ICANN New gTLD Application

New gTLD Application Submitted to ICANN by: Pictet Europe S.A.

String: pictet

Originally Posted: 13 June 2012

Application ID: 1-1314-50545


Applicant Information


1. Full legal name

Pictet Europe S.A.

2. Address of the principal place of business

15A, Avenue J. F. Kennedy
Luxembourg 1855
LU

3. Phone number

+352 467 1711

4. Fax number

+352 224 868

5. If applicable, website or URL

http:⁄⁄www.pictet.com

Primary Contact


6(a). Name

Mr. Riccardo BONFERRONI

6(b). Title

Senior web publisher⁄editor

6(c). Address


6(d). Phone Number

+41 58 323 2323

6(e). Fax Number

+41 58 323 2324

6(f). Email Address

dotbrand@agencevirtuelle.com

Secondary Contact


7(a). Name

Mr. Alexandre Heinrichs

7(b). Title

Head of Digital Communications (Group Corporate Communications)

7(c). Address


7(d). Phone Number

+41 58 323 2323

7(e). Fax Number

+41 58 323 2324

7(f). Email Address

aheinrichs@pictet.com

Proof of Legal Establishment


8(a). Legal form of the Applicant

Société Anonyme

8(b). State the specific national or other jursidiction that defines the type of entity identified in 8(a).

Grand Duchy of Luxembourg

8(c). Attach evidence of the applicant's establishment.

Attachments are not displayed on this form.

9(a). If applying company is publicly traded, provide the exchange and symbol.


9(b). If the applying entity is a subsidiary, provide the parent company.

Pictet & Cie, Geneva

9(c). If the applying entity is a joint venture, list all joint venture partners.


Applicant Background


11(a). Name(s) and position(s) of all directors


11(b). Name(s) and position(s) of all officers and partners

Daniel WANNERAdministrator
Jacques DE SAUSSUREAdministrator
Jürg EGLIAdministrator
Philippe LINIGERAdministrator
Pierre ETIENNEAdministrator

11(c). Name(s) and position(s) of all shareholders holding at least 15% of shares

Pictet Canada L.P.Not Applicable
Sopafin Luxembourg SANot Applicable

11(d). For an applying entity that does not have directors, officers, partners, or shareholders: Name(s) and position(s) of all individuals having legal or executive responsibility


Applied-for gTLD string


13. Provide the applied-for gTLD string. If an IDN, provide the U-label.

pictet

14(a). If an IDN, provide the A-label (beginning with "xn--").


14(b). If an IDN, provide the meaning or restatement of the string in English, that is, a description of the literal meaning of the string in the opinion of the applicant.


14(c). If an IDN, provide the language of the label (in English).


14(c). If an IDN, provide the language of the label (as referenced by ISO-639-1).


14(d). If an IDN, provide the script of the label (in English).


14(d). If an IDN, provide the script of the label (as referenced by ISO 15924).


14(e). If an IDN, list all code points contained in the U-label according to Unicode form.


15(a). If an IDN, Attach IDN Tables for the proposed registry.

Attachments are not displayed on this form.

15(b). Describe the process used for development of the IDN tables submitted, including consultations and sources used.


15(c). List any variant strings to the applied-for gTLD string according to the relevant IDN tables.


16. Describe the applicant's efforts to ensure that there are no known operational or rendering problems concerning the applied-for gTLD string. If such issues are known, describe steps that will be taken to mitigate these issues in software and other applications.

16. Known operational problems
Based on the information provided by the technical providers (registry & registrar) there are no known operational problems at the date of application. Pictet (and Verisign as its technical provider) ensured that there are no known operational or rendering problems concerning the applied-for gTLD string ʺPICTETʺ. 
  
Since the gTLD string ʺPICTETʺ is an ASCII-only string, it is safe to assume that, just like with existing ASCII-only TLD strings like .com, .net or .de, no operational or rendering problems may be expected. In particular, the name consists only of ASCII characters that are already used for existing top level domains; all the characters in the name are even used in the leftmost position of existing TLD labels. 
  
This means that bi-directional issues (like the ones described at http:⁄⁄stupid.domain.name⁄node⁄683) will not occur, also since the TLD string does not contain digits (which behaviour in bi-directional contexts can lead to rendering issues). 
  
As the registry supports right-to-left scripts on the second level, the respective IDN tables were carefully crafted according to IDNA2008 standards to ensure that no rendering issues occur left or right of the dot (ʺ.ʺ) character separating the top and second domain name labels (which are the only labels under the registryʹs control). 
  
Moreover, the gTLD string exclusively uses characters from a single alphabet, does not contain digits or hyphens, and it contains characters that are not subject to homograph issues, which means there is no potential for confusion with regard to the rendering of other TLD strings.

17. (OPTIONAL) Provide a representation of the label according to the International Phonetic Alphabet (http://www.langsci.ucl.ac.uk/ipa/).


Mission/Purpose


18(a). Describe the mission/purpose of your proposed gTLD.

18. Part A - Mission⁄purpose

Pictetʹs dotBrand TLDʹs mission is to support Pictetʹs in concentrating, at all times, on its clientsʹ and web-users specific needs through a new internet presence dimension.

The objective of Pictet is not to become a registry or to generate new sources of revenue by selling domain names. The ʺ.pictetʺ TLD will:
• be at the core of Pictetʹs online brand, marketing and communication strategies;
• serve as a platform around which Pictet will group second-level domains for individual services; branches as well as eventually partners or distributors;
• reinforce online security;
• allow Pictet to strengthen relationships with current customers and business partners;
• target new audiences through innovating marketing; and,
• develop partnerships through co-branding.

Eligibility is the central requirement to apply to and be awarded the use of a ʺ.pictetʺ domain name. It is therefore necessary that underline the eligibility requirements for registration of a ʺ.pictetʺ domain name, and maintain its eligibility throughout the term of the authorization to use.

Are eligible to a ʺ.pictetʺ domain name the following:
- Pictet & Cie and its subsidiary for commercial usages.
- Members of the Pictet family bearing this last name for private or commercial usages
- Business partners of Pictet & Cie and its subsidiary – while domain names will have to be managed by a Pictet entity

18(b). How do you expect that your proposed gTLD will benefit registrants, Internet users, and others?

18. Part B - gTLD benefits

18.1 Areas of specialty, service levels or reputation
Founded in 1805 in Geneva, Pictet & Cie is today one of Switzerlandʹs largest private banks, and one of the premier independent asset management specialists in Europe, with over USD 325 billion in assets under management and custody at 31 December 2011. Pictet & Cie is a partnership owned and managed by eight general partners with unlimited liability for the bankʹs commitments.

The Pictet group, based in Geneva, employs more than 3,200 staff. The Group has offices in the following financial centres: Barcelona, Basel, Dubai, Florence, Frankfurt, Hong Kong, Lausanne, London, Luxembourg, Madrid, Milan, Montreal, Nassau, Paris, Rome, Singapore, Turin, Tokyo and Zurich.

Pictet Asset Management (ʺPAMʺ) includes all the operating subsidiaries and divisions of the Pictet group that carry out institutional asset management: Pictet Asset Management SA, a Swiss corporation registered with the Swiss Financial Market Supervisory Authority FINMA, Pictet Asset Management Limited, a UK company authorised and regulated by the Financial Services Authority, and Pictet Asset Management (Japan) Limited, a Japanese company regulated by the Financial Services Agency of Japan.

At 31st December 2011, Pictet Asset Management managed USD 110 billion in assets, invested in equity and bond markets worldwide. PAM has thirteen business development centres across the globe, extending from London, Geneva, Frankfurt, Luxembourg, Madrid, Milan, Paris and Zurich via Dubai, Hong Kong, Tokyo and Singapore to Montreal.

Pictet has a strong web presence with an annual budget of web communication and operations of close to CHF one million and over 50,000 Pictet webpages visited daily. The ʺ.pictetʺ TLD will permit the company to redefine its online web architecture and communication by easing access to application webpages.

18.2 Competition, differentiation, or innovation

The ʺ.pictetʺ TLD will differentiate Pictet from its competitors by bringing a technology innovator feeling to its online presence, marketing activities, clients and partners interactions. The ʺ.pictetʺ TLD will enhance the brand equity servicing various purposes; which may be categorized as follows:

Branding
The ʺ.pictetʺ TLD will enhance Pictetʹs online reputation and client perception. It will give an innovator feeling and demonstrate Pictetʹs sensibility to new technologies and digital businesses

Increase brand value
The ʺ.pictetʺ TLD support Pictetʹs marketing and communication department build a closer relationship with its clients around the Pictet brand; reinforce visibility on the net and thereby increasing brand value. Website will be more memorable.

Website architecture
The ʺ.pictetʺ TLD will permit service based website architecture as compared to a pyramidal used today. Pictet will develop service-based web architecture.

Ease of access & navigability
The ʺ.pictetʺ TLD will serve as a platform to create domain names that are short and easy for consumers to remember, making it easier for people to access the companyʹs information online – notably over mobile devices

Brand visibility in sponsorship
The ʺ.pictetʺ TLD will increase brand visibility in sponsorship and open options for temporary campaigns. The ability to create short and memorable domain names will enhance sponsorship campaigns.

Brand extension
Pictet will have the opportunity to Issue second-level domain names to valued partners and distributors in order to extend the prestige and trust associated with its brand, strengthen relationships, create co-marketing opportunities, and reach new audiences.

Co-Branding
Pictet new TLD will service as a platform for co-branding. Such campaigns will associate events, products or partners to the Pictet brand name. Co-branding campaigns will combine the strength of two brands, in order to increase consumers trust and interest.
Brand association also reinforces the visibility of both entities; increases reach on search engines and strengthen customers trust.

Pictet Family members
Pictet & Cie is a private company named after its foundersʹ name. Today, there are still two associate members from the Pictet family members. Pictet & Cie will give family members the option to use the ʺ.pictetʺ TLD.

18.3 User experience

The objective of Pictet is not to become a registry or to generate new sources of revenue by selling domain names. It intends to increase users experience through reinforced online protection and enhanced webpage browsing

Online protection
The registration policy for Pictetʹs dotBrand will be restricted to only allowing the brand owner and its affiliates to register domain names in order to create a ‘safe-zoneʹ for internet users.
Users of the Pictet website will know to always search for and trust ʺ.pictetʺ sites and email addresses. The goal will be to decrease the risk of consumer confusion, and furthermore minimize the risk of online fraud. The ʺ.pictetʺ will distinguish trusted and official partners. It will be easier for PICTETto assure its online guidelines are being followed.

The ʺ.pictetʺ TLD will protect Pictet against brand infringement in various manners:

Protection of registred Domain Names
Pictet define the registration policy so unwanted activity from domainers or cyber squatters could be prevented by creating a strict policy.
All registrations will be handled on a one-on-one so risks involving third parties will be mitigated.
Pictetʹs registration policy will be set so domain names are never transferred to licensees that arenʹt validated.

Control over the chain of trust
The ʺ.pictetʺ extension will be DNSSEC enabled and safe to surf from day one.

Protection against typosquating
Registering Pictetʹs own TLD will allow to proactively registering common mistyped URLʹs and direct them towards the correct website. Pictet will also track and trace domain names that were visited, but not registered yet.

Protection against Phishbing
By registering the ʺ.pictetʺ TLD and educating the client, phishing attacks will gradually miss their effect

Ease of access & navigability
The ʺ.pictetʺ TLD will permit service based website architecture as compared to a pyramidal used today. Pictet will develop service-based web architecture. Domain names will be shorter and easier for consumers to remember, therefore easing access to the companyʹs information online – notably over mobile devices.
In certain cases, the content will be tailored according to the registrant entity; for instance affiliates, partners, clients or the head office.

18.4 Registration policy

Any entity will be able to submit a request for a domain creation according to eligibility requirements, terms and conditions as defined below. The GCC (Group Corporate Communication) department will be the sole point of contact for internal and external parties submitting a request to use the ʺ.pictetʺ.

The ʺ.pictetʺ domain names allocation committee will analyse and evaluate requests for the TLD usage.
The committee members will be:
– Jacques de Saussure, senior partner
– Frank Renggli, head of Group Corporate Communications Geneva
– Jean-Pierre Therre, Director security & Group Managing Director
– Alexandre Heinrichs, head of Digital Communications
– Riccardo Bonferroni, senior web publisher
– Jérôme Wymann, product manager pictet.com

The registration process will last between 1 and 8 weeks from submission according to the ʺ.pictetʺ committee meetings schedule. Registration policies will differ by user groups as detailed below.

Internal usages
The committee will define a list of domain names Pictet to be created for the transition of the existing webpages to the new architecture. Selected geographic names will also be protected upon the allocation of the ʺ.pictetʺ TLD.

The registry operator will ensure a Trademark Claims service during the start-up phase as provided in the registry agreement. These mechanisms will be supported by the established Trademark Clearinghouse as indicated by ICANN.

For new domain names requests from internal users, the following procedure will be applied:
1. Request to be addressed to the GCC department via email
2. Analysis and evaluation by the ʺ.pictetʺ committee
3. Unanimous validation of the decision by the ʺ.pictetʺ committee
4. If request accepted, setup by the GCC department in coordination with the technical providers


Family members

The following procedure will be applied:
1. Request by a family member to be addressed to the GCC department via mail;
2. Analysis and evaluation by the ʺ.pictetʺ committee in coordination with the business partnerʹs Pictet point of contact;
3. Unanimous validation of the decision by the ʺ.pictetʺ committee;
4. Analysis and evaluation by two members of the Pictet family; namely Ivan Pictet (former Senior partner) and Stéphane Pictet (Web Entrepreneur);
5. Unanimous validation by Ivan Pictet and Stéphane Pictet;
6. If the proposition is accepted, setup by the GCC department in coordination with the technical providers.


Distributors and business partners
Case 1: Demand coming from a business partner
The following procedure will be applied:
1. Request by a business partner to be addressed to the communication department via mail;
2. Analysis and evaluation by the ʺ.pictetʺ committee in coordination with the business partnerʹs Pictet point of contact;
3. Unanimous validation of the decision by the ʺ.pictetʺ committee;
4. If the proposition is accepted, setup by the communication department in coordination with the technical providers.

Case 2: Proposition from the bank to a business partner
The following procedure will be applied:
1. Request by a Pictet employee addressed to the communication department via mail
2. Analysis and evaluation by the ʺ.pictetʺ committee
3. Unanimous validation of the decision by the ʺ.pictetʺ committee
4. Proposition to the business partner
5. Acceptation or refusal of the proposition to be addressed to the ʺ.pictetʺ committee
6. If the proposition is accepted, setup by the communication department in coordination with the technical providers

18.5 Protection
Protecting trademark holdersʹ rights and maximizing domain name distribution opportunities during the ʺ.pictetʺ launch phase is critical to its successful introduction and operations. In launching its TLD, Pictet will ensure meeting the ICANN requirements for Sunrise and Trademark Claims and set-up procedures respecting the 1995 Directive on Data Protection (Directive 95⁄46⁄EC) of the European Commission.

ICANN is in the process of developing processes and procedures for the operation of the Trademark Clearinghouse (TMCH) as well as selecting the vendor(s) to operate the TMCH. Once ICANN finalizes these issues, Verisign will be able to identify the services to be provided to support Pictetʹs.
Pictet will ensure that the Sunrise and Trademark Claims services address ICANNʹs requirements and ensure a compliant introduction of the ʺ.pictetʺ.

Procedure for the launch of the ʺ.pictetʺ TLD:

a) Prior to Sunrise⁄ TLD launch: the registry operator will populate a list of reserved names and will reserve the right to register domain names during the pre-launch phase. The list will be made available to the registrar and potential eligible registrants as an additional procedures to minimize any abusive registrations and other activities that would have a negative impact on Internet users
b) Prior to general availability: Pictet will ensure a Trademark Claims service during the start-up phase as provided in the registry agreement. This mechanism will be supported by the established Trademark Clearinghouse as indicated by ICANN. The Trademark Claims service provides notice to potential registrants of existing trademark rights, as well as notice to rights holders of relevant names registered. Registry operators may decide to continue offering the Trademark Claims service after the relevant start-up phase. The registry operator will also implement safeguards against allowing unqualified registrations in accordance to, the registryʹs eligibility restrictions or policies
c) Sunrise: allow physical persons, organizations and entities that meet the eligibility requirements in force at that point in time to choose the domain names that are identical to their trademarks;
d) General availability: other available domain names may be registered by physical persons, organizations and entities that meet the eligibility requirements in force at that point in time to choose the domain names in accordance with the applicable terms and conditions. In any case, Pictet reserves the right to impose additional and other restrictions from time to time at its sole discretion;

18.6 Outreach & Communication

Marketing campaign to promote the ʺ.pictetʺ internally and externally will be made of direct communications through newsletters, mailings, banners on websites, advertisements in electronic media, press releases.

Internal communication
PICTET employees will be informed by means of internal digital media communication tools (Newsletter, Intranet and emailing) about:
1. The benefits for Pictetʹs web presence, marketing & communication
2. Q&As about ʺ.pictetʺ for external parties

External communication
Pictet will inform its clients and business partners about the new Pictet web presence by means of a digital newsletter.

Pictet doesnʹt aim promote the use of the ʺ.pictetʺ TLD by third parties such as distributors and business partners. Meanwhile, account executives and the marketing department will be informed of the procedure for the ʺ.pictetʺ TLD application as defined above.

Pictet will also not promote of the ʺ.pictetʺ TLD for commercial or non-commercial usages to family members.

18(c). What operating rules will you adopt to eliminate or minimize social costs?

18. Part C – Operating Rules

18.7 Application process
Application process - Internal users
The communication department will Group Corporate Communication (GCC) department will coordinate and address all requests for and usages of the ʺ.pictetʺ TLD.

Application process - Distributors and business partners for co-branding
Distributors or business partners may be awarded the use of the corporate TLD upon the decision by the marketing and communication department. All applications will require validation by the committee as defined above.

Application process - Pictet family members
Pictet family members will have the opportunity to apply for a domain name on a first-come⁄first served basis. All applications should be addressed to the communication department and will undergo an evaluation process to evaluate non-interference of the domain name required and the bankʹs activities.

18.8 Cost benefits for registrants

The pricing policies will differ according to the usages of the ʺ.pictetʺ. Only usage by family members for commercial purposes will be charged. The pricing wonʹt be subject to cost benefits.

Fees - Internal users
No fees will be charge for internal usages.

Fees - Distributors and business partners
No fees will be charge to distributors or business partners.

Fees - Pictet family members
Pictet family members will have the opportunity to request the use of the ʺ.pictetʺ extension.
• The use of the TLD will be provided free of charge for non-commercial site based on the full name of a family member: ex: www.jean-francois.pictet.
• Commercial usages will be charged at an operational fee of CHF 5,000 per year; for instance: www.travel.pictet.

18.9 Contractual commitments

Contractual terms & conditions will differ according to the usages of the ʺ.pictetʺ.

Internal users - Contractual terms & conditions
No contractual commitments will apply to internal users. The GCC department will operate the ʺ.pictetʺ similarly to their current operations for the ʺpictet.genereic TLDsʺ.

Distributors and business partners - Contractual terms & conditions
Distributors or business partners will be granted the use of the ʺ.pictetʺ extension on the basis of a five years contractual agreement.

Pictet family members - Contractual terms & conditions
Family members will be offered the option to obtain initial domain name registrations on the basis of a five years contractual agreement.

