28 Abuse Prevention and Mitigation
Prototypical answer:
gTLD | Full Legal Name | E-mail suffix | Detail | .ntt | NIPPON TELEGRAPH AND TELEPHONE CORPORATION | ml.hco.ntt.co.jp | View |
28.1. Abusive Prevention & Mitigation
As described in the answers for #18 (Mission⁄purpose), .ntt will restrict the registration and the use of the domain names to NTT and NTT Subsidiaries. NTT will evaluate and qualify the second level domain name prior to registering any additional domain names to .ntt, and through this proprietary process, NTT projects no more than about 1,000 domain name registrations for .ntt.
28.2. Single Point of Contact for Abusive Activities
As the .ntt Registry, NTT will establish and publish the following notification on our own .ntt website:
Example:
For any abusive or illegal activities occurring within the .ntt namespace, please report or contact NTT as follows:
Email:abuse-contact@registry.ntt (TBD)
Mailing address: (TBD)
NTT will do our utmost to respond to all inquiries within 72 hours. However, if for any reason we are unable to respond within 72 hours, then an auto-reply message will be sent acknowledging that NTT has received the inquiry and that it is currently under investigation.
--------------------------------------------------------------------------------------------------------
The above notification will be provided on the NTT official Web site, in both English and Japanese.
As the .ntt Registry, we will collaborate cohesively with the Registrar to address and resolve any potential abusive registration.
28.3. Anti-abuse Policy
NTT is committed to developing and implementing policies that minimize abusive registration activities that affect the legal rights of others. The following is the current proposed draft of the ʺ.ntt Anti-Abuse Policy.ʺ
--------------------------------------------------------------------------------------------------------
.ntt Anti-abuse Policy (draft)
NTT is committed to minimizing abusive registration activities and other illegal activities within the .ntt namespace, by including the following legal terms and conditions into all .ntt domain name registration agreements:
The nature of such abuses creates security and stability issues for the registries, registrars and registrants, as well as for the users of the Internet in general. NTT defines abusive use of a domain name to include, without limitation, the following illegal or fraudulent actions
- Botnet commands and control:Services run on a domain name that are used to control a collection of compromised computers or ʺzombies,ʺ or to direct denial-of-service attacks (i.e. DDoS attacks) ;
- Distribution of child pornography;
- Fast flux hosting:Use of fast-flux techniques to disguise the location of Web sites or other Internet services, or to avoid detection and mitigation efforts, or to host illegal activities. Fast-flux techniques use DNS to frequently change the location on the Internet to which the domain name of an Internet host or name server resolves. Fast flux hosting may be used only with prior permission of .ntt;
- Pharming:The redirecting of unknowing users to fraudulent sites or services, typically through DNS hijacking or poisoning;
- Phishing:The use of counterfeit Web pages that are designed to trick recipients into divulging sensitive data such as usernames, passwords, or financial data;
- Spam:The use of electronic messaging systems to send unsolicited bulk messages. The term applies to e-mail spam and similar abuses such as instant messaging spam, mobile messaging spam, and the spamming of Web sites and Internet forums. An example, for purposes of illustration, would be the use of email in denial-of-service attacks;
- Willful distribution of malware:The dissemination of software designed to infiltrate or damage a computer system without the ownerʹs informed consent. Examples include, without limitation, computer viruses, worms, keyloggers, and trojan horses; and
- Illegal Access to Other Computers or Networks:Illegally accessing computers, accounts, or networks belonging to another party, or attempting to penetrate security measures of another individualʹs system (often known as ʺhackingʺ). Also, any activities that might be used to attempt on system penetration (e.g. port scan, stealth scan, or other information gathering activity) are included.
NTT will reserve the right to deny, cancel or transfer any registration or transaction, or place any domain name (s) on registry lock, hold or similar status as it deems necessary, in its discretion; (1) to protect the integrity and stability of the registry; (2) to comply with any applicable laws, government rules or requirements, requests of law enforcement, or any dispute resolution process; (3) to avoid any liability, civil or criminal, on the part of NTT, as well as its affiliates, subsidiaries, officers, directors, and employees; (4) per the terms of the registration agreement; (5) to correct mistakes made by NTT or any Registrar in connection with a domain name registration; or (6) due to abusive uses, as defined above, undertaken with respect to .ntt domain names. NTT also reserves the right to place upon registry lock, hold or similar status a domain name during resolution of a dispute.
All reports of abuse should be sent to abuse-contact@registry.ntt (TBD).
