Best Practice Guidelines for ccTLD Managers



Best Practice Guidelines for ccTLD Managers



A working document of the Best Practices and Redelegation Working Group of
the ccTLD Constituency of the DNSO, part of ICANN



August 16, 2000
Version 3.2
The Word version indicating modificiations to the version of June 12th 2000 is available in http://www.cctld-drafting.org/documents/BPR_v3.0.doc The text version of June 12th 2000 is available in bp.12jun00.html


Table of Contents

Introduction

Background

1. Objectives of this Document

2. Definitions

3. Best Practice

3.1 Status and Responsibilities of ccTLD Managers

3.1.1 Service to the Community
3.1.1.1 Promotion of the Internet
3.1.1.2 Investment in the community

3.2 Registration Policies
3.2.1 Formation and Creation of Policies
3.2.2 Minimum Requirements of Registration Policies
3.2.2.1 Contracts with Registrants
3.2.2.2 Identification of Registrants
3.2.2.3 Fairness
3.2.2.4 Privacy
3.2.2.5 Domain Dispute Resolution
3.2.2.6 Restrictions on Domain Names and Content

3.3 Operational Requirements
3.3.1 Service Quality
3.3.2 Technical Operations
3.3.2.1 Data Security
3.3.2.2 Duties
3.3.3.3 Information to IANA
3.3.3.4 Access to zones
3.3.3.5 Subcontracting
3.3.3 Financial Matters
3.3.3.1 Business Model
3.3.3.2 Promotion

3.3.4 Law



Introduction

Whilst recognizing that existing managers of ccTLD registries do not
necessarily fully conform to best practice, most of the ccTLD Manager
community is committed to work towards compliance. As ICANN will formalize
its relationship with ccTLD managers in the foreseeable future, there is
also a need for a redelegation procedure.

Background

The Domain Name System structure contains a hierarchy of names. The root, or
highest level, of the system is unnamed. Top Level Domains (TLDs) are
divided into classes, ccTLDs and gTLDs, based on rules that have evolved
over time. ccTLDs - country code Top Level Domains - are associated with
countries and territories. gTLDs are (with some exceptions) generic and
global in nature.

To date, ccTLDs have been assigned to countries and territories using the
ISO-3166-1 list, on the basis that ISO has a procedure for determining which
entities should and should not be on that list. Historically, the
management of ccTLD Registries was delegated by IANA to the existing ccTLD
Managers, under the guidelines originally set out in RFC 1591 and elaborated
upon in ICP-1.

RFC 1591, published in March 1994 by Jon Postel of IANA, is a compendium of
the experience and best practices of the majority of the ccTLD registries in
existence at the time. ICP-1 is an alternative name for a document entitled
"Internet Domain Name System Structure and Delegation", jointly issued in
May 1999 by the then separate ICANN and IANA (www.iana.org/cctld/icp1.htm).
ICP-1 contains a statement of policies then and still followed by the IANA
in connection with ccTLDs, and is thus the most current reference for
existing ccTLD policy and changes to it, which the current document attempts
to present.

A list of current TLD assignments and names of the ccTLD Managers may be
accessed at http://www.iana.org/cctld/cctld.htm

A ccTLD Manager's authority comes from its delegation from IANA, from
serving the Global and Local Internet Community, and from the affirmation by
IANA and the Local Internet Community of that authority. The IANA and the
Local Internet Community, including governmental and other authorities, have
a responsibility to support and protect the ccTLD Registry, and to assist
the ccTLD Manager serve that community.

The Internet Assigned Numbers Authority (IANA) is the overall authority for
day-to-day administration of the Internet Domain Name System (DNS). The IANA
function is currently located administratively within the Internet
Corporation for Assigned Names and Numbers (ICANN). IANA staff carries out
administrative responsibilities for the assignment of IP Addresses,
Autonomous System Numbers, Top Level Domains (TLDs), and other unique
parameters of the DNS and its protocols. This document describes the role of
IANA and the role of managers of country-code Top Level Domains (ccTLD
Managers) in the administration of the DNS with respect to the operation of
ccTLDs.

ICANN/IANA is the international organization charged with supervising the
Internet Domain Name System based as far as possible on constituent
consensus with respect to policies affecting and affected by the DNS.
ICANN's ultimate accountability is for the reliable performance of the
Internet and the broadest dissemination of Internet knowledge, technology,
and development. ICANN will supervise the operations of the ccTLD Managers
and will serve as the dispute resolution forum for complaints against a
ccTLD Manager, or by a ccTLD Manager with respect to any actions deemed by
the ccTLD Manager to affect adversely its operation of the domain.

