28 Abuse Prevention and Mitigation
Prototypical answer:
gTLD | Full Legal Name | E-mail suffix | Detail | .ooo | INFIBEAM INCORPORATION LIMITED | infibeam.net | View |
1. COMPREHENSIVE ABUSE POLICIES, WHICH INCLUDE CLEAR DEFINITIONS OF WHAT CONSTITUTES ABUSE IN THE TLD, AND PROCEDURES THAT WILL EFFECTIVELY MINIMIZE POTENTIAL FOR ABUSE IN THE TLD
Please note; all figures, tables and diagrams referenced in the following response can be found in attachment titled “Attachment dot ooo Q28”.
By registering the .ooo gTLD, Infibeam hopes to provide a myriad of retailers their own, customized, online retail space. With the use of the .ooo gTLD, Infibeam will be able to offer personalized domain names, thus allowing strong brand association, and differentiation. By providing new outlets for brick-and-mortar retailers to sell their goods and services online, those retailers would gain new business and more readily remain in operation, but the real winners would be Internet users. The adoption of the gTLD by global retailers will dramatically increase consumer choice across a limitless range of goods and services, in a safe and trusted environment. Our policies will ensure that the gTLD will be synonymous in an online consumerʹs mind with choice and trust. In order to ensure this trust, it is of paramount importance that Infibeam maintain stringent rules, so as to avoid abuse of the .ooo gTLD.
1.1 .ooo Abuse Prevention and Mitigation Implementation Plan
Unfortunately, some gTLDs are not operated in a manner that instils confidence in the internet consumer and the online shopper. As explained above, Infibeam hopes to make the .ooo gTLD different. In launching the .ooo gTLD we have put together a collection of efforts that seek to prevent and successfully mitigate domain name abuse, making the web a more accessible and friendly place for small and medium sized businesses as well as individuals. These efforts include:
•An acceptable use policy;
•An abuse mitigation team already situated to handle complaints of abuse;
•Technological Measures for Removal of Orphan Glue Records;
•Efforts and measures to promote accurate and complete Whois;
•Requirements for .ooo accredited registrars to enact measures in support of these efforts.
Preventing domain name abuse in the .ooo gTLD is of critical importance to registrants, consumers and Infibeam. To demonstrate our commitment to make the .ooo gTLD more resistant to abusive behavior than most other gTLDs, Infibeam has explored various mechanisms to help prevent abusive registrations. Following on from this, Infibeam has developed and will look to deploy a customized approach that seeks to minimize the potential for abusive registrations and mitigate them as soon as possible should they occur. Registrants, Registrars and the Registry will all play a role in this endeavor. Having all three levels of the .ooo gTLD ecosystem participate in these measures will help ensure a comprehensive approach to these critical objectives. Infibeam has designed the following procedure to prevent and mitigate abusive registrations:
Acceptable Use Policy - Infibeam has developed a draft Acceptable Use Policy (AUP) found in attachment to Question 28 under the name ‘dot ooo Q28 AUP’. This AUP clearly defines what is considered abuse and what type of behavior is expressly prohibited in conjunction with the use of a .ooo domain name. Infibeam will require, through the Registry Registrar Agreement (RRA), that this AUP be included in the registration agreement used by all .ooo gTLD accredited registrars. This registration agreement must be accepted by a registrant prior to them being able to register a name in the .ooo gTLD.
Infibeam will ensure all domain names meet the technical requirements as set forth in applicable RFCs as well as domain name reservations as set forth in Specification 5 of the template Registry Agreement. In addition, the registry will develop a list of reserved names that are intended to be released in the future and the procedures governing their release will be developed in an open and transparent manner.
Annual Certification of Registrar compliance with Registry-Registrar Agreement. The self-certification program consists, in part, of evaluations applied equally to all operational .ooo gTLD accredited registrars and conducted from time to time throughout the year. Process steps are as follows:
•Infibeam sends an email notification to the ICANN primary registrar contact, requesting that the contact go to a designated URL, log in with his⁄her Web ID and password, and complete and submit the online form. The contact must submit the form within 14 business days of receipt of the notification.
•When the form is submitted, Infibeam sends the registrar an automated email confirming that the form was successfully submitted.
•Infibeam reviews the submitted form to ensure the certifications are compliant.
•Infibeam sends the registrar an email notification if the registrar is found to be compliant in all areas.