--------------------------------------------------------------------------------------------------------
28.4. Removal of Orphan Glue Records
.ntt has carefully read the guidance provided by ICANNʹs Security and Stability Advisory Committee (SSAC) in SAC 048 (SSAC Comment on Orphan Glue Records in the Draft Applicant Guidebook), and will agree with the following statement:
Orphaned glue can be used for abusive purposes; however, the dominant use of orphaned glue supports the correct and ordinary operation of the DNS.
Please See:http:⁄⁄www.icann.org⁄en⁄committees⁄security⁄sac048.pdf
Therefore, when a registration of a parent domain name is deleted due to expiration, or any other reasons for that matter, the glue record of such parent domain name shall be also deleted. This practice is consistent with the third registry policy listed in Section 4.3 of the SAC 048. In addition, the glue records not allocated to .ntt shall not be used in any .ntt zone files.
In addition to the restricted nature of the .ntt TLD, as identified in the answer for #18 (Mission⁄purpose), and working closely with each of the domain name registrants, NTT believes that our implementation of the third registry policy listed in Section 4.3 of the SAC 048 will be the most prudent course of action to mitigate any potential abusive activity within the .ntt namespace.
28.5. Enforcing Whois Accuracy
As described in the answer for #18 (Mission⁄purpose), the registration and the use of .ntt domain names will be limited to NTT and NTT Subsidiaries. Therefore, no domain names will be allocated within the .ntt name space unless NTT identifies the requesting party as one of an NTT Subsidiary.
We also ensure that .ntt will promptly update any changes in the .ntt Whois information, and that we will revalidate the Whois information on a periodic basis.
28.6. Policies and Procedures Regarding Malicious or Abusive Behavior, Capture Metrics, and Establish Service Level Requirements for Resolution, Including Service Levels for Responding to Law Enforcement Requests
As described in the answer for #28.3 (Anti-abuse Policy), NTT will establish the ʺAnti-Abuse Policyʺ including the definition of abusive uses.
As described in the answer for #18 (Mission⁄purpose), we intend to provide the second level domain of .ntt for NTT Subsidiaries, and NTT will be the sole registrant of .ntt.
NTT will take the appropriate measures if NTT receives the investigative documents relevant to domain names registered in .ntt, from any UDRP Providers, URS Providers, and other law enforcements.
28.7. Adequate Controls to Ensure Proper Access to Domain Functions
As described in the answer for #18 (Mission⁄purpose), NTT will be the sole registrant of .ntt and we intend to provide the second level domain of .ntt for NTT Subsidiaries.
NTT will assign a person in charge for administrating the .ntt domain name registrations (i.e., registration, renewal, modification of registration information, deletion, etc.)
The administrator described above will comply with the NTTʹs company rules, and will be required to obtain an authorization from the supervisor (or a proper manager in charge), for any administrative actions to be taken against .ntt domain names.
The supervisor will manage IDs and Passwords, and if the administrator or supervisor is transferred to another business section then the Passwords will be replaced with new ones.
28.8. Trademark Protection Mechanism
.ntt will offer a tapestry of original Rights Protection Mechanisms (RPMs), which was envisioned by ICANNʹs Trademark Implementation Recommendation Team (IRT). The mechanisms include, but not limited to, Closed Registry ⁄ Pre-Verification, Trademark Claims Services, Sunrise Services, Uniform Domain Name Dispute-Resolution Policy (UDRP), Uniform Rapid Suspension System (URS), and Trademark Post Delegation Dispute Resolution Procedure (Trademark PDDRP), and they will minimize the possibility of any abusive registrations within the .ntt. Each of these proposed RPMs are elaborated in more detail in the answer for #29 (Rights protection mechanisms).
28.9. Technical Resources
The Registry Operator for .ntt has a proven record of managing over 1.25 million registrations, and has structured a collaborative framework with security industry organizations that have made many efforts and accomplishments to prevent and mitigate abusive activities, including countermeasures for phishing.
28.10. Resource Planning
.ntt plans to implement necessary countermeasures to prevent and mitigate abusive activities for .ntt. Nevertheless, the second level domain names of .ntt will be provided for NTT Subsidiaries, and NTT itself will be the sole registrant. Moreover, as stated in the answer for #18 (Mission⁄purpose), our projection of the registration volume for the foreseeable future is about 1,000 at maximum, and therefore we suspect that the actual corresponding actions for those countermeasures required shall be limited.
The Registry Operator for .ntt will allocate appropriate staff members with substantial experiences in the TLD operations, and the Operator will enforce the countermeasures to prevent and mitigate abusive activities. As per more detailed and financial information about the allocated staff member is provided in the answer for #47.1.3 (Technical Labor).
Similar gTLD applications: (0)
gTLD | Full Legal Name | E-mail suffix | z | Detail |