In response to the ICANN
Staff Report on the creation of new generic top level domains, Tucows would like
to ensure that the following clarifications surrounding the technical questions that
this document raises are a part of the public record. This comments are generally
addressed towards to proposals tabled by Number.tel LLC (.tel), Novell Inc. (.dir)
and .kids Domains Inc. (.kids). This commentary is being provided on behalf of
Tucows Inc. as the Registry Operator for the proposals specified. In no way are these
statements endorsed by or intended to be viewed as definitive or authoritative statements
made by the various Sponsoring Organizations for the proposals in question.
It
is important to note that the .kids Domains Inc. proposal does not contemplate the
use of Registrars as defined by the current Verisign Registry model, so not all of
these comments fully apply to their application. Annotation has been made where appropriate
to clarify the exceptions.
1) Billing: Tucows OpenXRS registry management system
currently handles billing through the firms standard internal accounts payable/receivable
processes. Registrars (and where appropriate, registrants or resellers) will be able
to retrieve account details online and quarterly statements will be physically mailed
to them on a quarterly basis. Tucows is currently in the process of finalizing IPDR
(Internet Protocol Detail Record) support within the platform. The firm is currently
in the processing of migrating to, and fully expects to complete the migration of
the existing accounting and billing systems to a third party commercial IPDR based
billing and collection platform by Q3/01. This is a company wide initiative and not
specific to Tucows OpenXRS.
2) Whois Fault Tolerance: Tucows appreciates the input
from the Review Panel on this issue and is currently evaluating the best approach
to facilitating this requirement in a manner consistent with the rest of the proposal.
3)
Security: Tucows will be operating the registry in a manner consistent with the best
practices outlined in the Versign/ICANN gTLD Registry Best Practices white paper
published on Sept. 30, 2000 (http://www.icann.org/tlds/gtld-registry-best-practices-30sep00.htm).
While this document does not delve into the level of specificity requested by the
staff review, Tucows is fully committed to ensuring the technical stability, security
and rational operation of the registry. Additionally, the principles outlined in
RFC 2870 (Root Name Server Operational Requirements) act as a base reference document
by which all architectural, security and operational policies are judged.
Specifically,
-
access to all systems is limited solely to operational staff in a physical manner.
Remote access to the critical systems will not be permitted. Critical systems and
support systems will exist on unique logical network segments.
- links between
sites responsible for transport of sensitive information will be appropriately secured
using SSL and/or verified using checksum.
- logging and monitoring will
be conducted in a manner consistent with industry accepted practices. Tucows has
acquired significant expertise in managing a globally distributed network of servers
and systems, a large part of which are logical security monitoring and auditing measures.
- Tucows will be working closely with the sponsoring organization to ensure
the ongoing adherence to the security policies and implementation in use by Tucows.
These reviews will occur on no less than a semi-annual basis.
4) Names under management:
As a registrar, Tucows currently has ~2 million names under management. Our proof-of-concept,
test bed registry service (mooNIC) has roughly 200,000 names under management.
5)
RRP Standards: It is important to note that Tucows is fully committed to working
within the IETF process to ensure that the registry management system uses a standards
compliant RRP protocol. We acknowledge that this will not be an immediate process
and as a result, we have made a basic design decision to support both the existing
Hollenbeck gRRP as well as the xRRP specified in the ROP.
6) Interface Specification:
Access to the registry, by remote registrar (where appropriate), will solely be limited
to RRP transactions, with the exception of historical billing and account detail
retrieval which will be facilitated by a web-based administrative system. Access
to the RRP interfaces will be controlled in a manner similar to the current Verisign
RRP access control policy by which Registrars must specify the network address of
all devices access the RRP service prior to access being granted. Further, all transactions
are authenticated and encrypted, thus ensuring that only accredited and certified
registrars are capable of processing RRP transactions with the registry.
7) Internally
developed software: Tucows is not aware of any production quality registry management
software that has been used in a live registry situation and also available for sale.
As such, the decision to use internally developed software for the registry system
was not ours to make. With that being said, all software releases conducted by the
firm are subject to significant internal testing and quality control measures to
ensure the highest quality releases. The firm currently employs 4 quality assurance
staff that coordinate with the testing group to achieve the companies QA goals.
8)
Impact on the DNS System: Unique to the .dir proposal, Tucows intends to enforce
the policy of the Sponsoring Organization through technical methodologies that are
responsible and efficient. We are currently reviewing the efficacy of the proposed
solution and evaluating our alternatives. It appears to be feasible to use the existing
zone file and bulk whois retrieval programs to achieve this policy goal.
Finally,
Tucows would like to formally commend the efforts of the ICANN staff, other bid participants
and Internet stakeholders for their effort and cooperation through this highly important
process. Further, we are pleased that the selection process is being conducted in
harmony with the spirit of RFC 1591. It is critical that ICANN continues to provide
the domain name community and the various stakeholders with an appropriate framework
by which significantly interested parties have a voice and that responsibility to
the Internet as a whole is the guiding principle governing all decisions and actions.
Sincerely,
Ross
Wm. Rader
Tucows Inc.
ross@tucows.com
t. 416.535.0123 x335
f. 416.531.5584