British Broadcasting Corporation

Broadcasting House Portland Place London - W1A 1AA GB

+44 208 743 8000

+44 208 008 1891

Tristram Biggs

R&D Executive (BBC R&D)

+44 208 008 4775

+44 208 008 5090

gtld_manager@bbc.co.uk

Nicole Mason

Client Project Manager

+44 207 421 8274

nicole.mason@consonum.com

Corporation incorporated by Royal Charter

United Kingdom

Attachments are not displayed on this form.

N/A

BBC

As the applied-for gTLD string is not an IDN and is consistent with the requirements of the Applicant Guidebook Section 2.2.1.3.2 (String Requirements), the BBC does not believe there are any known operational or rendering problems concerning the string.

The BBC is the worldʹs leading public service broadcaster. Its mission is to enrich peopleʹs lives with programmes that inform, educate and entertain.
Established by a Royal Charter in 1927, the BBC has six key public purposes:
1. Sustaining citizenship and civil society
The BBC provides high-quality news, current affairs and factual programming to engage its viewers, listeners and users in important current and political issues.
2. Promoting education and learning
The support of formal education in schools and colleges and informal knowledge and skills building outside of formal education contexts.
3. Stimulating creativity and cultural excellence
Encouraging interest, engagement and participation in cultural, creative and sporting activities across the UK.
4. Representing the UK, its nations, regions and communities
BBC viewers, listeners and users can rely on the BBC to reflect the many communities that exist in the UK.
5. Bringing the UK to the world and the world to the UK
The BBC builds a global understanding of international issues and broadens UK audiencesʹ experience of different cultures.
6. Delivering to the public the benefit of emerging communications technologies and services
Assisting people to get the best out of emerging media technologies both now and in the future.

As a Public Service Broadcaster, the BBC is funded by a licence fee paid by all UK television-viewing households. The BBC’s income from the licence fee funds its services, including 10 national TV channels plus regional programming, 10 national radio stations, 40 local radio stations and extensive website, online and on-demand services.
BBC World Service broadcasts to many countries around the world on radio, on TV and online, providing news and information in 27 languages as well as in English.

The BBC also has a number of commercial ventures, including BBC Worldwide and BBC World News, that make available BBC programming worldwide. Profits from these activities are returned to the BBC for investment in new programmes and services.

The BBCʹs Online services, predominantly offered through the BBC website at bbc.co.uk, offer a wide range of BBC programming, including news, sport, entertainment, weather, children’s programming and knowledge and learning.
The BBC website at bbc.co.uk has been developed to enable audience access on a variety of internet-connected devices, including tablets, smartphones and connected TVs, as well as computers.
The BBC’s website is also the place where audiences can access the BBC’s vast archive of radio and television programmes which are made available digitally and curated through the BBC iPlayer multi-platform for on-demand viewing.
In addition, the BBC offers an interactive television service, BBC Red Button, which provides audiences with a choice of content being broadcasted simultaneously, such as alternative tennis matches at Wimbledon, news headlines from the BBC News channel, or interactive games from the BBC’s children’s channel CBeebies.
The BBC is developing Online services to provide audiences with simple access to even more content on the latest internet-connected TVs to further deliver benefits of emerging technologies to the public.


The mission of a .BBC registry will be to enhance BBC Online services for its audiences in line with the BBC’s overall mission and public purposes by providing the BBC with a new technology platform for future innovation. Additionally the BBC registry is seeking to protect the integrity of the world famous BBC brand in the domain name system.

The purpose of a .BBC registry, which will be a standard registry as opposed to a community-based registry, is:

• To provide a new, stable, scaleable and secure platform for BBC Online services that is within the direct control of the BBC

• To keep the BBC at the forefront of internet technological developments

• To ensure that the integrity of the BBC brand is maintained. The BBC has a wide portfolio of registered intellectual property rights around the world and securing the term “BBC” in the domain name system is an extension of the BBC’s brand protection policies.

The global success of a .BBC registry will be judged in the long-term by the security, stability and innovation it brings to BBC audiences and users of BBC Online services and by the enhancement of the value in the BBC brand. The .BBC registry’s success will not be determined by the number of domains created or by income generated by registrations.

“How do you expect that your proposed gTLD will benefit registrants, internet users and others?”

The BBC anticipates that domains in the .BBC registry will not be issued for use by individuals but rather only operated by authorised representatives of the BBC. A .BBC registry will benefit BBC audiences at-large and specifically viewers, listeners and users of BBC Online content and services. Audiences will have access to the range of BBC Online services through the .BBC registry and it is anticipated that audiences will regard a .BBC domain as a sign of authenticity and quality of BBC Online services that can be trusted.

As the supply and distribution of .BBC domains will be strictly controlled, it is intended that the .BBC domains will be recognised as reliable signposts for access to BBC content and information.

i. “What is the goal of your proposed gTLD in terms of areas of speciality, service levels or reputation?”

The BBC believes it will be very beneficial to operate its own registry with shorter domain names that are universally applicable across the globe. The potential a .BBC registry offers for enhancing communication with BBC audiences is of importance to the BBC and consistent with the BBC’s overall mission and purpose.

The .BBC domain is a distinctive label that will become part of the overall BBC brand, and the BBC plans to utilise the .BBC domain in conjunction with its current portfolio of BBC domain names.

ii. “What do you anticipate your proposed gTLD will add to the current space in terms of competition, differentiation or innovation?”

Currently there are no gTLD registries dedicated to brand owners. The BBC values the opportunity of being amongst the first media organisations to apply for such dedicated brands.

The BBC expects that a .BBC gTLD will improve ease and access for the millions of people who use BBC Online services every day, and will identify and differentiate BBC content and services online.

The BBC also believes a .BBC gTLD will help fulfil the BBC’s mission and purpose of informing, educating and entertaining the public and delivering the benefit of emerging communications technologies and services.

iii. “What goals does your proposed gTLD have in terms of user experience?”

The BBC’s goals in terms of user experience are to have second level .BBC domain names that allow users direct access to BBC content and Online services in a stable, secure, scalable and trusted environment. We expect in the future that BBC audiences will benefit from using second-level .BBC domain names to access a full range of BBC Online services.

The BBC has significant experience in managing its portfolio of domain names via its corporate domain registrar. The BBC will ensure that enquiries regarding .BBC domains in our registry and our domain name policies will be managed in a timely fashion according to documented BBC procedures and industry best practice.

iv. “Provide a complete description of the applicant’s intended registration policies in support of the goals above”

The BBC Internet Domains Steering Group (IDSG), chaired by the BBC Domain Manager, is responsible for the development, maintenance and enforcement of the .BBC Registry Domain Management Policy (DMP). This policy defines the rules associated with eligibility and domain name allocation, sets out the terms governing the use of a .BBC domain name, and describes the dispute resolution policies for the .BBC TLD. This policy is intended to be updated and revised regularly to reflect the BBC’s strategic plans, public interest, industry best practice and, where appropriate, ICANN consensus policies. The policy is summarised below and subject to change as appropriate.

Registration of a .BBC domain name will be undertaken in four steps: Eligibility Confirmation, Naming Convention Check, Acceptable Use Review, and finally Registration.

All domains in the .BBC registry will remain the property of the BBC and will, subject to the .BBC Registry DMP and the BBC Domain Manager’s approval, be available to users of BBC divisions, departments and⁄or subsidiaries for a period of between 1 year and 10 years.

Checks will be undertaken to ensure that all applied for character strings conform to the BBC Naming Conventions. Each applied for A-label character string must:
• Be at least 1 character and no more than 63 characters long
• Not contain a hyphen on the 3rd and 4th position (except for IDNs)
• Contain only letters (a-z), numbers (0-9) and hyphens or a combination of these
• Start and end with an alphanumeric character, not a hyphen
• Not match any character strings reserved by ICANN
• Be checked against the Trademark Clearinghouse
• Not match any protected country names or territory names identified in the internationally recognized lists set forth in Specification 5 to the ICANN New gTLD Agreement, unless the BBC reaches agreement regarding release of such names with the applicable government or pursuant to a proposal reviewed by the ICANN Governmental Advisory Committee and approved by ICANN.

Internationalized domain names (IDN) may be supported in the .BBC registry at the second level.

Domains must be used solely for purposes that enhance the strategic goals of the BBC.

.BBC domains must not be registered or used in a way which knowingly infringes any third-party intellectual property rights.

A .BBC registration must be an acceptable term that will not give rise to any moral or public order questions or in any way damage the strategic interests or reputation of the BBC.

All .BBC domains will carry accurate and up to date registration records.

The .BBC registry will be ICANN compliant, interface with the Trademark Clearinghouse, operate a Sunrise and IP Claims process and enforce that all registrants comply with the UDRP and the URS processes.


v. “Will your proposed gTLD impose any measures for protecting the privacy of confidential information of registrants or users?”

As the .BBC registry will be operated within the United Kingdom, all data will be processed in conformity with the European Union’s and United Kingdom’s 1998 Data Protection Act and any other applicable Data Protection requirements.

The BBC will comply with the Personal Data obligations set forth in Section 2.10 of the Registry Agreement.


“Describe whether and in what ways outreach and communications will help to achieve your projected benefits?”

The .BBC registry will be closed to third parties and will be for use only by authorised representatives of BBC.

Outreach and communications appropriate to the operation of a .BBC registry in which the brand owner is the registrant of all second-level domain names will be undertaken to ensure that .BBC domains are issued and used in accordance with the BBC’s mission and purposes. For example, guidelines and policy statements will be produced and published defining how the .BBC domain will be used.

To assist BBC audiences and users of BBC Online services to understand that .BBC domains are for BBC Online services and are genuine and can be trusted, the BBC intends to create a home page for the registry with clear messaging and an audience enquiry process.

“What operating rules will you adopt to eliminate or minimize social costs (e.g. time or financial resource costs as well as various types of consumer vulnerabilities)? What other steps will you take to minimize negative consequences⁄costs imposed upon consumers?”

The BBC will ensure that the .BBC registry is set-up in line with the BBC’s mission and purpose, managed in accordance with BBC domain name policies and procedures, and that the registration of names within the .BBC registry is restricted to authorised representatives of the BBC. This will eliminate or significantly minimize social costs and negative consequences on consumers.

i. “How will multiple applications for a particular domain be resolved, for example, by auction or on a first come first served basis?”

The .BBC registry will be closed to third-parties, and there will therefore be no market in .BBC domains. We will not receive multiple applications for a particular domain and so there will be no need for any resolution.

ii. “Explain any cost benefits for registrants you intend to implement (e.g. advantageous pricing, introductory discounts, bulk registration discounts).”

As all .BBC domain names will be registered to the BBC (or its wholly owned subsidiaries) there will be no cost benefits for registrants.

iii. “The Registry Agreement requires that registrars be offered the option to obtain initial domain name registrations for periods of one to ten years at the discretion of the registrar, but no greater than 10 years. Additionally the Registry Agreement requires advance written notice of price increases. Do you intend to make contractual commitments to registrants regarding the magnitude of price escalation?”

The BBC IDSG will set the period of registration for .BBC domains. The BBC is making an application for the .BBC gTLD to support its mission and strategic goals and to protect the BBC brand, not to generate revenues from selling domains. All .BBC domains will be registered to the BBC (or under BBC Fair Trading guidelines, to its wholly-owned commercial subsidiaries) and therefore issues around pricing including price escalation are not relevant and contractual commitments will not be necessary. That aside, the BBC will comply with the provisions of Section 2.10 of the Registry Agreement.

Before launching the .BBC registry, BBC will develop and publish its policies and guidelines, setting out full details of how the registry will implement its vision and purpose as set out in this answer. BBC may adapt its policies and proposed use of the .BBC registry, in a manner consistent with the BBC’s public purposes, to reflect changes in its business and the adoption of new gTLDs by the community.

