Question 28: Concerns on Abuse Prevention and Mitigation
The Applicantís proposed registration policies for the .SAARLAND TLD will include robust protection mechanisms designed to preclude, prevent or at least mitigate abusive registrations and abusive use of registrations within the name space. The business model and purpose of the TLD as described in Question 18 a-c is based on substantial user confidence, trust and acceptance of by the target audience, therefore dotDaarland GmbH is highly incentivized in making sure that any abuse can be taken care of swiftly and effectively.
Accordingly, the Applicant will adopt a comprehensive reporting mechanism and set of registration policies to ensure a high level of security for the TLD.
dotDaarland GmbH will additionally:
- Develop a trusted method of communication for all correspondence between dotDaarland GmbH and the TLD?s registrars, to ensure only properly authorized registrar requests will be processed.
- Implement effective mechanisms for identifying and addressing patterns of abusive practices.
- Establish a point of contact for third-party reporting of abusive practices.
- Ensure accurate WHOIS data by implementing and enforcing a strict policy on maintained whois accuracy, which shall be passed down to registrants by the registrars in their registration agreements.
- Determine and implement a streamlined practice for addressing and removing orphan glue records.
- Develop, publish on its website and implement as binding registry policy an Anti-Abuse Policy, described in detail below, which provides applicable definitions of abuse and outlines steps dotDaarland GmbH will take to address any such situations.
- Continuously communicate with other registry operators on current trends in abusive behavior and effective countermeasures.
A. Point of Contact for Abuse Complaints
The abuse email inbox will be routinely and continuously monitored several times per day. Complainants will be provided with a responsive communication containing an auditable tracking or case number.
The abuse point of contact will be responsive and effective, tasked with answering email quickly, empowered to take effective action, and guided by well-defined written criteria. This role-based function will be performed by trained and qualified staff provided on a shared basis by the registry service provider as part of its service, who will ensure that the abuse point of contact has a broad familiarity with current industry knowledge and a high-level awareness of evolving online security risks. Initially, at least one shared employee of the registry service provider who has experience in abuse report handling will be tasked with overseeing the TLD as part of his/her duties. One or more additional employees will be trained in the role as well, in order to provide ìback upî assistance as needed. The abuse point of contact will be further supported by the registry backend service providers? technical staff in order to coordinate technical reactions necessary to respond to or mitigate abusive behavior in a timely manner. The technical registry service provider KSregistry GmbH is a subsidiary of Key-Systems GmbH, a top 10 gTLD domain name registrar with long-term involvement in ICANN, and is able to draw upon its parents years of experience in the handling of abuse reports, qualifying it to assist and advise dotSaarland GmbH and perform the role of abuse point of contact. The shared abuse point of contact will be further supported in more complex legal issues by a German Attorney at Law contracted through the registry service provider, with whom the primary abuse point of contact may consult and coordinate the correct management of disputes and reported abuse. With regard to the comparatively low estimated number of registrations, these allocated shared resources will be sufficient to handle the expected initial volume of abuse complaints. Abuse complaint metrics will be tracked and reviewed carefully each year, and adequate resources will be expended to ensure appropriate trending of those metrics, thus providing the abuse point of contact with sufficient resources.
Given the Applicantís belief that infrastructure protection, rights protection, and user security are of paramount importance for a TLD, the Applicant expects to ensure sufficient resources for this critical role by utilizing the services of KSregistry GmbH, and to do whatever is reasonably necessary to ensure a secure and trusted zone.
B. Anti-Abuse Policy
The Applicant will develop and implement upon launch of the TLD an Anti-Abuse Policy (AAP). The AAP will be made binding for all registrants by contractually obligating registrars through the Registry-Registrar Agreement to pass on the AAP as part of their registration agreements. The AAP will also be published prominently on the Registry website alongside the abuse point of contact and with instructions on how to best report any suspected violations of the AAP to the registry.
The AAP will be based on and expand upon existing registry policies to ensure best industry practice is followed. The goal of the AAP is to limit significant harm to internet users, to enable the Applicant or accredited registrars to investigate and to take action in case of malicious use of domain names and to deter registrants from engaging in illegal or fraudulent use of domain names.
The Applicant defines abuse as an action that causes actual and substantial harm, or is a material predicate of such harm, and is illegal, illegitimate, or otherwise contrary to Company policy.