Case 1: domain name based on a family memberʹs name; ex: jean-francois.pictet, and for non-commercial usages: free-of-charge

Case 2: domain name for commercial usages based or not on a family memberʹs name; ex: ex: jean-francois.pictet for commercial usages or travel.pictet
Annual fees will be CHF 5,000. Annual fees will be re-evaluated at the contract termination based on the Swiss consumer price index (CPI).

For internal uses, Pictet the GCC department will monitor the content posted on the ʺ.pictetʺ TLD as it is already the procedure for Pictetʹs web presence.
For external uses, Pictet will have a right of inspection on the content posted on domain names using the ʺ.pictetʺ TLD to verify its compliance with the Pictet & Cie code of conduct, ethics and business activities.

Note : All above prices are excluding VAT.

Community-based Designation


19. Is the application for a community-based TLD?

No

20(a). Provide the name and full description of the community that the applicant is committing to serve.


20(b). Explain the applicant's relationship to the community identified in 20(a).


20(c). Provide a description of the community-based purpose of the applied-for gTLD.


20(d). Explain the relationship between the applied-for gTLD string and the community identified in 20(a).


20(e). Provide a description of the applicant's intended registration policies in support of the community-based purpose of the applied-for gTLD.


20(f). Attach any written endorsements from institutions/groups representative of the community identified in 20(a).

Attachments are not displayed on this form.

Geographic Names


21(a). Is the application for a geographic name?

No

Protection of Geographic Names


22. Describe proposed measures for protection of geographic names at the second and other levels in the applied-for gTLD.

22. Protection of geographic names

The proposed procedure is governed by a tight cooperation with the Registry operator, the applicable governments or public authority concerned, ICANN and the Governmental Advisory Committee (GAC) in order to protect the geographic names contained in the following internationally recognized lists:

- the short or long form of all country and territory names contained on the ISO 3166-1 list, as updated from time to time, including the European Union, which is exceptionally reserved on the ISO 3166-1 list, and its scope extended in August 1999 to any application needing to represent the name European Union, in English and their translation or transliteration :〈http:⁄⁄www.iso.org⁄iso⁄support⁄country_codes⁄iso_3166_code_lists⁄iso-3166-1_decoding_table.htm#EU〉;

- the United Nations Group of Experts on Geographical Names, Technical Reference Manual for the Standardization of Geographical Names, Part III Names of Countries of the World; and

- the list of United Nations member states in 6 official United Nations languages prepared by the Working Group on Country Names of the United Nations Conference on the Standardization of Geographical Names.

Initial temporary reservation. The geographic names contained in the above standardized lists are initially reserved at the second and at all other levels within the TLD at which the Registry operator provides for registration, which means that the Registry operator carries out their temporary registration, at no cost for the governments or public authority concerned.

At the same time, the Registry operator publishes the list of the country names reserved on its website (site dedicated to the extension .PICTET will be developed later in parallel of the accreditation) and communicates this list to the GAC Secretary.

The temporary reservation lasts 12 months.

During this temporary reservation period, the governments or public authority concerned informs the GAC Secretariat of their request to blacklist the name, and the designated beneficiary.

The GAC Secretariat authenticates the request and transfers it to the ICANN staff and to the Registry Operator.

The Registry Operator verifies the availability of the name and reserves the right to enter into negotiations with the designated beneficiary in the country concerned. If no negotiations are initiated by the registry operator or no agreement is reached, the name is blacklisted to avoid registering domain names at the second and at all other levels within the TLD at which the Registry operator provides for registration.

After initial temporary reservation. When the temporary reservation is terminated, the reservation of those geographic names that have not been blacklisted during the initial reservation period will fall into the pool of available names for private registration on a first-come-first-served basis, but only provided that the Registry Operator :

(i) has previously reached agreement with the applicable government(s) or public authority concerned and, provided, further, the Registry Operator has previously proposed the release of these reservations subject to review by ICANNʹs Governmental Advisory Committee and approval by ICANN; or,

(ii) has previously proposed the release of these reservations subject to review by ICANNʹs Governmental Advisory Committee and approval by ICANN, in the case the applicable government or public authority concerned has not replied to the Registry Operatorʹs attempts to reach agreement.

Two-character labels. All two-character labels shall be initially reserved. The reservation of a two character label string may be released to the extent that Registry Operator reaches agreement with the government and country-code manager. The Registry Operator may also propose release of these reservations based on its implementation of measures to avoid confusion with the corresponding country codes.

Post-release disputes. Moreover, after the release of the reservations, the Registry Operator shall delete a second and at all other levels domain names within the TLD at which the Registry operator provides for registration, on request of the government or the public authority concerned, provided the government or the public authority concerned evidences that:

- (i) the domain name is identical or confusingly similar to the geographic name in which the government or the public authority concerned has rights; and
- (ii) the registrant have no rights or legitimate interests in respect of the domain name; and
- (iii) the domain name has been registered and is being used in bad faith.

The procedure for this kind of disputes shall be governed by the same general rules of procedure as those for the disputes related to domain names within the TLD at which the Registry operator provides for registration.

Registry Services


23. Provide name and full description of all the Registry Services to be provided.

23. Registry Services

23.1 Customary Registry Services

As mentioned in response to Question 18 (b) above, Pictet is a well-known financial institution operating around the world. Pictet has an extensive experience and expertise in managing complex information technology infrastructures in connection to its business relying on in-house and external resources.

Pictet doesnʹt aim to manage a domain name registry system. Pictet has chosen to rely on Verisign for the back-end registry operation of the applied-for “.pictet” registry in accordance with the specific technical requirements imposed upon new gTLD registriesThe response to this question describes the registry services for the “.pictet” TLD as provided by Verisign.

As Pictetʹs selected provider of backend registry services, Verisign provides a comprehensive system and physical security solution that is designed to ensure a TLD is protected from unauthorized disclosure, alteration, insertion, or destruction of registry data. Verisignʹs system addresses all areas of security including information and policies, security procedures, the systems development lifecycle, physical security, system hacks, break-ins, data tampering, and other disruptions to operations. Verisignʹs operational environments not only meet the security criteria specified in its customer contractual agreements, thereby preventing unauthorized access to or disclosure of information or resources on the Internet by systems operating in accordance with applicable standards, but also are subject to multiple independent assessments as detailed in the response to Question 30, Security Policy. Verisignʹs physical and system security methodology follows a mature, ongoing lifecycle that was developed and implemented many years before the development of the industry standards with which Verisign currently complies. Please see the response to Question 30, Security Policy, for details of the security features of Verisignʹs registry services.

Verisignʹs registry services fully comply with relevant standards and best current practice RFCs published by the Internet Engineering Task Force (IETF), including all successor standards, modifications, or additions relating to the DNS and name server operations including without limitation RFCs 1034, 1035, 1982, 2181, 2182, 2671, 3226, 3596, 3597, 3901, 4343, and 4472. Moreover, Verisignʹs Shared Registration System (SRS) supports the following IETF Extensible Provisioning Protocol (EPP) specifications, where the Extensible Markup Language (XML) templates and XML schemas are defined in RFC 3915, 5730, 5731, 5732, 5733, and 5734. By strictly adhering to these RFCs, Verisign helps to ensure its registry services do not create a condition that adversely affects the throughput, response time, consistency, or coherence of responses to Internet servers or end systems. Besides its leadership in authoring RFCs for EPP, Domain Name System Security Extensions (DNSSEC), and other DNS services, Verisign has created and contributed to several now well-established IETF standards and is a regular and long-standing participant in key Internet standards forums.

Figure 23-1 summarizes the technical and business components of those registry services, customarily offered by a registry operator (i.e., Verisign), that support this application. These services are currently operational and support both large and small Verisign-managed registries. Customary registry services are provided in the same manner as Verisign provides these services for its existing gTLDs.

Through these established registry services, Verisign has proven its ability to operate a reliable and low-risk registry that supports millions of transactions per day. Verisign is unaware of any potential security or stability concern related to any of these services.

Registry services defined by this application are not intended to be offered in a manner unique to the new generic top-level domain (gTLD) nor are any proposed services unique to this applicationʹs registry.

As further evidence of Verisignʹs compliance with ICANN mandated security and stability requirements, Verisign allocates the applicable RFCs to each of the five customary registry services (items A – E above). For each registry service, Verisign also provides evidence in Figure 23-2 of Verisignʹs RFC compliance and includes relevant ICANN prior-service approval actions.

23.1.1 Critical Operations of the Registry

i. Receipt of Data from Registrars Concerning Registration of Domain Names and Name Servers
See Item A in Figure 23-1 and Figure 23-2.

ii. Provision to Registrars Status Information Relating to the Zone Servers
Verisign is Pictetʹs selected provider of backend registry services. Verisign registry services provisions to registrars status information relating to zone servers for the TLD. The services also allow a domain name to be updated with clientHold, serverHold status, which removes the domain name server details from zone files. This ensures that DNS queries of the domain name are not resolved temporarily. When these hold statuses are removed, the name server details are written back to zone files and DNS queries are again resolved. Figure 23-3 describes the domain name status information and zone insertion indicator provided to registrars. The zone insertion indicator determines whether the name server details of the domain name exist in the zone file for a given domain name status. Verisign also has the capability to withdraw domain names from the zone file in near-real time by changing the domain name statuses upon request by customers, courts, or legal authorities as required.

iii. Dissemination of TLD Zone Files
See Item B in Figure 23-1 and Figure 23-2.

iv. Operation of the Registry Zone Servers
Verisign is Pictetʹs selected provider of backend registry services. Verisign, as a company, operates zone servers and serves DNS resolution from 76 geographically distributed resolution sites located in North America, South America, Africa, Europe, Asia, and Australia. Currently, 17 DNS locations are designated primary sites, offering greater capacity than smaller sites comprising the remainder of the Verisign constellation. Verisign also uses Anycast techniques and regional Internet resolution sites to expand coverage, accommodate emergency or surge capacity, and support system availability during maintenance procedures. Verisign operates Pictetʹs gTLD from a minimum of eight of its primary sites (two on the East Coast of the United States, two on the West Coast of the United States, two in Europe, and two in Asia) and expands resolution sites based on traffic volume and patterns. Further details of the geographic diversity of Verisignʹs zone servers are provided in the response to Question 34, Geographic Diversity. Moreover, additional details of Verisignʹs zone servers are provided in the response to Question 32, Architecture and the response to Question 35, DNS Service.

v. Dissemination of Contact and Other Information Concerning Domain Name Server Registrations
See Item C in Figure 23-1 and Figure 23-2.

23.2 Other Products or Services the Registry Operator Is Required to Provide Because of the Establishment of a Consensus Policy

Verisign, Pictetʹs selected provider of backend registry services, is a proven supporter of ICANNʹs consensus-driven, bottom-up policy development process whereby community members identify a problem, initiate policy discussions, and generate a solution that produces effective and sustained results. Verisign currently provides all of the products or services (collectively referred to as services) that the registry operator is required to provide because of the establishment of a Consensus Policy. For the .pictet gTLD, Verisign implements these services using the same proven processes and procedures currently in-place for all registries under Verisignʹs management. Furthermore, Verisign executes these services on computing platforms comparable to those of other registries under Verisignʹs management. Verisignʹs extensive experience with consensus policy required services and its proven processes to implement these services greatly minimize any potential risk to Internet security or stability. Details of these services are provided in the following subsections. It shall be noted that consensus policy services required of registrars (e.g., Whois Reminder, Expired Domain) are not included in this response. This exclusion is in accordance with the direction provided in the questionʹs Notes column to address registry operator services.

23.2.1 Inter-Registrar Transfer Policy (IRTP)

Technical Component: In compliance with the IRTP consensus policy, Verisign, Pictetʹs selected provider of backend registry services, has designed its registration systems to systematically restrict the transfer of domain names within 60 days of the initial create date. In addition, Verisign has implemented EPP and “AuthInfo” code functionality, which is used to further authenticate transfer requests. The registration system has been designed to enable compliance with the five-day Transfer grace period and includes the following functionality:
• Allows the losing registrar to proactively ‘ACKʹ or acknowledge a transfer prior to the expiration of the five-day Transfer grace period
• Allows the losing registrar to proactively ‘NACKʹ or not acknowledge a transfer prior to the expiration of the five-day Transfer grace period
• Allows the system to automatically ACK the transfer request once the five-day Transfer grace period has passed if the losing registrar has not proactively ACKʹd or NACKʹd the transfer request.

Business Component: All requests to transfer a domain name to a new registrar are handled according to the procedures detailed in the IRTP. Dispute proceedings arising from a registrarʹs alleged failure to abide by this policy may be initiated by any ICANN-accredited registrar under the Transfer Dispute Resolution Policy. Pictetʹs compliance office serves as the first-level dispute resolution provider pursuant to the associated Transfer Dispute Resolution Policy. As needed Verisign is available to offer policy guidance as issues arise.

Security and Stability Concerns: Verisign is unaware of any impact, caused by the service, on throughput, response time, consistency, or coherence of the responses to Internet servers or end-user systems. By implementing the IRTP in accordance with ICANN policy, security is enhanced as all transfer commands are authenticated using the AuthInfo code prior to processing.

ICANN Prior Approval: Verisign has been in compliance with the IRTP since November 2004 and is available to support Pictet in a consulting capacity as needed.
Unique to the TLD: This service is not provided in a manner unique to the .pictet TLD.

23.2.2 Add Grace Period (AGP) Limits Policy

Technical Component: Verisignʹs registry system monitors registrarsʹ Add grace period deletion activity and provides reporting that permits Pictet to assess registration fees upon registrars that have exceeded the AGP thresholds stipulated in the AGP Limits Policy. Further, Pictet accepts and evaluates all exemption requests received from registrars and determines whether the exemption request meets the exemption criteria. Pictet maintains all AGP Limits Policy exemption request activity so that this material may be included within Pictetʹs Monthly Registry Operator Report to ICANN.

Registrars that exceed the limits established by the policy may submit exemption requests to Pictet for consideration. Pictetʹs compliance office reviews these exemption requests in accordance with the AGP Limits Policy and renders a decision. Upon request, Pictet submits associated reporting on exemption request activity to support reporting in accordance with established ICANN requirements.

Business Component: The Add grace period (AGP) is restricted for any gTLD operator that has implemented an AGP. Specifically, for each operator:
• During any given month, an operator may not offer any refund to an ICANN-accredited registrar for any domain names deleted during the AGP that exceed (i) 10% of that registrarʹs net new registrations (calculated as the total number of net adds of one-year through ten-year registrations as defined in the monthly reporting requirement of Operator Agreements) in that month, or (ii) fifty (50) domain names, whichever is greater, unless an exemption has been granted by an operator.
• Upon the documented demonstration of extraordinary circumstances, a registrar may seek from an operator an exemption from such restrictions in a specific month. The registrar must confirm in writing to the operator how, at the time the names were deleted, these extraordinary circumstances were not known, reasonably could not have been known, and were outside the registrarʹs control. Acceptance of any exemption will be at the sole and reasonable discretion of the operator; however ʺextraordinary circumstancesʺ that reoccur regularly for the same registrar will not be deemed extraordinary.

In addition to all other reporting requirements to ICANN, Pictet identifies each registrar that has sought an exemption, along with a brief description of the type of extraordinary circumstance and the action, approval, or denial that the operator took.

Security and Stability Concerns: Verisign is unaware of any impact, caused by the policy, on throughput, response time, consistency, or coherence of the responses to Internet servers or end-user systems.

ICANN Prior Approval: Verisign, Pictetʹs backend registry services provider, has had experience with this policy since its implementation in April 2009 and is available to support Pictet in a consulting capacity as needed.

Unique to the TLD: This service is not provided in a manner unique to the .pictet TLD.

23.2.3 Registry Services Evaluation Policy (RSEP)

Technical Component: Verisign, Pictetʹs selected provider of backend registry services, adheres to all RSEP submission requirements. Verisign has followed the process many times and is fully aware of the submission procedures, the type of documentation required, and the evaluation process that ICANN adheres to.

Business Component: In accordance with ICANN procedures detailed on the ICANN RSEP website (http:⁄⁄www.icann.org⁄en⁄registries⁄rsep⁄), all gTLD registry operators are required to follow this policy when submitting a request for new registry services.

Security and Stability Concerns: As part of the RSEP submission process, Verisign, Pictetʹs backend registry services provider, identifies any potential security and stability concerns in accordance with RSEP stability and security requirements. Verisign never launches services without satisfactory completion of the RSEP process and resulting approval.

ICANN Prior Approval: Not applicable.

Unique to the TLD: gTLD RSEP procedures are not implemented in a manner unique to the .pictet TLD.

23.3 Products or Services Only a Registry Operator Is Capable of Providing by Reason of Its Designation As the Registry Operator

Verisign, Pictetʹs selected backend registry services provider, has developed a Registry-Registrar Two-Factor Authentication Service that complements traditional registration and resolution registry services. In accordance with direction provided in Question 23, Verisign details below the technical and business components of the service, identifies any potential threat to registry security or stability, and lists previous interactions with ICANN to approve the operation of the service. The Two-Factor Authentication Service is currently operational, supporting multiple registries under ICANNʹs purview.

Pictet is unaware of any competition issue that may require the registry service(s) listed in this response to be referred to the appropriate governmental competition authority or authorities with applicable jurisdiction. ICANN previously approved the service(s), at which time it was determined that either the service(s) raised no competitive concerns or any applicable concerns related to competition were satisfactorily addressed.

23.3.1 Two-Factor Authentication Service

Technical Component: The Registry-Registrar Two-Factor Authentication Service is designed to improve domain name security and assist registrars in protecting the accounts they manage. As part of the service, dynamic one-time passwords augment the user names and passwords currently used to process update, transfer, and⁄or deletion requests. These one-time passwords enable transaction processing to be based on requests that are validated both by “what users know” (i.e., their user name and password) and “what users have” (i.e., a two-factor authentication credential with a one-time-password).

Registrars can use the one-time-password when communicating directly with Verisignʹs Customer Service department as well as when using the registrar portal to make manual updates, transfers, and⁄or deletion transactions. The Two-Factor Authentication Service is an optional service offered to registrars that execute the Registry-Registrar Two-Factor Authentication Service Agreement.

Business Component: There is no charge for the Registry-Registrar Two-Factor Authentication Service. It is enabled only for registrars that wish to take advantage of the added security provided by the service.

Security and Stability Concerns: Verisign is unaware of any impact, caused by the service, on throughput, response time, consistency, or coherence of the responses to Internet servers or end-user systems. The service is intended to enhance domain name security, resulting in increased confidence and trust by registrants.

ICANN Prior Approval: ICANN approved the same Two-Factor Authentication Service for Verisignʹs use on .com and .net on 10 July 2009 (RSEP Proposal 2009004) and for .name on 16 February 2011 (RSEP Proposal 2011001).

Unique to the TLD: This service is not provided in a manner unique to the .pictet TLD.

Demonstration of Technical & Operational Capability


24. Shared Registration System (SRS) Performance

24. Shared Registration System (SRS) Performance

24.1 Robust Plan for Operating a Reliable SRS

As mentioned in response to Question 18 (b) above, Pictet is a well-known financial institution operating around the world. Pictet has an extensive experience and expertise in managing complex information technology infrastructures in connection to its business relying on in-house and external resources.

Pictet doesnʹt aim to manage a domain name registry system. Pictet has chosen to rely on Verisign for the back-end registry operation of the applied-for ʺ.pictetʺ registry in accordance with the specific technical requirements imposed upon new gTLD registries. The response to this question describes the registry services for the ʺ.pictetʺ TLD as provided by Verisign.