No

No

The BBC is committed to running .BBC in full compliance with all applicable laws, consensus policies, best practice guidelines, RFCs and the Specifications of the Registry Agreement. The BBC therefore commits that it will follow GAC advice and Specification 5 and block from initial registration (at no cost to governments or other applicable public authorities) those country and territory names contained in the following lists:

1. The short form (in English) of all country and territory names contained on the ISO 3166- 1 list, as updated from time to time, including the European Union; and
2. The United Nations Group of Experts on Geographical Names, Technical Reference Manual for the Standardization of Geographical Names, Part III Names of Countries of the World; and
3. The list of United Nations member states in 6 official United Nations languages prepared by the Working Group on Country Names of the United Nations Conference on the Standardization of Geographical Names.

The process for reserving these names, and hence blocking them from registration, will be agreed with our technical service provider Nominet, who has committed to supporting this process.

Because .BBC is a single entity registry, with all domains being held in the ownership of the BBC, and for purposes which serve the BBC’s strategic business aims, the reserved names cannot be offered to Governments or other official bodies for their own use as this would conflict with the Mission and Purpose of the TLD. However, for the same reason, they will not be offered to third parties.

We envisage that over time, there will be demand from brand TLDs leading to the development of a standardised process for requesting GAC review and ICANN approval for the release of country and territory names for registration by the Registry Operator when the registry is a single entity registry. When such a process is in place, the BBC expects to apply for the release of country and territory names within .BBC .At this time the BBC will develop a process to permit government, public authorities or other relevant bodies to challenge any use of a name which they perceive to be abusive.

The British Broadcasting Corporation (BBC) plans to create and operate a new dot BBC Top Level Domain. This will be a standard but closed domain registry, with additions, changes and deletions being made solely by the BBC itself. The registry will operate initially through a single independent registrar who will interface with Nominet, the registry services provider, through their standard registry services outlined below.

Nominet, the registry services provider, will administer a comprehensive list of registry services all of which are developed, managed and maintained in house. The services Nominet will provide are:

- Operation of authoritative nameservers for dot BBC
- Dynamic updates to zone files
- Extensible Provisioning Protocol (EPP)
- Dissemination of zone files
- Whois service (port 43 and web based)
- Searchable Whois
- Domain Name System Security Extensions (DNSSEC)
- Billing
- Customer support
- Abuse prevention

All registry services will be supported and reachable over both Internet Protocol (IP) Version 4 (IPv4) and IP Version 6 (IPv6).

It should be noted that Internationalised Domain Names (IDNs) are not being implemented for dot BBC.


DNS operations

Nominet will operate authoritative nameservers for dot BBC. The DNS constellation consists of a ʹhiddenʹ master nameserver, DNSSEC signer, one primary Unicast DNS node, six slave Unicast DNS nodes and four primary Anycast nodes.


Dynamic updates to zone files

All changes to nameservers for domain names result in an update to the dot BBC zone file. All zone file changes are applied dynamically for the most rapid publishing to DNS. Propagation of updates through the nameserver network will be done using incremental zone transfer (IXFR).


EPP

An EPP system, compliant with Request for Comments (RFC) 5730 will be provided for the BBCʹs chosen registrar(s) to register and administer domain names, contacts and nameservers. The EPP server is provided over TCP and is compliant with RFC 5734. EPP connectivity is protected using the Secure Sockets Layer (SSL) protocol.

Registrars may register new domain names in dot BBC using the object definitions given in RFC 5731. Once a domain name is registered, the registrar of record will be able to update, renew, delete and query that domain name, using the respective operations as defined in RFC 5731. All registrars may issue domain check or domain transfer operations using the EPP system. If a domain transfer operation is requested, the correct authInfo value must be provided by the new registrar. The registrar of record is notified and has five days to prevent the transfer from occurring.

Registrars may also issue requests to create new contact and host objects, in compliance with RFC 5733 and 5732 respectively. Only the registrar of record may then issue requests to update, delete and query contact and host objects in line with those RFCs. A delete operation will only be successful if there are no domain names linked to the object. Host update operations will be successful only if all the domain names linked to the host are sponsored by that registrar.

All ICANN accredited registrars that have signed a dot BBC registrar agreement will be eligible to use the EPP system. The identity of registrars will be verified with SSL certificates - if a valid SSL certificate is not used, the server will close the connection and no operations will be possible.

Registrars may only transform or query domain names if they are the registrar of record. The exception is for transfer operations, which may be requested by all registrars if they have access to the authInfo field for the domain name. The registrar of record may prevent transfer operations from completing.

Nominetʹs EPP server is fully standards compliant and all operations described by RFC 5730, RFC 5731, RFC 5732 and RFC 5733 will be accepted by the server. All inputs to the server are checked for validity and action is taken if an input will adversely affect the service provision. All data fields are sanitised to prevent Structured Query Language (SQL) Injection attacks. Bind variables are always used for database query statements. If a connection is open but unused for more than a given time, it is closed. If a registrar opens more than a given number of connections then the oldest connection is closed.

Nominetʹs EPP service is hosted at a primary data centre and fully replicated at a secondary data centre to ensure stability. Failover procedures are well practiced and comply with BS 25999.

The dot UK service Nominet currently provides accepts RFC compliant commands and meets all of the SLAs within Specification 10 comfortably. In December 2011 Nominet handled an average daily load of more than 1.3 million EPP operations with a read-write ratio of 12 to 1. EPP availability has averaged at 99.9% over the 12 months to December 2011.


Dissemination of zone file data

Nominet will provide daily zone files to ICANNʹs Zone File Dissemination Partner using the format specified in RFC 1034 section 3.6.1 and RFC 1035 section 5. Transportation will be via a method agreed with them.


Zone server status updates

Nominet will update registrars on changes to zone server status using a variety of methods including:

- email updates
- zone server status web page
- RSS feeds
- Twitter updates


Whois Services

Nominet will provide a real time Whois service for domain names, nameserver data and for registrar data. The Whois may be accessed by any internet user either through a web-based portal or via the Port 43 service.

The Whois Service will accept Transmission Control Protocol (TCP) connections on port 43 at whois.nic.bbc. Queries, terminated as specified in RFC 3912 by a carriage return and line feed, will be accepted. If the domain name is registered in dot BBC then Whois information will be returned to the client. If it is not then an appropriate error message is returned.

The web-based Whois will be available at whois.nic.bbc. The user may enter the domain name, nameserver or registrar into a web form and will receive a response.

For both interfaces, if the request cannot be parsed as a domain name, nameserver or registrar then an appropriate error message will be returned.

The Whois service that Nominet currently provides for dot UK handles an average of between 800,000 and 1,000,000 lookups per day. Over the year to December 2011, the average monthly availability for this service was 99.99%. The server is designed to allow the limiting of requests from a single IP address to prevent denial of service. Nominet also monitors usage and performs statistical analysis to detect distributed abuse of the Whois.


Searchable Whois

Nominet will provide a searchable Whois service. This will be available on subscription to internet users. Nominet have provided this service for the dot UK domain name registry since 2006.

Nominetʹs searchable Whois allows for wildcard searches to be made on the domain name and registrant name. Results can be then exported as a comma separated values (CSV) file. Nominet will also offer the facility to allow users to set up to 20 search terms to be monitored automatically. Notifications will be sent by daily email if domain names are registered matching these search terms.


DNSSEC

The dot BBC zones will be signed using DNSSEC. Nominetʹs EPP server will support the DNSSEC extensions defined in RFC 5910 to allow DS records to be set in the zone.


Customer services

Nominet has a large customer support department from which it will provide support to the BBC, its chosen registrar(s), registrants and other stakeholders. Nominet has a team of 24 support advisors that manage both first and second-line support activities. This team is backed up by a third-line IT support team consisting of an additional 30+ staff. Support is provided by telephone, email, rss feeds and social media, with first and second line support available Monday to Friday (8am to 6pm) and additional emergency support available 24x7x365.


Billing system

Nominet has developed a customised billing system for domain names. Whenever a chargeable event, such as a registration or renewal, occurs in the registry, a record is made in the billing system. This feeds through to the monthly invoicing runs.

The billing system has an automated and fully configurable credit management system. The available credit or funds are audited for all registrars with warnings sent using email if they run low. The system may be configured to set any credit limit for registrar, including a zero limit to allow no credit.

Nominet also provide an online service for registrars to pay invoices and to put money on account.


Abuse prevention

Nominet has extensive abuse prevention policies and measures which include the following:
- technical solutions to enforce usage policies
- Sharing information with registrars about notifications from anti phishing companies such as Netcraft
- Registry⁄registrar agreement policies to enforce good practice
- Checking the quality of Whois data


Risk and business continuity planning

A comprehensive Risk Register, aligned to BS31100 is maintained by Nominet, the RSP, which anticipates and identifies the events which may produce uncertainty or negatively impact its operations and the achievement of its objectives. Risks are prioritised based on impact and likelihood, mitigating factors identified and remediation activities carried out. Risk owners and risk response owners are responsible for actively managing identified risks. The register is reviewed monthly by the Senior Management Team and bi-annually by the RSP’s Audit Committee.

The RSP has achieved BS25999 Business Continuity certification recognising its best practice approach to business continuity. It operates a full business continuity management system including a routine rehearsals schedule to ensure it can continue to operate in the most challenging situations safeguarding the registry and those that rely on it.


Stability

A registry service has an adverse effect on internet stability if it is not applicable with relevant authoritative standards or adversely affects the throughput, response time, consistency or coherence of responses to servers or end systems which are themselves operating in accordance with relevant authoritative standards.

Nominetʹs registry services will be fully stable as:
- They will full comply with all RFCs listed in specification 6 to the Registry Agreement
- All responses given will be consistent and coherent.
- Nominetʹs registry systems will be responsive, comfortably meeting all SLAs given in specification 10 to the Registry Agreement.


Security

To prevent the unauthorised disclosure or access to information or to registry systems architecture and to prevent the unauthorised disclosure, alteration, insertion or destruction of registry data, Nominet secures its registry systems in a number of ways including, but not restricted to:

- Securing of networks using SSL
- Access to different network segments (both internally and externally) is controlled through firewalls, and VPNs
- VPN access uses two factor authentication.
- Role based authentication of users providing the lowest level of access required to perform required functions
- Permanently manned reception and CCTV
- Geographically diverse datacentres
- Two factor authentication for physical entry to datacentres - one of which must be biometric
- Regular penetration testing by an independent organisation
- Regular vulnerability scanning by an independent organisation


Availability and continuity

All components making up Nominetʹs dot BBC Registry Services will be provided on duplicated load balanced servers. A minimum of two virtualised servers will be provisioned on separate server racks and configured to each handle half of the traffic. In the event of a problem with one server, the load balancers will automatically direct traffic to the other server. The servers will be set up so that in the event of the loss of one server, the remaining servers will have enough capacity to handle the traffic.

The architecture making up the dot BBC Registry Services will be fully provisioned upon Nominetʹs primary datacentre and replicated in full on the secondary datacentre. The database on the secondary datacentre will be replicated to within a few seconds of the primary.

This architecture allows Nominet to have standard operating procedures to enable transition within minutes if necessary and this procedure will be practiced on a monthly basis with the secondary datacentre becoming the primary and vice versa.

SRS overview

Nominet, the registry service provider, will administer a Shared Registry System (SRS) consisting of an Extensible Provisioning Protocol (EPP) interface to the registry. The interface is compliant with Specification 6 (section 1.2), complying with Request for Comments (RFCs) 5910, 5730, 5731, 5732, 5733 and 5734.

The implementation of EPP for dot BBC is based upon Nominetʹs current EPP service for dot UK and will be deployed on the same architecture as the dot UK domain.

Nominet has run the dot UK EPP for the last 8 years and the service is used by 900 registrars, representing over 6 million domains out of the total of 10 million on the register. The dot UK EPP service easily handles over 2 million transactions per day with an average availability for 2011 of 99.90%.


High Level SRS system description

The network infrastructure for Nominetʹs SRS consists of two firewalls, two EPP application servers, and two middleware servers. All are load balanced. This is shown in figure 24.1 of the attachment Q24_SRS_Figures.pdf. The server specifications are shown in table 24.1 of the attachment Q24_SRS_Tables.pdf.

Nominetʹs EPP architecture for dot BBC has been designed using a three-tier architecture. The two EPP application servers handle connection management and authentication along with confirming that requests are well-formed. The two middleware servers handle all business logic and manipulation of domain names and their associated objects. Finally, the registry data is stored in an Oracle database.