•If a review of the response indicates that the registrar is out of compliance or if Infibeam has follow-up questions, the registrar has 10 days to respond to the inquiry.
•If the registrar does not respond within 15 business days of receiving the original notification, or if it does not respond to the request for additional information, Infibeam sends the registrar a Breach Notice and gives the registrar 30 days to cure the breach.
•If the registrar does not cure the breach, Infibeam terminates the Registry-Registrar Agreement (RRA).
1.2 Policies for Handling Complaints Regarding Abuse
We will display the contact information for the Abuse Mitigation Team, which serves as the primary point of contact for reporting abuse within the .ooo gTLD, on the .ooo gTLD website.
Each .ooo gTLD accredited registrar will also provide and maintain valid a primary point of contact for abuse complaints. The registrar must provide and maintain valid primary contact information for reporting abuse in the .ooo gTLD on their website. This will be required as part of the .ooo gTLD RRA.
Infibeam will explicitly define for Registrars what constitutes abusive behavior including but not limited to, malicious, negligent, and reckless behavior. The definition of abusive behavior will be contained in the AUP that Registrars will be required to include as part of the Registration Agreement. This will be required as part of the .ooo gTLD RRA.
Registrar must notify Registry Operator immediately regarding any investigation or compliance action including the nature of the investigation or compliance action by ICANN or any outside party (e.g., law enforcement, etc.), along with the TLD impacted. This will be required as part of the .ooo gTLD RRA.
1.3 Proposed Measures for Removal of Orphan Glue Records
Although orphan glue records often support correct and ordinary operation of the Domain Name System (DNS), registry operators will be required to remove orphan glue records (as defined at http:⁄⁄www.icann.org⁄en⁄committees⁄security⁄sac048.pdf) when provided with evidence in written form that such records are present in connection with malicious conduct. Infibeam’s selected backend registry services provider’s (Verisign’s) registration system is specifically designed to not allow orphan glue records. Registrars are required to delete⁄move all dependent DNS records before they are allowed to delete the parent domain.
To prevent orphan glue records, Verisign performs the following checks before removing a domain or name server:
Checks during domain delete:
•Parent domain delete is not allowed if any other domain in the zone refers to the child name server.
•If the parent domain is the only domain using the child name server, then both the domain and the glue record are removed from the zone.
Check during explicit name server delete:
•Verisign confirms that the current name server is not referenced by any domain name (in-zone) before deleting the name server.
Zone-file impact:
•If the parent domain references the child name server AND if other domains in the zone also reference it AND if the parent domain name is assigned a serverHold status, then the parent domain goes out of the zone but the name server glue record does not.
•If no domains reference a name server, then the zone file removes the glue record.
1.4 Resourcing Plans
Details related to resourcing plans for the initial implementation and ongoing maintenance of Infibeam’s abuse plan are provided in Section 2 of this response.
1.5 Measures to Promote Whois Accuracy
Ensuring the accuracy of Whois information is of paramount importance to Infibeam in the operation of the .ooo gTLD. Infibeam will maintain valid primary contact information (e.g., name, email address, and phone number) on its website. All .ooo accredited registrars will be contractually required to do the same.
Infibeam will employ the following mechanism to promote Whois accuracy:
There will be a strict prohibition against the use of proxy registration services;
The Registrant Whois must be affirmatively revalidated biannually. Unlike current industry practices which just involve sending an email to a registrant asking them to confirm the accuracy of the Whois data, this semi-annual re-validation will require positive affirmation from the Registrant; and,
Infibeam will maintain a web-based form for third parties to submit claims regarding false and or inaccurate Whois data and Infibeam will forward credible claims to the Registrar for investigation⁄resolution. Infibeam will follow up after 7 days to verify that the claim has been satisfactorily resolved. Failure of the Registrar or Registrant to resolve the problem will result in Infibeam placing the domain name on hold, absent extraordinary circumstances. This proactive approach is much more robust than the current process which ICANN has implemented.
1.5.1 Regular Monitoring of Registration Data for Accuracy and Completeness
As part of their Registry-Registrar Agreement, all .ooo Registrars will be required to revalidate Whois data for each record they have registered on a bi-annual basis. This revalidation will require the Registrant to affirmatively respond to a confirmation email sent out within a set period of time. While Infibeam reserves the right to suspend domain names that are not verified in a timely manner, Infibeam will engage in other outreach to the Registrant prior to suspending any domain name. As part of the .ooo gTLD Abuse reporting system, users can report missing or incomplete Whois data via the registry website. Infibeam will also perform randomized audits of verified Whois information to ensure compliance and accuracy.