24.1.1 High-Level Shared Registration System (SRS) System Description

Verisign, Pictetʹs selected provider of backend registry services, provides and operates a robust and reliable SRS that enables multiple registrars to provide domain name registration services in the top-level domain (TLD). Verisignʹs proven reliable SRS serves approximately 915 registrars, and Verisign, as a company, has averaged more than 140 million registration transactions per day. The SRS provides a scalable, fault-tolerant platform for the delivery of gTLDs through the use of a central customer database, a web interface, a standard provisioning protocol (i.e., Extensible Provisioning Protocol, EPP), and a transport protocol (i.e., Secure Sockets Layer, SSL).

The SRS components include:
- Web Interface: Allows customers to access the authoritative database for accounts, contacts, users, authorization groups, product catalog, product subscriptions, and customer notification messages.
- EPP Interface: Provides an interface to the SRS that enables registrars to use EPP to register and manage domains, hosts, and contacts.
- Authentication Provider: A Verisign developed application, specific to the SRS, that authenticates a user based on a login name, password, and the SSL certificate common name and client IP address.

The SRS is designed to be scalable and fault tolerant by incorporating clustering in multiple tiers of the platform. New nodes can be added to a cluster within a single tier to scale a specific tier, and if one node fails within a single tier, the services will still be available. The SRS allows registrars to manage the .pictet gTLD domain names in a single architecture.

To flexibly accommodate the scale of its transaction volumes, as well as new technologies, Verisign employs the following design practices:
- Scale for Growth: Scale to handle current volumes and projected growth.
- Scale for Peaks: Scale to twice base capacity to withstand ʺregistration add attacksʺ from a compromised registrar system.
- Limit Database CPU Utilization: Limit utilization to no more than 50 percent during peak loads.
- Limit Database Memory Utilization: Each userʹs login process that connects to the database allocates a small segment of memory to perform connection overhead, sorting, and data caching. Verisignʹs standards mandate that no more than 40 percent of the total available physical memory on the database server will be allocated for these functions.

Verisignʹs SRS is built upon a three-tier architecture as illustrated in Figure 24-1 and detailed here:
- Gateway Layer: The first tier, the gateway servers, uses EPP to communicate with registrars. These gateway servers then interact with application servers, which comprise the second tier.
- Application Layer: The application servers contain business logic for managing and maintaining the registry business. The business logic is particular to each TLDʹs business rules and requirements. The flexible internal design of the application servers allows Verisign to easily leverage existing business rules to apply to the .pictet gTLD. The application servers store Pictetʹs data in the registry database, which comprises the third and final tier. This simple, industry-standard design has been highly effective with other customers for whom Verisign provides backend registry services.
- Database Layer: The database is the heart of this architecture. It stores all the essential information provisioned from registrars through the gateway servers. Separate servers query the database, extract updated zone and Whois information, validate that information, and distribute it around the clock to Verisignʹs worldwide domain name resolution sites.

Scalability and Performance. Verisign, Pictetʹs selected backend registry services provider, implements its scalable SRS on a supportable infrastructure that achieves the availability requirements in Specification 10. Verisign employs the design patterns of simplicity and parallelism in both its software and systems, based on its experience that these factors contribute most significantly to scalability and reliable performance. Going counter to feature-rich development patterns, Verisign intentionally minimizes the number of lines of code between the end user and the data delivered. The result is a network of restorable components that provide rapid, accurate updates. Figure 24-2 depicts EPP traffic flows and local redundancy in Verisignʹs SRS provisioning architecture. As detailed in the figure, local redundancy is maintained for each layer as well as each piece of equipment. This built-in redundancy enhances operational performance while enabling the future system scaling necessary to meet additional demand created by this or future registry applications.

Besides improving scalability and reliability, local SRS redundancy enables Verisign to take down individual system components for maintenance and upgrades, with little to no performance impact. With Verisignʹs redundant design, Verisign can perform routine maintenance while the remainder of the system remains online and unaffected. For the .pictet gTLD registry, this flexibility minimizes unplanned downtime and provides a more consistent end-user experience.

24.1.2 Representative Network Diagrams

Figure 24-3 provides a summary network diagram of Pictetʹs selected backend registry services providerʹs (Verisignʹs) SRS. This configuration at both the primary and alternate-primary Verisign data centers provides a highly reliable backup capability. Data is continuously replicated between both sites to ensure failover to the alternate-primary site can be implemented expeditiously to support both planned and unplanned outages.

24.1.3 Number of Servers

As Pictetʹs selected provider of backend registry services, Verisign continually reviews its server deployments for all aspects of its registry service. Verisign evaluates usage based on peak performance objectives as well as current transaction volumes, which drive the quantity of servers in its implementations. Verisignʹs scaling is based on the following factors:

Server configuration is based on CPU, memory, disk IO, total disk, and network throughput projections.

Server quantity is determined through statistical modeling to fulfill overall performance objectives as defined by both the service availability and the server configuration.

To ensure continuity of operations for the .pictet gTLD, Verisign uses a minimum of 100 dedicated servers per SRS site. These servers are virtualized to meet demand.

24.1.4 Description of Interconnectivity with Other Registry Systems

Figure 24-4 provides a technical overview of the Pictetʹs selected backend registry services providerʹs (Verisignʹs) SRS, showing how the SRS component fits into this larger system and interconnects with other system components.

24.1.5 Frequency of Synchronization Between Servers

As Pictetʹs selected provider of backend registry services, Verisign uses synchronous replication to keep the Verisign SRS continuously in sync between the two data centers. This synchronization is performed in near-real time, thereby supporting rapid failover should a failure occur or a planned maintenance outage be required.

24.1.6 Synchronization Scheme

Verisign uses synchronous replication to keep the Verisign SRS continuously in sync between the two data centers. Because the alternate-primary site is continuously up, and built using an identical design to the primary data center, it is classified as a ʺhot standby.ʺ

24.2 Scalability and Performance Are Consistent with the overall business approach and planned size of the registry

Verisign is an experienced backend registry provider that has developed and uses proprietary system scaling models to guide the growth of its TLD supporting infrastructure. These models direct Verisignʹs infrastructure scaling to include, but not be limited to, server capacity, data storage volume, and network throughput that are aligned to projected demand and usage patterns. Verisign periodically updates these models to account for the adoption of more capable and cost-effective technologies.

Verisignʹs scaling models are proven predictors of needed capacity and related cost. As such, they provide the means to link the projected infrastructure needs of the .pictet gTLD with necessary implementation and sustainment cost. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its scaling models, Verisign derived the necessary infrastructure required to implement and sustain this gTLD. Verisignʹs pricing for the backend registry services it provides to Pictet fully accounts for cost related to this infrastructure, which is provided as ʺTotal Critical Registry Function Cash Outflowsʺ (Template 1, Line IIb.G) within the Question 46 financial projections response.

24.3 Technical plan that is adequately resourced in the planned costs detailed in the financial section

Verisign, the Pictetʹs selected provider of backend registry services, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. Verisign routinely adjusts these staffing models to account for new tools and process innovations. These models enable Verisign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, Verisign derived the necessary personnel levels required for this gTLDʹs initial implementation and ongoing maintenance. Verisignʹs pricing for the backend registry services provided to Pictet fully accounts for this personnel-related cost, which is provided as ʺTotal Critical Registry Function Cash Outflowsʺ (Template 1, Line IIb.G) within the Question 46 financial projections response.

Verisign employs more than 1,040 individuals of which more than 775 comprise its technical work force. (Current statistics are publicly available in Verisignʹs quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, Verisign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving Verisignʹs ability to align personnel resource growth to the scale increases of Verisignʹs TLD service offerings.

Verisign projects it will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support SRS performance:
- Application Engineers: 19
- Database Administrators: 8
- Database Engineers: 3
- Network Administrators: 11
- Network Architects: 4
- Project Managers: 25
- Quality Assurance Engineers: 11
- SRS System Administrators: 13
- Storage Administrators: 4
- Systems Architects: 9

To implement and manage the .pictet gTLD as described in this application, Verisign, Pictetʹs selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, Verisign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.

When usage projections indicate a need for additional staff, Verisignʹs internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, Verisign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as Verisign holds all contributing staff members accountable to the same procedures that guide its execution of the Internetʹs largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, Verisign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.

24.4 Evidence of Compliance with Specification 6 and 10 to the Registry Agreement

Section 1.2 (EPP) of Specification 6, Registry Interoperability and Continuity Specifications. Verisign, Pictetʹs selected backend registry services provider, provides these services using its SRS, which complies fully with Specification 6, Section 1.2 of the Registry Agreement. In using its SRS to provide backend registry services, Verisign implements and complies with relevant existing RFCs (i.e., 5730, 5731, 5732, 5733, 5734, and 5910) and intends to comply with RFCs that may be published in the future by the Internet Engineering Task Force (IETF), including successor standards, modifications, or additions thereto relating to the provisioning and management of domain names that use EPP. In addition, Verisignʹs SRS includes a Registry Grace Period (RGP) and thus complies with RFC 3915 and its successors. Details of the Verisign SRSʹ compliance with RFC SRS⁄EPP are provided in the response to Question 25, Extensible Provisioning Protocol. Verisign does not use functionality outside the base EPP RFCs, although proprietary EPP extensions are documented in Internet-Draft format following the guidelines described in RFC 3735 within the response to Question 25. Moreover, prior to deployment, Pictet will provide to ICANN updated documentation of all the EPP objects and extensions supported in accordance with Specification 6, Section 1.2.

Specification 10, EPP Registry Performance Specifications. Verisignʹs SRS meets all EPP Registry Performance Specifications detailed in Specification 10, Section 2. Evidence of this performance can be verified by a review of the .com and .net Registry Operatorʹs Monthly Reports, which Verisign files with ICANN. These reports detail Verisignʹs operational status of the .com and .net registries, which use an SRS design and approach comparable to the one proposed for the .pictet gTLD. These reports provide evidence of Verisignʹs ability to meet registry operation service level agreements (SLAs) comparable to those detailed in Specification 10. The reports are accessible at the following URL: http:⁄⁄www.icann.org⁄en⁄tlds⁄monthly-reports⁄.

In accordance with EPP Registry Performance Specifications detailed in Specification 10, Verisignʹs SRS meets the following performance attributes:
• EPP service availability: ≤ 864 minutes of downtime (≈98%)
• EPP session-command round trip time (RTT): ≤4000 milliseconds (ms), for at least 90 percent of the commands
• EPP query-command RTT: ≤2000 ms, for at least 90 percent of the commands
• EPP transform-command RTT: ≤4000 ms, for at least 90 percent of the commands

25. Extensible Provisioning Protocol (EPP)

25. Extensible Provisioning Protocol (EPP)

As mentioned in response to Question 18 (b) above, Pictet is a well-known financial institution operating around the world. Pictet has an extensive experience and expertise in managing complex information technology infrastructures in connection to its business relying on in-house and external resources.

Pictet doesnʹt aim to manage a domain name registry system. Pictet has chosen to rely on Verisign for the back-end registry operation of the applied-for ʺ.pictetʺ registry in accordance with the specific technical requirements imposed upon new gTLD registriesThe response to this question describes the registry services for the ʺ.pictetʺ TLD as provided by Verisign.

25.1 Complete knowledge and understanding of this aspect of registry technical requirements

Verisign, Pictetʹs selected backend registry services provider, has used Extensible Provisioning Protocol (EPP) since its inception and possesses complete knowledge and understanding of EPP registry systems. Its first EPP implementation— for a thick registry for the .name generic top-level domain (gTLD)—was in 2002. Since then Verisign has continued its RFC-compliant use of EPP in multiple TLDs, as detailed in Figure 25-1.

Verisignʹs understanding of EPP and its ability to implement code that complies with the applicable RFCs is unparalleled. Mr. Scott Hollenbeck, Verisignʹs director of software development, authored the Extensible Provisioning Protocol and continues to be fully engaged in its refinement and enhancement (U.S. Patent Number 7299299 – Shared registration system for registering domain names). Verisign has also developed numerous new object mappings and object extensions following the guidelines in RFC 3735 (Guidelines for Extending the Extensible Provisioning Protocol). Mr. James Gould, a principal engineer at Verisign, led and co-authored the most recent EPP Domain Name System Security Extensions (DNSSEC) RFC effort (RFC 5910).

All registry systems for which Verisign is the registry operator or provides backend registry services use EPP. Upon approval of this application, Verisign will use EPP to provide the backend registry services for this gTLD. The .com, .net, and .name registries for which Verisign is the registry operator use an SRS design and approach comparable to the one proposed for this gTLD. Approximately 915 registrars use the Verisign EPP service, and the registry system performs more than 140 million EPP transactions daily without performance issues or restrictive maintenance windows. The processing time service level agreement (SLA) requirements for the Verisign-operated .net gTLD are the strictest of the current Verisign managed gTLDs. All processing times for Verisign-operated gTLDs can be found in ICANNʹs Registry Operatorʹs Monthly Reports at http:⁄⁄www.icann.org⁄en⁄tlds⁄monthly-reports⁄.

Verisign has also been active on the Internet Engineering Task Force (IETF) Provisioning Registry Protocol (provreg) working group and mailing list since work started on the EPP protocol in 2000. This working group provided a forum for members of the Internet community to comment on Mr. Scott Hollenbeckʹs initial EPP drafts, which Mr. Hollenbeck refined based on input and discussions with representatives from registries, registrars, and other interested parties. The working group has since concluded, but the mailing list is still active to enable discussion of different aspects of EPP.

25.1.1 EPP Interface with Registrars

Verisign, Pictetʹs selected backend registry services provider, fully supports the features defined in the EPP specifications and provides a set of software development kits (SDK) and tools to help registrars build secure and stable interfaces. Verisignʹs SDKs give registrars the option of either fully writing their own EPP client software to integrate with the Shared Registration System (SRS), or using the Verisign-provided SDKs to aid them in the integration effort. Registrars can download the Verisign EPP SDKs and tools from the registrar website (http:⁄⁄www.Verisign.com⁄domain-name-services⁄current-registrars⁄epp-sdk⁄index.html).

The EPP SDKs provide a host of features including connection pooling, Secure Sockets Layer (SSL), and a test server (stub server) to run EPP tests against. One tool—the EPP tool—provides a web interface for creating EPP Extensible Markup Language (XML) commands and sending them to a configurable set of target servers. This helps registrars in creating the template XML and testing a variety of test cases against the EPP servers. An Operational Test and Evaluation (OT&E) environment, which runs the same software as the production system so approved registrars can integrate and test their software before moving into a live production environment, is also available.

25.2 Technical plan scope⁄scale consistent with the overall business approach and planned size of the registry

Verisign, Pictetʹs selected backend registry services provider, is an experienced backend registry provider that has developed and uses proprietary system scaling models to guide the growth of its TLD supporting infrastructure. These models direct Verisignʹs infrastructure scaling to include, but not be limited to, server capacity, data storage volume, and network throughput that are aligned to projected demand and usage patterns. Verisign periodically updates these models to account for the adoption of more capable and cost-effective technologies.

Verisignʹs scaling models are proven predictors of needed capacity and related cost. As such, they provide the means to link the projected infrastructure needs of the .pictet gTLD with necessary implementation and sustainment cost. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its scaling models, Verisign derived the necessary infrastructure required to implement and sustain this gTLD. Verisignʹs pricing for the backend registry services it provides to Pictet fully accounts for cost related to this infrastructure, which is provided as ʺTotal Critical Registry Function Cash Outflowsʺ (Template 1, Line IIb.G) within the Question 46 financial projections response.

25.3 Technical plan that is adequately resourced in the planned costs detailed in the financial section

Verisign, Pictetʹs selected backend registry services provider, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. Verisign routinely adjusts these staffing models to account for new tools and process innovations. These models enable Verisign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, Verisign derived the necessary personnel levels required for this gTLDʹs initial implementation and ongoing maintenance. Verisignʹs pricing for the backend registry services it provides to Pictet fully accounts for cost related to this infrastructure, which is provided as ʺTotal Critical Registry Function Cash Outflowsʺ (Template 1, Line IIb.G) within the Question 46 financial projections response.

Verisign employs more than 1,040 individuals of which more than 775 comprise its technical work force. (Current statistics are publicly available in Verisignʹs quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, Verisign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving Verisignʹs ability to align personnel resource growth to the scale increases of Verisignʹs TLD service offerings.

Verisign projects it will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support the provisioning of EPP services:
• Application Engineers: 19
• Database Engineers: 3
• Quality Assurance Engineers: 11

To implement and manage the .pictet gTLD as described in this application, Verisign, Pictetʹs selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, Verisign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.

When usage projections indicate a need for additional staff, Verisignʹs internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, Verisign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed TLD, as Verisign holds all contributing staff members accountable to the same procedures that guide its execution of the Internetʹs largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, Verisign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.

25.4 Ability to comply with Relevant RFCs

Verisign, Pictetʹs selected backend registry services provider, incorporates design reviews, code reviews, and peer reviews into its software development lifecycle (SDLC) to ensure compliance with the relevant RFCs. Verisignʹs dedicated QA team creates extensive test plans and issues internal certifications when it has confirmed the accuracy of the code in relation to the RFC requirements. Verisignʹs QA organization is independent from the development team within engineering. This separation helps Verisign ensure adopted processes and procedures are followed, further ensuring that all software releases fully consider the security and stability of the TLD.

For the .pictet gTLD, the Shared Registration System (SRS) complies with the following IETF EPP specifications, where the XML templates and XML schemas are defined in the following specifications:
• EPP RGP 3915 (http:⁄⁄www.apps.ietf.org⁄rfc⁄rfc3915.html): EPP Redemption Grace Period (RGP) Mapping specification for support of RGP statuses and support of Restore Request and Restore Report (authored by Verisignʹs Scott Hollenbeck)
• EPP 5730 (http:⁄⁄tools.ietf.org⁄html⁄rfc5730): Base EPP specification (authored by Verisignʹs Scott Hollenbeck)
• EPP Domain 5731 (http:⁄⁄tools.ietf.org⁄html⁄rfc5731): EPP Domain Name Mapping specification (authored by Verisignʹs Scott Hollenbeck)
• EPP Host 5732 (http:⁄⁄tools.ietf.org⁄html⁄rfc5732): EPP Host Mapping specification (authored by Verisignʹs Scott Hollenbeck)
• EPP Contact 5733 (http:⁄⁄tools.ietf.org⁄html⁄rfc5733): EPP Contact Mapping specification (authored by Verisignʹs Scott Hollenbeck)
• EPP TCP 5734 (http:⁄⁄tools.ietf.org⁄html⁄rfc5734): EPP Transport over Transmission Control Protocol (TCP) specification (authored by Verisignʹs Scott Hollenbeck)
• EPP DNSSEC 5910 (http:⁄⁄tools.ietf.org⁄html⁄rfc5910): EPP Domain Name System Security Extensions (DNSSEC) Mapping specification (authored by Verisignʹs James Gould and Scott Hollenbeck)

25.5 Proprietary EPP Extensions

Verisign, Pictetʹs selected backend registry services provider, uses its SRS to provide registry services. The SRS supports the following EPP specifications, which Verisign developed following the guidelines in RFC 3735, where the XML templates and XML schemas are defined in the specifications:
• IDN Language Tag (http:⁄⁄www.verisigninc.com⁄assets⁄idn-language-tag.pdf): EPP internationalized domain names (IDN) language tag extension used for IDN domain name registrations
• RGP Poll Mapping (http:⁄⁄www.verisigninc.com⁄assets⁄whois-info-extension.pdf): EPP mapping for an EPP poll message in support of Restore Request and Restore Report
• Whois Info Extension (http:⁄⁄www.verisigninc.com⁄assets⁄whois-info-extension.pdf): EPP extension for returning additional information needed for transfers
• EPP ConsoliDate Mapping (http:⁄⁄www.verisigninc.com⁄assets⁄consolidate-mapping.txt): EPP mapping to support a Domain Sync operation for synchronizing domain name expiration dates
• NameStore Extension (http:⁄⁄www.verisigninc.com⁄assets⁄namestore-extension.pdf): EPP extension for routing with an EPP intelligent gateway to a pluggable set of backend products and services
• Low Balance Mapping (http:⁄⁄www.verisigninc.com⁄assets⁄low-balance-mapping.pdf): EPP mapping to support low balance poll messages that proactively notify registrars of a low balance (available credit) condition

As part of the 2006 implementation report to bring the EPP RFC documents from Proposed Standard status to Draft Standard status, an implementation test matrix was completed. Two independently developed EPP client implementations based on the RFCs were tested against the Verisign EPP server for the domain, host, and contact transactions. No compliance-related issues were identified during this test, providing evidence that these extensions comply with RFC 3735 guidelines and further demonstrating Verisignʹs ability to design, test, and deploy an RFC-compliant EPP implementation.

