C. Creation of New gTLDS

E. Trademark Issues

1. What are the advantages and disadvantages of current domain name registration systems?

    

   NSI Response to 1:

   The current system has managed to sustain the recent growth imposed on it. The introduction of widespread commercial interests and demands placed on the DNS, however, have revealed unforeseen deficiencies. Network Solutions, based on its experience, cautions that any changes need to be carefully tested before they are implemented. Below NSI has identified some advantages and disadvantages of the current system that should be considered:

   Advantages of the DNS:

   1. Ease of use. The DNS has simple user conventions, within a simple structure, that are easy to understand. In the current DNS, the existence of a single registration entity within each of the relatively small number of TLDs (approximately 200) prevents confusion even for new Internet users. For those consumers who desire a one-stop registration, there are dozens of ISPs who will resell domain names in any TLDs for a premium fee.

   2. Large number of available names. Additional top level domains may be useful to create new brands and encourage new services, but mathematically will do little to increase the number of second-level domain names available. There are virtually an infinite number of second-level domain names available in each existing top-level domain. In .com, for example, there are approximately 37²² possible combinations for second-level domain names.

   To illustrate:

   22 spaces available to the of the left of the dot

   37 characters: English alphabet, plus 10 digits and the hyphen

   possibilities (37²²) 31,700,000,000,000,000,000,000,000,000,000,000 ^*

   ^*The exception to this is that a valid domain name may not have a dash '-' as the first or last character.

   3. Financially self-sufficient. The domain name system has nearly completed its evolution from government subsidy to financial self-sufficiency. Based on recent OECD data, the number of registries being supported by user funding is growing rapidly. There is direct correlation between the volume of registrations and the likelihood that user fees will be sufficient to support a registry.

    

   [See Chart Two]

   4. Resilient to growth. NSI has operated a registration system which has demonstrated over the past three years that the DNS can withstand tremendous growth. Simultaneously, registration acknowledgments are now generally received in less than an hour, down from the four weeks it sometimes took in 1994. DNS is a tested system that has provided stability for the Internet through unparalleled turbulence.

    

   Disadvantages of the DNS:

   As previously mentioned, commercial interests and the challenges that come with commercialization such as name speculators, hackers, hostile attacks, legal challenges and explosive traffic volume are adding stress to the system. These stresses have helped to reveal the disadvantages described below.

   1. Vulnerability to spoofing. DNS as a whole is not a secure system. It was designed to be a peer-to-peer trusted system and hence is vulnerable to "spoofing," attacks whereby a machine misrepresents itself to the system as being "authoritative" when in fact it is not. As a result, various simple mechanisms have been designed and employed by programmers to "hijack" an organization's DNS, which has the effect of making its web-site, and possibly its e-mail, disappear.

   2. Directory Inadequacy. No central DNS directory exists today, and this is a tremendous problem. TLDs therefore have evolved into de facto directories that allow users only a sense of where to begin looking for people or things on the Internet. A comprehensive directory would help alleviate the concern that the Internet is unorganized and overwhelming for many users looking for information.

   3. Software vulnerabilities. The primary server software that is used to implement DNS is called BIND (Berkeley Internet Name Daemon). BIND is currently developed and distributed by the Internet Software Consortium, a 501(c) (3) non-profit organization. There is currently one programmer working on this software, funding comes from corporate contributions and software releases are not always timely enough to fix known "security bugs." In the chain of organizations, machines and software that together comprise the global DNS system, the BIND software, along with the volunteer root operators, are the weakest links in the chain.

   4. Uncontrolled critical parameters. There are many technical parameters, that can affect the smooth operation of DNS. These include port numbers, protocol definitions and reference implementations of key software. Changes to any of these can affect most, if not all, users of the Internet. These changes are currently detailed and approved by voluntary organizations and clubs which have no legal standing and reflect differing levels of corporate sponsorship and participation. Although this consensual mechanism has worked well in the past, it is too easily subject to manipulation by parochial funding or overrepresentation by a vocal splinter group. For the first time in the history of the Internet, there is significant investment together with corporate and national interests that are impacted by each and every administrative and technical decision.

   5. Multiple, separate whois databases. There is no standardized mechanism for unified lookups between whois databases among the registrars. For instance, a whois query against a domain name in the .us TLD must be run against a whois server at ISI, and not the most widely used one at NSI which resolves .com, .net., .org, .edu and .gov domains. Military domain names must be looked up at the Defense Data Network Network Information Center (DDN-NIC) run by the Defense Information System Agency (DISA). This complication should be resolved in a manner transparent to the consumer. The Referral whois (Rwhois) protocol, which NSI engineers in conjunction with an Internet Engineering Task Force (IETF) working group have been developing over the last four years, is able to accomplish this delegation of lookups, but it is not yet widely used.