Additionally, Verisign, Infibeam’s selected backend registry services provider, has established policies and procedures to encourage registrar compliance with ICANN’s Whois accuracy requirements. Verisign provides the following services to Infibeam for incorporation into its full-service registry operations.
Registrar self certification. The self-certification program consists, in part, of evaluations applied equally to all operational ICANN accredited registrars and conducted from time to time throughout the year. Process steps are as follows:
•Verisign sends an email notification to the ICANN primary registrar contact, requesting that the contact go to a designated URL, log in with his⁄her Web ID and password, and complete and submit the online form. The contact must submit the form within 15 business days of receipt of the notification.
•When the form is submitted, Verisign sends the registrar an automated email confirming that the form was successfully submitted.
•Verisign reviews the submitted form to ensure the certifications are compliant.
•Verisign sends the registrar an email notification if the registrar is found to be compliant in all areas.
•If a review of the response indicates that the registrar is out of compliance or if Verisign has follow-up questions, the registrar has 10 days to respond to the inquiry.
•If the registrar does not respond within 15 business days of receiving the original notification, or if it does not respond to the request for additional information, Verisign sends the registrar a Breach Notice and gives the registrar 30 days to cure the breach.
•If the registrar does not cure the breach, Verisign terminates the Registry-Registrar Agreement (RRA).
Whois data reminder process. Verisign regularly reminds registrars of their obligation to comply with ICANN’s Whois Data Reminder Policy, which was adopted by ICANN as a consensus policy on 27 March 2003 (http:⁄⁄www.icann.org⁄en⁄registrars⁄wdrp.htm). Verisign sends a notice to all registrars once a year reminding them of their obligation to be diligent in validating the Whois information provided during the registration process, to investigate claims of fraudulent Whois information, and to cancel domain name registrations for which Whois information is determined to be invalid.
1.6 Malicious or Abusive Behavior Definitions, Metrics, and Service Level Requirements for Resolution
Infibeam defines Malicious and Abusive behavior based on but not limited to the following definitions;
•Phishing is a criminal activity employing tactics to defraud and defame Internet users via sensitive information with the intent to steal or expose credentials, money or identities. A phishing attack begins with a spoofed email posing as a trustworthy electronic correspondence that contains hijacked brand names i.e. (financial institutions, credit card companies, e-commerce sites). The language of a phishing email is misleading and persuasive by generating either fear and⁄or excitement to ultimately lure the recipient to a fraudulent Web site. It is paramount for both the phishing email and Web site to appear credible in order for the attack to influence the recipient. As with the spoofed email, phishers aim to make the associated phishing Web site appear credible. The legitimate target Web site is mirrored to make the fraudulent site look professionally designed. Fake third-party security endorsements, spoofed address bars, and spoofed padlock icons falsely lend credibility to fraudulent sites as well. The persuasive inflammatory language of the email combined with a legitimate looking Web site is used to convince recipients to disclose sensitive information such as passwords, usernames, credit card numbers, social security numbers, account numbers, and mother’s maiden name.
•Malware is malicious software that was intentionally developed to infiltrate or damage a computer, mobile device, software and⁄or operating infrastructure or website without the consent of the owner or authorized party. This includes, amongst others, Viruses, Trojan horses, and worms.
•Domain Name or Domain Theft is the act of changing the registration of a domain name without the permission of its original registrant.
•Botnet Command and Control: Services run on a domain name that is used to control a collection of compromised computers or “zombies,” or to direct Distributed Denial of Service attacks (DDoS attacks)
•Distribution of Malware: The intentional creation and intentional or unintentional distribution of “malicious” software designed to infiltrate a computer system without the owner’s consent, including, without limitation, computer viruses, worms, keyloggers, and Trojans.
•Fast Flux Attacks⁄Hosting: A technique used to shelter Phishing, Pharming, and Malware sites and networks from detection and to frustrate methods employed to defend against such practices, whereby the IP address associated with fraudulent sites are changed rapidly so as to make the true location of the sites difficult to find.