All EPP application and middleware servers are load balanced using a pair of f5 Network Big-IP loadbalancers.

Like Nominetʹs dot UK implementation, the EPP network for dot BBC will be fully reachable over Internet Protocol Version 6 (IPv6).


Interconnectivity with other registry systems

All registry systems connect to one clustered Oracle database, which provides a single point of truth and prevents the occurrence of conflicting registration data updates. The synchronisation scheme for the database is asynchronous replication using Oracle Dataguard.

When a domain is registered by a registrar using EPP, an entry is made in the database representing that domain name. Because the Whois reads directly from this database, the domain immediately becomes visible in the Whois with no delay.

Whenever changes are made to nameservers - when domains are registered or deleted or the nameservers are modified - a row is inserted into a database table that represents a list of updates to be made to the zone file. These updates are then pushed into the DNS using the IXFR protocol.

If a domain name is registered or renewed, then the SRS service programmatically triggers an update to the billing system. A chargeable event representing the registration or renewal is generated which feeds into the monthly invoicing system.


Availability and continuity

All components making up Nominetʹs Registry Services, including the EPP service, are provided on duplicated load balanced servers. A minimum of two virtualised servers will be provisioned on separate server racks and configured to each handle half of the traffic. In the event of a problem with one server, the load balancers will automatically direct traffic to the other server. The servers will be set up so that in the event of the loss of one server, the remaining servers will have enough capacity to handle the traffic.

The EPP architecture is shown in Figure 24.1 of the attachment Q24_SRS_Figures.pdf. Nominet will provision the network in full on both their primary and secondary datacentres. In particular, the database will be replicated in both datacentres. Nominetʹs two datacentres will be connected by two 10GB dual path and geographically diverse links. Each link will have a latency of less than one millisecond. Replication between the two datacentres will be asynchronous but the replicated data will only be a few milliseconds behind that of the live data. Should connectivity to one datacentre fail, the other will automatically assume the role of being the primary datacentre. The two datacentres will be connected to Nominetʹs main office by 1GB links. This allows mechanisms to be put in place to avoid possible ʺsplit brainʺ scenarios where connectivity between the datacentres is lost but both believe the other is lost and assume the primary datacentre role. Each datacentre will have a multi-homed 100MB transit link to the outside world. This connectivity will be handled by six Tier-1 providers in order to ensure availability and redundancy. Nominet will also maintain 100MB links to peering points with Internet Exchanges such as the London Internet Exchange (LINX https:⁄⁄www.linx.net⁄) and the London Access Point (LoNAP http:⁄⁄www.lonap.net⁄) from each datacentre.

This architecture will allow Nominet to have standard operating procedures to enable transition within minutes if necessary and this procedure will be practiced on a monthly basis, with the secondary data centre becoming the primary and vice versa. The relational database in the secondary datacentre will be asynchronously updated from the primary using Oracleʹs Dataguard Maximum Performance architecture.

In the very unlikely scenario that connectivity was lost to both datacentres (such that none of the six Tier-1 providers could connect to either datacentre), Nominet will maintain a third datacentre in Geneva, Switzerland that will be able to provide essential registry services in such a catastrophe.

Nominet already has a comprehensive business continuity management system with a full set of business continuity plans in place and is certified to the British Standard for business continuity, BS25999-2:2007.


Scalability

Provisioning applications on load balanced virtual machines means that Nominet can easily provision further servers should the load increase. However, Nominetʹs experience with operating the dot UK top level domain with its 10 million domain names, indicates that two application servers will easily meet the performance requirements in Specification 10 to the Registry Agreement.

The EPP service for dot BBC will be deployed on dedicated virtual servers in Nominetʹs datacentre. The servers making up the dot BBC EPP service will have their own dedicated resources as shown in Figure 24.1 of the attachment Q24_SRS_Figures.pdf.

Connectivity is shared with the other registry systems deployed at the datacentre for dot BBC, dot UK and up to five other gTLDs. The total available bandwith is 10 gigabits per second and the available connectivity for each service will be throttled to an appropriate level to both provide sufficient connectivity for the EPP traffic levels and to mitigate against the impact of any traffic surges.


Performance

Nominet measures the internal processing time of all commands submitted to the EPP server to ensure that the SLAs given in Specification 10 of the Registry Agreement are met. Recent performance and availability figures for this are given in table 24.2 of the attachment Q24_SRS_Tables.pdf.

Based on all projections Nominet is more than confident that the capacity and redundancy of the SRS system for the dot BBC domain, with an expected 450 domain names after two years, will result in equal performance figures to the dot UK domain.


Resource plan

Nominet has fully developed its SRS systems with pre-launch testing to be done in 2012. Nominet has large development, infrastructure and customer support teams experienced in running all its dot UK services. Nominet will dedicate the following resources and time from these existing teams, as well as additional resources where appropriate, to the pre-launch and post launch maintenance tasks:

Pre-launch

- Testbed deployment: 5 days by a system administrator
- Testing: 5 days by a developer
- Packaging: 2 days by a developer
- Production deployment: 5 days by a system administrator

Total pre-launch resource time 17 days.
Post launch

- Customer support: 1 hour per week
- Technical support: 1 hour per week

Total post launch resource 2 hours per week.

Introduction

Registrars will use Extensible Provisioning Protocol (EPP) to register and administer domain names, nameservers and contact objects for dot BBC. Nominet, the registry service provider, will administer an EPP server which is fully compliant with Request for Comments (RFCs) 5730 to 5734. DNSSEC extensions compliant with RFC 5910 will be implemented.

Grace periods as defined in RFC 3915 will not be implemented for dot BBC. However, they have been included in the underlying architecture and can be added at any point.

Nominet will modify the EPP server as necessary to support and comply with any EPP extensions which may emerge from ICANNʹs policy making process.

The EPP interface fully supports the registration lifecycle given in the answer to question 27.


Technical Plan

Nominet is experienced in running a highly available EPP service and has provided such a service to dot UK registrars since February 2008. It is used by 900 registrars, representing over 6 million domain names out of the total of 10 million on the register. The EPP server is provided over TCP and is compliant with RFC 5734. EPP connectivity is protected using SSL. The dot UK EPP service easily handles over 2 million queries per day and the monthly percentage availability figures for the 12 months to December 2011 are shown in table 25.1 of attachment Q25_EPP_Tables.pdf.

The EPP implementation for dot BBC has been designed and will be built to match the scope and size of the dot UK registry implementation outlined above.

The EPP system has been designed using a three-tier interface-middleware-database architecture. The backend registry database will be Oracle 11g R2 Enterprise Edition based. Duplicate nodes will be used to ensure stability. The middleware will handle all business logic and will be implemented using Java and the Spring Framework (www.springsource.org). The interface module will handle connectivity and authentication of commands, and will be implemented using Java and Netty (http:⁄⁄www.jboss.org⁄netty).


Domain Name Mapping (RFC 5731)

The EPP server for dot BBC will implement the domain object mapping defined in RFC 5731 and the following commands for domain objects will be available to registrars, as specified in that RFC:

- Info command to query the attributes of a domain name, including its nameservers, contacts and status values.
- Check command to check if a domain name is registered and the likely success of a subsequent Create command.
- Transfer query to query the status of a previous transfer request.
- Create command to register a domain name.
- Delete command to cancel or ʺunregisterʺ a domain name.
- Renew command to renew a domain name and extend its expiry date.
- Transfer command to move a domain name to a new registrar. This command may also be used to accept or reject transfer requests made on domain names by other registrars.
- Update command to modify the attributes of a domain name.

Registrars can use the EPP update command to set status values on domain names to prevent operations as specified in RFC 5731:
- clientDeleteProhibited. If this is set, requests to delete the domain are rejected.
- clientRenewProhibited. If this is set, requests to renew the domain are rejected. Automatic renewal on expiry still occurs.
- clientTransferProhibited. If this is set, requests to transfer the domain are rejected.
- clientUpdateProhibited. If this is set, requests to update the attributes of the domain are prohibited
- clientHold. If this is set, the domain name is not published in the zone file.


Domain Name System Security Extensions (DNSSEC) extensions Mapping (RFC5910)

DS records may be added to domain names in dot BBC using the EPP extensions defined in RFC 5910.


Host Mapping (RFC 5732)

The EPP server will implement the host object mapping defined in RFC 5732 and the following commands for host objects will be available to registrars as specified in that RFC:

- Info command to query the attributes of the host object.
- Check command to find if a host object exists in the registry and the anticipated success of a subsequent create command.
- Create command to add a host object to the registry.
- Delete command to remove a host object from the registry, provided there are no domain names linked to it.
- Update command to modify the IP addresses or status values for the host object. IP addresses are only set if the superordinate domain name for the host is in the dot BBC registry.

Registrars will be able to use the EPP update command to set status values on host objects to prevent operations as specified in RFC 5732:

- clientDeleteProhibited. If this is set, requests to delete the host object will be rejected.
- clientUpdateProhibited. If this is set, requests to update the attributes of the host object - to add or remove IP addresses or status values - will be rejected.


Contact Mapping (RFC 5733)

The EPP server for dot BBC will implement the contact object mapping defined in RFC 5733 and the following commands for contact objects will be available as specified in that RFC:

- Info command to query the attributes of a contact object
- Check command to determine if a client identifier has been provisioned in the registry and the anticipated success of a subsequent create command.
- Transfer query command to query the status of a previously requested transfer operation.
- Create command to add a new contact object to the registry.
- Delete command to remove a contact object from the registry, provided no domain names are linked to it.
- Transfer command to move the object to a new registrar.
- Update command to modify the attributes of a contact object.

Registrars will be able to use the EPP update command to set status values on contact objects to prevent operations as specified in RFC 5733:

- clientTransferProhibited. If this status is set then requests to transfer the contact will be rejected.
- clientDeleteProhibited. If this status is set then requests to delete the contact will be rejected.
- clientUpdateProhibited. If this status is set then requests to update the contacts attributes will be rejected.


Resource Plan

The EPP server for dot BBC has been implemented with pre production load testing and customisation to be completed in 2012. Nominet has large development, infrastructure and customer support teams experienced in running all its dot UK services. Nominet will dedicate the following resources and time from these existing teams, as well as additional resources where appropriate, to the post launch maintenance tasks:

- Monitoring and involvement in EPP standards development: 1 hour per week by a research team member and development team member.

Resources for technical and customer support of EPP have been included in the answer to question 24 and are not duplicated here.

Question 26 - Whois

High-level System Description

Nominet, the registry service provider, will provide a real time Whois for domain names, nameserver data and for registrar data. The Whois may be accessed by any Internet user either through a web-based portal or via the port 43 service. A searchable Whois will also be provided.

The Whois services interface with the rest of the registry via a shared database. This ensures that data is correct and up-to-date, and a correct response can be generated at the instant that a query is received. The searchable Whois maintains its own cache for efficiency, which is refreshed hourly, directly from the shared registry database.

The services are implemented in a virtualised architecture (see Q32) and share a common infrastructure.


Standards compliance

The dot BBC Whois service will be compliant with specification 4 of the registry agreement. It will be available on whois.nic.bbc. The Whois services (port 43 and web based) respond as described in Specification 4 of the Registry Agreement; an outline for this is presented in the paragraphs ʺData Objectsʺ below.

The web-based Whois will also be available at whois.nic.bbc as required by specification 4. The user may enter the domain name, nameserver or registrar into a web form and will receive a response. If the request cannot be parsed as any of these three categories then an appropriate error message will be returned.

The Whois service will be compliant with Request for Comments (RFC) 3912. As specified by the RFC, the Whois service will listen on Transmission Control Protocol (TCP) port 43 for requests from clients. If a valid request, terminated as specified in RFC 3912 by an ascii carriage return and line feed, is received then a response will be returned.

Performance and availability of the Whois service exceed the requirements given in Specification 10 of the registry agreement.


Data objects

The Whois services (port 43 and searchable) respond as described in Specification 4 of the Registry Agreement; an outline for this is presented in the paragraphs below.