   6. No uniform registration policies. All of the registration authorities have different policies, procedures and regulations. As a result, service levels and sophistication vary tremendously and may deter user interest in commerce. Also, users with common problems cannot find a common forum and jurisdiction for resolution.

   7. Legal dispute vacuum. There is no uniform, global legal system to deal with trademark-domain name disputes. The difficulty in developing policies or a legal framework is that it involves managing the complexities of trademark law as it intersects with a global communication medium.

   8. Registries are legally vulnerable. None of the registries are immunized from legal suit. They are all vulnerable to legal challenges and financial failure, which may have very serious operational implications for the system and its users.

   9. Critical facilities managed by volunteers. Roots servers are administered through a volunteer network. Under the current system, root server administrators have no performance contracts, legal requirements or compensation provisions. One direct result is that these critical Internet assets are not manned or monitored around the clock. Generally there is no structured accountability in place.

   10. Unscrupulous activities. The DNS is vulnerable to speculators who clog registries with applications for names to "resell." These name speculators create tremendous workloads for the registry, increase costs to the clients and extort money from business in exchange for the rights to a particular domain name.

    

    

    

2. How might current domain name systems be improved?

    

   NSI Response to 2:

   NSI’s suggested improvements reflect the disadvantages discussed in the last question:

   Anchor DNS policy. To improve current systems, certain operational and policy initiatives should be implemented first. The DNS policy functions of the IANA should be transferred to a legal authority. The responsibility of this role has greatly expanded and has become inappropriate for an organization that does not have clear authority, accountability or immunity from legal challenge.

   Establish DNS management. The entire high-level management structure of the DNS system needs to be anchored in a legally immunized, user-funded, knowledgeable organization. The organization’s responsibilities would include the root server system; maintenance of BIND and other critical softwar; encryption technology which will be needed for secure DNS; and any other technical decisions that can potentially impact the successful global operation of DNS.

   Secure root servers. The root server system volunteers should be replaced by secure, contracted services operating under specified service and performance terms, procedures and policies.

   Encrypt DNS software. Encryption must be added to DNS to improve its security, and widespread industry adoption should be strongly encouraged. In the interim, attempts to misrepresent, misdirect or deny DNS identification of an Internet organization or user should be treated as a crime and prosecuted by the Justice Department.

   Standardize TLD access. A standard, such as Rwhois, should be agreed upon to ensure uniform access to all TLD databases. A basic precept should be that a consumer should never be required to know the physical details of domain or host administration to perform basic navigation and identification.

   Immunize registries. Recognize that registries are passive suppliers of services; they should be immunized from domain name dispute lawsuits that do not involve negligence. NSI’s vulnerability to lawsuits has necessitated unpopular and costly policies and substantial legal fees to defend and protect the registry. These costs and inconveniences will eventually be passed on to consumers. Ultimately, what is needed is a rule of law to deal with global trademark vs. domain name issues.

   Regulate DNS speculators. Establish Internet commerce specific regulations that prevent speculation in registering domain names.

    

    

    

3. By what entity, entities, or types of entities should current domain name systems be administered? What should the makeup of such an entity be?

    

   NSI Response to 3:

   The growing number of legal actions surrounding the issue of legitimate, legal authority on the Internet is troubling. Who has the authority, and from where does the authority derive? These questions are being asked more frequently in knowledgeable Internet circles.

   The administrative functions of the Internet need to be managed by a body anchored in a legal authority that can assure the stability of the Internet, oversee policy regulations and reflect the concerns of a global community of users. Eventually both the anchoring legal authority and the managing body should be international organizations reflecting the global nature of the Internet. Representation within the managing body should be proportional to Internet use, setting policy and handling any disputes between entities. It is critically important that this managing body represent all of those involved in Internet administration in an open process.

   NSI believes that an appropriate international anchoring organization does not currently exist. NSI proposes that a U.S. Government agency assume the legal responsibility during a transition period. Eventually, NSI proposes that the U.S. Government sponsor an International Public Advisory Group (IPAG) as a managing body for the Internet as it moves towards a more fully competitive, global environment.

   Although NSI is not advocating any particular agency, what is needed is an agency with broad experience in the administration of complex communications issues and working relationships in these matters with other countries. This agency should have in-house technical expertise and extensive experience in balancing regulatory and commercial matters. The agency also needs mechanisms in place to accept business and consumer input, through a series of industry driven committees. Leadership by the U.S. government would be an enormous help in developing the charter for the organization that can carry these responsibilities forward on a global basis.