ìAbuseî includes, but is not limited to, the following:
- Use of a domain to defraud or attempt to defraud members of the public in any way
- Use of a domain to distribute or publish hateful, defamatory, or derogatory content based on racial, ethnic, or political grounds, intended or generally able to cause or incite injury, damage or harm of any kind to any person or entity
- Use of a domain name to publish content threatening or invading the privacy or property rights of a third party
- Use of a domain name to publish content that infringes the trademarks, copyrights, patent rights, trade secrets or other intellectual property rights, or any other legal rights of the Applicant or any third party, or any action infringing on the named rights
- Violation of any applicable local, state, national or international law or regulation
- Use of a domain name for the promotion, involvement in or assisting in, illegal activity of any kind, as well as the promotion of business opportunities or investments that are not permitted under applicable law
- Advertisement or offer for sale any unlawful goods or services in breach of any national or international law or regulation
- Use of domain names to contribute to the sale or distribution of prescription medication without a valid prescription as well as the sale and distribution of unlicensed or unapproved medication
- Distribution of Child Pornography or other content depicting minors engaged in any activity of a sexual nature or which may otherwise harm minors
- Use of domain names to cause minors to view sexually explicit material
- Any use of domain names with regard to spam in any form, including through e-mail, instant messaging, mobile messaging, or the spamming of Web sites or Internet forums, as well as advertising for a domain name through spam
- Initiation or intentional participation in denial-of-service attacks (ìDDoS attacksî)
- The use of domain names in phishing activities, tricking Internet users into divulging personal data such as usernames, passwords, or financial data
- The use of domain names in pharming, such as DNS hijacking and poisoning
- The use of domain names for the intentional distribution of spyware, botware, keylogger bots, viruses, worms, trojans or other forms of malware
- The use of a domain name in unauthorized fast flux hosting, disguising the location of internet addresses or Internet services. Fast flux hosting may be used only with prior permission of the Applicant
- The use of domain names to command and control botnets, i.e. a network of compromised computers or ìzombiesî
- The use of domain names in activities intended to gain illegal access to other computers or networks (ìhackingî), as well as any activity to prepare for such system penetration
In accordance with best practices in current generic Top Level Domains, the Applicant reserves the right to either directly or through the issuing of a request to an accredited registrar deny, cancel or transfer any registration or transaction, or place any domain name(s) on permanent or temporary registry lock, hold or similar status, that it deems necessary, in its discretion:
- to protect the integrity and stability of the .SAARLAND TLD and/or prevent the abuse of any .SAARLAND domain name
- to comply with any applicable laws, government rules or requirements, requests of law enforcement, or any dispute resolution process
- to avoid any liability, civil or criminal, on the part of the dotsaarland GmbH, as well as its affiliates, subsidiaries, officers, directors, and employees
- per the terms of the Registry Agreement or
- to correct mistakes made by dotsaarland GmbH, Registry Service Provider or any Registrar(s) in connection with a domain name registration
The Applicant also reserves the right to place a domain upon registry lock, hold or similar status name during resolution of an investigation or dispute.
C. Handling of Abuse Reports
All abuse reports received by the abuse point of contact will be tracked internally in a ticketing system to ensure accountability and ease of reference, and a tracking number will be provided to the reporter. Each report will be carefully reviewed and evaluated regarding its credibility, to determine whether the reported issue is an abuse concern and to assess the required action(s), if any. The Applicant will work in cooperation with the sponsoring registrar as well as with the registry service provider to rapidly address potential threats or abuse complaints, investigate all reasonable complaints, and take any appropriate action(s) thereto.
dotsaarland GmbH will implement all valid court orders or seizure warrants from courts, arbitration tribunals, or law enforcement agencies of applicable jurisdictions as a top priority. dotsaarland GmbH will further work closely with law enforcement agencies if necessary and provide them with an additional, fast-track access to the abuse point if contact.
Based upon the applicable registration policies and the estimated size of the TLD dotsaarland GmbH does not expect further measures to be required to effectively prevent or stop malicious use. In case of an unexpected volume of credible abuse complaints, dotSaarland GmbH will take advantage of additional resources such as spam databases and blocklists, anti-phishing feeds, analysis of registration data, and DNS queries.
D. Orphan Glue Records
According to the ICANN SSAC paper SAC048 at: http://www.icann.org/en/committees/security/sac048.pdf orphan glue records are defined as follows:
ìBy definition, orphan records used to be glue records. A glue record becomes an ëorphaní when the delegation point NS record referencing it is removed without also removing the corresponding glue record. The delegation point NS record is sometimes referred to as the parent NS record.î
An orphan glue record can occur whenever a domain is placed in ServerHold or ClientHold status. In these cases, the domain is removed from the zone file but existing name servers of this domain will be kept in the zone file so that other sites which are still using these name servers are still kept functional.
ìexample.stringî is deleted from the zone file by setting to ServerHold status, but ìns1.example.stringî will be kept in the zone file.
D.1 Prevention of Orphan Glue Records During Domain Deletion
Deleting a domain name is only possible if there are no glue records used by other domains associated with the domain being deleted.
If there are glue records available but not used by other domains in the registry, the glue records will be deleted prior to the domain deletion. Whenever there are glue records available which are still in use, this has to be resolved first. If there are no glue records at all the domain can be deleted instantly.
Solving the problem of glue records for domains which are supposed to be deleted can be done by checking the zone file. The zone file reveals the domains which are using the name servers. Once the required information is available, the named registrars must be contacted and new name servers should be set for the remaining domains in order to release the glue records.