Data objects: Domain names

If a request for a valid and registered dot BBC domain name is received by either Whois interface then a response will be returned displaying information about that domain name in the key-value pair format described in Specification 4 of the Registry Agreement. The following information will be returned:

- Domain Name
- Whois server
- Dates - creation, last update, expiry
- Registrar details
- Any status values
- All contact details - Registrant, admin, tech and billing
- Nameserver information including Domain Name System Security Extensions (DNSSEC) status information.
- Time of last update of Whois database, which is the time at which the lookup was made.

If a valid request is received and parsed as a domain name, but the domain name is either not registered or out-of-registry then an appropriate error message will be returned.

Data objects: Hosts

If a request for a nameserver held within the registry is received then a response will be returned displaying information about that nameserver. Nameserver information will be displayed in the key value pair format described in Specification 4 of the Registry Agreement. The following information will be returned:

- Nameserver name
- Internet Protocol (IP) addresses, both Internet Protocol Version 4 (IPv4) and Internet Protocol Version 6 (IPv6)
- Registrar information
- Time of update of the Whois database, which is the time at which the lookup was made.

If a request is parsed as a nameserver but is not in the registry then an appropriate error message will be returned.

Data objects: Registrars

If a request for a dot BBC registrar is received then a response will be returned displaying information about that registrar in the key-value pair format described in Specification 4 of the Registry Agreement. The following information will be returned:

- Name
- Address
- Contact name, phone numbers, fax numbers and email addresses.
- Website information

If a valid registrar Whois request is received and the requested registrar is not in the registry then an appropriate error message will be returned.


Bulk access

Nominet will provide ICANN with bulk access to Whois data as described in specification 4 of the Registry Agreement:

- Nominet will provide a weekly data file, using the Data Escrow format described in Specification 2, containing the thin Whois data described in Specification 4. The file will be made available to ICANN for download by SFTP. Other download methods will be provided to ICANN if requested in the future.

- In the case of registrar failure or other event that prompts the transfer of a registrars domain names to another registrar, Nominet will provide ICANN with up-to-date data for the domain names affected. Nominet will provide the data to ICANN in the Data Escrow Format described in Specification 2 within two business days. The file will be made available for download by SFTP or by any other method agreed with ICANN.



Data Protection

Nominet will ensure that data supplied by registrants is protected in accordance with all applicable laws (specifically the UK Data Protection Act 1998 and the European Union (EU) Data Protection Directive which informed it), including through an appropriately designed Whois implementation.

It should be noted that EU data protection laws place significant restrictions on the circumstances under which personal data can be distributed to the public. The Information Commissioner’s Office (the UK data protection authority to which the registry would be subject) has indicated to Nominet that the indiscriminate publishing of the personal data of individual registrants via the Whois would not be compatible with EU data protection laws. They regard an opt-out model of the kind used by dot UK and dot TEL to be the best compromise between ensuring the integrity of the Whois and protecting the data protection rights of individuals.

It is not intended to allow third parties to register domain names in dot BBC as it is a closed registry and so there is no risk of publishing personal data.


Abuse

Potential forms of abuse to a Whois service include:

- Harvesting data - querying all domain names to provide a catalogue of contact details.
- Denial of service - making many connections to the Whois server, or flooding connections with data.
- Structured Query Language (SQL) Injection - crafting queries to the service to attempt to modify the underlying database.

The Whois server has a number of measures built into it to prevent such abuse:

- If a clientʹs request is not terminated within a reasonable number of characters then the connection with the client is closed automatically.
- Whois lookups are checked and sanitised to prevent SQL injection attacks.
- Bind variables are always used in all our database queries to prevent SQL injection attacks.
- The Whois server is implemented in a way that allows a limit to be placed on lookups from any single location.

Statistical analysis on lookups to detect distributed abuse is also performed.

Stability, availability and performance

Nominet is experienced in providing a stable Whois system and has done so for dot UK for many years. The Whois server is provided on a primary data-centre and fully duplicated on a secondary data-centre. Failover procedures are well practiced.

Percentage availability figures for the dot UK Whois are shown in table 26.1 of attachment Q26_Whois_Tables.pdf

Performance and availability will exceed the requirements given in Specification 10 of the new gTLD Agreement.


Searchable Whois

Nominet will provide a searchable Whois service to Internet Users on a subscription basis. Nominet has provided this service for the dot UK domain name registry since 2006 (known as the Public Register Search Service (PRSS)).

The Searchable Whois technology enables wildcard searches to be made on any fields, including:

- domain name
- registrant name
- postal address
- contact names
- registrar ids
- nameservers
- IP addresses

Searches on multiple fields may be combined using boolean logic.

Results can be exported as a comma separated values (CSV) file. Nominet also has the facility to allow users to set up to 20 search terms to be monitored automatically. Notifications are sent by daily email if domain names are registered matching the search terms.

The searchable Whois uses a separate database to the main Whois. This database uses the search and indexing technology provided by Apache Solr (http:⁄⁄lucene.apache.org⁄solr) to provide optimum search facility and speeds. The search database will be synchronised with the main registry database on an hourly basis.

The Searchable Whois has measures to detect and deal with abuse, similar to those for the port 43 Whois (see above).


Whois Architecture

The Whois server obtains its information directly from the main registry database so its responses are real time. The Whois server is developed in Java using the Spring Framework. Connection management is implemented using Netty (www.jboss.org⁄netty).

The Port 43 Whois infrastructure is shown in figure 26.1 of attachment Q26_Whois_Figures.pdf

The Port 43 Whois server specifications shown in table 26.2 of attachment Q26_Whois_Tables.pdf

The Searchable Whois Architecture is as shown in figure 26.2 of attachment Q26_Whois_Figures.pdf

The Searchable Whois server specifications are shown in table 26.3 of attachment Q26_Whois_Tables.pdf

The Searchable Whois is implemented as part of Nominetʹs interactive online services using the Spring Framework. The front end handles the interface with the user, including authentication, taking details of the search required and presenting the results. The middleware handles the mechanics of the search.

The front end and middleware servers are each provisioned as a load balanced pair, using the same load balancer topology and technology as the main Whois architecture above, namely a pair of F5 Networks big-IP servers.

The Whois service for dot BBC will be deployed on dedicated virtual servers in Nominetʹs datacentres. The servers making up the dot BBC Whois service will have their own dedicated resources as shown in Figure 26.1 of the attachment Q26_Whois_Figures.pdf.

Connectivity is shared with the other registry systems deployed at the datacentre for dot BBC, dot UK and up to five other gTLDs. The total available bandwith is 10 gigabits per second and traffic through each server will be throttled to an appropriate level to both provide sufficient connectivity for the Whois traffic levels and to mitigate against the impact of any traffic surges.

It is estimated, from the Whois traffic experienced for the bbc.co.uk domain name that there will be up to 20,000 lookups per day. The dot BBC Whois service is provisioned to handle more than 1,000,000 lookups per day.


IT and infrastructure resources

Nominetʹs two datacentres will be connected by two 10GB dual path and geographically diverse links. Each link has a latency of less than one millisecond. Replication between the two datacentres will be asynchronous but the replicated data will be only a few milliseconds behind that of the live data. Should connectivity to one datacentre fail, the other will automatically assume the role of being the primary datacentre.

The two datacentres will be connected to Nominetʹs main office by 1GB links. This allows mechanisms to be put in place to avoid possible ʺsplit brainʺ scenarios where connectivity between the datacentres is lost and both believe the other is lost and assume the primary datacentre role. Each datacentre will have a multi-homed 100MB transit link to the outside world. This connectivity will be handled by six Tier-1 providers in order to ensure availability and redundancy. Nominet will also maintain 100MB links to peering points with Internet Exchanges such as the London Internet Exchange (LINX https:⁄⁄www.linx.net⁄) and the London Access Point (LoNAP http:⁄⁄www.lonap.net⁄) from each datacentre.

The Whois infrastructure is described in the preceding paragraph ʺWhois Architectureʺ.


Service continuity

Nominet will provide the Whois network architectures shown in figures 26.1 and 26.2 of attachment Q26_Whois_Figures.pdf in a primary datacentre and replicated in full in a secondary datacentre. The registry database is replicated from the primary datacentre to the secondary using Dataguardʹs Maximum Performance Replication. The SOLR index is generated on both datacentres for the searchable Whois. This architecture allows Nominet to have standard operating procedures to enable transition within minutes if necessary and this procedure will be practiced on a monthly basis. The Whois servers maintain high availability via SAN and virtualisation replication technologies. Should connectivity to the primary datacentre be lost the service will instantly be available in the secondary datacentre.

In the very unlikely scenario that connectivity was lost to both datacentres (such that none of the six Tier-1 providers could connect to either datacentre), Nominet will maintain a third datacentre in Geneva, Switzerland that will be able to provide essential registry services in such a catastrophe.

Nominet has a full set of business continuity plans and these have been accredited to the BS25999 business continuity standard.

Customisation of Whois service

Nominet will customise the dot BBC Whois service as required to handle any change in Whois output that may be deemed necessary by ICANN.


Resource plan

The dot BBC main Whois service has been implemented, with pre production testing and customisation to be completed in 2012. Nominet has large development, infrastructure and customer support teams experienced in running all its dot UK services. Nominet will dedicate the following resources and time from these existing teams, as well as additional resources where appropriate, to the pre-launch and post launch maintenance tasks:

Pre-launch

- Test bed deployment: 5 days by a Systems administrator
- Pre-launch load testing: 5 days split between a systems administrator and a java developer
- Packaging for production: 2 days by a java developer
- Deployment to production: 5 days by a systems administrator

Total pre launch resource time 17 days.

Post launch

- Customer support: 8 hours per week
- Technical support: 4 hours per week
- Monitoring of and involvement in Whois standards development: 2 hours per week by a research team member and member of development team

Total post launch resource 14 hours per week.

Question 27 - Registration Lifecycle

Nominet, the registry provider, has implemented a lifecycle for dot BBC domains which is based around Request for Comments (RFCs) 5730 and 5731. These RFCs define the Extensible Provisioning Protocol (EPP) interface for domain names including domain name registrations, updates, transfers, renewals and deletes.

Because the registry is closed, grace periods, as defined in RFC 3915, have not been implemented for dot BBC.

Registrars who have signed a dot BBC registry⁄registrar agreement will be able to register domain names that are not already registered for a period of one to 10 years. Registrars are able to renew their domain names to extend the registration period and may also delete domain names. If a domain name reaches the end of its registration period then it is automatically renewed for one year. If a domain is cancelled then it becomes immediately available for re-registration.

The lifecycle for dot BBC domain names is shown in the state diagram in Figure 27.1 of attachment Q27_Registration_Lifecycle_Figures.pdf. Domain name states, which represent the stage that a domain name is at in the lifecycle, are shown in boxes. Trigger points, representing events that move a domain name onto a new stage in the lifecycle, are shown by arrows on the diagram. A domain name can also change state as the result of the passage of time. State changes defined in the Uniform Rapid Suspension System are considered exceptions to the state diagram, further details are set out in the penultimate section of this response. Domain name states are described below:


State: Available for registration

A domain name in this state is not registered and may be registered on a first come, first served basis by a registrar. The only EPP command that may be performed on the domain name is a create command to register the domain name.


State: Registered

This is the default state for a registered domain name. The registrar of record may use EPP to perform update, renew, transfer or delete commands.


State: Renewed

A domain name is in this state immediately after it has been successfully renewed, either by the registrar or automatically by the registry at expiry.

Trigger points represent the events that cause a domain name to change state, that is to move to an new stage in the lifecycle. The trigger points are described below:


Trigger point: create

This trigger point represents the registration of new domain names. Any registrar, that has signed a registry-registrar agreement for dot BBC, may use the EPP create command to register a new domain name subject to the following pre-conditions:

- The domain name is a sub-domain of dot BBC.
- The domain name is in the ʺavailable for registrationʺ state and so not already registered.
- The domain name is not reserved.
- The domain name consists only of the lower case ascii letters a-z, the numbers 0-9 or a hyphen -.
- The domain name does not have hyphens in the third and fourth characters.
- The domain name label does not begin or end with a hyphen.