1. Objectives of this document

To set out areas to be addressed in creating Best Practice Guidelines for
ccTLD Managers.

2. Definitions

ccTLD - A country code top level domain in the top level of the global
domain name system, assigned according to the two-letter codes in the ISO
3166-1 standard codes for the representation of names of countries or
territories.

ccTLD Registry - The entity which records names as domain names in a
register of domain names for the country-code top level domain name,
according to policies and rules, and following procedures, established with
the Local Internet Community (see below).

ccTLD Manager - A company, organisation or individual managing a ccTLD
Registry.

Registrant - A company, organisation or individual for whom a name has been
registered as a domain name in the ccTLD domain name register.

ICANN - Internet Corporation for Assigned Names and Numbers.

IANA - Internet Assigned Numbers Authority (Incorporated into ICANN in
1999).

Local Internet Community - The Internet industry and users (e.g. the
educational community, the private sector, Internet societies, individual
users, et al.) and the government and authorities of the state or territory
with which the ccTLD is associated. The definition of the Local Internet
Community may vary from one country/territory to another, and is essentially
a matter for the community in a given country/territory to decide. The
definition of the Local Internet Community should be documented, available
for public inspection, and transparent to the local community.

ccTLD Dispute Resolution Body - a Body, as further defined in Redelegation
Procedures, a sister document to this Best Practices Guidelines, which will
function as a panel to adjudicate disputes concerning the management of a
ccTLD or the right to manage a ccTLD.

3. Best Practice

3.1 Status and Responsibilities

The primary duty of the ccTLD Manager is one of Public Service. The Local
Internet Community, in conjunction with the overall authority of IANA, is
the source of the mandate under which the ccTLD Manager manages and operates
the domain. The Manager's fulfillment of that mandate should be ensured
through an ongoing consultative process with the Local Internet Community,
which should, in turn, result in the protection of the interests of the
Global as well as the Local Internet community.

A ccTLD Manager is therefore a trustee for the delegated domain, and has a
duty to serve the community of the Nation it represents as well as the
global Internet community. Concerns about "rights" and "ownership" of
top-level domains are inappropriate. It is appropriate to be concerned about
"responsibilities" and "service" to the community. The ccTLD manager should
be judged on his or her performance, and the extent to which it satisfies
the needs of the Local and Global Internet communities.

ccTLD Managers are entrusted with the management of the TLD Registry.
The ccTLD Manager and Registry are not responsible for any alleged or actual
violations of intellectual property or other rights, merely as a consequence
of listing a domain name in the ccTLD register unless they have received
prior notification from ICANN that registration of the domain name in
question is restricted.

No intellectual or other property rights in the 2-character code accrue to a
ccTLD Manager as a result of the act of delegation of the responsibility for
a ccTLD Registry. ccTLD Managers may have rights to the intellectual and
other property developed by them as a by-product of managing the ccTLD
Registry, subsequent to the delegation of such responsibility.

The ccTLD Manager, in the absence of pre-existing arrangements, in
consultation with IANA and the Local Internet Community, and unless agreed
otherwise with the Local Internet Community, and consistent with the
requirement to best serve the interests of the Local Internet Community,
should be resident in the territory of the ccTLD and, if the Manager is a
corporation, the ccTLD Manager should be incorporated there.

The ccTLD Manager should recognize that some of the functions of the
registry may be considered to be a monopoly and should not abuse its special
position.

3.1.1 Service to the Community

3.1.1.1 Promotion of the Internet - It is the obligation of the ccTLD
Manager to foster the use of the Internet in the geographical location
associated with the ccTLD's ISO-3166-1 code for which the domain is named.
The Manager should take a leadership role in promoting awareness of the
Internet, access to the Internet, and use of the Internet within the
Country. The ccTLD Manager should develop, over time, a consultative process
with various elements of society including the government, the education
interests, the health care interests, the cultural and other non-commercial
interests, the business interests, and other sectors of society that may be
affected by and which may profit by the use of the Internet, and who
together make up the Local Internet Community.