•Hacking: Unauthorized access to a computer network;
•Pharming: The redirecting of unknown users to fraudulent sites or services, typically through, but not limited to, DNS hijacking or poisoning;
•Spam: The use of electronic messaging systems to send unsolicited bulk messages. The term applies to email spam and similar abuses such as instant messaging spam, mobile messaging spam, and spamming of websites and Internet forums.
Further abusive behaviours include, but are not limited to; Cybersquatting,Front-Running,Gripe Sites, Deceptive and⁄or Offensive Domain Names,Fake Renewal Notices,Cross-TLD Registration Scam,Name Spinning,Pay-per-Click,Traffic Diversion,False Affiliation,Domain Kiting ⁄ Tasting, fast‐flux, botnet command and‐control and 419 scams.
Infibeam’s Policies and Procedures for Handling Complaints Regarding Abuse as defined in this section.
Infibeam will staff a Single Point of Contact Abuse Team to address abuse and malicious use complaints. The role of the abuse team is to monitor registry services and review complaints lodged online by end users, customers, or from Law Enforcement. The complaints are managed in accordance with the Acceptable Use Policies (AUP) and Terms of Service which allows the Abuse Team discretion to suspend a domain instantly or send the complaint thru the appropriate escalation channel for complaint resolution.
Complaints are received via email as noted on the registry website. Registrars will have a dedicated hotline, email address, and personnel for filing direct requests. Complaints may be submitted 24x7. We will acknowledge the complaint within one business day and will provide the requestor acceptance and⁄or resolution within three business days depending on severity and complexity of the complaint.
Infibeamʹs Abuse Policies recognize many forms of abuse related to the registrations and use of domain names. Abuses and their respective mitigation strategy listed here is not an exhaustive list, but is meant to highlight general process and procedure by which we will manage the most common forms of abuse.
For less severe complaint such as incidents of spam and malware, our plan is to investigate the complaint, determine validity, contact the registrant and resolve the issue within 3 days. Many times this will happen sooner.
For more serious offenses such as Phishing, Illegal Access to other Computers or Networks, etc, we have the right to and many times will suspend the domain, conduct an investigation, contact the registrant and mitigate the offense. Depending on severity, goal is to rectify the situation within 24 hours. If necessary, proper law enforcement authorities will be contacted to relay the results of the incident. You can find more information about the draft process in the attached document ‘dot ooo Q28 Process’.
1.7 Controls to Ensure Proper Access to Domain Functions
There will be a contractual requirement between Infibeam and all .ooo accredited registrars for the mandatory sharing of information regarding instances of abuse, where legally applicable. This qualification is necessary as there may be instances where registration authorities are prohibited by law from sharing information with third parties.
1.7.1 Multi-Factor Authentication
To ensure proper access to domain functions, Infibeam incorporates Verisign’s Registry-Registrar Two-Factor Authentication Service into its full-service registry operations. The service is designed to improve domain name security and assist registrars in protecting the accounts they manage by providing another level of assurance that only authorized personnel can communicate with the registry. As part of the service, dynamic one-time passwords (OTPs) augment the user names and passwords currently used to process update, transfer, and⁄or deletion requests. These one-time passwords enable transaction processing to be based on requests that are validated both by “what users know” (i.e., their user name and password) and “what users have” (i.e., a two-factor authentication credential with a one-time-password).
Registrars can use the one-time-password when communicating directly with Verisign’s Customer Service department as well as when using the registrar portal to make manual updates, transfers, and⁄or deletion transactions. The Two-Factor Authentication Service is an optional service offered to registrars that execute the Registry-Registrar Two-Factor Authentication Service Agreement. As shown in Figure 28-1, the registrars’ authorized contacts use the OTP to enable strong authentication when they contact the registry. There is no charge for the Registry-Registrar Two-Factor Authentication Service. It is enabled only for registrars that wish to take advantage of the added security provided by the service.
2. TECHNICAL PLAN THAT IS ADEQUATELY RESOURCED IN THE PLANNED COSTS DETAILED IN THE FINANCIAL SECTION
Resource Planning
Infibeam is a leader in e-commerce, a rapidly growing company based in Ahmedabad, India, serving one of the most populous nations on the globe. Since 2007, Infibeam.com has been a one-stop online outlet for apparel; beauty supplies; books; health goods; jewelry; technology; toys; and many other goods. In 2011 it empowered brick-and-mortar retailers by offering them access to Internet users via the BuildaBazaar.com platform. Retailers operating BuildaBazaar.com retailers include apparel stores, bookstores, electronics outlets, jewelry retailers, and other consumer and business needs. The company is well-loved by its customers, with more than 900,000 fans on Facebook. Infibeam was named a Top 5 Digital Brand in September 2010 in a survey conducted by the Economic Times.