If the above pre-conditions hold, a registration request will be successful and the domain name will be added to the registry database. The registration period and expiry date will be set according to the period specified in the create command. Following this, if the domain name has nameservers, a dynamic update will be made to add the domain name to the zone file.

All registration requests are performed immediately and there is no pending state.

Following registration, the domain name moves into the ʺregisteredʺ state.

Trigger point: renew

A domain name may be renewed, at any time by the registrar of record using the EPP renew command, subject to the following pre-conditions:

- The resultant expiry date for the domain name is less than 10 years in the future
- The domain name does not have either clientRenewProhibited or serverRenewProhibited locks set.


If these preconditions hold then the renewal will take place and the expiry date for the domain name will be extended by the period specified in the renewal request. The domain name moves into the ʺrenewedʺ state.

Trigger point: auto-renew

A dot BBC domain name will be renewed by the registry if the following pre-conditions hold:

- The expiry date for the domain name has passed.
- The domain name does not have either clientRenewProhibited or serverRenewProhibited status values set.

The expiry date will be moved forward by one year and the domain name is placed into the ʺrenewedʺ state.


Trigger point: complete-renew

This trigger point occurs immediately after a domain name is placed into the ʺrenewedʺ state. The domain name is placed back into the ʺregisteredʺ state.


Trigger point: delete

A registrar may use the EPP delete command to cancel a domain name at any time provided the following pre-conditions hold:


- The registrar is the registrar of record for the domain name.
- The domain name does not have either serverDeleteProhibited or clientDeleteProhibited locks set.

Once a domain name has been deleted, it is placed into the ʺavailable for registrationʺ state and is immediately available for re-registration.


Grace Periods

Grace periods are defined in RFC 3915 and add registration states and trigger points to implement time periods following registrations, renewals, transfers and cancellations where the command can be reversed without penalty. Because dot BBC is a closed registry, there is no penalty for undoing any of these commands at any time and grace periods are therefore not required. If, at any time, dot BBC is opened up then grace periods can be easily added.


Domain Transfers

Domain transfers follow the process described in ICANN policy on transfer of registrations between registrars.

When a domain name is in the ʺregisteredʺ state, any registrar may issue a transfer request to move sponsorship of the domain to them. Transfer requests take up to 5 days to complete, during which time the registrar of record may reject the transfer and prevent it from completing.

The transfer process state diagram is shown in Figure 27.2 of the attachment Q27_Registration_Lifecycle_Figures.pdf. Domain name states are shown in boxes with arrows depicting the events that trigger change of state. The states and trigger points are described below.

State: registered

Any currently registered domain name may be transferred.


State: transfer pending

A domain name in the ʺtransfer pendingʺ state has had a transfer request submitted within the last 5 days and the registrar of record has neither accepted nor rejected the request.


When a domain name has been in the ʺtransfer pendingʺ state for 5 days, the ʺtransfer pendingʺ state is removed and the ʺtransfer acceptedʺ state is added.


State: transfer accepted

A domain name in the ʺtransfer acceptedʺ state has had a transfer request accepted, either directly by the registrar of record positively accepting the request using EPP or indirectly by the domain spending 5 days in the ʺtransfer pendingʺ state.


Trigger point: transfer request

A registrar may request a transfer for a domain name at any time provided the following preconditions are true:

- The registrar has signed a dot BBC registry-registrar agreement
- The registrar can provide the correct authInfo value
- The domain name does not have the transfer pending status set
- The domain name does not have either the clientTransferProhibited or serverTransferProhibited locks set.


The transfer pending status is added to the domain name for five days and the registrar of record is notified. If, after five days, the ʺtransfer pendingʺ state is still set, the domain name is moved to the requesting registrar and the ʺtransfer pendingʺ state is removed.

Trigger point: reject transfer

The registrar of record may reject a transfer request when the domain name is in the ʺtransfer pendingʺ state. The ʺtransfer pendingʺ state is removed and the domain name returns to the ʺregisteredʺ state.

Trigger point: accept transfer

The registrar of record may accept a transfer request when the domain name is in the ʺtransfer pendingʺ state. The ʺtransfer pendingʺ state is removed and the domain name has the ʺtransfer acceptedʺ state added.

Trigger point: transfer

This trigger point happens immediately after the domain name has the ʺtransfer acceptedʺ state set.

The domain name is moved to the registrar that requested the transfer, the ʺtransfer acceptedʺ state is removed and the domain name returns to the ʺregisteredʺ state.

If a registration period was specified in the request, and adding that period to the current expiry date will result in the expiry date being less than 10 years in the future, then the domain is renewed for the period requested. The renew trigger point in the registration lifecycle described above is triggered.


Domain name attribute updates

A registrar may update the attributes of a dot BBC domain name at any time provided the following preconditions are true:

- The registrar is the registrar of record for the domain name
- The domain name does not have either clientUpdateProhibited or serverUpdateProhibited locks set

The registrar may change the nameservers, add or remove contacts, or add or remove a lock.

If the clientUpdateProhibited lock is set and the other preconditions above hold then the registrar of record may remove the clientUpdateProhibited lock only.

Nominet would make updates to dot BBC domain names upon direct request by the BBC themselves. This may include a transfer or addition of one of the registry set domain locks listed below.


Domain name locks

The registry and registrar of record may place locks upon the domain name to prevent EPP commands from succeeding. The registrar of record may place the following locks upon a domain name:

- clientUpdateProhibited to prevent update of the domain nameʹs attributes
- clientDeleteProhibited to prevent cancellation of the domain name
- clientTransferProhibited to prevent transfer of the domain name
- clientRenewProhibited to prevent renewal of the domain name
- clientHold to prevent publication of the domain name in the zone file.

The registry may place any of the following locks upon a domain name:

- serverUpdateProhibited to prevent update of the domain nameʹs attributes
- serverDeleteProhibited to prevent cancellation of the domain name
- serverTransferProhibited to prevent transfer of the domain name
- serverRenewProhibited to prevent renewal of the domain name
- serverHold to prevent publication of the domain name in the zone file.


Uniform Rapid Suspension (URS)

The Registry Operator will adhere to the URS procedure (currently in draft form). Within 24 hours of receipt of notification by email from the URS Provider the Registry Operator will lock domain name. This lock will prevent all changes to the registration data, including transfer and deletion of the domain name. The domain name will continue to resolve.

In the event of a URS determination in favour of the Complainant, on notifcation of the determination the Registry Operator will suspend the domain name for the balance of the registration period. The WHOIS output will reflect the requirements set out in the URS. The Complainant will be given the option to extend the registration period for a further year at commercial rates.


Resourcing plan

Nominetʹs registry systems supporting the lifecycle in this document have been fully developed. Nominet has large development, infrastructure and customer support teams experienced in running all its dot UK services. Nominet will dedicate the following resources and time from these existing teams, as well as additional resources where appropriate, to the following post launch maintenance tasks:

Post launch:

- Technical support: 1 hour per week by a customer support advisers

Total post launch resource: 1 hour per week.

This support level is consistent with the number of registrars and domain names that will be registered in the BBC domain.

Question 28 - Abuse Prevention and Mitigation
The dot BBC Top Level Domain (TLD) will be a single entity registry. All domain names will be registered to and used by authorised representatives of the BBC, the registry operator. As such, domain names will be subject to direct controls by the registry operator to avoid abuse and the risk of abusive registrations will therefore be significantly mitigated.
Abuse
Abuse is defined as action in the registration or usage of a domain in the TLD that would cause actual and substantial harm, and is illegal or illegitimate. Such abuse may occur at any stage of the domain name lifecycle.
In the context of domain name registration, abuse includes infringement of a third party right where the domain is used in a way that is unfairly detrimental to that third party. Abuse also includes phishing, pharming, botnets, fraud, spam, distribution of malware, Fast Flux Hosting and other abuses that we identify in the future or that are brought to our attention including the misuse of trademarks and other IPR including unauthorized distribution of copyright material

Abusive activity also includes that which gives rise to the registry’s reasonable belief that the dot BBC domain space is being brought into disrepute, or where the activity related to a dot BBC domain name risks placing the Registry in breach of any applicable laws, government rules or requirements, requests of law enforcement, or to avoid any liability, civil or criminal, on the part of the Registry Operator and Registry Services Provider, affiliates, subsidiaries, officers, directors, and employees.
The BBC, working with Nominet, will take the requisite operational and technical steps to promote WHOIS data accuracy, limit domain abuse, remove outdated and inaccurate data, and other security measures to ensure the integrity of the TLD. The specific measures include, but are not limited to:
• Posting a TLD Anti-Abuse Policy that clearly defines abuse, and provides point-of-contact information for reporting suspected abuse;
• Committing to rapid identification and resolution of abuse, including suspensions;
• Ensuring completeness of WHOIS information at the time of registration;
• Publishing and maintaining procedures for removing orphan glue records for names removed from the zone;
• Establishing measures to deter WHOIS abuse, including rate-limiting, determining data syntax validity, and implementing and enforcing requirements from the Registry-Registrar Agreement; and,
• Removing a domain name from the DNS before it can cause harm which is often the best preventative measure for thwarting botnets and malware distribution.
Single point of contact
In advance of the launch of the dot BBC TLD, a single Abuse Point of Contact responsible for addressing matters requiring expedited attention will be published. This will be clearly published on the registryʹs existing website at bbc.co.uk and on the new registry website.
The Abuse Point of Contact can be contacted through a role-based e-mail address of the form “abuse@registry.BBC”. This e-mail address will be widely published and will allow multiple staff members to monitor abuse reports on a 24x7 basis, and then work toward closure of cases as each situation calls for. As previously stated, the .BBC registry will be run as a single entity registry without resellers or third party registrants so occurrences of abuse are unlikely.
Registration policy
The BBCʹs existing Domain Name Management Team is responsible for the development, maintenance and enforcement of the dot BBC Registry Domain Management Policy (DMP). This policy defines the rules associated with eligibility and domain name allocation, sets out the license terms governing the use of a .BBC domain name and describes the dispute resolution policies for the dot BBC TLD. This policy is intended to be updated and revised regularly to reflect the BBC’s strategic plans and public interest and, where appropriate, ICANN consensus policies.
The policy sets out that registration must comply with the following regarding abuse prevention:
- Domains must be used solely for purposes that enhance the strategic goals of the BBC.
- BBC domains may not be used in a way which knowingly infringes any third party intellectual property rights.
- A BBC registration must be an acceptable term that will not give rise to any moral or public order questions or in any way damage the strategic interests or reputation of the BBC.
- All BBC domains will carry accurate and up to date registration records.
- BBC domain names may not be used for illegal activities
- BBC domain names may not be used for other activities that would be considered as abusive. This includes, but is not limited to: phishing, pharming, fraud, spam, botnet command and control, hacking, malicious fast flux hosting, distribution of malware.
Pursuant to the Registry-Registrar Agreement, the BBC reserves the right at its sole discretion to deny, cancel, or transfer any registration or transaction, or place any domain name(s) on registry lock, serverhold, or similar status, that it deems necessary: (1) to protect the integrity and stability of the registry; (2) to comply with any applicable laws, government rules or requirements, requests of law enforcement, or any dispute resolution process; (3) to avoid any liability, civil or criminal, on the part of registry operator, as well as its affiliates, subsidiaries, officers, directors, and employees; (4) per the terms of the registration agreement and this Anti-Abuse Policy, or (5) to correct mistakes made by applicant or any registrar in connection with a domain name registration. The BBC also reserves the right to place upon registry lock, hold, or similar status a domain name during resolution of a dispute.
The policy stated above will be accompanied by notes about how to submit a report to 〈applicant〉’s Abuse Point of Contact, and how to report an orphan glue record suspected of being used in connection with malicious conduct (see below).
Complaints policy and procedure
The BBC treats complaints from members of the public extremely seriously and already has a well-established complaints procedure to enable members of the public to complain about any of the BBCʹs output or activities. The procedure is publicised on the BBCʹs existing website at bbc.co.uk. It provides a first stage complaints procedure, a second stage internal appeals procedure and a third stage procedure for further appeal, to the BBCʹs governing body, the BBC Trust. Complainants are able to make their complaint via the website, by post or by telephone and the BBC indicates that it will generally respond to complaints within 10 working days. The BBCʹs response may include, if appropriate, an apology and an explanation as to how the BBC intends to resolve the complaint. The BBCʹs response to significant complaints are published on the BBC website.
Any person wishing to complain about alleged abusive registrations or other activities concerning the operation of the dot BBC domain would be entitled to utilise this complaints procedure in the usual manner.
In the event that resolving a complaint requires the suspension (removing the domain name from the zone file, but not from Whois records) or cancellation of a domain name, this will be handled by the Domain Name Management Team.
Rights holders will also have the option to complain via the UDRP and URS about any registration that they regard as abusive, but we would encourage any concerned rights holders to contact us in the first instance to attempt to resolve their concerns informally. Further details regarding rights protection can be found in our answer to question 29.
Nominet, the registry provider, have well-established relationships with UK Law Enforcement agencies. Nominet and the BBC will work together to respond to complaints by these agencies, and such complaints will be acknowledged by Nominetʹs abuse team within twenty four hours. Following review, the complaint may result one of the following actions:
- Modification of the usage of the domain name
- Suspension of the domain name
- Cancellation of the domain name.
The standard procedure in response to a complaint is that Nominet will forward a credible alleged case of malicious domain name use to the domain’s sponsoring registrar with a request that the registrar investigate the case and act appropriately. The sponsoring registrar will have 12 hours to investigate the activity. Even though the BBC will be using one gateway registrar, it is important to ensure this process is followed. The registrar will be provided evidence collected as a result of the investigation conducted by the trained abuse handlers. As part of the investigation, if inaccurate or false WHOIS registrant information is detected, the registrar is notified about this. Generally, a registrar will also have vital information that the registry operator will not, such as:
Details about the domain purchase, such as the payment method used (credit card, PayPal, etc.);
The identity of a proxy-protected registrant;
The purchaser’s IP address;
Whether there is a reseller involved, and;
The registrant’s past sales history and purchases in other TLDs (insofar as the registrar can determine this).

