrators: 11
Network Architects: 4
Network Operations Center (NOC) Engineers: 33
Project Managers: 25
Quality Assurance Engineers: 11
Systems Architects: 9
To implement and manage the 〈.bloomberg〉 gTLD as described in this application, Verisign, BIP’s selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, Verisign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.
When usage projections indicate a need for additional staff, Verisign’s internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, Verisign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as Verisign holds all contributing staff members accountable to the same procedures that guide its execution of the Internet’s largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, Verisign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.
POLICIES AND PROCEDURES IDENTIFY AND ADDRESS THE ABUSIVE USE OF REGISTERED NAMES AT STARTUP AND ON AN ONGOING BASIS
Policies and Procedures That Identify Malicious or Abusive Behavior
Verisign, BIP’s selected backend registry services provider, provides the following service to BIP for incorporation into its full-service registry operations.
Malware scanning service. Registrants are often unknowing victims of malware exploits. Verisign has developed proprietary code to help identify malware in the zones it manages, which in turn helps registrars by identifying malicious code hidden in their domain names.
Verisign’s malware scanning service helps prevent websites from infecting other websites by scanning web pages for embedded malicious content that will infect visitors’ websites. Verisign’s malware scanning technology uses a combination of in-depth malware behavioral analysis, anti-virus results, detailed malware patterns, and network analysis to discover known exploits for the particular scanned zone. If malware is detected, the service sends the registrar a report that contains the number of malicious domains found and details about malicious content within its TLD zones. Reports with remediation instructions are provided to help registrars and registrants eliminate the identified malware from the registrant’s website.
Policies and Procedures That Address the Abusive Use of Registered Names
Suspension processes.
BIP is committed to ensuring that those domain names associated with abuse or malicious conduct in violation of the Acceptable Use Policy are dealt with in a timely and decisive manner. BIP shall take action against any domain names being used to threaten the stability and security of the gTLD, or that are part of a real-time investigation by law enforcement.
Once a complaint is received from a trusted source third-party, or detected by BIP, BIP will use commercially reasonable efforts to verify the information in the complaint. If that information can be verified to the best of the ability of BIP, the sponsoring registrar will be notified and be given 12 hours to investigate the activity and either take down the domain name by placing the domain name on hold or by deleting the domain name in its entirety or providing a compelling argument to BIP to keep the name in the zone. If the registrar has not taken the requested action after the 12-hour period (i.e., is unresponsive to the request or refuses to take action), BIP will place the domain on “ServerHold.” Although this action removes the domain name from the TLD zone, the domain name record still appears in the TLD WHOIS database so that the name and entities can be investigated by law enforcement should they desire to get involved.
Suspension processes conducted by backend registry services provider.
In the case of domain name abuse, BIP will determine whether to take down the subject domain name. Verisign, BIP’s selected backend registry services provider, will follow auditable processes to comply with the suspension request as represented in Figure 28-2.
Verisign Suspension Notification. BIP submits the suspension request to Verisign for processing, documented by:
Threat domain name
Registry incident number
Incident narrative, threat analytics, screen shots to depict abuse, and⁄or other evidence
Threat classification
Threat urgency description
Recommended timeframe for suspension⁄takedown
Technical details (e.g., Whois records, IP addresses, hash values, anti-virus detection results⁄nomenclature, name servers, domain name statuses that are relevant to the suspension)
Incident response, including surge capacity
Verisign Notification Verification. When Verisign receives a suspension request from BIP, it performs the following verification procedures:
Validate that all the required data appears in the notification.
Validate that the request for suspension is for a registered domain name.
Return a case number for tracking purposes.
Suspension Rejection. If required data is missing from the suspension request, or the domain name is not registered, the request will be rejected and returned to BIP with the following information:
Threat domain name
Registry incident number
Verisign case number
Error reason
Domain Suspension. Verisign places the domain to be suspended on the following statuses:
serverUpdateProhibited
serverDeleteProhibited
serverTransferProhibited
serverHold
Suspension Acknowledgement. Verisign notifies BIP that the suspension has been completed. Acknowledgement of the suspension includes the following information:
Threat domain name
Registry incident number
Verisign case number
Case number
Domain name
BIP abuse contact name and number, or registrar abuse contact name and number
Suspension status
WHEN EXECUTED IN ACCORDANCE WITH THE REGISTRY AGREEMENT, PLANS WILL RESULT IN COMPLIANCE WITH CONTRACTUAL REQUIREMENTS
The above-described plans for abuse prevention and mitigation should exceed, the contractual requirements outlined in the Registry Agreement. As described below, the abuse prevention and mitigation policies, while stringent, will comply with the Registry Interoperability and Continuity Specifications set forth in Section 2.7 of the Registry Agreement. Specifically, BIP shall provide to ICANN and publish on BIP’s website accurate contact details, including an email address and mailing address and primary contact for handling inquiries related to malicious conduct in the 〈.bloomberg〉 gTLD, and will provide ICANN with prompt notice of any changes to contact details. These abuse prevention and mitigation policies will also take into account the protection of the legal rights of third parties and, in particular, BIP shall take reasonable steps to investigate and respond to any reports from law enforcement and governmental or quasi-governmental agencies regarding any illegal conduct in connection with the use of the 〈.bloomberg〉 gTLD.
Additionally, BIP’s outlined plan to remove orphan glue records, when provided with written evidence that such records are present in connection with malicious conduct, meets the requirements of the Registry Agreement.
TECHNICAL PLAN SCOPE⁄SCALE THAT IS CONSISTENT WITH THE OVERALL BUSINESS APPROACH AND PLANNED SIZE OF THE REGISTRY
Scope⁄Scale Consistency
BIP’s technical plan exceeds the scope and scale required for the planned size of the planned 〈.bloomberg〉 registry. As noted above, BIP intends to use the 〈.bloomberg〉 gTLD for two broad purposes. First, BIP will register domain names to Bloomberg Philanthropies for use in its charitable work. Second, BIP may issue domains to Bloomberg for use in its global news, information and financial services businesses. Nevertheless, the planned size of the registry is anticipated to be relatively limited. Therefore, the current technical plan – which is robust enough to operate a registry of a moderate-to-large public gTLD – is more than sufficient to operate the 〈.bloomberg〉 gTLD.
Scope⁄Scale Consistency Specific to Backend Registry Activities
Verisign, BIP’s selected backend registry services provider, is an experienced backend registry provider that has developed and uses proprietary system scaling models to guide the growth of its TLD supporting infrastructure. These models direct Verisign’s infrastructure scaling to include, but not be limited to, server capacity, data storage volume, and network throughput that are aligned to projected demand and usage patterns. Verisign periodically updates these models to account for the adoption of more capable and cost-effective technologies.
Verisign’s scaling models are proven predictors of needed capacity and related cost. As such, they provide the means to link the projected infrastructure needs of the 〈.bloomberg〉 gTLD with necessary implementation and sustainment cost. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its scaling models, Verisign derived the necessary infrastructure required to implement and sustain this gTLD. Verisign’s pricing for the backend registry services it provides to BIP fully accounts for cost related to this infrastructure, which is provided as “Other Operating Cost” (Template 1, Line I.L) within the Question 46 financial projections response.
Similar gTLD applications: (0)
gTLD | Full Legal Name | E-mail suffix | z | Detail |