29 Rights Protection Mechanisms

Prototypical answer:

gTLDFull Legal NameE-mail suffixDetail
.comsecVeriSign, Inc.verisign.comView


Rights protection is a core objective of Verisign. We will implement and adhere to any rights protection mechanisms (RPMs) that may be mandated from time to time by ICANN, including each mandatory RPM set forth in the Trademark Clearinghouse model contained in the Registry Agreement, specifically Specification 7. We acknowledge that, at a minimum, ICANN requires a Sunrise period, a Trademark Claims period, and interaction with the Trademark Clearinghouse with respect to the registration of domain names for the .comsec gTLD. It should be noted that because ICANN, as of the time of this application submission, has not issued final guidance with respect to the Trademark Clearinghouse, we cannot fully detail the specific implementation of the Trademark Clearinghouse within this application. We will adhere to all processes and procedures to comply with ICANN guidance once this guidance is finalized.

As described in this response, we implement a Sunrise period and Trademark Claims service with respect to the registration of domain names within the .comsec gTLD. Certain aspects of the Sunrise period and⁄or Trademark Claims service may be administered on behalf of Verisign by Verisign-approved registrars depending on final implementation specification detail related to the Trademark Clearinghouse.

Sunrise Service

We implement a Sunrise service procedure for at least 30 days prior to launch of the general registration of domain names in the .comsec gTLD as provided by the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook. The .comsec Sunrise service will comply with the requirements outlined in the current Applicant Guidebook as well as any final guidance to be issued pertaining to the operation of the Trademark Clearinghouse.

Trademark Claims Service

We also implement a Trademark Claims service for at least 60 days after the launch of the general registration of domain names in the .comsec gTLD. The .comsec Trademark Claims service will comply with the requirements outlined in the current Applicant Guidebook as well as any final guidance to be issued pertaining to the operation of the Trademark Clearinghouse.


In addition to the Sunrise and Trademark Claims services described in Section 1 of this response, we implement and adhere to RPMs post-launch as mandated by ICANN, and we confirm that registrars accredited for the .comsec gTLD are in compliance with these mechanisms. Certain aspects of these post-launch RPMs may be administered on behalf of Verisign by Verisign-approved registrars.These post-launch RPMs include the established Uniform Domain-Name Dispute-Resolution Policy (UDRP), as well as the newer Uniform Rapid Suspension System (URS) and Trademark Post-Delegation Dispute Resolution Procedure (PDDRP). Where applicable, Verisign implements all determinations and decisions issued under the corresponding RPM. After a domain name is registered, trademark holders can object to the registration through the UDRP or URS. Objections to the operation of the gTLD can be made through the PDDRP.

The following descriptions provide implementation details of each post-launch RPM for the .comsec gTLD:

* UDRP: The UDRP provides a mechanism for complainants to object to domain name registrations. The complainant files its objection with a UDRP provider and the domain name registrant has an opportunity to respond. The UDRP provider makes a decision based on the papers filed. If the complainant is successful, ownership of the domain name registration is transferred to the complainant. If the complainant is not successful, ownership of the domain name remains with the domain name registrant. Verisign and entities operating on our behalf adhere to all decisions rendered by UDRP providers.

* URS: We also provide for a Uniform Rapid Suspension (URS) system as specified in the Applicant Guidebook. Similar to the UDRP, a complainant files its complaint with a URS provider. The URS provider conducts an administrative review for compliance with applicable filing requirements. If the complaint passes administrative review, the URS provider sends Verisign, the registry operator for .comsec, a Notice of Complaint. Within 24 hours of receipt of the Notice of Complaint, we place the subject domain name on “lock,” (serverUpdateProhibited, serverTransferProhibited, and serverDeleteProhibited) which restricts all changes to the registration data but allows the name to continue to resolve. After the domain name is placed on lock, the URS provider notifies the registrant of the complaint. The registrant is then given an opportunity to respond. The URS provider must then conduct a review of the complaint and response based on the rules outlined in the Uniform Rapid Suspension System Draft Procedures set forth in the Applicant Guidebook. If the complainant is successful, the registry operator is informed and the domain name is suspended for the balance of the registration period; the domain name will not resolve to the original website, but to an informational web page provided by the URS provider. If the complainant is not successful, the lock is removed and full control of the domain name registration is returned to the domain name registrant. Similar to the existing UDRP, Verisign and entities operating on our behalf adhere to the decisions rendered by the URS providers.