The registrar can determine if the use violates the registrar’s legal terms of service or the .BBC registry Anti-Abuse Policy, and can decide whether or not to take any action. While the language and terms vary, registrars will be mandated to include language in their registrar-registrant contracts that indemnifies the registrar if it takes action, and allows the registrar to suspend or cancel a domain name; this will be in addition to the registry Anti-Abuse Policy. Generally, a registrar can act if the registrant violates the registrar’s terms of service, or violates ICANN policy, or if illegal activity is involved, or if the use violates the registry’s Anti-Abuse Policy.
If a registrar does not take action within a time period indicated by the registry operator (usually 24 hours), the registry operator might then decide to take action itself. At all times, the registry operator reserves the right to act directly and immediately if the potential harm to Internet users seems significant or imminent, with or without notice to the sponsoring registrar.
When valid court orders or seizure warrants are received from courts or law enforcement agencies of relevant jurisdiction, the registry operator will order execution in an expedited fashion. Compliance with these will be a top priority and will be completed as soon as possible and within the defined timelines of the order. There are certain cases where Law Enforcement Agencies request information about a domain including but not limited to:
Registration information
History of a domain, including recent updates made
Other domains associated with a registrant’s account
Patterns of registrant portfolio

Requests for such information will be handled on a priority basis and sent back to the requestor as soon as possible. Nominet sets a goal to respond to such requests within 24 hours. The BBC will aim to react at least this quickly and if possible within 12 hours if required information is under its control. All requests from law enforcement etc. for information about a potentially compromised domain will be acknowledged immediately. The .BBC Registry will place the domain on “ServerHold” if the registrar has not acted within the 12-hour period.
Proposed measures for removal of orphan glue records
The default process for dot BBC is to automatically detect and remove orphan glue records. However, where clear evidence in written form is presented that orphan glue records are present in the zone files of dot BBC, Nominet, the registry service provider, will take the following action:
- A change request will be presented to Nominet’s second line support team by the person handling the complaint. The orphan glue record will be manually removed from the register and, if necessary, locks will be put in place which will prevent any further changes being made to the domain name record in question.
- The dot BBC zone files update dynamically and so within 5 minutes of the change being made on the register the zone files will reflect the changed name server record.
Nominet runs a daily audit of the contents of its zone files and compares these against the contents of the registry database. In the event of a mismatch, Nominet personnel are alerted and the mismatch is corrected. This audit will help to reduce the occurrence of orphan glue records.
Measures to promote WHOIS accuracy
The BBC is committed to transparency in relation to domain name registration records and to the provision of complete and accurate Whois records.
As a single entity registry, in which only BBC personnel will be able to register second level domain names and only for business purposes, the BBC will be able to ensure the accuracy and completeness of all Whois records. It will operate a Thick Whois.
All domain names must be registered through the Domain Name Management Team. As part of this process, BBC personnel requesting the registration of a new second level domain will be required to provide a statement to the team as to their business need for the domain name as well as full contact details of their name, position and business area.
The Domain Name Management Team will perform regular audits to ensure this data remains up to date and accurate.
Information sharing
Nominet is well established in national and international industry networks covering registry specific threats as well as threats to the broader internet landscape. It will continue this work, ensuring dot BBC is as resilient and secure as it can be.
Nominet provides an aggregated feed of information highlighting domain names in its domains used for phishing purposes to the relevant registrar. This feed is collated from trusted sources and allows registrars to take prompt action against abusive domains. In the event that any dot BBC domain names appear in the feed, action will be taken by the BBCʹs Domain Management Team to remove abusive content or to place the domain name in ʹserverHoldʹ
Role of registrars
As part of the RRA (Registry Registrar Agreement), the BBC will require its registrar to be responsible for ensuring the input of accurate WHOIS data. With only one registrant, this will not be burdensome. The Registrar⁄Registered Name Holder Agreement will include a specific clause to ensure accuracy of WHOIS data, and to give the registrar rights to cancel or suspend registrations if the Registered Name Holder fails to respond to the registrar’s query regarding accuracy of data. ICANN’s WHOIS Data Problem Reporting System (WDPRS) will be available to those who wish to file WHOIS inaccuracy reports, as per ICANN policy (http:⁄⁄wdprs.internic.net⁄).
Controls to ensure proper access to domain functions
The ability to register domain names and amend details on the register will be limited to members of the Domain Name Management Team. Access to the mechanisms by which such changes can be made will be password protected as a minimum, and consideration will be given to implementing further security measures (such as multi-factorial authentication). Records will be kept of all registration and amendment requests to maintain a full audit trail.
Resource plan
The BBC already has a centralised Domain Management team that is responsible for all domain name registrations for the BBC and its subsidiaries. It is anticipated that this team will be responsible for the accuracy of Whois details.
In addition, The BBC has a dedicated team responsible for responding to complaints. As to whether additional personnel will be required to accommodate any uplift in complaints as a result of the operation of dot BBC will be closely monitored and addressed as necessary.
Nominet has a large customer support team from which it operates the dot UK registry. It will provide sufficient resources to deal with orphan glue records and Law enforcement complaints. It is expected that this will require less than one hour per week from this team.
The designated abuse prevention staff in Nominet and the BBC will be subject to regular evaluations, receive adequate training and work under expert supervision. The abuse prevention resources will comprise both internal staff and external abuse prevention experts who would give extra advice and support when necessary. This external staff includes experts in the BBC’s registrar where one legal manager and four operational experts will be available to support the BBC.
The abuse response team will also maintain subscriptions for a variety of security information services, including the blocklists from organisations like SURBL and Spamhaus and anti-phishing and other domain related abuse (malware, fast-flux etc.) feeds.

1.Rights protection is a core objective of the BBC in .BBC

We will closely manage this TLD by registering domains through a single registrar. Although the BBC will be the only eligible registrants, we will nonetheless require our registrar to work with us on a four-step registration process featuring: (i) Eligibility Confirmation; (ii) Naming Convention Check; (iii) Acceptable Use Review; and (iv) Registration. As stated in our answer to Question 18, all domains in our registry will remain the property of the BBC and will be provisioned to support the business goals of the BBC. Because all domains will be registered and maintained by the BBC (for use that complements our strategic goals), we can ensure that all domains in our registry will carry accurate and up-to-date registration records.

We believe that the above registration process will ensure that abusive registrations are prevented, but we will continue to monitor ICANN policy developments, and update our procedures as required.

The response below details the rights protection mechanisms at the launch of the TLD (Sunrise and Trademark Claims Service), which comply with rights protection policies (URS, UDRP, PDDRP, and other ICANN RPMs), outlines additional provisions made for rights protection, and provides the resourcing plans.

As .BBC will be a private brand registry with eligibility requirements and rules of registration that restrict third parties that are not members or Affiliates of the BBC from registering, abusive behaviors will be limited. Notwithstanding this, the BBC will comply with all ICANN’s requirements.

2. Core measures to prevent abusive registrations
To further prevent abusive registration or cybersquatting, we will adopt the following Rights Protection Mechanisms (RPMs) which have been mandated for new gTLD operators by ICANN:
• A 30 day Sunrise process
• A 60 day Trademark Claims process

Generally, these RPMs are targeted at abusive registrations undertaken by third parties. However, domains in our registry will be registered only to the BBC or its Affiliates through a single registrar who will be contractually required to ensure that stated rules covering eligibility and use of a domain are adhered to through a validation process. As a result, abusive registrations should be prevented.

In the very unlikely circumstances that a domain is registered and used in an improper way, we acknowledge that we will be the respondent in related proceedings and we undertake to co-operate fully with ICANN and other appropriate agencies to resolve any concerns.

2.1 Safeguards for rights protection at the launch of the TLD: Sunrise
The launch of this TLD will include a Sunrise and a Trademark Claims service.

2.2 Sunrise Eligibility
Our Sunrise Eligibility Requirements will clearly state that eligible applicants must be members of the BBC. Furthermore, all domain names must be used to support the goals of the BBC. Nonetheless, notice of our Sunrise will be provided to third party holders of validated trademarks in the Trademark Clearinghouse as required by ICANN. Our Sunrise Eligibility Requirements will be published on the website of our registry.

2.3 Sunrise Window
As required in the Applicant Guidebook in section 7.1, our Sunrise window will recognize “all word marks: (i) nationally or regionally registered and for which proof of use – which can be a declaration and a single specimen of current use – was submitted to, and validated by, the Trademark Clearinghouse; or (ii) that have been court-validated; or (iii) that are specifically protected by a statute or treaty currently in effect and that was in effect on or before 26 June 2008”.

Our Sunrise window will last for 30 days. Applications received from an ICANN-accredited registrar will be accepted for registration if they are (i) supported by an entry in the Trademark Clearinghouse (TMCH) during our Sunrise window and (ii) satisfy our Sunrise Eligibility Requirements. Once registered, those domain names will have a one year term of registration. Any domain names registered will be managed by our registrar.

2.4 Sunrise Dispute Resolution Policy
We will devise and publish the rules for our Sunrise Dispute Resolution Policy (SDRP) on our registry website. Our SDRP will apply to our registry and will allow any party to raise a challenge on the following four grounds as required in the Applicant Guidebook (6.2.4):
(i) at the time the challenged domain name was registered, the registrant did not hold a trademark registration of national effect (or regional effect) or the trademark had not been court-validated or protected by statute or treaty;
(ii) the domain name is not identical to the mark on which the registrant based its Sunrise registration;
(iii) the trademark registration on which the registrant based its Sunrise registration is not of national effect (or regional effect) or the trademark had not been court-validated or protected by statute or treaty; or
(iv) the trademark registration on which the domain name registrant based its Sunrise registration did not issue on or before the effective date of the Registry Agreement and was not applied for on or before ICANN announced the applications received.

Complaints can be submitted through our registry website within 30 days following the closure of the Sunrise, and will be initially processed by our registrar. Our registrar will promptly report to us: (i) the challenger; (ii) the challenged domain name; (iii) the grounds upon which the complaint is based; and (iv) why the challenger believes the grounds are satisfied.