25.5.1 EPP Templates and Schemas

The EPP XML schemas are formal descriptions of the EPP XML templates. They are used to express the set of rules to which the EPP templates must conform in order to be considered valid by the schema. The EPP schemas define the building blocks of the EPP templates, describing the format of the data and the different EPP commandsʹ request and response formats. The current EPP implementations managed by Verisign, Pictetʹs selected backend registry services provider, use these EPP templates and schemas, as will the proposed TLD. For each proprietary XML template⁄schema Verisign provides a reference to the applicable template and includes the schema.

XML templates⁄schema for idnLang-1.0
• Template: The templates for idnLang-1.0 can be found in Chapter 3, EPP Command Mapping of the relevant EPP documentation, http:⁄⁄www.verisigninc.com⁄assets⁄idn-language-tag.pdf.
• Schema: This schema describes the extension mapping for the IDN language tag. The mapping extends the EPP domain name mapping to provide additional features required for the provisioning of IDN domain name registrations.

〈?xml version=ʺ1.0ʺ encoding=ʺUTF-8ʺ?〉

〈schema targetNamespace=ʺhttp:⁄⁄www.Verisign.com⁄epp⁄idnLang-1.0ʺ
xmlns:idnLang=ʺhttp:⁄⁄www.Verisign.com⁄epp⁄idnLang-1.0ʺ
xmlns=ʺhttp:⁄⁄www.w3.org⁄2001⁄XMLSchemaʺ
elementFormDefault=ʺqualifiedʺ〉

〈annotation〉
〈documentation〉
Extensible Provisioning Protocol v1.0 domain name
extension schema for IDN Lang Tag.
〈⁄documentation〉
〈⁄annotation〉

〈!--
Child elements found in EPP commands.
--〉
〈element name=ʺtagʺ type=ʺlanguageʺ⁄〉

〈!--
End of schema.
--〉
〈⁄schema〉


XML templates⁄schema for rgp-poll-1.0
• Template: The templates for rgp-poll-1.0 can be found in Chapter 3, EPP Command Mapping of the relevant EPP documentation, http:⁄⁄www.verisigninc.com⁄assets⁄rgp-poll-mapping.pdf.
• Schema: This schema describes the extension mapping for poll notifications. The mapping extends the EPP base mapping to provide additional features for registry grace period (RGP) poll notifications.

〈?xml version=ʺ1.0ʺ encoding=ʺUTF-8ʺ?〉

〈schema targetNamespace=ʺhttp:⁄⁄www.Verisign.com⁄epp⁄rgp-poll-1.0ʺ
xmlns:rgp-poll=ʺhttp:⁄⁄www.Verisign.com⁄epp⁄rgp-poll-1.0ʺ
xmlns:eppcom=ʺurn:ietf:params:xml:ns:eppcom-1.0ʺ
xmlns:rgp=ʺurn:ietf:params:xml:ns:rgp-1.0ʺ
xmlns=ʺhttp:⁄⁄www.w3.org⁄2001⁄XMLSchemaʺ
elementFormDefault=ʺqualifiedʺ〉

〈!--
Import common element types.
--〉
〈import namespace=ʺurn:ietf:params:xml:ns:eppcom-1.0ʺ
schemaLocation=ʺeppcom-1.0.xsdʺ⁄〉
〈import namespace=ʺurn:ietf:params:xml:ns:rgp-1.0ʺ
schemaLocation=ʺrgp-1.0.xsdʺ⁄〉

〈annotation〉
〈documentation〉
Extensible Provisioning Protocol v1.0
Verisign poll notification specification for registry grace period
poll notifications.
〈⁄documentation〉
〈⁄annotation〉

〈!--
Child elements found in EPP commands.
--〉
〈element name=ʺpollDataʺ type=ʺrgp-poll:pollDataTypeʺ⁄〉

〈!--
Child elements of the 〈notifyData〉 element for the
redemption grace period.
--〉
〈complexType name=ʺpollDataTypeʺ〉
〈sequence〉
〈element name=ʺnameʺ type=ʺeppcom:labelTypeʺ⁄〉
〈element name=ʺrgpStatusʺ type=ʺrgp:statusTypeʺ⁄〉
〈element name=ʺreqDateʺ type=ʺdateTimeʺ⁄〉
〈element name=ʺreportDueDateʺ type=ʺdateTimeʺ⁄〉
〈⁄sequence〉
〈⁄complexType〉

!--
End of schema.
--〉
〈⁄schema〉


XML templates⁄schema for whoisInf-1.0
• Template: The templates for whoisInf-1.0 can be found in Chapter 3, EPP Command Mapping of the relevant EPP documentation, http:⁄⁄www.verisigninc.com⁄assets⁄whois-info-extension.pdf.
• Schema: This schema describes the extension mapping for the Whois Info extension. The mapping extends the EPP domain name mapping to provide additional features for returning additional information needed for transfers.

〈?xml version=ʺ1.0ʺ encoding=ʺUTF-8ʺ?〉

〈schema targetNamespace=ʺhttp:⁄⁄www.Verisign.com⁄epp⁄whoisInf-1.0ʺ
xmlns:whoisInf=ʺhttp:⁄⁄www.Verisign.com⁄epp⁄whoisInf-1.0ʺ
xmlns:eppcom=ʺurn:ietf:params:xml:ns:eppcom-1.0ʺ
xmlns=ʺhttp:⁄⁄www.w3.org⁄2001⁄XMLSchemaʺ
elementFormDefault=ʺqualifiedʺ〉

〈import namespace=ʺurn:ietf:params:xml:ns:eppcom-1.0ʺ
schemaLocation=ʺeppcom-1.0.xsdʺ⁄〉

〈annotation〉
〈documentation〉
Extensible Provisioning Protocol v1.0
extension schema for Whois Info
〈⁄documentation〉
〈⁄annotation〉

〈!--
Possible Whois Info extension root elements.
--〉
〈element name=ʺwhoisInfʺ type=ʺwhoisInf:whoisInfTypeʺ⁄〉
〈element name=ʺwhoisInfDataʺ type=ʺwhoisInf:whoisInfDataTypeʺ⁄〉

〈!--
Child elements for the 〈whoisInf〉 extension which
is used as an extension to an info command.
--〉
〈complexType name=ʺwhoisInfTypeʺ〉
〈sequence〉
〈element name=ʺflagʺ type=ʺbooleanʺ⁄〉
〈⁄sequence〉
〈⁄complexType〉

〈!--
Child elements for the 〈whoisInfData〉 extension which
is used as an extension to the info response.
--〉
〈complexType name=ʺwhoisInfDataTypeʺ〉
〈sequence〉
〈element name=ʺregistrarʺ type=ʺstringʺ⁄〉
〈element name=ʺwhoisServerʺ type=ʺeppcom:labelTypeʺ
minOccurs=ʺ0ʺ⁄〉
〈element name=ʺurlʺ type=ʺtokenʺ minOccurs=ʺ0ʺ⁄〉
〈element name=ʺirisServerʺ type=ʺeppcom:labelTypeʺ
minOccurs=ʺ0ʺ⁄〉
〈⁄sequence〉
〈⁄complexType〉

〈⁄schema〉


XML templates⁄schema for sync-1.0 (consoliDate)
• Template: The templates for sync-1.0 can be found in Chapter 3, EPP Command Mapping of the relevant EPP documentation, http:⁄⁄www.verisigninc.com⁄assets⁄consolidate-mapping.txt.
• Schema: This schema describes the extension mapping for the synchronization of domain name registration period expiration dates. This service is known as ʺConsoliDate.ʺ The mapping extends the EPP domain name mapping to provide features that allow a protocol client to end a domain name registration period on a specific month and day.


〈?xml version=ʺ1.0ʺ encoding=ʺUTF-8ʺ?〉

〈schema targetNamespace=ʺhttp:⁄⁄www.Verisign.com⁄epp⁄sync-1.0ʺ
xmlns:sync=ʺhttp:⁄⁄www.Verisign.com⁄epp⁄sync-1.0ʺ
xmlns=ʺhttp:⁄⁄www.w3.org⁄2001⁄XMLSchemaʺ
elementFormDefault=ʺqualifiedʺ〉

〈annotation〉
〈documentation〉
Extensible Provisioning Protocol v1.0 domain name
extension schema for expiration date synchronization.
〈⁄documentation〉
〈⁄annotation〉

〈!--
Child elements found in EPP commands.
--〉
〈element name=ʺupdateʺ type=ʺsync:updateTypeʺ⁄〉

〈!--
Child elements of the 〈update〉 command.
--〉
〈complexType name=ʺupdateTypeʺ〉
〈sequence〉
〈element name=ʺexpMonthDayʺ type=ʺgMonthDayʺ⁄〉
〈⁄sequence〉
〈⁄complexType〉

〈!--
End of schema.
--〉
〈⁄schema〉


XML templates⁄schema for namestoreExt-1.1
• Template: The templates for namestoreExt-1.1 can be found in Chapter 3, EPP Command Mapping of the relevant EPP documentation, http:⁄⁄www.verisigninc.com⁄assets⁄namestore-extension.pdf.
• Schema: This schema describes the extension mapping for the routing with an EPP intelligent gateway to a pluggable set of backend products and services. The mapping extends the EPP domain name and host mapping to provide a sub-product identifier to identify the target sub-product that the EPP operation is intended for.

〈?xml version=ʺ1.0ʺ encoding=ʺUTF-8ʺ?〉

〈schema targetNamespace=ʺhttp:⁄⁄www.Verisign-grs.com⁄epp⁄namestoreExt-1.1ʺ
xmlns=ʺhttp:⁄⁄www.w3.org⁄2001⁄XMLSchemaʺ
xmlns:namestoreExt=ʺhttp:⁄⁄www.Verisign-grs.com⁄epp⁄namestoreExt-1.1ʺ
elementFormDefault=ʺqualifiedʺ〉

〈annotation〉
〈documentation〉
Extensible Provisioning Protocol v1.0 Namestore extension schema
for destination registry routing.
〈⁄documentation〉
〈⁄annotation〉

〈!-- General Data types. --〉
〈simpleType name=ʺsubProductTypeʺ〉
〈restriction base=ʺtokenʺ〉
〈minLength value=ʺ1ʺ⁄〉
〈maxLength value=ʺ64ʺ⁄〉
〈⁄restriction〉
〈⁄simpleType〉

〈complexType name=ʺextAnyTypeʺ〉
〈sequence〉
〈any namespace=ʺ##otherʺ maxOccurs=ʺunboundedʺ⁄〉
〈⁄sequence〉
〈⁄complexType〉

〈!-- Child elements found in EPP commands and responses. --〉
〈element name=ʺnamestoreExtʺ type=ʺnamestoreExt:namestoreExtTypeʺ⁄〉

〈!-- Child elements of the 〈product〉 command. --〉
〈complexType name=ʺnamestoreExtTypeʺ〉
〈sequence〉
〈element name=ʺsubProductʺ
type=ʺnamestoreExt:subProductTypeʺ⁄〉
〈⁄sequence〉
〈⁄complexType〉

〈!-- Child response elements. --〉
〈element name=ʺnsExtErrDataʺ type=ʺnamestoreExt:nsExtErrDataTypeʺ⁄〉

〈!-- 〈prdErrData〉 error response elements. --〉
〈complexType name=ʺnsExtErrDataTypeʺ〉
〈sequence〉
〈element name=ʺmsgʺ type=ʺnamestoreExt:msgTypeʺ⁄〉
〈⁄sequence〉
〈⁄complexType〉

〈!-- 〈prdErrData〉 〈msg〉 element. --〉
〈complexType name=ʺmsgTypeʺ〉
〈simpleContent〉
〈extension base=ʺnormalizedStringʺ〉
〈attribute name=ʺcodeʺ
type=ʺnamestoreExt:prdErrCodeTypeʺ use=ʺrequiredʺ⁄〉
〈attribute name=ʺlangʺ type=ʺlanguageʺ default=ʺenʺ⁄〉
〈⁄extension〉
〈⁄simpleContent〉
〈⁄complexType〉

〈!-- 〈prdErrData〉 error response codes. --〉
〈simpleType name=ʺprdErrCodeTypeʺ〉
〈restriction base=ʺunsignedShortʺ〉
〈enumeration value=ʺ1ʺ⁄〉
〈⁄restriction〉
〈⁄simpleType〉

〈!-- End of schema. --〉
〈⁄schema〉

XML templates⁄schema for lowbalance-poll-1.0
• Template: The templates for lowbalance-poll-1.0 can be found in Chapter 3, EPP Command Mapping of the relevant EPP documentation, http:⁄⁄www.verisigninc.com⁄assets⁄low-balance-mapping.pdf.
• Schema: This schema describes the extension mapping for the account low balance notification. The mapping extends the EPP base mapping so an account holder can be notified via EPP poll messages whenever the available credit for an account reaches or goes below the credit threshold.

〈?xml version=ʺ1.0ʺ encoding=ʺUTF-8ʺ?〉

〈schema targetNamespace=ʺhttp:⁄⁄www.Verisign.com⁄epp⁄lowbalance-poll-1.0ʺ
xmlns:lowbalance-poll=ʺhttp:⁄⁄www.Verisign.com⁄epp⁄lowbalance-poll-1.0ʺ
xmlns:eppcom=ʺurn:ietf:params:xml:ns:eppcom-1.0ʺ
xmlns=ʺhttp:⁄⁄www.w3.org⁄2001⁄XMLSchemaʺ
elementFormDefault=ʺqualifiedʺ〉

〈!-- Import common element types.--〉
〈import namespace=ʺurn:ietf:params:xml:ns:eppcom-1.0ʺ
schemaLocation=ʺeppcom-1.0.xsdʺ⁄〉

〈annotation〉
〈documentation〉
Extensible Provisioning Protocol v1.0
Verisign poll notification specification for low balance notifications.
〈⁄documentation〉
〈⁄annotation〉

〈!--Child elements found in EPP commands.--〉
〈element name=ʺpollDataʺ type=ʺlowbalance-poll:pollDataTypeʺ⁄〉

〈!--Child elements of the 〈notifyData〉 element for the low balance.--〉
〈complexType name=ʺpollDataTypeʺ〉
〈sequence〉
〈element name=ʺregistrarNameʺ type=ʺeppcom:labelTypeʺ⁄〉
〈element name=ʺcreditLimitʺ type=ʺnormalizedStringʺ⁄〉
〈element name=ʺcreditThresholdʺ
type=ʺlowbalance-poll:thresholdTypeʺ⁄〉
〈element name=ʺavailableCreditʺ type=ʺnormalizedStringʺ⁄〉
〈⁄sequence〉
〈⁄complexType〉

〈complexType name=ʺthresholdTypeʺ〉
〈simpleContent〉
〈extension base=ʺnormalizedStringʺ〉
〈attribute name=ʺtypeʺ
type=ʺlowbalance-poll:thresholdValueTypeʺ
use=ʺrequiredʺ⁄〉
〈⁄extension〉
〈⁄simpleContent〉
〈⁄complexType〉

〈simpleType name=ʺthresholdValueTypeʺ〉
〈restriction base=ʺtokenʺ〉
〈enumeration value=ʺFIXEDʺ⁄〉
〈enumeration value=ʺPERCENTʺ⁄〉
〈⁄restriction〉
〈⁄simpleType〉

〈!-- End of schema.--〉
〈⁄schema〉

25.6 Proprietary EPP Extension Consistency with Registration Lifecycle

Pictetʹs selected backend registry services providerʹs (Verisignʹs) proprietary EPP extensions, defined in Section 5 above, are consistent with the registration lifecycle documented in the response to Question 27, Registration Lifecycle. Details of the registration lifecycle are presented in that response. As new registry features are required, Verisign develops proprietary EPP extensions to address new operational requirements. Consistent with ICANN procedures Verisign adheres to all applicable Registry Services Evaluation Process (RSEP) procedures.

26. Whois

26. Whois

Pictet doesn’t aim to become a registry and has chosen to rely on Verisign for the back-end registry operation of the applied-for ʺ.pictetʺ . The response to this question describes the registry services for the ʺ.pictetʺ TLD as provided by Verisign.

26.1 Complete knowledge and understanding of this aspect of registry technical requirements

Verisign, Pictetʹs selected backend registry services provider, has operated the Whois lookup service for the gTLDs and ccTLDs it manages since 1991, and will provide these proven services for the .pictet gTLD registry. In addition, it continues to work with the Internet community to improve the utility of Whois data, while thwarting its application for abusive uses.

26.1.1 High-Level Whois System Description

Like all other components of Pictetʹs selected backend registry services providerʹs (Verisignʹs) registry service, Verisignʹs Whois system is designed and built for both reliability and performance in full compliance with applicable RFCs. Verisignʹs current Whois implementation has answered more than five billion Whois queries per month for the TLDs it manages, and has experienced more than 250,000 queries per minute in peak conditions. The proposed gTLD uses a Whois system design and approach that is comparable to the current implementation. Independent quality control testing ensures Verisignʹs Whois service is RFC-compliant through all phases of its lifecycle.

Verisignʹs redundant Whois databases further contribute to overall system availability and reliability. The hardware and software for its Whois service is architected to scale both horizontally (by adding more servers) and vertically (by adding more CPUs and memory to existing servers) to meet future need.

Verisign can fine-tune access to its Whois database on an individual Internet Protocol (IP) address basis, and it works with registrars to help ensure their services are not limited by any restriction placed on Whois. Verisign provides near real-time updates for Whois services for the TLDs under its management. As information is updated in the registration database, it is propagated to the Whois servers for quick publication. These updates align with the near real-time publication of Domain Name System (DNS) information as it is updated in the registration database. This capability is important for the .pictet gTLD registry as it is Verisignʹs experience that when DNS data is updated in near real time, so should Whois data be updated to reflect the registration specifics of those domain names.

Verisignʹs Whois response time has been less than 500 milliseconds for 95 percent of all Whois queries in .com, .net, .tv, and .cc. The response time in these TLDs, combined with Verisignʹs capacity, enables the Whois system to respond to up to 30,000 searches (or queries) per second for a total capacity of 2.6 billion queries per day.