3.1.1.2 Service - As community service is an essential and central element
in the mandate of a ccTLD, the ccTLD Manager should from time to time, and
depending on its financial situation, identify activities serving the
interests of the local community with respect to the Internet. The ccTLD
Manager should engage with the local community to stimulate broad usage of
the Internet through initiatives such as educational programs, technical
assistance, programs to enhance Internet access opportunities for residents,
identification of innovative benefits to the local community through the
Internet, or other activities as the ccTLD Manager may from time to time
identify as serving the best interests of the local community with respect
to the Internet. As part of its operating agreement with ICANN, the ccTLD
Manager should develop a plan, consistent with its financial capabilities,
for fulfilling its obligations to the Local Internet Community, including a
consultative process interfacing with important elements of the local
society both public and private. In general, the ccTLD Manager should
attempt to provide service at the best level possible.

3.2 Registration Policies

3.2.1 Formation of Policies - Procedures for registration of domain names
should follow policies rules and procedures that have been established and
published in a transparent manner in consultation with the Local Internet
Community, consistent with IANA's requirements.

3.2.2 Minimum requirements for Registration policies

3.2.2.1 ccTLD registries should have a standard contract agreement with
Registrants setting out the expectations and obligations of each party.
Registrants should be obliged to supply accurate and complete contact
information at the time of registration, and to keep it current.


3.2.2.2 ccTLD registries should collect the necessary information to ensure
that the Registrant can be authoritatively identified. Registries may choose
to generate passwords, authentication tokens, digital/paper certificates,
etc to assist in identification.

Registries should provide an easy (Web based) means for registrants to
update their details in the registry database.

3.2.2.3 Fairness - The ccTLD Manager should be equitable and fair to all
eligible registrants that request domain names. Specifically, the same rules
should be applied to all requests and they should be processed in a
non-discriminatory fashion. The policies and procedures for the use of the
domain should be made available for public inspection.

Policies defining which organizations, businesses, individuals, etc. are
eligible to register domain names under the 2-character ccTLD should be
defined by the ccTLD Manager in consultation with the Local Internet
Community. Specifically, the registration of domain names should be based
on objective criteria that are transparent and non-discriminatory. Policies
and procedures may vary from country to due to local customs, cultural
values, local policies and objectives, law and regulations. The definition
should be documented, available for public inspection, and transparent to
the Local Internet Community.

Requests from for-profit and non-profit companies and organizations are to
be treated on an equal basis, and no discrimination may be made between
customers or classes of customers based on race, gender, national or ethnic
origin, creed, physical disability, or political affiliation. No bias shall
be shown regarding requests that may come from customers of some other
business related to the ccTLD manager. There can be no stipulation that a
particular application, protocol, or product be used.

3.2.2.4 Privacy - The ccTLD Manager should have a consistently applied
policy on privacy, and that policy should be published. The ccTLD Manager
should attempt to provide unfettered public access to the contact
information necessary to look up a domain in the Who-is database, to
qualified interested parties on a fair and equitable basis, in compliance
with applicable laws on data privacy, for the benefit of the local and
global Internet communities., unless such access is clearly prohibited by
applicable national law.
The Manager should strive to harmonize the need for a global transparent
Whois database and the privacy and data protection concerns of the local
Internet community by ensuring that any processing of personal data takes
place only with the unambiguously given consent of the registrant. [For
example, the latter may be advised, at the time of registration, that their
application for a domain name in a given zone constitutes consent to the
making available to the public of specified data elements contained in the
application. Those who were not so advised at the time of domain name
registration may be advised that the periodic renewal of their registration
would be contingent on agreeing to have certain data elements of their file,
as it appears at that point in time, available to the public.]

The ccTLD Managers will determine independently how much information to make
available to the general public. In order to limit undesirable behavior
(e.g. spamming) by those viewing the database, restrictions to protect the
integrity and availability of the database, such as limiting may consider
introducing restrictions on bulk access to qualified users paying for such
access, should be introduced. [Users may look up the contact information for
a single domain name, but may not download the data in bulk without a
contractual agreement with the Registry.]the database to discourage
undesirable behavior, such as unsolicited bulk e-mail (spam), on the part
those viewing the database.

3.2.2.5 Domain Name Dispute Resolution. ccTLD Managers should define and
publish their domain name dispute resolution policies and procedures, in
consultation with the Local Internet Community. Mechanisms should be
established by the ccTLD Manager to handle fairly and independently any such
disputes arising between registrants, or other parties, and the ccTLD
Manager. Making judgments in relation to disputes between third parties and
domain name registrants is outside the scope of the ccTLD Managerís duties.