In cases where glue records are being used in a malicious way, the abuse point of contact has to be contacted. The abuse point of contact will check this issue and take any appropriate actions, which may result in removing relevant records from the zone file in case the abuse complaint is valid.
E. Preventive Countermeasures
Pharming is an abusive practice used to gain illegal access to personal and confidential internet user information by diverting internet traffic through the manipulation of the information between the recursive resolver name server and the client software (e.g. web browser) (DNS-cache poisoning). Since pharming is commonly accomplished by redirecting traffic at the recursive DNS level, mitigation is most effective at the ISP level.
However, as an added countermeasure, the Registry Service Provider will sign the domain zone using DNSSEC, as detailed in the answer to question 35, allowing the relying party to establish a chain of trust from the DNS root down to the domain name, thus validating DNS queries in the zone.
Registrars will be encouraged to use a DNSSEC enabled DNS hoster and to provision the related delegation signers (originating from the DNS hoster) to KSregistryís SRS via EPP. This way it will be possible for the relying party to validate DNS queries and to protect from DNS tampering to a certain degree.
DNSSEC is a set of records and protocol modifications that provide authentication of the signer of the DNS data, verification of integrity of the DNS data against modification, non-repudiation of DNS data that have been signed, and authenticated denial of existence of DNS records. DNS data secured with DNSSEC are cryptographically signed and incorporate asymmetric cryptography in the DNS hierarchy, whereby trust follows the same chain as the DNS tree, meaning that trust originates from the root and is delegated in the same way as the control of a domain. When a domain name in the TLD is requested by a browser, the signature is validated with the public key stored in the parent zone.
F. Promoting Accurate WHOIS Data
dotsaarland GmbH is committed to maintaining the .SAARLAND space as a safe, secure online environment. A key component of such a plan is the creation and upkeep of accurate WHOIS records for the registry. As indicated in detail in the above answer to Question 26, the Applicant will develop policies to improve the accuracy and privacy of the data stored in the WHOIS database, and will further ensure that such records will be publicly-available to interested parties to the extent required by ICANN WHOIS policies and regulations as well as permitted by local law.
The WHOIS records for this TLD will constitute an authoritative ìthickî WHOIS, combining all applicable data and information for domain name registrants in a central location. The individual registrars offering this specific TLD domain names will be responsible, under the terms of the Registry-Registrar Agreement, for providing and promptly updating the WHOIS database with current, accurate and complete information as provided by the registrant and to promptly investigate any reports of inaccuracy of the WHOIS data. As publicly announced by ICANN, the next version of the Registrar Accreditation Agreement will expand the obligations of ICANN accredited registrars further by inclusion of required verification measures. These obligations will be mirrored with corresponding obligations and penalties in the Registry-Registrar agreement. The Registry Service Provider will as part of the service be responsible for monitoring such information and records to ensure that registrars comply with the contractual agreements to provide accurate data, including the use of field-valid telephone numbers and the use of country names as defined under ISO 3166. dotsaarland GmbH shall expressly reserve the right to cancel or suspend any domain name registrations within the space should a registrant fail to provide accurate or complete WHOIS information.
At all times, ICANNís WHOIS Data Problem Reporting System (WDPRS) will be available to anyone wishing to file a complaint regarding the accuracy or sufficiency of WHOIS records within this TLD, which will initiate an obligation of the sponsoring registrar and the registrant to verify the reported inaccuracy.
G. Ensuring Proper Access to Domain Functions
The Registry will be operated using a comprehensive and detailed authentication system designed to implement a wide range of registry functions for both internal operations and as external registrar access. Registrar access will be limited by IP address control lists and TLS/SSL certificates, as well as verification processes for proper authentication and appropriate limitations to restrict access to the sponsored objects.
Each domain name will be assigned a unique AUTH-INFO code. The AUTH-INFO code is a 6- to 16-character code assigned by the registrar at the time a domain is created and which can be modified by the registrar at any time. Its purpose is to aid in the identification of the domain owner so that proper authority can be established. For example, a registrar-to-registrar transfer can be initiated only by using the correct AUTH-INFO code, to ensure that domain updates (update contact information, transfer, or deletion) are undertaken by the authorized registrant. Access to the domainís AUTH-INFO code, stored in the registry, is limited to the sponsoring registrar and is accessible only via encrypted, password-protected channels.
Further security measures are anticipated and will be implemented in the new space, but are currently treated as confidential for security reasons. Accordingly, a full explanation of these mechanisms may be found in the response to Question 30(b).
H. Prevention of Conflicts of Interest during launch
dotSaarland GmbH is committed to preventing Conflict of Interest during the launch phases and will develop and implement policies containing restrictions to be applied to employees, contractors, consultants and significant investors of the Registry disallowing participation in Sunrise auctions and the evaluation of Founders applications.
I. References and Attachments