2.5 Trademark Claims Service
Our Trademark Claims Service (TMCS) will run for a 60 day period following the closure of our 30 day Sunrise. Our TMCS will be supported by the Trademark Clearinghouse and will provide a notice to third parties interested in filing a character string in our registry of a registered trademark right that matches the character string in the TMCH.

We will honor and recognize in our TMCS the following types of marks as defined in the Applicant Guidebook section 7.1: (i) nationally or regionally registered; (ii) court-validated; or (iii) specifically protected by a statute or treaty in effect at the time the mark is submitted to the Clearinghouse for inclusion.

Once received from the TMCH, with which our registry provider will interface, a claim will be initially processed by our registrar who will provide a report to us on the eligibility of the applicant.

3 Implementation and Resourcing Plans of core services to prevent abusive registration
Our Sunrise and IP Claims service will be introduced with the following timetable:

Day One: Announcement of Registry Launch and publication of registry website with details of the Sunrise and Trademark Claim Service (“TMCS”)

Day 30: Sunrise opens for 30 days on a first-come, first served basis. Once registrations are approved, they will be entered into the Shared Registry System (SRS) and published in our Thick-Whois database.

Day 60-75: Registry Open, domains applied for in the Sunrise registered and TMCS begins for a minimum of 60 days

Day 120-135: TMCS ends; normal operations continue.

Our Implementation Team will comprise the following:

From the BBC: the IP Legal Team will be responsible for responding to complaints of infringement. This team features one senior trademark lawyer plus a qualified trademark attorney as well as additional provision from other IP lawyers in the team if necessary plus assistants and if relevant they can call on lawyers from the Technology Department. In addition the BBC’s Domain Management Team of three can assist.

From Nominet: the Dispute Management team incorporating two qualified lawyers and two experienced mediators will handle mediation. URS decisions will be handled by Nominetʹs Abuse team made up of four staff.

In addition, the BBC will be supported by its Registrar which will provide two legal specialists, four client managers and six operational staff. The operational staff will undertake the validation checks on registration requests.

The Implementation Team will create a formal Registry Launch plan by the end of December 2012. This plan will set out the exact process for the launch of the BBC registry and will define responsibilities and budgets. The BBC Registry website, which is budgeted for in the three year plans provided in our answers to Question 46, will be built by within 30 days of pre-validation testing beginning. It will feature Rules of Registration, Rules of Eligibility, Terms & Conditions of Registration, Acceptable Use Policies as well as the Rules of the Sunrise, the Rules of the Sunrise Dispute Resolution Policy and the Rules of the Trademark Claims Service.

Technical implementation between the registry and the Trademark Clearinghouse will be undertaken by the registry service provider as soon as practical after the Trademark Clearinghouse is operational and announces its integration process.

As demonstrated in our answer to question 46, a budget has been set aside to pay fees charged by the Trademark Clearinghouse Operator for this integration.

The contract we have with our registrar (the RAA) will require that the registrar uses the TMCH, adheres to the Terms & Conditions of the TMCH and will prohibit the registrar from filing domains in our registry on its own behalf or utilising any data from the TMCH except in the provision of its duties as our registrar.

When processing TMCS claims, our registrar will be required to use the specific form of notice provided by ICANN in the Applicant Guidebook.

We will also require our registrar to implement appropriate privacy policies reflecting local requirements in the UK which is a member of the European Union.

4 Mechanisms to identify and address the abusive use of registered domain names on an ongoing basis
To prevent the abusive use of registered domain names on an ongoing basis we will adopt the following Rights Protection Mechanisms (RPMs) which have been mandated by ICANN:
• The Uniform Dispute Resolution Policy (UDRP) to address domain names that have been registered and used in bad faith in the TLD.
• The Uniform Rapid Suspension (URS) scheme which is a faster, more efficient alternative to the Uniform Dispute Resolution Policy to deal with clear-cut cases of cybersquatting.
• The Post Delegation Dispute Resolution Procedure (PDDRP).
• Implementation of a Thick WHOIS making it easier for rights holders to identify and locate infringing parties.

The UDRP and the URS are targeted at abusive registrations undertaken by third parties and the PDDRP at so called “Bad Actor” registries. As domains in our registry will be registered not to third parties but only to the BBC or its Affiliates through a single registrar which will be required through contract to ensure that the rules covering eligibility and use of a domain are adhered to, we believe that abusive registrations by third parties should be completely prevented.
Abusive behavior by representatives of the BBC will be prevented by our internal processes, for example the pre-registration validation checks and monitoring of use of our registrar.

We acknowledge that we are subject to the UDRP, the URS and the PDDRP and we will co-operate fully with ICANN and appropriate registries in the unlikely circumstances that complaints against us, as the registrant, are made.

4.1 The Uniform Dispute Resolution Policy (UDRP)
The UDRP is an out-of-court dispute resolution mechanism for trademark owners to resolve clear cases of bad faith, abusive registration and use of domain names. The UDRP applies by contract to all domain name registrations in gTLDs. Standing to file a UDRP complaint is limited to trademark owners who must demonstrate their rights. To prevail in a UDRP complaint, the complainant must further demonstrate that the domain name registrant has no rights or legitimate interests in the disputed domain name, and that the disputed domain name has been registered and is being used in bad faith. In the event of a successful claim, the infringing domain name registration is transferred to the complainant’s control.

The BBC or its Affiliates will be the respondent in all UDRP complaints because we will be the only eligible registrants. Therefore we do not anticipate that there are any circumstances in which complainants can argue that we have “no rights or legitimate interests” in a domain in our registry so the possibility of good faith UDRP complaints should be minimized. In the unlikely circumstances that a complaint is made, we will respond in a timely fashion, reflecting our contractual responsibility to ICANN as a registry operator.

We will be applying for an exemption to Clause 1b of the Registry Operators Code of Conduct. This means that we will not be allowed to transfer domains to third parties as the only registrant will be the BBC or our Affiliates. Therefore if a complaint against us is filed, the only possible remedy will be the cancellation of the domain instead of the transfer to the complainant.
Should a successful complaint be made we will therefore place the cancelled domain that is the subject of the complaint on a list that prevents it from being registered again without legitimate cause.

4.2 The URS
The URS is intended to be a lighter, quicker complement to the UDRP. Like the UDRP, it is intended for clear-cut cases of trademark abuse. Under the URS, the only remedy which a panel may grant is the temporary suspension of a domain name for the duration of the registration period (which may be extended by the prevailing complainant for one year, at commercial rates). URS substantive criteria mirror those of the UDRP but with a higher burden of proof for complainants, and additional registrant defences. Once a determination is rendered, a losing registrant has several appeal possibilities from 30 days up to one year. Either party may file a de novo appeal within 14 days of a decision. There are penalties for filing “abusive complaints” which may result in a ban on future URS filings.

As with the description of our UDRP process above, the BBC or its Affiliates will be the respondent in all URS complaints because we will be the only eligible registrants. Therefore we do not anticipate that there are any circumstances in which complainants can argue that we have “no legitimate right or interest to the domain name” and “that the domain name was registered and is being used in bad faith.” Notwithstanding this, should a complaint be made, we will respond in a timely fashion, reflecting our contractual responsibility to ICANN as a registry operator.

Should a successful complaint be made, we will suspend the domain name for the duration of the registration period. As per the URS guidelines, if the complainant prevails, the “registry operator shall suspend the domain name, which shall remain suspended for the balance of the registration period and would not resolve to the original web site. The nameservers shall be redirected to an informational web page provided by the URS provider about the URS. The WHOIS for the domain name shall continue to display all of the information of the original registrant except for the redirection of the nameservers. In addition, the WHOIS shall reflect that the domain name will not be able to be transferred, deleted or modified for the life of the registration.”

We will co-operate with the URS panel providers and panelists as we will co-operate with UDRP panel providers and panelists.

Being the only eligible registrant, we will not make changes to a domain in Locked Status or alter a registration record associated with a URS complaint as required in the Applicant Guidebook.

4.3 The Post-Delegation Dispute Resolution Procedure (PDDRP)
The PDDRP is an administrative option for trademark owners to file an objection against a registry whose “affirmative conduct” in its operation or use of its gTLD is alleged to cause or materially contribute to trademark abuse. In this way, the PDDRP is intended to act as a higher-level enforcement tool to assist ICANN compliance activities, where rights holders may not be able to continue to turn solely to lower-level multijurisdictional enforcement options in a vastly expanded DNS.
The PDDRP involves a number of procedural layers, such as an administrative compliance review, appointment of a “threshold review panel”, an expert determination as to liability under the procedure (with implementation of any remedies at ICANN’s discretion), a possible de novo appeal and further appeal to arbitration under ICANN’s registry terms. The PDDRP requires specific bad faith conduct including profit from encouraging infringement in addition to “the typical registration fee.”
As set out in the Applicant Guidebook in the appendix summarizing the PDDRP, the grounds for a complaint on a second level registration are that, “(a) there is a substantial pattern or practice of specific bad faith intent by the registry operator to profit from the sale of trademark infringing domain names; and (b) the registry operator’s bad faith intent to profit from the systematic registration of domain names within the gTLD that are identical or confusingly similar to the complainant’s mark, which (i) takes unfair advantage of the distinctive character or the reputation of the complainantʹs mark or (ii) impairs the distinctive character or the reputation of the complainantʹs mark, or(iii) creates a likelihood of confusion with the complainantʹs mark.”
Whilst we will co-operate with any complaints made under the PDDRP, we think it is highly improbable that any PDDRP complaints will succeed because the grounds set out above cannot be satisfied as domains in the registry will not be for sale and cannot be transferred to third parties.
4.4 Thick Whois
As required in Specification 4 of the Registry agreement, the BBC registry will provide Thick Whois. A Thick WHOIS provides a centralized location of registrant information within the control of the registry (as opposed to thin Whois where the data is dispersed across registrars).
Thick Whois will provide rights owners and law enforcement with the ability to review the registration record easily.
We will place a requirement on our registrar to ensure that all registrations are filed with accurate Whois details and we will undertake regular reviews of Whois accuracy to ensure that the integrity of data under our control is maintained.
The BBC will create and publish a Whois Query email address so that third parties can submit queries about any domains in our registry.
4.5 Rights protection via the RRA
In the Registry-Registrar and Registrar-Registrant Agreements we will insert wording such as:

“The registry may reject a registration request or a reservation request, or may delete, revoke, suspend, cancel, or transfer a registration or reservation under the following criteria:
a. to enforce registry policies and ICANN requirements; each as amended from time to time;
b. that is not accompanied by complete and accurate information as required by ICANN requirements and⁄or registry policies or where required information is not updated and⁄or corrected as required by ICANN requirements and⁄or registry policies;
c. to protect the integrity and stability of the registry, its operations, and the TLD system;
d. to comply with any applicable law, regulation, holding, order, or decision issued by a court, administrative authority, or dispute resolution service provider with jurisdiction over the registry;
e. to establish, assert, or defend the legal rights of the registry or a third party or to avoid any civil or criminal liability on the part of the registry and⁄or its affiliates, Affiliates, officers, directors, representatives, employees, contractors, and stockholders;
f. to correct mistakes made by the registry or any accredited registrar in connection with a registration; or
g. as otherwise provided in the Registry-Registrar Agreement and⁄or the Registrar-Registrant Agreement.

5 Implementation and Resourcing Plans for mechanisms to identify and address the abusive use of registered domain names on an ongoing basis
Our post-launch rights protection mechanisms will be in place from Day One of the launch of the registry.

To ensure that we are compliant with our obligations as a registry operator, we will develop a section of our registry website to assist third parties involved in UDRP, URS and PDDRP complaints including third parties wishing to make a complaint, ICANN compliance staff and the providers of UDRP and URS panels. This will feature an email address for enquiries relating to disputes or seeking further information on specific domains. We will monitor this address for all of the following: Notice of Complaint, Notice of Default, URS Determination, UDRP Determination, Notice of Appeal and Appeal Panel Findings where appropriate.