The Whois software written by Verisign complies with RFC 3912. Verisign uses an advanced in-memory database technology to provide exceptional overall system performance and security. In accordance with RFC 3912, Verisign provides a website at whois.nic.〈TLD〉 that provides free public query-based access to the registration data.

Verisign currently operates both thin and thick Whois systems.

Verisign commits to implementing a RESTful Whois service upon finalization of agreements with the IETF (Internet Engineering Task Force).

Provided Functionalities for User Interface

To use the Whois service via port 43, the user enters the applicable parameter on the command line as illustrated here:
• For domain name: whois EXAMPLE.TLD
• For registrar: whois ʺregistrar Example Registrar, Inc.ʺ
• For name server: whois ʺNS1.EXAMPLE.TLDʺ or whois ʺname server (IP address)ʺ

To use the Whois service via the web-based directory service search interface:
• Go to http:⁄⁄whois.nic.〈TLD〉
• Click on the appropriate button (Domain, Registrar, or Name Server)
• Enter the applicable parameter:
• Domain name, including the TLD (e.g., EXAMPLE.TLD)
• Full name of the registrar, including punctuation (e.g., Example Registrar, Inc.)
• Full host name or the IP address (e.g., NS1.EXAMPLE.TLD or 198.41.3.39)
• Click on the Submit button.

Provisions to Ensure That Access Is Limited to Legitimate Authorized Users and Is in Compliance with Applicable Privacy Laws or Policies

To further promote reliable and secure Whois operations, Verisign, Pictetʹs selected backend registry services provider, has implemented rate-limiting characteristics within the Whois service software. For example, to prevent data mining or other abusive behavior, the service can throttle a specific requestor if the query rate exceeds a configurable threshold. In addition, QoS technology enables rate limiting of queries before they reach the servers, which helps protect against denial of service (DoS) and distributed denial of service (DDoS) attacks.

Verisignʹs software also permits restrictions on search capabilities. For example, wild card searches can be disabled. If needed, it is possible to temporarily restrict and⁄or block requests coming from specific IP addresses for a configurable amount of time. Additional features that are configurable in the Whois software include help files, headers and footers for Whois query responses, statistics, and methods to memory map the database. Furthermore, Verisign is European Union (EU) Safe Harbor certified and has worked with European data protection authorities to address applicable privacy laws by developing a tiered Whois access structure that requires users who require access to more extensive data to (i) identify themselves, (ii) confirm that their use is for a specified purpose and (iii) enter into an agreement governing their use of the more extensive Whois data.

26.1.2 Relevant Network Diagrams

Figure ‎26-1 provides a summary network diagram of the Whois service provided by Verisign, Pictetʹs selected backend registry services provider. The figure details the configuration with one resolution⁄Whois site. For the .pictet gTLD Verisign provides Whois service from 6 of its 17 primary sites based on the proposed gTLDʹs traffic volume and patterns. A functionally equivalent resolution architecture configuration exists at each Whois site.

26.1.3 IT and Infrastructure Resources

Figure ‎26-2 summarizes the IT and infrastructure resources that Verisign, Pictetʹs selected backend registry services provider, uses to provision Whois services from Verisign primary resolution sites. As needed, virtual machines are created based on actual and projected demand.

26.1.4 Description of Interconnectivity with Other Registry Systems

Figure ‎26-3 provides a technical overview of the registry system provided by Verisign, Pictetʹs selected backend registry services provider, and shows how the Whois service component fits into this larger system and interconnects with other system components.

26.1.5 Frequency of Synchronization Between Servers

Synchronization between the SRS and the geographically distributed Whois resolution sites occurs approximately every three minutes. Verisign, Pictetʹs selected backend registry services provider, uses a two-part Whois update process to ensure Whois data is accurate and available. Every 12 hours an initial file is distributed to each resolution site. This file is a complete copy of all Whois data fields associated with each domain name under management. As interactions with the SRS cause the Whois data to be changed, these incremental changes are distributed to the resolution sites as an incremental file update. This incremental update occurs approximately every three minutes. When the new 12-hour full update is distributed, this file includes all past incremental updates. Verisignʹs approach to frequency of synchronization between servers meets the Performance Specifications defined in Specification 10 of the Registry Agreement for new gTLDs.

26.2 Technical plan scope⁄scale consistent with the overall business approach and planned size of the registry

Verisign, Pictetʹs selected backend registry services provider, is an experienced backend registry provider that has developed and uses proprietary system scaling models to guide the growth of its TLD supporting infrastructure. These models direct Verisignʹs infrastructure scaling to include, but not be limited to, server capacity, data storage volume, and network throughput that are aligned to projected demand and usage patterns. Verisign periodically updates these models to account for the adoption of more capable and cost-effective technologies.

Verisignʹs scaling models are proven predictors of needed capacity and related cost. As such, they provide the means to link the projected infrastructure needs of the .pictet gTLD with necessary implementation and sustainment cost. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its scaling models, Verisign derived the necessary infrastructure required to implement and sustain this gTLD. Verisignʹs pricing for the backend registry services it provides to Pictet fully accounts for cost related to this infrastructure, which is provided as ʺTotal Critical Registry Function Cash Outflowsʺ (Template 1, Line IIb.G) within the Question 46 financial projections response.

26.3 Technical plan that is adequately resourced in the planned costs detailed in the financial section

Verisign, Pictetʹs selected backend registry services provider, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. Verisign routinely adjusts these staffing models to account for new tools and process innovations. These models enable Verisign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, Verisign derived the necessary personnel levels required for this gTLDʹs initial implementation and ongoing maintenance. Verisignʹs pricing for the backend registry services it provides to Pictet fully accounts for cost related to this infrastructure, which is provided as ʺTotal Critical Registry Function Cash Outflowsʺ (Template 1, Line IIb.G) within the Question 46 financial projections response.

Verisign employs more than 1,040 individuals of which more than 775 comprise its technical work force. (Current statistics are publicly available in Verisignʹs quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, Verisign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving Verisignʹs ability to align personnel resource growth to the scale increases of Verisignʹs TLD service offerings.

Verisign projects it will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support Whois services:
• Application Engineers: 19
• Database Engineers: 3
• Quality Assurance Engineers: 11

To implement and manage the .pictet gTLD as described in this application, Verisign, Pictetʹs selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, Verisign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.

When usage projections indicate a need for additional staff, Verisignʹs internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, Verisign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as Verisign holds all contributing staff members accountable to the same procedures that guide its execution of the Internetʹs largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, Verisign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.

26.4 Compliance with Relevant RFC

Pictetʹs selected backend registry services providerʹs (Verisignʹs) Whois service complies with the data formats defined in Specification 4 of the Registry Agreement. Verisign will provision Whois services for registered domain names and associated data in the top-level domain (TLD). Verisignʹs Whois services are accessible over Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6), via both Transmission Control Protocol (TCP) port 43 and a web-based directory service at whois.nic.〈TLD〉, which in accordance with RFC 3912, provides free public query-based access to domain name, registrar, and name server lookups. Verisignʹs proposed Whois system meets all requirements as defined by ICANN for each registry under Verisign management. Evidence of this successful implementation, and thus compliance with the applicable RFCs, can be verified by a review of the .com and .net Registry Operatorʹs Monthly Reports that Verisign files with ICANN. These reports provide evidence of Verisignʹs ability to meet registry operation service level agreements (SLAs) comparable to those detailed in Specification 10. The reports are accessible at the following URL: http:⁄⁄www.icann.org⁄en⁄tlds⁄monthly-reports⁄.

26.5 Compliance with Specifications 4 and 10 of Registry Agreement

In accordance with Specification 4, Verisign, Pictetʹs selected backend registry services provider, provides a Whois service that is available via both port 43 in accordance with RFC 3912, and a web-based directory service at whois.nic.〈TLD〉 also in accordance with RFC 3912, thereby providing free public query-based access. Verisign acknowledges that ICANN reserves the right to specify alternative formats and protocols, and upon such specification, Verisign will implement such alternative specification as soon as reasonably practicable.

The format of the following data fields conforms to the mappings specified in Extensible Provisioning Protocol (EPP) RFCs 5730 – 5734 so the display of this information (or values returned in Whois responses) can be uniformly processed and understood: domain name status, individual and organizational names, address, street, city, state⁄province, postal code, country, telephone and fax numbers, email addresses, date, and times.

Specifications for data objects, bulk access, and lookups comply with Specification 4 and are detailed in the following subsections, provided in both bulk access and lookup modes.

Bulk Access Mode. This data is provided on a daily schedule to a party designated from time to time in writing by ICANN. The specification of the content and format of this data, and the procedures for providing access, shall be as stated below, until revised in the ICANN Registry Agreement.

The data is provided in three files:
• Domain Name File: For each domain name, the file provides the domain name, server name for each name server, registrar ID, and updated date.
• Name Server File: For each registered name server, the file provides the server name, each IP address, registrar ID, and updated date.
• Registrar File: For each registrar, the following data elements are provided: registrar ID, registrar address, registrar telephone number, registrar email address, Whois server, referral URL, updated date, and the name, telephone number, and email address of all the registrarʹs administrative, billing, and technical contacts.

Lookup Mode. Figures ‎26-4 through Figure ‎26-6 provide the query and response format for domain name, registrar, and name server data objects.

26.5.1 Specification 10, RDDS Registry Performance Specifications

The Whois service meets all registration data directory services (RDDS) registry performance specifications detailed in Specification 10, Section 2. Evidence of this performance can be verified by a review of the .com and .net Registry Operatorʹs Monthly Reports that Verisign files monthly with ICANN. These reports are accessible from the ICANN website at the following URL: http:⁄⁄www.icann.org⁄en⁄tlds⁄monthly-reports⁄.

In accordance with RDDS registry performance specifications detailed in Specification 10, Verisignʹs Whois service meets the following proven performance attributes:
• RDDS availability: 〈864 min of downtime (about 98%)
• RDDS query RTT: 〈2000 ms, for at least 95% of the queries
• RDDS update time: 〈60 min, for at least 95% of the probes

26.5.2 Searchable WhoIS

Verisign, Pictetʹs selected backend registry services provider, provides a searchable Whois service for the .pictet gTLD. Verisign has experience in providing tiered access to Whois for the .name registry, and uses these methods and control structures to help reduce potential malicious use of the function. The searchable Whois system currently uses Apacheʹs Lucene full text search engine to index relevant Whois content with near-real time incremental updates from the provisioning system.

Features of the Verisign searchable Whois function include:

• Provision of a web-based searchable directory service
• Ability to perform partial match, at least, for the following data fields: domain name, contacts and registrantʹs name, and contact and registrantʹs postal address, including all the sub-fields described in EPP (e.g., street, city, state, or province)
• Ability to perform exact match, at least, on the following fields: registrar ID, name server name, and name serverʹs IP address (only applies to IP addresses stored by the registry, i.e., glue records)
• Ability to perform Boolean search supporting, at least, the following logical operators to join a set of search criteria: AND, OR, NOT
• Search results that include domain names that match the selected search criteria

Verisignʹs implementation of searchable Whois is EU Safe Harbor certified and includes appropriate access control measures that help ensure that only legitimate authorized users can use the service. Furthermore, Verisignʹs compliance office monitors current ICANN policy and applicable privacy laws or policies to help ensure the solution is maintained within compliance of applicable regulations. Features of these access control measures include:

• All unauthenticated searches are returned as thin results.
• Registry system authentication is used to grant access to appropriate users for thick Whois data search results.
• Account access is granted by the Pictetʹs defined .pictet gTLD admin user.

Potential Forms of Abuse and Related Risk Mitigation. Leveraging its experience providing tiered access to Whois for the .name registry and interacting with ICANN, data protection authorities, and applicable industry groups, Verisign, Pictetʹs selected backend registry services provider, is knowledgeable of the likely data mining forms of abuse associated with a searchable Whois service. Figure ‎26-7 summarizes these potential forms of abuse and Verisignʹs approach to mitigate the identified risk.

27. Registration Life Cycle

27. Registration Lifecycle

Pictet doesnʹt aim to manage a domain name registry system. Pictet has chosen to rely on Verisign for the back-end registry operation of the applied-for ʺ.pictetʺ registry in accordance with the specific technical requirements imposed upon new gTLD registries. The response to this question describes the registry services for the ʺ.pictetʺ TLD as provided by Verisign.

27.1 Complete Knowledge and Understanding of Registration Lifecycles and States

Starting with domain name registration and continuing through domain name delete operations, Pictetʹs selected backend registry services providerʹs (Verisignʹs) registry implements the full registration lifecycle for domain names supporting the operations in the Extensible Provisioning Protocol (EPP) specification. The registration lifecycle of the domain name starts with registration and traverses various states as specified in the following sections. The registry system provides options to update domain names with different server and client status codes that block operations based on the EPP specification. The system also provides different grace periods for different billable operations, where the price of the billable operation is credited back to the registrar if the billable operation is removed within the grace period. Together Figure 27-1 and Figure 27-2 define the registration states comprising the registration lifecycle and explain the trigger points that cause state-to-state transitions. States are represented as green rectangles within Figure 27-1.

27.1.1 Registration Lifecycle of Create⁄Update⁄Delete

The following section details the create⁄update⁄delete processes and the related renewal process that Verisign, Pictetʹs selected backend registry services provider, follows. For each process, this response defines the process function and its characterization, and as appropriate provides a process flow chart.

Create Process. The domain name lifecycle begins with a registration or what is referred to as a Domain Name Create operation in EPP. The system fully supports the EPP Domain Name Mapping as defined by RFC 5731, where the associated objects (e.g., hosts and contacts) are created independent of the domain name.

Process Characterization. The Domain Name Create command is received, validated, run through a set of business rules, persisted to the database, and committed in the database if all business rules pass. The domain name is included with the data flow to the DNS and Whois resolution services. If no name servers are supplied, the domain name is not included with the data flow to the DNS. A successfully created domain name has the created date and expiration date set in the database. Creates are subject to grace periods as described in Section 1.3 of this response, Add Grace Period, Redemption Grace Period, and Notice Periods for Renewals or Transfers.

The Domain Name Create operation is detailed in Figure 27-3 and requires the following attributes:
• A domain name that meets the string restrictions.
• A domain name that does not already exist.
• The registrar is authorized to create a domain name in .pictet.
• The registrar has available credit.
• A valid Authorization Information (Auth-Info) value.
• Required contacts (e.g., registrant, administrative contact, technical contact, and billing contact) are specified and exist.
• The specified name servers (hosts) exist, and there is a maximum of 13 name servers.
• A period in units of years with a maximum value of 10 (default period is one year).

Renewal Process. The domain name can be renewed unless it has any form of Pending Delete, Pending Transfer, or Renew Prohibited.

A request for renewal that sets the expiry date to more than ten years in the future is denied. The registrar must pass the current expiration date (without the timestamp) to support the idempotent features of EPP, where sending the same command a second time does not cause unexpected side effects.

Automatic renewal occurs when a domain name expires. On the expiration date, the registry extends the registration period one year and debits the registrar account balance. In the case of an auto-renewal of the domain name, a separate Auto-Renew grace period applies. Renewals are subject to grace periods as described in Section 1.3 of this response, Add Grace Period, Redemption Grace Period, and Notice Periods for Renewals or Transfers.

Process Characterization. The Domain Name Renew command is received, validated, authorized, and run through a set of business rules. The data is updated and committed in the database if it passes all business rules. The updated domain nameʹs expiration date is included in the flow to the Whois resolution service.

The Domain Name Renew operation is detailed in Figure 27-4 and requires the following attributes:
• A domain name that exists and is sponsored by the requesting registrar.
• The registrar is authorized to renew a domain name in .pictet.
• The registrar has available credit.
• The passed current expiration date matches the domain nameʹs expiration date.
• A period in units of years with a maximum value of 10 (default period is one year). A domain name expiry past ten years is not allowed.

Registrar Transfer Procedures. A registrant may transfer his⁄her domain name from his⁄her current registrar to another registrar. The database system allows a transfer as long as the transfer is not within the initial 60 days, per industry standard, of the original registration date.

The registrar transfer process goes through many process states, which are described in detail below, unless it has any form of Pending Delete, Pending Transfer, or Transfer Prohibited.

A transfer can only be initiated when the appropriate Auth-Info is supplied. The Auth-Info for transfer is only available to the current registrar. Any other registrar requesting to initiate a transfer on behalf of a registrant must obtain the Auth-Info from the registrant.

The Auth-Info is made available to the registrant upon request. The registrant is the only party other than the current registrar that has access to the Auth-Info. Registrar transfer entails a specified extension of the expiry date for the object. The registrar transfer is a billable operation and is charged identically to a renewal for the same extension of the period. This period can be from one to ten years, in one-year increments.

Because registrar transfer involves an extension of the registration period, the rules and policies applying to how the resulting expiry date is set after transfer are based on the renewal policies on extension.

Per industry standard, a domain name cannot be transferred to another registrar within the first 60 days after registration. This restriction continues to apply if the domain name is renewed during the first 60 days. Transfer of the domain name changes the sponsoring registrar of the domain name, and also changes the child hosts (ns1.sample.xyz) of the domain name (sample .xyz).

The domain name transfer consists of five separate operations:
• Transfer Request (Figure 27-5): Executed by a non-sponsoring registrar with the valid Auth-Info provided by the registrant. The Transfer Request holds funds of the requesting registrar but does not bill the registrar until the transfer is completed. The sponsoring registrar receives a Transfer Request poll message.
• Transfer Cancel (Figure 27-6): Executed by the requesting registrar to cancel the pending transfer. The held funds of the requesting registrar are reversed. The sponsoring registrar receives a Transfer Cancel poll message.
• Transfer Approve (Figure 27-7): Executed by the sponsoring registrar to approve the Transfer Request. The requesting registrar is billed for the Transfer Request and the sponsoring registrar is credited for an applicable Auto-Renew grace period. The requesting registrar receives a Transfer Approve poll message.
• Transfer Reject (Figure 27-8): Executed by the sponsoring registrar to reject the pending transfer. The held funds of the requesting registrar are reversed. The requesting registrar receives a Transfer Reject poll message.
• Transfer Query (Figure 27-9): Executed by either the requesting registrar or the sponsoring registrar of the last transfer.

The registry auto-approves a transfer if the sponsoring registrar takes no action. The requesting registrar is billed for the Transfer Request and the sponsoring registrar is credited for an applicable Auto-Renew grace period. The requesting registrar and the sponsoring registrar receive a Transfer Auto-Approve poll message.

Delete Process. A registrar may choose to delete the domain name at any time.

Process Characterization. The domain name can be deleted, unless it has any form of Pending Delete, Pending Transfer, or Delete Prohibited.

A domain name is also prohibited from deletion if it has any in-zone child hosts that are name servers for domain names. For example, the domain name ʺsample.xyzʺ cannot be deleted if an in-zone host ʺns.sample.xyzʺ exists and is a name server for ʺsample2.xyz.ʺ

If the Domain Name Delete occurs within the Add grace period, the domain name is immediately deleted and the sponsoring registrar is credited for the Domain Name Create. If the Domain Name Delete occurs outside the Add grace period, it follows the Redemption grace period (RGP) lifecycle.