The .ooo gTLD will be fully supported by a cross function team of Infibeam professionals. Numbers and types of employees will vary for each function but Infibeam projects it will use the following personnel to support the resource planning requirements:
•Marketing manager 1
•Marketing director 1
•Customer support 4
•Technical support 1
•Legal 1
•Accounting 1
Resource Planning Specific to Backend Registry Activities
Verisign, Infibeam’s selected backend registry services provider, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a gTLD. Verisign routinely adjusts these staffing models to account for new tools and process innovations. These models enable Verisign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, Verisign derived the necessary personnel levels required for this gTLD’s initial implementation and ongoing maintenance. Verisign’s pricing for the backend registry services it provides to Infibeam fully accounts for cost related to this infrastructure, which is provided as “Total Critical Registry Function Cash Outflows” (Template 1, Line IIb.G) within the Question 46 financial projections response.
Verisign employs more than 1,040 individuals of which more than 775 comprise its technical work force. (Current statistics are publicly available in Verisign’s quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, Verisign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving Verisign’s ability to align personnel resource growth to the scale increases of Verisign’s TLD service offerings.
Verisign projects it will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support abuse prevention and mitigation:
•Application Engineers: 19
•Business Continuity Personnel: 3
•Customer Affairs Organization: 9
•Customer Support Personnel: 36
•Information Security Engineers: 11
•Network Administrators: 11
•Network Architects: 4
•Network Operations Center (NOC) Engineers: 33
•Project Managers: 25
•Quality Assurance Engineers: 11
•Systems Architects: 9
To implement and manage the .ooo gTLD as described in this application, Verisign, Infibeam’s selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, Verisign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.
When usage projections indicate a need for additional staff, Verisign’s internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, Verisign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as Verisign holds all contributing staff members accountable to the same procedures that guide its execution of the Internet’s largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, Verisign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.
3. POLICIES AND PROCEDURES IDENTIFY AND ADDRESS THE ABUSIVE USE OF REGISTERED NAMES AT STARTUP AND ON AN ONGOING BASIS
3.1 Start-Up Anti-Abuse Policies and Procedures
As stated earlier, Infibeam has included as an attachment its draft AUP. Prior to finalizing this policy, Infibeam will undertake a review of other Abuse and Acceptable Policies from similar gTLD registry operators to develop a best-in-class policy that will provide it with the appropriate legal authority to take prompt and decisive action when necessary. While Infibeam is currently envisioning a separate standalone Abuse Policy, it reserves the right to incorporate this Abuse Policy into a broader Acceptable Use Policy.
3.2 Ongoing Anti-Abuse Policies and Procedures
3.1 Policies and Procedures That Identify Malicious or Abusive Behavior
VeriSign, Infibeam’s selected backend registry services provider, provides the following service to Infibeam for incorporation into its full-service registry operations.
Malware scanning service. Registrants are often unknowing victims of malware exploits. Verisign has developed proprietary code to help identify malware in the zones it manages, which in turn helps registrars by identifying malicious code hidden in their domain names.
Verisign’s malware scanning service helps prevent websites from infecting other websites by scanning web pages for embedded malicious content that will infect visitors’ websites. Verisign’s malware scanning technology uses a combination of in-depth malware behavioral analysis, anti-virus results, detailed malware patterns, and network analysis to discover known exploits for the particular scanned zone. If malware is detected, the service sends the registrar a report that contains the number of malicious domains found and details about malicious content within its gTLD zones. Reports with remediation instructions are provided to help registrars and registrants eliminate the identified malware from the registrant’s website.
3.2 Policies and Procedures That Address the Abusive Use of Registered Names
Suspension processes. In the case of domain name abuse, Infibeam will determine whether to take down the subject domain name. Verisign, Infibeam’s selected backend registry services provider, will adhere to the following auditable processes to comply with the suspension request.