The ccTLD Manager should establish and publish rules providing for
independent resolution of domain name disputes consistent with international
intellectual property dispute resolution conventions and otherwise providing
for swift, definitive, and non-discriminatory resolution of disputes. Such
rules may provide for initial action in the best judgment of the ccTLD
Manager exercised in good faith, but such action should be subject to the
independent dispute resolution process. Each ccTLD Manager should adopt
policies and procedures for resolving domain name disputes that suit the
laws and customs of their local Internet community and the policies of their
ccTLD. ccTLD Managers are encouraged to develop a Local Dispute Resolution
Policy (LDRP) which is based on (or in some cases, may be identical to)
ICANN approved policies, e.g. the UDRP.

3.2.2.6 Co-operation with law enforcement. A ccTLD Manager receiving a
complaint from a relevant and recognized authority (e.g. branches of
security agencies that concern themselves with mass media) of harmful or
illegal (i.e. activity that is prohibited by local laws on disseminating
certain kinds of information [national security-related data, pornography,
etc.]) activity being conducted on a domain registered with the ccTLD,
should share with that authority information on the holder of the domain
name.

3.3 Operational Requirements

3.3.0 ccTLD Managers are charged with operation or supervision of the
operation of the DNS service for the domain, including assignment of domain
names, delegation of subdomains, maintenance of the zone files for the
domain, and operation of nameservers.

3.3.1 Service quality: ccTLD registries must register domain names in an
efficient and timely manner.

3.3.2 Technical Operations

3.3.2.1 - Data Security. ccTLD Managers must ensure that all Registry data
is
secured against damage or loss. For this purpose, they should, where
resources permit, avail themselves of the best technology in prevailing use.
(See 3.2.2.4 for treatment of privacy concerns)

3.3.2.2 The ccTLD Manager supervises the process of registration of domain
names in the registry of the ccTLD, and supervises the operation of the
domain name servers and the maintenance of the appropriate zone files for
the ccTLD. There must be permanent (24-hours per day) Internet Protocol (IP)
connectivity to the name servers and the registry servers. There should be
published e-mail and web address contacts, and these should be permanently
accessible. The ccTLD Manager must do a satisfactory job of supervising the
DNS service for the TLD, and carry out its tasks in a satisfactory manner,
with technical competence and with equipment reflecting at least the state
of the art prevailing in the DNS system globally. Duties such as the
assignment of domain names, delegation of subdomains and operation of
nameservers must be performed with technical competence. At a minimum, the
ccTLD manager must provide primary and secondary nameservers with 24-hour
Internet Protocol (IP) connectivity to the Internet, 365 days per year, and
operate the database with accuracy, robustness, resilience, and reliability.
(See RFC 1591 and ICP-1).

3.3.2.3 The ccTLD Manager should keep the IANA advised of any changes to the
information concerning the domain that is maintained in the IANA's register
database, and should respond to requests for information from the IANA
relating to the status and technical operations of the domain in a timely
manner.

3.3.2.4 The ccTLD Manager must protect the integrity of its zone(s) and
must make arrangements with IANA to assure continued operation of the
registry, and continued resolution of names within the ccTLD's zone(s), in
case of bankruptcy, illness, acts of God, or any other condition that
threatens the smooth functioning of the ccTLD.

3.3.2.5 Subcontracting of Operations - Unless otherwise agreed with the
Local Internet Community, a ccTLD Manager may contract out any or all of the
operation and administration of a ccTLD Registry, provided that the ccTLD
Manager contractually obliges the sub-contractor to comply with the
requirements of this and any other documents setting down best practices for
ccTLD Managers.

3.3.3 Financial Matters

3.3.3.1 ccTLD Managers shall not be limited as to their business model.

3.3.3.2 It is the obligation of the ccTLD Manager to foster the use of the
domain. Because of the many options for domain name registrants, the
marketplace will, in large measure determine the pricing levels for services
of ccTLDs. Nevertheless, the ccTLD Manager should price its services at such
levels as to promote and not limit the use of the domain name and to be
competitive generally with the market. The ccTLD Manager should not in
effect hoard the domain by excessive pricing relative to the market or
otherwise act in a monopolistic fashion. A demonstration of financial abuse
of registrants will be deemed misconduct by a ccTLD Manager.

3.3.4 Governing Law

3.3.4.0 ccTLD Managers should may operate under the law of the country or
territory of the ccTLD, or, alternatively, under the law of the country
where they are located. The relationship between Registrants and the ccTLD
Manager (whether by explicit contract or otherwise) may then should be
governed by the law of the country or territory of the ccTLD, or the law of
the country where the Manager resides.

 

ccTLD Drafting Task Force. For information contact avc@iatld.org