Update Process. The sponsoring registrar can update the following attributes of a domain name:
• Auth-Info
• Name servers
• Contacts (i.e., registrant, administrative contact, technical contact, and billing contact)
• Statuses (e.g., Client Delete Prohibited, Client Hold, Client Renew Prohibited, Client Transfer Prohibited, Client Update Prohibited)

Process Characterization. Updates are allowed provided that the update includes the removal of any Update Prohibited status. The Domain Name Update operation is detailed in Figure 27-10.

A domain name can be updated unless it has any form of Pending Delete, Pending Transfer, or Update Prohibited.

27.1.2 Pending, Locked, Expired, and Transferred

Verisign, Pictetʹs selected backend registry services provider, handles pending, locked, expired, and transferred domain names as described here. When the domain name is deleted after the five-day Add grace period, it enters into the Pending Delete state. The registrant can return its domain name to active any time within the five-day Pending Delete grace period. After the five-day Pending Delete grace period expires, the domain name enters the Redemption Pending state and then is deleted by the system. The registrant can restore the domain name at any time during the Redemption Pending state.

When a non-sponsoring registrar initiates the domain name transfer request, the domain name enters Pending Transfer state and a notification is mailed to the sponsoring registrar for approvals. If the sponsoring registrar doesnʹt respond within five days, the Pending Transfer expires and the transfer request is automatically approved.

EPP specifies both client (registrar) and server (registry) status codes that can be used to prevent registry changes that are not intended by the registrant. Currently, many registrars use the client status codes to protect against inadvertent modifications that would affect their customersʹ high-profile or valuable domain names.

Verisignʹs registry service supports the following client (registrar) and server (registry) status codes:
• clientHold
• clientRenewProhibited
• clientTransferProhibited
• clientUpdateProhibited
• clientDeleteProhibited
• serverHold
• serverRenewProhibited
• serverTransferProhibited
• serverUpdateProhibited
• serverDeleteProhibited

27.1.3 Add Grace Period, Redemption Grace Period, and Notice Periods for Renewals or Transfers

Verisign, Pictetʹs selected backend registry services provider, handles Add grace periods, Redemption grace periods, and notice periods for renewals or transfers as described here.
• Add Grace Period: The Add grace period is a specified number of days following the initial registration of the domain name. The current value of the Add grace period for all registrars is five days.
• Redemption Grace Period: If the domain name is deleted after the five-day grace period expires, it enters the Redemption grace period and then is deleted by the system. The registrant has an option to use the Restore Request command to restore the domain name within the Redemption grace period. In this scenario, the domain name goes to Pending Restore state if there is a Restore Request command within 30 days of the Redemption grace period. From the Pending Restore state, it goes either to the OK state, if there is a Restore Report Submission command within seven days of the Restore Request grace period, or a Redemption Period state if there is no Restore Report Submission command within seven days of the Restore Request grace period.
• Renew Grace Period: The Renew⁄Extend grace period is a specified number of days following the renewal⁄extension of the domain nameʹs registration period. The current value of the Renew⁄Extend grace period is five days.
• Auto-Renew Grace Period: All auto-renewed domain names have a grace period of 45 days.
• Transfer Grace Period: Domain names have a five-day Transfer grace period.

27.1.4 Aspects of the Registration Lifecycle Not Covered by Standard EPP RFCs

Pictetʹs selected backend registry services providerʹs (Verisignʹs) registration lifecycle processes and code implementations adhere to the standard EPP RFCs related to the registration lifecycle. By adhering to the RFCs, Verisignʹs registration lifecycle is complete and addresses each registration-related task comprising the lifecycle. No aspect of Verisignʹs registration lifecycle is not covered by one of the standard EPP RFCs and thus no additional definitions are provided in this response.

27.2 Consistency with any specific commitments made to registrants as adapted to the overall business approach for the proposed gTLD

The registration lifecycle described above applies to the .pictet gTLD as well as other TLDs managed by Verisign, Pictetʹs selected backend registry services provider; thus Verisign remains consistent with commitments made to its registrants. No unique or specific registration lifecycle modifications or adaptations are required to support the overall business approach for the .pictet gTLD.

To accommodate a range of registries, Verisignʹs registry implementation is capable of offering both a thin and thick Whois implementation, which is also built upon Verisignʹs award-winning ATLAS infrastructure.

27.3 Compliance with relevant RFCs

Pictetʹs selected backend registry services providerʹs (Verisignʹs) registration lifecycle complies with applicable RFCs, specifically RFCs 5730 – 5734 and 3915. The system fully supports the EPP Domain Name Mapping as defined by RFC 5731, where the associated objects (e.g., hosts and contacts) are created independent of the domain name.

In addition, in accordance with RFCs 5732 and 5733, the Verisign registration system enforces the following domain name registration constraints:
• Uniqueness⁄Multiplicity: A second-level domain name is unique in the .pictet database. Two identical second-level domain names cannot simultaneously exist in .pictet. Further, a second-level domain name cannot be created if it conflicts with a reserved domain name.
• Point of Contact Associations: The domain name is associated with the following points of contact. Contacts are created and managed independently according to RFC 5733.
• Registrant
• Administrative contact
• Technical contact
• Billing contact
• Domain Name Associations: Each domain name is associated with:
• A maximum of 13 hosts, which are created and managed independently according to RFC 5732
• An Auth-Info, which is used to authorize certain operations on the object
• Status(es), which are used to describe the domain nameʹs status in the registry
• A created date, updated date, and expiry date

27.4 Demonstrates that technical resources required to carry through the plans for this element are already on hand or readily available

Verisign, Pictetʹs selected backend registry services provider, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. Verisign routinely adjusts these staffing models to account for new tools and process innovations. These models enable Verisign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, Verisign derived the necessary personnel levels required for this gTLDʹs initial implementation and ongoing maintenance. Verisignʹs pricing for the backend registry services it provides to Pictet fully accounts for cost related to this infrastructure, which is provided as ʺTotal Critical Registry Function Cash Outflowsʺ (Template 1, Line IIb.G) within the Question 46 financial projections response.

Verisign employs more than 1,040 individuals of which more than 775 comprise its technical work force. (Current statistics are publicly available in Verisignʹs quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, Verisign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving Verisignʹs ability to align personnel resource growth to the scale increases of Verisignʹs TLD service offerings.

Verisign projects it will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support the registration lifecycle:
• Application Engineers: 19
• Customer Support Personnel: 36
• Database Administrators: 8
• Database Engineers: 3
• Quality Assurance Engineers: 11
• SRS System Administrators: 13

To implement and manage the .pictet gTLD as described in this application, Verisign, Pictetʹs selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, Verisign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.

When usage projections indicate a need for additional staff, Verisignʹs internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, Verisign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as Verisign holds all contributing staff members accountable to the same procedures that guide its execution of the Internetʹs largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, Verisign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.

28. Abuse Prevention and Mitigation

28. Abuse Prevention and Mitigation

As mentioned in response to Question 18 (b) above, Pictet is a well-known financial institution operating around the world. Pictet has an extensive experience and expertise in managing complex information technology infrastructures in connection to its business relying on in-house and external resources.

Pictet doesnʹt aim to manage a domain name registry system. Pictet has chosen to rely on Verisign for the back-end registry operation of the applied-for ʺ.pictetʺ registry in accordance with the specific technical requirements imposed upon new gTLD registries. The response to this question describes the registry services for the ʺ.pictetʺ TLD as provided by Verisign.

28.1 Comprehensive abuse policies, which include clear definitions of what constitutes abuse in the TLD, and procedures that will effectively minimize potential for abuse in the TLD

The Applicant has identified Verisign as a trusted partner based on its stable organization with strong financial stability and the resources to ensure responsible backend operator services. Verisign has proven to the Applicant that it is the high-value and low-risk vendor of choice to meet the gTLD program needs. The Applicant will rely on Verisign to provide all the technical support linked to the new gTLD program and to enforce all ICANN mandatory procedures to minimize all potential abuse in the TLD.

As per the vision & mission statement stated in response to question 18 of this application, most if not all of the domain names registered therein will be under the control of the Registry Operator. Given this character that the applied-for TLD shall initially have and the control of the Registry Operator in operating the applied-for TLD, the risks that the TLD or domain names registered therein will be used in an abusive manner is already limited in itself.

Pictet is of the opinion that the operation of the ʺ.pictetʺ TLD will not be facing the challenges in mitigating abuses that most true ʺgenericʺ top-level domain names are and will continue to be coping with. Nevertheless, the Applicant is factoring in mechanisms to prevent and mitigate possible abuses.

28.1.1 ʺ.pictetʺ Abuse Prevention and Mitigation Implementation Plan

The Applicant monitors all possible abuses of the ʺ.pictetʺ TLD and also relies on Verisign as its technical backend operator due to its longstanding legacy in the industry and its capabilities to support Pictet in mitigating all above mentioned abuse.

As mentioned above, the Applicant expects few risks of abuses as it intents initially to use the ʺ.pictetʺ as a single registrant TLD. Furthermore, as abuses of the TLD will be detrimental to the reputation of the Applicantʹs key brand, the Applicant aims to strictly control the use of its TLD and to have clear policies in place that grant the Applicant the right to cancel, suspend, or even revoke domain names registered in the TLD.

Eligibility

Eligibility is the central requirement to apply to and be awarded the use of a ʺ.pictetʺ domain name. It is therefore necessary that a registrant understand the eligibility requirements for registration of a ʺ.pictetʺ domain name, and maintain its eligibility throughout the term of the authoriyation to use.

Are eligible to a ʺ.pictetʺ domain name the following:
- Pictet & Cie and its subsidiary for commercial usages.
- Members of the Pictet family bearing this last name for private or commercial usages
- Business partners of Pictet & Cie and its subsidiary – while domain names will have to be managed by a Pictet entity

28.1.2 Policies for Handling Complaints Regarding Abuse

The selection of Verisign was based on the technical expertise of Verisign and its experience in running different large registries and managing right protection mechanisms. Verisign has demonstrated its ability to provide high levels of service that are scalable while still flexible enough to provide appropriate right protections measures.

The Applicant has a domain name and legal department, which protects and enforces the intellectual property rights of the Applicant in various ways. For the ʺ.pictetʺ TLD, the Applicant relies on various internal and external resources in order to ensure that the organization is able to plan for right protection matters that may occur.

Furthermore, this department is responsible for registering and monitoring domain names in existing TLDs. Following award of the ʺ.pictetʺ TLD to the Applicant, this department will also be controlling registrations and⁄or registration volumes, as well as potential abuses of domain names within this extension.

The Applicantʹs back-end registry service provider will also monitor the on-going technical abuses processes.

Pictet will post an abuse point of contact on its website ʺabuse@registry.pictetʺ. This e-mail address will allow the GCC department to monitor abuse reports and work towards their resolution. Pictet will put in place a ticketing system for tracking those complaints.

Pictetʹs GCC department will assess complaints received via the abuse complaint decide what action is appropriate.

The GCC department in charge of the « .pictet » project aim to provide all its customers, internal or external, with a high level of service. However, if for any reason a user would not be satisfied with the service received an advisor will investigate and respond to complaints.  Pictet commits to respond within a maximum of seven (7) days to abuse complaints concerning all names registered in the TLD through the registrar.

Complaints should be made in writing and include the following information:
• Name and contact details and other information if appropriate
• The details of the initial complaint
• A clear description of the concern or complaint
• Proposed complaint resolution options

Primary advisor to contact:

Riccardo BONFERRONI
Senior web publisher⁄editor
Digital Communications
Group Corporate Communications
Pictet & Cie,
60 route des Acacias
CH-1211
Geneva, Switzerland
Tel. +41 (0)58 323 1491

If a party would want to appeal a decision, an appeal notice should be sent by mail to the GCC department. This notice should explain the reasons for appealing, but should not contain any new evidence or attachments.

Appeals are heard by the ʺ.pictetʺ evaluation committee as defined in question 18. They have 30 days to make their decision. In many ways, they act like a normal expert. An appeal decision is irrevocable.

Upon passing Pictetʹs acceptance of the appeal, these domain names will be allowed to resolve to active websites and email addresses by removal of server-hold status.

The version of these Rules in effect at the time of the submission of the complaint to the Provider shall apply to the administrative proceeding commenced thereby.

Law enforcement

Rights and obligations and all actions contemplated by the registrant agreement shall be governed by the laws of Switzerland. With regard to any action arising from the use of the registered name the registrant agrees to submit to the jurisdiction of the court of Geneva, Switzerland.

Pictet will be prepared to call upon relevant law enforcement bodies as needed and commits to respond to law enforcement within seven ⁄7) days of notification received at Pictetʹs headquarter in Geneva, Switzerland.

Take-down procedures

In the event of termination of a domain name registration service where the domain registration is current and no monies are owing registrants may transfer the domain name to another registrar within seven (7) days after which time Pictet may at our exclusive option delete the domain name or acquire without further consideration all rights to the domain name.

Where the service is terminated due to a break of the Pictet code of conduct, ethics and business activities (as detailed in section 18), Pictet has the exclusive option of erasing a domain name or, without further consideration, acquiring all rights to the domain name and Pictet may keep the domain name without compensation to the registrant. For this purpose the registrant irrevocably consent to Pictet authorizing a change of ownership, update of WHOIS data including change of contacts and registered name holder, registrar transfer or other action without having any obligation to notify the registrant either before the changes occur. Pictet however commits to inform the registrants of such action within seven (7) days after it happens.

If a domain name should be suspended for a financial, legal, or operational reason Pictet will take action via its technical providers to take the following steps gradually:
1. ʺDNS Suspendedʺ (DNS zone is deactivated, domains will no longer resolve)
2. ʺDomain Server Hold processʺ (domain is locked, domain cannot be modified).
Domains with the EPP status code ʺServerHoldʺ are not included in the zone files

28.1.3 Proposed Measures for Removal of Orphan Glue Records

Although orphan glue records often support correct and ordinary operation of the Domain Name System (DNS), registry operators will be required to remove orphan glue records (as defined at http:⁄⁄www.icann.org⁄en⁄committees⁄security⁄sac048.pdf) when provided with evidence in written form that such records are present in connection with malicious conduct. Pictetʹs selected backend registry services providerʹs (Verisignʹs) registration system is specifically designed to not allow orphan glue records. The registrar, Domainoo, required to delete⁄move all dependent DNS records before they are allowed to delete the parent domain.

To prevent orphan glue records, Verisign performs the following checks before removing a domain or name server:

Checks during domain delete:
Parent domain delete is not allowed if any other domain in the zone refers to the child name server.
If the parent domain is the only domain using the child name server, then both the domain and the glue record are removed from the zone.

Check during explicit name server delete:
Verisign confirms that the current name server is not referenced by any domain name (in-zone) before deleting the name server.

Zone-file impact:
If the parent domain references the child name server AND if other domains in the zone also reference it AND if the parent domain name is assigned a serverHold status, then the parent domain goes out of the zone but the name server glue record does not.
If no domains reference a name server, then the zone file removes the glue record.

28.1.4 Resourcing Plans

As underlined in question 18, the Group Corporate Communication (GCC) department will manage the relationship with all third-party technical providers including the data escrow. Those costs have been accounted for in the project set-up and operational costs as detailed in question 47. Details related to resourcing plans for the initial implementation and ongoing maintenance of Pictetʹs abuse plan are provided in Section 2 of this response.

28.1.5 Measures to Promote Whois Accuracy

The Applicant supported by its backend operator will comply to all ICANN requirements such as Whois accuracy.

The Applicant believes that Whois accuracy will be fully under control, considering the fact that it is a single registrant TLD that is monitored and operated in-house. The Applicant performed in this preparatory stage a rather high-level analysis of the possible uses of the ʺ.pictetʺ TLD.

The registrar selected by Pictet, Domainoo, offers an online interactive WHOIS service. His website en.lenom.com offers name check and WHOIS search.  Domainoo also provides a WHOIS service using port 43 webservice which is updated on a daily based. The WHOIS interacts and requests on registrar name, registered domain name, primary name server and secondary name server, identity of registrar, original creation date of registration, expiration date of registration, name and address of domain name registered holder and administrative and technical contacts.

Domainoo, upon notification by any person of an inaccuracy in the contact information associated with a Registered Name sponsored by Registrar, takes reasonable steps to investigate that claimed inaccuracy. In the event Agence Virtuelle informs Domainoo of an inaccurate contact information associated with a Registered Name sponsored, the registrar takes reasonable steps to correct that inaccuracy. In particular, Domainoo sends an email to the current Registered Name holder to up-date their record. The email contains the following language:

ʺThis message is a reminder to help you keep the contact data associated with your domain registration up-to-date. Our records include the following information:
Domain: ____________
Registrar Name: _________
Registrant:
Name: _____________
Address: ____________
City: ___________
State⁄Province: ________
Country: __________
Postal Code: ___________
Administrative Contact:
Name: ______________
Address: ____________
City: ___________
State⁄Province: ________
Country: __________
Postal Code: ___________
Phone: ______________
Fax: _________
Email: _______________
Technical Contact:
Name: ______________
Address: ____________
City: ___________
State⁄Province: ________
Country: __________
Postal Code: ___________
Phone: ______________
Fax: _________
Email: _______________
Original Creation Date: ___________
Expiration Date: ______________
Nameserver Information:
Nameserver: _______________
 
If any of the information above is inaccurate, you must correct it by visiting our website. (If your review indicates that all of the information above is accurate, you do not need to take any action.) Please remember that under the terms of your registration agreement, the provision of false Whois information can be grounds for cancellation of your domain name registration.ʺ

In general, Domainoo complies with the Whois Data Reminder Policy by sending the above email once a year to their customers. For auditing purposes, Pictet will request exports of all or part of the whois data.

28.1.6 Authentication of Registrant Information

During the registration process, Pictet collects identifiable information, including, but not limited to, name, company name, telephone numbers, postal and e-mail addresses relating to the registrant and any other identifiable information that Pictet may reasonably require in order to provide access to Pictetʹs applications and services to its Registrants.
Registrants are assigned user names and passwords, all of which are used to identify the Registrants when they are using the Pictet registration services.

28.1.7 Regular Monitoring of Registration Data for Accuracy and Completeness

Verisign, Pictetʹs selected backend registry services provider, has established policies and procedures to encourage registrar compliance with ICANNʹs Whois accuracy requirements. Verisign provides the following services to Pictet for incorporation into its full-service registry operations.

As part of internal auditing and risk mitigation, the Applicant will perform on a regular basis Whois data control process. As the Applicant is willing to provide selected stakeholders in Pictet & Cie, its subsidiary, business partners and Pictet family memebers with the opportunity to create a secure and safe Internet environment that is mainly or even fully under control of the Applicant and⁄or such stakeholders, the Applicant will regularly audit its domain name portfolio, as this is the case with its current intellectual property rights.

Pictet willl focus primarily on pre‐registration validation and spot checks. Above 80% of the ʺ.pictetʺ domain names will be used by Pictet and company for which, registrants will clearly be identified. Family members applying for a ʺ.pictetʺ TLD will go through a meticulous selection process as detailed in question 18.

Post-registration, Pictet will conduct random audits after registration and focus a great deal on compliance and policy enforcement. Pictet will do a monthly review of about 30 to 50 records which results in about 360 or 600 annual audits.

Pictet will also perform annual Whois database cleanups and a consistency check to help validate information. And then updates the Whois data whenever someone requests different resources.

Verisign, Pictetʹs selected backend registry services provider, has established policies and procedures to encourage registrar compliance with ICANNʹs Whois accuracy requirements. Verisign provides the following services to Pictet for incorporation into its full-service registry operations.