Verisign Suspension Notification. Infibeam submits the suspension request to Verisign for processing, documented by:
•Threat domain name
•Registry incident number
•Incident narrative, threat analytics, screen shots to depict abuse, and⁄or other evidence
•Threat classification
•Threat urgency description
•Recommended timeframe for suspension⁄takedown
•Technical details (e.g., Whois records, IP addresses, hash values, anti-virus detection results⁄nomenclature, name servers, domain name statuses that are relevant to the suspension)
•Incident response, including surge capacity
Verisign Notification Verification. When Verisign receives a suspension request from Infibeam it performs the following verification procedures:
•Validate that all the required data appears in the notification.
•Validate that the request for suspension is for a registered domain name.
•Return a case number for tracking purposes.
Suspension Rejection. If required data is missing from the suspension request, or the domain name is not registered, the request will be rejected and returned to Infibeam with the following information:
•Threat domain name
•Registry incident number
•Verisign case number
•Error reason
Registrar Notification. Once Verisign has performed the domain name suspension, and upon Infibeam’s request, Verisign notifies the registrar of the suspension. Registrar notification includes the following information:
•Threat domain name
•Registry incident number
•Verisign case number
•Classification of type of domain name abuse
•Evidence of abuse
•Anti-abuse contact name and number
•Suspension status
•Date⁄time of domain name suspension
Registrant Notification. Once Verisign has performed the domain name suspension, and upon Infibeam’s request, Verisign notifies the registrant of the suspension. Registrant notification includes the following information:
•Threat domain name
•Registry incident number
•Verisign case number
•Classification of type of domain name abuse
•Evidence of abuse
•Registrar anti-abuse contact name and number
Upon Infibeam’s request, Verisign can provide a process for registrants to protest the suspension.
Domain Suspension. Verisign places the domain to be suspended on the following statuses:
•serverUpdateProhibited
•serverDeleteProhibited
•serverTransferProhibited
•serverHold
Suspension Acknowledgement. Verisign notifies Infibeam that the suspension has been completed. Acknowledgement of the suspension includes the following information:
•Threat domain name
•Registry incident number
•Verisign case number
•Case number
•Domain name
•Infibeam abuse contact name and number, or registrar abuse contact name and number
•Suspension status
4. WHEN EXECUTED IN ACCORDANCE WITH THE REGISTRY AGREEMENT, PLANS WILL RESULT IN COMPLIANCE WITH CONTRACTUAL REQUIREMENTS
Infibeam believes that the proposed tapestry of protections that involve both proactive and reactive mechanism will provide an unmatched level of security and anti-abuse activity within the .ooo gTLD. These mechanisms will be hard coded into both the Registry-Registrar Agreement as well as the Registrant Registration Agreement.
Infibeam is fully committed to improving the completeness and accuracy of Whois data and to preventing and mitigating domain name abuse in the .ooo gTLD. We strongly believe the efforts that we have lain out will go a long way in this critical area and most certainly meet the requirements as outlined by ICANN.
The fight against domain name abuse is not a static fight. The tactics used by malicious parties are constantly evolving and Infibeam is committed to evolving our systems to address these ongoing threats, not simple because ICANN requires it, but also because it is in our client’s interests.
5. TECHNICAL PLAN SCOPE⁄SCALE THAT IS CONSISTENT WITH THE OVERALL BUSINESS APPROACH AND PLANNED SIZE OF THE REGISTRY
Scope⁄Scale Consistency
Infibeam is confident that the distribution of validation⁄verification services between itself and .ooo accredited Registrars will provide the level of protection needed to minimize potential abuse activity within the .ooo gTLD.
Scope⁄Scale Consistency Specific to Backend Registry Activities
Verisign, Infibeam’s selected backend registry services provider, is an experienced backend registry provider that has developed and uses proprietary system scaling models to guide the growth of its TLD supporting infrastructure. These models direct Verisign’s infrastructure scaling to include, but not be limited to, server capacity, data storage volume, and network throughput that are aligned to projected demand and usage patterns. Verisign periodically updates these models to account for the adoption of more capable and cost-effective technologies.
Verisign’s scaling models are proven predictors of needed capacity and related cost. As such, they provide the means to link the projected infrastructure needs of the .ooo gTLD with necessary implementation and sustainment cost. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its scaling models, Verisign derived the necessary infrastructure required to implement and sustain this gTLD. Verisign’s pricing for the backend registry services it provides to Infibeam fully accounts for cost related to this infrastructure, which is provided as “Other Operating Cost” (Template 1, Line I.L) within the Question 46 financial projections response.
Similar gTLD applications: (0)
gTLD | Full Legal Name | E-mail suffix | z | Detail |