* PDDRP: As provided in the Applicant Guidebook, all registries are required to implement the PDDRP. The PDDRP provides a mechanism for a complainant to object to the registry operator’s manner of operation or use of the gTLD. The complainant files its objection with a PDDRP provider, who performs a threshold review. The registry operator has the opportunity to respond and the provider issues its determination based on the papers filed, although there may be opportunity for further discovery and a hearing. Verisign participates in the PDDRP process for the .comsec gTLD as specified in the Applicant Guidebook.

Additional Measures Specific to Rights Protection

We provide additional measures which exceed the minimum requirements for RPMs defined by Specification 7 of the Registry Agreement and are available at the time of registration. These measures include:

* Rapid Takedown or Suspension Based on Court Orders: We comply promptly with Orders issued from a court of competent jurisdiction that directs us to take any action on a domain name that is within our technical capabilities as a TLD registry.

* Authentication Procedures: We use two-factor authentication to augment security protocols for telephone, email, and chat communications.

* Registry Lock: This Verisign service allows registrants to lock a domain name at the registry level to protect against both unintended and malicious changes, deletions, and transfers. Only Verisign, as the registry operator, can release the lock; thus all other entities that normally are permitted to update Shared Registration System (SRS) records are prevented from doing so. This lock is released only after the registrar request to unlock is validated.

* DNSSEC Signing Service: Domain Name System Security Extensions (DNSSEC) helps mitigate pharming attacks that use cache poisoning to redirect unsuspecting users to fraudulent websites or addresses. It uses public key cryptography to digitally sign DNS data when it comes into the system and then validate it at its destination.

* Commingling Restriction: If the Language Tag specified in the IDN registration is not from an approved language authorities table, and so does not have a List of Included Characters, then Verisign applies a restriction to prevent commingling of different scripts in a single domain. That is, if an IDN contains code points from two or more Unicode scripts, then that IDN registration is rejected. For example, a character from the Latin script cannot be used in the same IDN with any Cyrillic character. All code points within an IDN must come from the same Unicode script. This is done to prevent confusable code points from appearing in the same IDN.


As an experienced registry operator, we have developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. We routinely adjust these staffing models to account for new tools and process innovations. These models enable us to continually right-size our staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 Financial Projections: Most Likely) as an input to our staffing models, we derived the necessary personnel levels required for this gTLD’s initial implementation and ongoing maintenance.

We employ more than 1,040 individuals of which more than 775 comprise our technical work force. (Current statistics are publicly available in our quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, we have maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving our ability to align personnel resource growth to the scale increases of our TLD service offerings.

We project we will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support the implementation of RPMs:

* Customer Affairs Organization: 9
* Customer Support Personnel: 36
* Information Security Engineers: 11

To implement and manage the .comsec gTLD as described in this application, we scale, as needed, the size of each technical area now supporting our portfolio of TLDs. Consistent with our resource modeling, we periodically review the level of work to be performed and adjust staff levels for each technical area.

When usage projections indicate a need for additional staff, our internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all our TLDs instead of creating a new entity to manage only this proposed gTLD, we realize significant economies of scale and ensureour TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as we hold all contributing staff members accountable to the same procedures that guide our execution of the Internet’s largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, we afford new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.

Similar gTLD applications: (13)

gTLDFull Legal NameE-mail suffixzDetail
.كومVeriSign Sarlverisign.com-3.8Compare
.комVeriSign Sarlverisign.com-3.8Compare
.點看VeriSign Sarlverisign.com-3.79Compare
.大拿VeriSign Sarlverisign.com-3.79Compare
.नेटVeriSign Sarlverisign.com-3.79Compare
.닷넷VeriSign Sarlverisign.com-3.79Compare
.कॉमVeriSign Sarlverisign.com-3.79Compare
.คอมVeriSign Sarlverisign.com-3.79Compare
.קוֹםVeriSign Sarlverisign.com-3.79Compare
.コムVeriSign Sarlverisign.com-3.79Compare
.닷컴VeriSign Sarlverisign.com-3.79Compare
.点看VeriSign Sarlverisign.com-3.79Compare
.verisignVeriSign, Inc.verisign.com-3.44Compare