Verisign sends an email notification to the ICANN primary registrar contact, requesting that the contact go to a designated URL, log in with his⁄her Web ID and password, and complete and submit the online form. The contact must submit the form within 15 business days of receipt of the notification.

When the form is submitted, Verisign sends the registrar an automated email confirming that the form was successfully submitted.

Verisign reviews the submitted form to ensure the certifications are compliant.

Verisign sends the registrar an email notification if the registrar is found to be compliant in all areas.

If a review of the response indicates that the registrar is out of compliance or if Verisign has follow-up questions, the registrar has 10 days to respond to the inquiry.

If the registrar does not respond within 15 business days of receiving the original notification, or if it does not respond to the request for additional information, Verisign sends the registrar a Breach Notice and gives the registrar 30 days to cure the breach.

If the registrar does not cure the breach, Verisign terminates the Registry-Registrar Agreement (RRA).

28.1.8 Use of Registrars

To ensure full control of its registrar network, the Applicant has decided to operate the TLD on a very limited registrant TLD basis. All ICANN mandatory specifications will be included in the registry-registrar agreement and the Applicant will also rely on its registrar to report any potential abuses in the TLD.

28.1.9 Malicious or Abusive Behavior Definitions, Metrics, and Service Level Requirements for Resolution

As outlined in the answer to question 30B, the Pictet Group, as a Bank, has a strong security culture. Malicious or abusive behavior that could endanger any of the Pictet Groupʹs activities is scrupulously and continually monitored, from inside as well as from outside viewpoints.

Abusive use criteria

The following criteria will be used to determine whether use of a particular domain is considered abusive:
a. the domain name registered by the domain name registrant is identical or confusingly similar to a trademark or service mark in which the complainant (the person or entity bringing the complaint) has rights; and
b. the domain name registrant has no rights or legitimate interests in respect of the domain name in question; and
c. the domain name has been registered and is being used in bad faith

Is considered as abusive use of the ʺ.pictetʺ TLD the following:
- Spam: The use of electronic messaging systems to send unsolicited bulk messages. The term applies to email spam and similar abuses such as instant messaging spam, mobile messaging spam, and the spamming of websites and Internet forums. An example, for purposes of illustration, would be the use of email in denial-of-service attacks.
- Phishing: The use of counterfeit web pages that are designed to trick recipients into divulging sensitive data such as user names, passwords, or financial information.
- Willful distribution of malware: The dissemination of software designed to infiltrate or damage a computer system without the ownerʹs informed consent. Examples include, without limitation, computer viruses, worms, keyloggers, and trojan horses.
- Botnet command and control: Services that run on domain names that are used to control a collection of compromised computers or ʺzombies,ʺ or to direct distributed denial-of-service attacks (DDoS attacks).
- Distribution of child pornography

As explained, ʺ.pictet TLDʺ will be a private TLD. There will be no registrant except Pictet and Pictet family members. In the latter case, family members will only be a license to use, but those domain names will remain under Pictetʹs property and management at all times. In addition to Verisignʹs monitoring and fault escalation procedure, Pictet will be monitoring ʺ.pictetʺ TLD operations on a daily basis and will implement this control in its current online brand watch and domain names watch already in place for 3 years. Pictetʹs security service operates 24x7 and provides timely responses to malicious and abusive behaviors

Trademark

As per the vision ⁄ mission statement stated in response to Question 18 of this application, most if not all of the domain names registered therein will be completely or at least partially under the control of the Registry Operator and for internal usages. Most uses of the « .pictet » TLD will be for Pictet & Cie (founded in 1805) and its affiliates which are registered trademarks protected under Swiss law and international copyrights laws. Pictet will not authorize any trademarks infrigements based on this intellectual property during the transitional period and beyond.

Trademark or intellectual property owners can initiate a procedure to challenge a ʺ.pictetʺ domain name. In order to prevail, the complaining party must show:
i. that a trademark is owned (either registered or unregistered) that is the same or confusingly similar to the registered second level domain name;
ii. that the party that registered the domain name has no legitimate right or interest in the domain name; and
iii. that the domain name was registered and used in bad faith.

If the trademark owner successfully proves all three points in the administrative proceeding, then the domain name can either be cancelled or transferred to the prevailing trademark owner. If the trademark owner fails to prove one of these points, Pictet will not cancel the domain name. In no case does a domain name cancellation would automatically result in a transfer to the complaining party.

Registration limited to Pictet & Cie and its subsidiary or family members baring the Pictet last name.

28.1.10 Controls to Ensure Proper Access to Domain Functions

Verisign Inc. will provide back-end registry services for applied-for « .pictet » TLD.

As Pictet has no in-depth experience in managing a domain name registry, Pictet has decided to rely on professional providers for all the technical support linked to operating the new gTLD program and to enforce all ICANN mandatory procedures to minimize all potential abuse in the TLD.

Moreover, the registration policy for Pictetʹs dotBrand will be restricted to the brand owner and its affiliates to register domain names in order to create a ‘safe-zoneʹ for internet users. Family membersʹ domain names will also be controlled by the brand owner.

Pictet defines the registration policy so unwanted activity from domainers or cyber squatters could be prevented by creating a strict policy. All registrations will be handled directly so risks involving third parties will be mitigated. Pictetʹs registration policy will be set so domain names are never transferred to licensees that arenʹt validated.

Pictet doesnʹt aim promote the use of the ʺ.pictetʺ TLD to third parties such as distributors and business partners. Co-branding webpages could be created but remain under the sole property and operations of Pictet. Pictet will rely on the experience and knowledge of Domainoo as the unique authorized registrar. Pictet will outsource the technical set-up and operations including the necessary infrastructure and human resources to professionals to ensure strict control on the domain name.

Registering Pictetʹs own TLD will allow the firm to proactively register common mistyped URLʹs and direct them towards the correct website. Pictet will also track and trace domain names that were visited, but not registered yet.

28.1.11 Multi-Factor Authentication

To ensure proper access to domain functions, Pictet incorporates Verisignʹs Registry-Registrar Two-Factor Authentication Service into its full-service registry operations. The service is designed to improve domain name security and assist its registrar in protecting the accounts they manage by providing another level of assurance that only authorized personnel can communicate with the registry. As part of the service, dynamic one-time passwords (OTPs) augment the user names and passwords currently used to process update, transfer, and⁄or deletion requests. These one-time passwords enable transaction processing to be based on requests that are validated both by ʺwhat users knowʺ (i.e., their user name and password) and ʺwhat users haveʺ (i.e., a two-factor authentication credential with a one-time-password).

The registrar can use the one-time-password when communicating directly with Verisignʹs Customer Service department as well as when using the registrar portal to make manual updates, transfers, and⁄or deletion transactions. The Two-Factor Authentication Service is an optional service offered to registrars that execute the Registry-Registrar Two-Factor Authentication Service Agreement. As shown in Figure 28-1, the registrarsʹ authorized contacts use the OTP to enable strong authentication when they contact the registry. There is no charge for the Registry-Registrar Two-Factor Authentication Service. It is enabled only for registrars that wish to take advantage of the added security provided by the service.

28.1.12 Requiring Multiple, Unique Points of Contact

As per ICANN requirements, the Applicant will establish and publish on its website a single abuse point of contact responsible for addressing matters requiring advanced attention and providing a timely response, maximum seven (7) days, to abuse complaints concerning all names registered in the TLD through the registrar. The Applicant has planned adequate resources to implement and take care of any abuse matter. Moreover, the Applicant will also rely on various internal and external resources in order to ensure that the TLD remains secured and controlled, such as monitoring phishing mailing lists, etc.

28.2 Technical plan that is adequately resourced in the planned costs detailed in the financial section

28.2.1 Resource Planning

Customer support in relation to the operation of the ʺ.pictetʺ TLD will be part of the services provided by the Applicant, its registrar (Domainoo) and its backend operator, Verisign. However, As underlined in question 18, the Applicant took into account the cost of supervising this activity and also took into account that its general customer service will have employees available who can respond to concerns of third parties in relation to the operation of the TLD. The Group Corporate Communication (GCC) department will manage the relationship with all third-party technical providers including the data escrow. Those costs have been accounted for in the project set-up and operational costs as detailed in question 47.

28.2.2 Resource Planning Specific to Backend Registry Activities

Verisign, Pictetʹs selected backend registry services provider, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. Verisign routinely adjusts these staffing models to account for new tools and process innovations. These models enable Verisign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, Verisign derived the necessary personnel levels required for this gTLDʹs initial implementation and ongoing maintenance. Verisignʹs pricing for the backend registry services it provides to Pictet fully accounts for cost related to this infrastructure, which is provided as ʺTotal Critical Registry Function Cash Outflowsʺ (Template 1, Line IIb.G) within the Question 46 financial projections response.

Verisign employs more than 1,040 individuals of which more than 775 comprise its technical work force. (Current statistics are publicly available in Verisignʹs quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, Verisign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving Verisignʹs ability to align personnel resource growth to the scale increases of Verisignʹs TLD service offerings.

Verisign projects it will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support abuse prevention and mitigation:
- Application Engineers: 19
- Business Continuity Personnel: 3
- Customer Affairs Organization: 9
- Customer Support Personnel: 36
- Information Security Engineers: 11
- Network Administrators: 11
- Network Architects: 4
- Network Operations Center (NOC) Engineers: 33
- Project Managers: 25
- Quality Assurance Engineers: 11
- Systems Architects: 9

To implement and manage the .pictet gTLD as described in this application, Verisign, Pictetʹs selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, Verisign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.

When usage projections indicate a need for additional staff, Verisignʹs internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, Verisign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as Verisign holds all contributing staff members accountable to the same procedures that guide its execution of the Internetʹs largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, Verisign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.

28.3 Policies and procedures identify and address the abusive use of registered names at startup and on an ongoing basis

28.3.1 Start-Up Anti-Abuse Policies and Procedures

The operation of the ʺ.pictetʺ TLD will not face the challenges that most ʺgenericʺ top-level domain names faces. In Pictetʹs view, the applied for TLD will mainly be a platform for supporting its business activities; except few exceptional cases for family members.

Verisign, Pictetʹs selected backend registry services provider, provides the following domain name abuse prevention services, which Pictet incorporates into its full-service registry operations. These services are available at the time of domain name registration.

Specific Extensible Provisioning Protocol (EPP) status codes are set on the domain name to prevent malicious or inadvertent modifications, deletions, and transfers. Typically, these ‘serverʹ level status codes can only be updated by the registry. The registrar only has ‘clientʹ level codes and cannot alter ‘serverʹ level status codes. The registrant must provide a pass phrase to the registry before any updates are made to the domain name. However, with Registry Lock, provided via Verisign, Pictetʹs subcontractor, registrars can also take advantage of server status codes.

The following EPP server status codes are applicable for domain names: (i) serverUpdateProhibited, (ii) serverDeleteProhibited, and (iii) serverTransferProhibited. These statuses may be applied individually or in combination.

The EPP also enables setting host (i.e., name server) status codes to prevent deleting or renaming a host or modifying its IP addresses. Setting host status codes at the registry reduces the risk of inadvertent disruption of DNS resolution for domain names.

The Registry Lock Service is used in conjunction with a registrarʹs proprietary security measures to bring a greater level of security to registrantsʹ domain names and help mitigate potential for unintended deletions, transfers, and⁄or updates.

Two components comprise the Registry Lock Service:

Pictet and its registrar provides Verisign, Pictetʹs selected provider of backend registry services, with a list of the domain names to be placed on the server status codes. During the term of the service agreement, the registrar can add domain names to be placed on the server status codes and⁄or remove domain names currently placed on the server status codes. Verisign then manually authenticates that the registrar submitting the list of domain names is the registrar-of-record for such domain names.

If Pictet or its registrar requires changes (including updates, deletes, and transfers) to a domain name placed on a server status code, Verisign follows a secure, authenticated process to perform the change. This process includes a request from a Pictet-authorized representative for Verisign to remove the specific registry status code, validation of the authorized individual by Verisign, removal of the specified server status code, registrar completion of the desired change, and a request from the Pictet-authorized individual to reinstate the server status code on the domain name. This process is designed to complement automated transaction processing through the Shared Registration System (SRS) by using independent authentication by trusted registry experts.

Pictet intends to charge its registrar based on the market value of the Registry Lock Service. A tiered pricing model is expected, with each tier having an annual fee based on per domain name⁄host and the number of domain names and hosts to be placed on Registry Lock server status code(s).

28.3.2 Ongoing Anti-Abuse Policies and Procedures

Criminals constantly develop new methods of attacking Internet users. Pictet is conscious of its responsibility and determined to safeguarding its users. Pictet will leverage its existing web security procedures and rely on technical providers to which are experts in combatting potential abuses.

Suspension criteria

The Registrant Agreement contains terms permitting the Registry operator to revoke the use of a ʺ.pictetʺ domain name for the reasons outlined below:
1. The registrantʹs status changes and they cease to be a member of the eligible community defined by Pictet & Cie;
2. If any prescribed registration, transfer, renewal or other fee is not paid if applicable;
3. If a warranty made by the registrant;
4. If any information provided in the course of registration is incorrect;
5. If misleading, incomplete or incorrect information is supplied in the application for registration, transfer or renewal;
6. Failure to comply with any ʺ.pictetʺ policy that applies to the registrant at any time;
7. If a court of competent authority orders that the ʺ.pictetʺ domain name should not be licensed to the Registrant, be removed from the registry or be licensed to another person;
8. If the ʺ.pictetʺ domain name, or the use of the ʺ.pictetʺ domain name, is not in the best interests of the Pictet & Cie;
9. If instructed by the registrant or its authorized agent; and
10. If ʺ.pictetʺ domain name which could not otherwise be registered under this policy is registered through mistake on the part of the registrant or the Registry.

28.3.3 Policies and Procedures That Identify Malicious or Abusive Behavior

Verisign, Pictetʹs selected backend registry services provider, provides the following service to Pictet for incorporation into its full-service registry operations.

Malware scanning service. Registrants are often unknowing victims of malware exploits. Verisign has developed proprietary code to help identify malware in the zones it manages, which in turn helps registrars by identifying malicious code hidden in their domain names.

Verisignʹs malware scanning service helps prevent websites from infecting other websites by scanning web pages for embedded malicious content that will infect visitorsʹ websites. Pictet will use a malware scanning technology which uses a combination of in-depth malware behavioral analysis, anti-virus results, detailed malware patterns, and network analysis to discover known exploits for the particular scanned zone. If malware is detected, the service sends the registrar a report that contains the number of malicious domains found and details about malicious content within its TLD zones. Reports with remediation instructions are provided to help registrars and registrants eliminate the identified malware from the registrantʹs website.

28.3.4 Policies and Procedures That Address the Abusive Use of Registered Names

As mentioned under 1.1, Pictet will be the only user of its own TLD and thus there will be no registered name by unknown persons and, as a consequence, no risk of abuse of registered names.

All disputes arising out of or related to the TLD management shall be governed by, construed, and enforced in all respects in accordance with the laws of Switzerland, jurisdiction and venue of the Courts of Geneva. An appeal to the Federal Supreme Court of Switzerland is reserved.

Suspension processes conducted by backend registry services provider. In the case of domain name abuse, Pictet will determine whether to take down the subject domain name. Verisign, Pictetʹs selected backend registry services provider, will follow the following auditable processes to comply with the suspension request (Figure 28-2).

Verisign Suspension Notification. Pictet submits the suspension request to Verisign for processing, documented by:
- Threat domain name
- Registry incident number
- Incident narrative, threat analytics, screen shots to depict abuse, and⁄or other evidence
- Threat classification
- Threat urgency description
- Recommended timeframe for suspension⁄takedown
- Technical details (e.g., Whois records, IP addresses, hash values, anti-virus detection results⁄nomenclature, name servers, domain name statuses that are relevant to the suspension)
- Incident response, including surge capacity

Verisign Notification Verification. When Verisign receives a suspension request from Pictet, it performs the following verification procedures:
- Validate that all the required data appears in the notification.
- Validate that the request for suspension is for a registered domain name.
- Return a case number for tracking purposes.

Suspension Rejection. If required data is missing from the suspension request, or the domain name is not registered, the request will be rejected and returned to Pictet with the following information:
- Threat domain name
- Registry incident number
- Verisign case number
- Error reason

28.4 Technical plan scope⁄scale that is consistent with the overall business approach and planned size of the registry

28.4.1 Scope⁄Scale Consistency

Founded in 1805 in Geneva, Pictet & Cie is today one of Switzerlandʹs largest private banks, and one of the premier independent asset management specialists in Europe, with over USD 325 billion in assets under management and custody at 31 December 2011. In connection to its business, the Applicant has a substantial experience and expertise in managing internally complex IT systems and infrastructures, hereby relying on in-house and external resources. Pictet has a strong web presence with an annual budget of web communication and operations of over 50,000 Pictet webpages visited daily.

However, Pictet has no in-depth experience in managing a domain name registry system and it would require too much effort for the Applicant to develop a system itself that complies with the specific technical requirements imposed upon new gTLD registries. Therefore, Pictet has decided to rely on Verisign Inc. to provide back-end registry services for applied-for « .pictet » TLD.

28.4.2 Scope⁄Scale Consistency Specific to Backend Registry Activities

Verisign, Pictetʹs selected backend registry services provider, is an experienced backend registry provider that has developed and uses proprietary system scaling models to guide the growth of its TLD supporting infrastructure. These models direct Verisignʹs infrastructure scaling to include, but not be limited to, server capacity, data storage volume, and network throughput that are aligned to projected demand and usage patterns. Verisign periodically updates these models to account for the adoption of more capable and cost-effective technologies.

Verisignʹs scaling models are proven predictors of needed capacity and related cost. As such, they provide the means to link the projected infrastructure needs of the ʺ.pictetʺ gTLD with necessary implementation and sustainment cost. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its scaling models, Verisign derived the necessary infrastructure required to implement and sustain this gTLD. Verisignʹs pricing for the backend registry services it provides to Pictet fully accounts for cost related to this infrastructure, which is provided as ʺOther Operating Costʺ (Template 1, Line I.L) within the Question 46 financial projections response.

29. Rights Protection Mechanisms

29. Rights Protection Mechanisms

As mentioned in response to Question 18 (b) above, Pictet is a well-known financial institution operating around the world. Pictet has an extensive experience and expertise in managing complex information technology infrastructures in connection to its business relying on in-house and external resources.

Pictet doesnʹt aim to manage a domain name registry system. Pictet has chosen to rely on Verisign for the back-end registry operation of the applied-for ʺ.pictetʺ registry in accordance with the specific technical requirements imposed upon new gTLD registries. The response to this question describes the registry services for the ʺ.pictetʺ TLD as provided by Verisign.

29.1 Mechanisms Designed to Prevent abusive registrations

Rights protection is a core objective of Pictet. Pictet will implement and adhere to any rights protection mechanisms (RPMs) that may be mandated from time to time by ICANN, including each mandatory RPM set forth in the Trademark Clearinghouse model contained in the Registry Agreement, specifically Specification 7. Pictet acknowledges that, at a minimum, ICANN requires a Sunrise period, a Trademark Claims period, and interaction with the Trademark Clearinghouse with respect to the registration of domain names for the .pictet gTLD. It should be noted that because ICANN, as of the time of this application submission, has not issued final guidance with respect to the Trademark Clearinghouse, Pictet cannot fully detail the specific implementation of the Trademark Clearinghouse within this application. Pictet will adhere to all processes and procedures to comply with ICANN guidance once this guidance is finalized.