As stated in our answer to Question 18, the BBC’s IP Legal team and the BBC’s Domain Manager will be responsible for the development, maintenance and enforcement of the Domain Management Policy. This will include ensuring that the following implementation targets are met:

• Locking domains that are the subject of URS complaints within one business day of receipt of a URS complaint, and ensuring our registrar locks domains that are the subject of UDRP complaints within one business day of receipt of a UDRP complaint.
• Confirming the implementation of the lock to the relevant URS provider, and ensure our registrar confirms the implementation of the lock to the relevant UDRP provider.
• Ensuring that our registrar cancels domain names that are the subject of a successful UDRP complaint within 24 hours
• Redirecting servers to a website with the ICANN mandated information following a successful URS within 24 hours
The human resources dedicated to managing post-launch RPM include:

Our Implementation Team will comprise the following:

From the BBC: the IP Legal Team will be responsible for responding to complaints of infringement. This team features one senior trademark lawyer plus a qualified trademark attorney as well as additional provision from other IP lawyers in the team if necessary, plus assistants and if relevant they can call on lawyers from the Technology Department. In addition the BBC’s Domain Management Team of three can assist.

From Nominet: the Dispute Management team incorporating two qualified lawyers and two experienced mediators will handle mediation. URS decisions will be handled by Nominetʹs Abuse team made up of four staff.

In addition, the BBC will be supported by its Registrar which will provide two legal specialists, four client managers and six operational staff. The operational staff will undertake the validation checks on registration requests.

We are confident that this staffing is more than adequate for a registry where the only registrant is the BBC or its Affiliates. Of course, should business goals change requiring more resources, the BBC will closely review any expansion plans, and plan for additional financial, technical, and team-member support to put the Registry in the best position for success.

We will also require our registrar to implement appropriate privacy policies reflecting the high standards that we operate. For information on our Privacy Policies, please see: http:⁄⁄www.bbc.co.uk⁄privacy⁄

6 Additional Mechanism that exceed requirements
Rights protection is at the core of the BBC’s objective in applying for this registry. Therefore we are committed to providing the following additional mechanisms:


6.1 Registrar Accreditation
The BBC will audit the performance of our registrar every six months and re-validate our Registry-Registrar Agreements annually. Our audits will include site visits to ensure the security of data etc.

6.2 Audits of registration records
Every three months, 2% of the total of domain names registered in that period will be reviewed by our registrar to ensure accurate registration records and use that is compliant with our Acceptable Use guidelines.

6.3 Registrant Pre-Verification
All requests for registration will be verified by our registrar to ensure that they come from a legitimate representative of the BBC or Affiliates. A record of the request will be kept in our on-line domain management console including the requestor’s email address and other contact information.

6.4 Take down Procedures
The BBC has described Takedown Procedures for domains supporting Abusive Behaviors in Question 28. We think this is very unlikely in a registry where only the BBC or its Affiliates are registrants but we will reserve the right to terminate a registration and to take down all associated services after a review by our Legal Team if a takedown for reasons of rights protection is requested by law enforcement, a representative of a court we recognize etc.

Question 30a – Security Policy

Nominet, the Registry Services Provider has been running the dot UK TLD for the past 15 years and has an impeccable security record in protecting both the dot UK TLD and the information within the registry. Nominet works at the forefront of information security and contributes to the development of both global and national security standards to further protect the security, stability and resilience of the Internet.

The aim of Nominetʹs Security Programme is to secure the business, its data, its people, and the services that the organisation provides. Nominet maintains policies, standards and procedures that are designed to protect the company assets according to their sensitivity, criticality and value.

The goals of Nominetʹs Security programme are:

- Allocation of responsibility by Nominet management for development, implementation, monitoring and review of information security policies and standards
- Monitoring, evaluation and management of information security threats, vulnerabilities and risks
- Awareness of, and adherence to, all published information security policies, standards and processes applicable to management or use of information assets by Nominet Personnel with access to such information assets
- Access controls and business continuity management of Nominet information processing facilities, information assets and business processes
- Implementation of an information security incident management process
- Periodic review of the Information Security Programme to ensure its effectiveness.


Processes and Solutions

Nominet employs security capabilities which are robust and appropriate for the high profile and large TLD registry that it operates. Nominet is fully compliant and certified with the British Standard for Business Continuity BS25999-2:2007. Any gTLD that Nominet operates will benefit from this proven security approach.

Physical security at Nominet includes a permanently manned reception area with CCTV monitoring of all entrances including recording of video. All staff wear visible corporate photo ID cards and are encouraged to challenge unaccompanied strangers. Access to server areas requires biometric identification in addition to ID cards. In addition to these physical checks already mentioned, Nominetʹs datacentre locations employ further physical security measures including a 24x7 manned reception, ballistic resistant glass mantrap, and air locks. Security staff ensure that access is only available to those specifically authorised. Nominetʹs servers are housed in a secure caged area within the datacentre with a card access controlled door.

Server security starts with a minimal install of the operating system, with extra software only being installed if required. Access is restricted to those required to administer the server and its software, with audits carried out at regular intervals to ensure that access is still required.

Patching is carried out as part of a regular and ongoing patch management programme to ensure that critical servers and services are kept secure. Nominet also maintain a very close relationship with DNS software providers and have reported bugs to them to help patch their software, following responsible disclosure guidelines.

All external connections to Nominetʹs systems are encrypted using TLS (Transport Layer Security), with internal connections being encrypted where possible. TLS ensures that where appropriate TCP, UDP and BGP connections are encrypted. All privileged access to Nominetʹs servers is protected with two factor authentication. HSMs are used where appropriate to store private key information.

Networks are separated with firewalls (Juniper SRX3600) deployed between different network segments to help protect Nominetʹs sensitive information. All external access to Nominetʹs services is through firewalls to servers located in a Demilitarized Zone (DMZ). Wireless access points in Nominetʹs offices are also located in a DMZ to prevent direct access to internal systems. Wireless access is encrypted following best practice guidelines. Only authorised devices are permitted to connect to the company network.

Access to all devices (desktop devices, servers, network devices etc) is via individual usernames and passwords controlled by a central directory service (Microsoft Active Directory). This allows easy control of all user access from a single location, helping simplify user access control. Access to Nominetʹs systems is forbidden unless expressly permitted, and users are granted the minimal access required to perform their job function effectively. Users are assigned unique user ids, and these user ids are never re-issued to other users. Accounts are disabled for any user who no longer requires access or has left the company, and user access is reviewed on a regular basis. The following roles are not carried out by the same people - Systems operation, Systems development, Systems⁄Network administration.

The following controls are also applied to separate systems:

- Development and production software are run in separate environments.
- Development and test work are separated.
- Development facilities are not loaded on production systems.
- Development personnel use separate logon IDs for development and test systems to reduce the risk of error.
- Development staff do not have access to production systems.

Anti-virus software from a reputable supplier is used to scan computers and media on a routine basis. Anti-virus software is kept up to date on a centralised basis.

All access to Nominetʹs services and servers is logged locally, and also to a central location. Nominet also collect logs from firewalls, Intrusion Detection Systems (IDS)⁄Intrusion Prevention Systems (IPS), network devices, security devices, applications, databases etc. Event correlation is performed on all these logs to help identify any unusual activity. Nominet use security information and event management software (Arcsight Express) to do this event correlation.

In addition to the monitoring that is carried out by the devices listed above, Nominet has developed a proprietary technology platform to capture and analyse traffic at its name servers. With this technology Nominet can discover trends, identify abuse patterns and research the behaviour of botnets etc. Using this Nominet can identify security flaws and help the company understand the effect they may have on global DNS infrastructure.

Security for in-house written applications is controlled in many ways:

- All application code is peer reviewed.
- Security guidelines for software development have been written and are followed.
- All source code is held in a central repository, access to which is restricted by password.
- All changes to code are regression tested to ensure the application continues to function as expected.
- All changes to code can be attributed to the developer who made them.

Secure disposal of equipment is tightly controlled, with all storage media removed from equipment prior to disposal and all media is then wiped in accordance with best practice guidelines.

Change control is a tightly controlled process at Nominet, with identification and recording of significant changes, including all changes to security configuration. Approval must be gained at every stage, with all changes tested before being put into the live environment. System owners are always involved in these changes to ensure that no registry system is affected without the business being made aware of upcoming changes. Assessment of the potential impact of any changes is made, and there is an approval procedure for proposed changes. Nominet try to ensure that implementation of change causes minimal disruption to normal operations, bundling up changes into a formal release where applicable. All changes must have an approved rollback plan for recovering from unsuccessful changes.

Staff are encouraged to report security incidents, and all such incidents are investigated by Nominetʹs system administration team, who have access to the research team if required. Action is taken to reduce the impact of the problem initially, and the root cause of the problem is determined. Action is then taken to deal with problem, making changes as required. Any affected users are notified along with any recommended action (such as changing passwords).


Independent Assessment Reports

Nominet currently undergoes specific security testing as part of an approach to maintain PCI-DSS (Payment Card Industry Data Security Standard) Compliance. Using a third party (Trustkeeper), monthly scans are carried out against a section of Nominetʹs internet facing systems to test for vulnerabilities. These scans are designed to detect more than 5,000 known network, operating system and application vulnerabilities including the SANS Institute Top 20 list and are executed without any impact on Nominetʹs systems. The most recent scan was carried out on the 17th January 2012 and the result was a pass.

Nominet is also undergoing a three year programme of security testing using an ISO27001 certified third party assessor (First Base Technologies). The scope of the testing that First Base is carrying out includes (but is not limited to):

- Public IP Address Scan
- External Infrastructure Penetration Test
- Authenticated Remote Access Test
- Web Application Penetration Test
- Internal Infrastructure Penetration Test
- Server and Network technical Audit
- Wireless network Discovery
- Wireless Client Device Discovery and Analysis
- Building Access Test
- Email Spear Phishing
- USB Spear Phishing
- Telephone Social Engineering
- Technical Workshop participation

In addition to the above, First Base have also carried out training programmes for staff on information security vulnerability, and social engineering compliance. Nominet is fully committed to passing the programme of work being carried out by First Base, and where applicable, putting suitable remediation plans in place.


Other Security Measures

Nominet is fully engaged with National and International security agencies to fully understand the ever changing global risk register for security vulnerabilities. Agencies include the US NTIA, UK Cabinet Office, UK GCHQ (Government Communications Head Quarters), UK EC-RRG (Electronic Communications Resilience and Response Group) and many other formal and informal security groups.

Nominet works closely within the internet community to develop, support and publicise security standards and best practice across the global internet. Staff at Nominet helped develop the global DNSSEC security standard and authored a number of the key RFCs (Requests for Comments) that make up this standard. Nominet is currently at the forefront of DNS research, attempting to understand patterns of misuse and criminal behaviour with the global DNS. Nominetʹs Director of IT was selected as one of 12 global experts to analyse and audit ICANNʹs security, stability and resilience work and report back to both the ICANN board and the NTIA on areas for improvement. Nominetʹs Head of Research is a member of the DSSAWG (Domain Stability and Security Working Group) looking into how best to coordinate global DNS security incidents.


Commitments to registrants

We will commit to dot BBC registrants that:

- All data will be secured and protected in line with ISO 27001 guidelines
- We will not take any action in relation to a domain name registration unless we are satisfied that it has been received from the right person;
- We will require registrars to prove their identity, including by the use of unique identifiers and multi-factorial authentication where appropriate, when they submit transactions to our systems;
- Our registrars will be contractually obliged to maintain the security of their system identifiers and passwords and prevent the unauthorised disclosure of the same; and
- The registry will be operated in accordance with the Data Protection Act 1998 which, amongst other things, requires us to implement appropriate technical and organisational measures to prevent unauthorised or unlawful processing of personal data, and against accidental loss or destruction of, or damage to, personal data.


Resourcing plan

Nominet employs a dedicated Head of Information and Technology Security to help develop best-practice security policy and to liaise with national and international security agencies, organisations and groups in order to ensure that both Nominet and the TLDs that it operates are as secure as possible.

The implementation of Nominetʹs security policy is already in place. Nominet has a dedicated security team and large infrastructure team from which it will dedicate the following resources to post launch maintenance tasks related to the security policies that will be used by the dot BBC registry.

- Maintenance, review and improvement of the security policy and arrangements: 5 hours a week by the Head of IT Security
- Technical support: 5 hours per week

Total post launch resource: 10 hours per week.