As described in this response, Pictet will implement a Sunrise period and Trademark Claims service with respect to the registration of domain names within the .pictet gTLD. Certain aspects of the Sunrise period and⁄or Trademark Claims service may be administered on behalf of Pictet by Pictet-approved registrars or by subcontractors of Pictet, such as its selected backend registry services provider, Verisign.

At the time of filing, ICANN has not yet released final details on the Trademark Clearinghouse service. However, the protection of intellectual property is of paramount importance to Pictet. Given this and the fact that the initial proposed use of the registry is for the exclusive use of Pictet, all initial domain name registrations in the ʺ.pictetʺ namespace will be made by Pictet. Therefore, while Pictet will implement a Sunrise period and Trademark Claims process, depending upon the cost to access the Trademark Clearinghouse, Pictet may elect to forego the minimum 30 days Sunrise period and register names in the gTLD following this mandatory period.

Sunrise Period. As provided by the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook, the Sunrise service pre-registration procedure for domain names continues for at least 30 days prior to the launch of the general registration of domain names in the gTLD (unless Pictet decides to offer a longer Sunrise period).

During the Sunrise period, holders of marks that have been previously validated by the Trademark Clearinghouse receive notice of domain names that are an identical match (as defined in the ICANN Applicant Guidebook) to their mark(s). Such notice is in accordance with ICANNʹs requirements and is provided by Pictet either directly or through Pictet-approved registrars.

Pictet requires all registrants, either directly or through Pictet-approved registrars, to i) affirm that said registrants meet the Sunrise Eligibility Requirements (SER) and ii) submit to the Sunrise Dispute Resolution Policy (SDRP) consistent with Section 6 of the Trademark Clearinghouse model. At a minimum Pictet recognizes and honors all word marks for which a proof of use was submitted and validated by the Trademark Clearinghouse as well as any additional eligibility requirements as specified in Question 18.

During the Sunrise period, Pictet and⁄or Pictet-approved registrars, as applicable, are responsible for determining whether each domain name is eligible to be registered (including in accordance with the SERs).

Trademark Claims Service. As provided by the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook, all new gTLDs will have to provide a Trademark Claims service for a minimum of 60 days after the launch of the general registration of domain names in the gTLD (Trademark Claims period).

During the Trademark Claims period, in accordance with ICANNʹs requirements, Pictet or the Pictet-approved registrar will send a Trademark Claims Notice to any prospective registrant of a domain name that is an identical match (as defined in the ICANN Applicant Guidebook) to any mark that is validated in the Trademark Clearinghouse. The Trademark Claims Notice will include links to the Trademark Claims as listed in the Trademark Clearinghouse and will be provided at no cost.

Prior to registration of said domain name, Pictet or the Pictet-approved registrar will require each prospective registrant to provide the warranties dictated in the Trademark Clearinghouse model set forth in the ICANN Applicant Guidebook. Those warranties will include receipt and understanding of the Trademark Claims Notice and confirmation that registration and use of said domain name will not infringe on the trademark rights of the mark holders listed. Without receipt of said warranties, the Pictet or the Pictet-approved registrar will not process the domain name registration.

Following the registration of a domain name, the Pictet-approved registrar will provide a notice of domain name registration to the holders of marks that have been previously validated by the Trademark Clearinghouse and are an identical match. This notice will be as dictated by ICANN. At a minimum Pictet will recognize and honor all word marks validated by the Trademark Clearinghouse.

29.2 Mechanisms Designed to Identify and address the abusive use of registered names on an ongoing basis

In addition to the Sunrise and Trademark Claims services described in Section 1 of this response, Pictet implements and adheres to RPMs post-launch as mandated by ICANN, and confirms that registrars accredited for the ʺ.pictetʺ TLD are in compliance with these mechanisms. Certain aspects of these post-launch RPMs may be administered on behalf of Pictet by Pictet-approved registrars or by subcontractors of Pictet, such as its selected backend registry services provider, Verisign.

These post-launch RPMs include the established Uniform Domain-Name Dispute-Resolution Policy (UDRP), as well as the newer Uniform Rapid Suspension System (URS) and Trademark Post-Delegation Dispute Resolution Procedure (PDDRP). Where applicable, Pictet will implement all determinations and decisions issued under the corresponding RPM.

After a domain name is registered, trademark holders can object to the registration through the UDRP or URS. Objections to the operation of the gTLD can be made through the PDDRP.

The following descriptions provide implementation details of each post-launch RPM for the « .pictet » TLD:

UDRP: The UDRP provides a mechanism for complainants to object to domain name registrations. The complainant files its objection with a UDRP provider and the domain name registrant has an opportunity to respond. The UDRP provider makes a decision based on the papers filed. If the complainant is successful, ownership of the domain name registration is transferred to the complainant. If the complainant is not successful, ownership of the domain name remains with the domain name registrant. Pictet and entities operating on its behalf adhere to all decisions rendered by UDRP providers.

URS: As provided in the Applicant Guidebook, all registries are required to implement the URS. Similar to the UDRP, a complainant files its objection with a URS provider. The URS provider conducts an administrative review for compliance with filing requirements. If the complaint passes review, the URS provider notifies the registry operator and locks the domain. A lock means that the registry restricts all changes to the registration data, but the name will continue to resolve. After the domain is locked, the complaint is served to the domain name registrant, who has an opportunity to respond. If the complainant is successful, the registry operator is informed and the domain name is suspended for the balance of the registration period; the domain name will not resolve to the original website, but to an informational web page provided by the URS provider. If the complainant is not successful, the URS is terminated and full control of the domain name registration is returned to the domain name registrant. Similar to the existing UDRP, Pictet and entities operating on its behalf adhere to decisions rendered by the URS providers.

PDDRP: As provided in the Applicant Guidebook, all registries are required to implement the PDDRP. The PDDRP provides a mechanism for a complainant to object to the registry operatorʹs manner of operation or use of the gTLD. The complainant files its objection with a PDDRP provider, who performs a threshold review. The registry operator has the opportunity to respond and the provider issues its determination based on the papers filed, although there may be opportunity for further discovery and a hearing. Pictet participates in the PDDRP process as specified in the Applicant Guidebook.

Additional Measures Specific to Rights Protection. Pictet provides additional measures against potentially abusive registrations. These measures help mitigate phishing, pharming, and other Internet security threats. The measures exceed the minimum requirements for RPMs defined by Specification 7 of the Registry Agreement and are available at the time of registration. These measures include:

Rapid Takedown or Suspension Based on Court Orders: Pictet complies promptly with any order from a court of competent jurisdiction that directs it to take any action on a domain name that is within its technical capabilities as a TLD registry. These orders may be issued when abusive content, such as child pornography, counterfeit goods, or illegal pharmaceuticals, is associated with the domain name.

Anti-Abuse Process: Pictet implements an anti-abuse process that is executed based on the type of domain name takedown requested. The anti-abuse process is for malicious exploitation of the DNS infrastructure, such as phishing, botnets, and malware.

Authentication Procedures: Verisign, Pictetʹs selected backend registry services provider, uses two-factor authentication to augment security protocols for telephone, email, and chat communications.

DNSSEC Signing Service: Domain Name System Security Extensions (DNSSEC) helps mitigate pharming attacks that use cache poisoning to redirect unsuspecting users to fraudulent websites or addresses. It uses public key cryptography to digitally sign DNS data when it comes into the system and then validate it at its destination. The .pictet gTLD is DNSSEC-enabled as part of Verisignʹs core backend registry services.

29.3 Resourcing Plans

29.3.1 Resource Planning

As underlined in question 18, the Group Corporate Communication (GCC) department will be in charge of all TLD-related issues and will manage the relationship with all third-party technical providers including the data escrow. Those costs have been included in the financial projections.

29.3.2 Resource Planning Specific to Backend Registry Activities

Verisign, Pictetʹs selected backend registry services provider, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. Verisign routinely adjusts these staffing models to account for new tools and process innovations. These models enable Verisign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, Verisign derived the necessary personnel levels required for this gTLDʹs initial implementation and ongoing maintenance. Verisignʹs pricing for the backend registry services it provides to Pictet fully accounts for cost related to this infrastructure, which is provided as Line IIb.G, Total Critical Registry Function Cash Outflows, within the Question 46 financial projections response.

Verisign employs more than 1,040 individuals of which more than 775 comprise its technical work force. (Current statistics are publicly available in Verisignʹs quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, Verisign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving Verisignʹs ability to align personnel resource growth to the scale increases of Verisignʹs TLD service offerings.

Verisign projects it will use the following personnel roles, which are described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support the implementation of RPMs:
- Customer Affairs Organization: 9
- Customer Support Personnel: 36
- Information Security Engineers: 11

To implement and manage the .pictet gTLD as described in this application, Verisign, Pictetʹs selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, Verisign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.

When usage projections indicate a need for additional staff, Verisignʹs internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, Verisign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as Verisign holds all contributing staff members accountable to the same procedures that guide its execution of the Internetʹs largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, Verisign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.

30(a). Security Policy: Summary of the security policy for the proposed registry

30. Security Policy
Part A

As mentioned in response to Question 18 (b) above, Pictet is a well-known financial institution operating around the world. Pictet has an extensive experience and expertise in managing complex information technology infrastructures in connection to its business relying on in-house and external resources.

Pictet doesnʹt aim to manage a domain name registry system. Pictet has chosen to rely on Verisign for the back-end registry operation of the applied-for ʺ.pictetʺ registry in accordance with the specific technical requirements imposed upon new gTLD registries. The response to this question describes the registry services for the ʺ.pictetʺ TLD as provided by Verisign.

30.1 Processes and solutions

Pictetʹs selected backend registry services providerʹs (Verisignʹs) comprehensive security policy has evolved over the years as part of managing some of the worldʹs most critical TLDs. Verisignʹs Information Security Policy is the primary guideline that sets the baseline for all other policies, procedures, and standards that Verisign follows. This security policy addresses all of the critical components for the management of backend registry services, including architecture, engineering, and operations.

Verisignʹs general security policies and standards with respect to these areas are provided as follows:
Architecture
• Information Security Architecture Standard: This standard establishes the Verisign standard for application and network architecture. The document explains the methods for segmenting application tiers, using authentication mechanisms, and implementing application functions.
• Information Security Secure Linux Standard: This standard establishes the information security requirements for all systems that run Linux throughout the Verisign organization.
• Information Security Secure Oracle Standard: This standard establishes the information security requirements for all systems that run Oracle throughout the Verisign organization.
• Information Security Remote Access Standard: This standard establishes the information security requirements for remote access to terminal services throughout the Verisign organization.
• Information Security SSH Standard: This standard establishes the information security requirements for the application of Secure Shell (SSH) on all systems throughout the Verisign organization.

Engineering
• Secure SSL⁄TLS Configuration Standard: This standard establishes the information security requirements for the configuration of Secure Sockets Layer⁄Transport Layer Security (SSL⁄TLS) for all systems throughout the Verisign organization.
• Information Security C++ Standards: These standards explain how to use and implement the functions and application programming interfaces (APIs) within C++. The document also describes how to perform logging, authentication, and database connectivity.
• Information Security Java Standards: These standards explain how to use and implement the functions and APIs within Java. The document also describes how to perform logging, authentication, and database connectivity.

Operations
• Information Security DNS Standard: This standard establishes the information security requirements for all systems that run DNS systems throughout the Verisign organization.
• Information Security Cryptographic Key Management Standard: This standard provides detailed information on both technology and processes for the use of encryption on Verisign information security systems.
• Secure Apache Standard: Verisign has a multitude of Apache web servers, which are used in both production and development environments on the Verisign intranet and on the Internet. They provide a centralized, dynamic, and extensible interface to various other systems that deliver information to the end user. Because of their exposure and the confidential nature of the data that these systems host, adequate security measures must be in place. The Secure Apache Standard establishes the information security requirements for all systems that run Apache web servers throughout the Verisign organization.
• Secure Sendmail Standard: Verisign uses sendmail servers in both the production and development environments on the Verisign intranet and on the Internet. Sendmail allows users to communicate with one another via email. The Secure Sendmail Standard establishes the information security requirements for all systems that run sendmail servers throughout the Verisign organization.
• Secure Logging Standard: This standard establishes the information security logging requirements for all systems and applications throughout the Verisign organization. Where specific standards documents have been created for operating systems or applications, the logging standards have been detailed. This document covers all technologies.
• Patch Management Standard: This standard establishes the information security patch and upgrade management requirements for all systems and applications throughout Verisign.

General
• Secure Password Standard: Because passwords are the most popular and, in many cases, the sole mechanism for authenticating a user to a system, great care must be taken to help ensure that passwords are ʺstrongʺ and secure. The Secure Password Standard details requirements for the use and implementation of passwords.
• Secure Anti-Virus Standard: Verisign must be protected continuously from computer viruses and other forms of malicious code. These threats can cause significant damage to the overall operation and security of the Verisign network. The Secure Anti-Virus Standard describes the requirements for minimizing the occurrence and impact of these incidents.

Security processes and solutions for the .pictet TLD are based on the standards defined above, each of which is derived from Verisignʹs experience and industry best practice. These standards comprise the framework for the overall security solution and applicable processes implemented across all products under Verisignʹs management. The security solution and applicable processes include, but are not limited to:
• System and network access control (e.g., monitoring, logging, and backup)
• Independent assessment and periodic independent assessment reports
• Denial of service (DoS) and distributed denial of service (DDoS) attack mitigation
• Computer and network incident response policies, plans, and processes
• Minimization of risk of unauthorized access to systems or tampering with registry data
• Intrusion detection mechanisms, threat analysis, defenses, and updates
• Auditing of network access
• Physical security

Further details of these processes and solutions are provided in Part B of this response.

30.1.1 Security Policy and Procedures for the Proposed Registry

Specific security policy related details, requested as the bulleted items of Question 30 – Part A, are provided here.

Independent Assessment and Periodic Independent Assessment Reports. To help ensure effective security controls are in place, Pictet, through its selected backend registry services provider, Verisign, conducts a yearly American Institute of Certified Public Accountants (AICPA) and Canadian Institute of Chartered Accountants (CICA) SAS 70 audit on all of its data centers, hosted systems, and applications. During these SAS 70 audits, security controls at the operational, technical, and human level are rigorously tested. These audits are conducted by a certified and accredited third party and help ensure that Verisign in-place environments meet the security criteria specified in Verisignʹs customer contractual agreements and are in accordance with commercially accepted security controls and practices. Verisign also performs numerous audits throughout the year to verify its security processes and activities. These audits cover many different environments and technologies and validate Verisignʹs capability to protect its registry and DNS resolution environments. Figure ‎30A-1 lists a subset of the audits that Verisign conducts. For each audit program or certification listed in Figure ‎30A-1, Verisign has included, as attachments to the Part B component of this response, copies of the assessment reports conducted by the listed third-party auditor. From Verisignʹs experience operating registries, it has determined that together these audit programs and certifications provide a reliable means to ensure effective security controls are in place and that these controls are sufficient to meet ICANN security requirements and therefore are commensurate with the guidelines defined by ISO 27001.

Augmented Security Levels or Capabilities. See Section 5 of this response.

Commitments Made to Registrants Concerning Security Levels. See Section 4 of this response.

30.2 Consistent with the overall business approach and planned size of the registry

Verisign, Pictetʹs selected backend registry services provider, is an experienced backend registry provider that has developed and uses proprietary system scaling models to guide the growth of its TLD supporting infrastructure. These models direct Verisignʹs infrastructure scaling to include, but not be limited to, server capacity, data storage volume, and network throughput that are aligned to projected demand and usage patterns. Verisign periodically updates these models to account for the adoption of more capable and cost-effective technologies.

Verisignʹs scaling models are proven predictors of needed capacity and related cost. As such, they provide the means to link the projected infrastructure needs of the .pictet gTLD with necessary implementation and sustainment cost. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its scaling models, Verisign derived the necessary infrastructure required to implement and sustain this gTLD. Verisignʹs pricing for the backend registry services it provides to Pictet fully accounts for cost related to this infrastructure, which is provided as ʺTotal Critical Registry Function Cash Outflowsʺ (Template 1, Line IIb.G) within the Question 46 financial projections response.

30.3 Ressource planning

Verisign, Pictetʹs selected backend registry services provider, is an experienced backend registry provider that has developed a set of proprietary resourcing models to project the number and type of personnel resources necessary to operate a TLD. Verisign routinely adjusts these staffing models to account for new tools and process innovations. These models enable Verisign to continually right-size its staff to accommodate projected demand and meet service level agreements as well as Internet security and stability requirements. Using the projected usage volume for the most likely scenario (defined in Question 46, Template 1 – Financial Projections: Most Likely) as an input to its staffing models, Verisign derived the necessary personnel levels required for this gTLDʹs initial implementation and ongoing maintenance. Verisignʹs pricing for the backend registry services it provides to Pictet fully accounts for cost related to this infrastructure, which is provided as ʺTotal Critical Registry Function Cash Outflowsʺ (Template 1, Line IIb.G) within the Question 46 financial projections response.

Verisign employs more than 1,040 individuals of which more than 775 comprise its technical work force. (Current statistics are publicly available in Verisignʹs quarterly filings.) Drawing from this pool of on-hand and fully committed technical resources, Verisign has maintained DNS operational accuracy and stability 100 percent of the time for more than 13 years for .com, proving Verisignʹs ability to align personnel resource growth to the scale increases of Verisignʹs TLD service offerings.

Verisign projects it will use the following personnel role, which is described in Section 5 of the response to Question 31, Technical Overview of Proposed Registry, to support its security policy:
- Information Security Engineers: 11

To implement and manage the .pictet gTLD as described in this application, Verisign, Pictetʹs selected backend registry services provider, scales, as needed, the size of each technical area now supporting its portfolio of TLDs. Consistent with its resource modeling, Verisign periodically reviews the level of work to be performed and adjusts staff levels for each technical area.

When usage projections indicate a need for additional staff, Verisignʹs internal staffing group uses an in-place staffing process to identify qualified candidates. These candidates are then interviewed by the lead of the relevant technical area. By scaling one common team across all its TLDs instead of creating a new entity to manage only this proposed gTLD, Verisign realizes significant economies of scale and ensures its TLD best practices are followed consistently. This consistent application of best practices helps ensure the security and stability of both the Internet and this proposed gTLD, as Verisign holds all contributing staff members accountable to the same procedures that guide its execution of the Internetʹs largest TLDs (i.e., .com and .net). Moreover, by augmenting existing teams, Verisign affords new employees the opportunity to be mentored by existing senior staff. This mentoring minimizes start-up learning curves and helps ensure that new staff members properly execute their duties.

30.4 Consistency with commitments registrants regarding security levels

Verisign is Pictetʹs selected backend registry services provider. For the .pictet gTLD, no unique security measures or commitments must be made by Verisign or Pictet to any registrant.

30.5 Security measures are appropriate for the applied-for gTLD string

No unique security measures are necessary to implement the .pictet gTLD. As defined in Section 1 of this response, Verisign, Pictetʹs selected backend registry services provider, commits to providing backend registry services in accordance with the following international and relevant security standards:
• American Institute of Certified Public Accountants (AICPA) and Canadian Institute of Chartered Accountants (CICA) SAS 70
• WebTrust⁄SysTrust for Certification Authorities (CA)



© Internet Corporation For Assigned Names and Numbers.