   The following administrative functions would be the first charge of the IPAG:

   1. Management of IP Registries

   The IPAG should set policy and coordinate the activities of the IP registries worldwide. Three new Regional IP Registries are planned to supplement Reseaux IP Europeens Network Coordination Center (RIPE) and Asia-Pacific Network Information Center (APNIC). These are non-profit entities that work in concert to safeguard the increasingly scarce IP address space in IPV4. The Regional IP Registries should continue to manage IP address space and allocate it within their respective regions. The current proposal to establish three new IP registries-the American Registry for Internet Numbers (ARIN), the -African Network Information Center (AfriNIC), and the Latin American and Carribean Network Information Center (ALyCNIC) -should be accelerated. (As of this writing, the NSF has approved the establishment of ARIN a non-profit organization to allocate IP numbers in the U.S.) The remaining three new registries are required to provide complete global coverage. IP allocation fees from ISP members and users will support IP registries. Each regional IP registry should perform the following functions:

   1. Allocate IP address space to ISPs and others in its region;

   2. Maintain all data relative to its regional IP allocations;

   3. Manage and assign inverse addressing (IN-ADDR) and Autonomous System Numbers (ASNs) within its region.

   2. Management of the Global Domain Name System

   The importance of the root server system to the functioning of the DNS requires neutral, vigilant and stable management. An entity selected competitively to manage the root server system would provide accountability and stability. NSI proposes that the IPAG select a DNS Manager (not a registrar) to manage and to maintain the root server system. The responsibilities of the DNS Manager would include:

   1. Establish and update a set of root servers worldwide, which may be managed individually by other contractors to limit vulnerability;

   2. Operate services pertaining only to data related to the root;

   3. Maintain the data, updates and top-level directories; and

   4. Implement any new TLDs that are authorized into the global DNS.

   The DNS Manager would manage the activities of the TLD registrars in accordance with the policy set by IPAG. The IPAG should address in the interim transition period critical issues such as the form of additional competition and mechanisms to resolve trademark vs. domain name disputes. The TLD registries should support the IPAG and its activities relative to the maintenance of the root server system.

   [See Chart Three]

    

    

    

4. Are there decision-making processes that can serve as models for deciding on domain name registration systems (e.g., network numbering plan, standard-setting processes, spectrum allocation)?

   Are there private/public sector administered models or regimes that can be used for domain name registration (e.g., network numbering plan, standard setting processes, or spectrum allocation processes)?

   What is the proper role of national or international governmental/non-governmental organizations, if any, in national and international domain name registration systems?

    

   NSI Response to 4:

   The North American Numbering Council (NANC) in the telephone industry is a reasonable example of a functioning International Public Advisory Group (IPAG) comprising industry and government that provides a model for an effective legal framework for Internet administrative functions. Under this model, the group’s membership should be global with representation based on Internet use.

   Another example can be drawn from the striking parallels between DNS and 800 number portability administration. In this case, a small amount of government sponsorship acts as a significant and stabilizing anchor for private sector administration of the system. One could adopt an approach similar to the role of the FCC with respect to competitive 800 number allocation in the telephone market. FCC sponsorship has worked well for the NANC and for other privately administered numbering organizations and issues.

    

    

    

5. Should generic top-level domains (gTLDs), (e.g., .com), be retired from circulation? Should geographic or country codes (e.g., .us) be required? If so, what should happen to the .com registry? Are gTLD management issues separable from questions about International Standards Organization (ISO) country code domains?

   NSI Response to 5:

   Retiring TLDs from circulation solves no problems and generates new ones.^* Promoting global electronic commerce requires uniting registries on policy, standards and operational matters and removing geographic and national barriers. These interests are not served by retiring TLDs or requiring ISO TLDs. Corporations have expended large sums on their Internet identities. Additional costs and consumer confusion would result from the elimination of TLDs. In fact, many businesses and organizations want to have a global "feel" and identification, which accounts for the interest in worldwide TLDs. The current worldwide TLDs have become market brands for more than a million companies. The cost, business impact and disruptions to the Internet’s simple conventions would be substantial and do not support the development of global electronic commerce.

   The notion that somehow the so-called "gTLDs" are the problem is illogical. In fact, the very distinction made between TLDs and country code TLDs is invalid. Today, there are some 60 domain name registries and associated TLDs that have no residency requirement for registration. These registries and their TLDs are physically and functionally identical to .com on the Internet. These worldwide TLDs include some of the largest registries in the world, such as .uk (United Kingdom) and .de (Germany). The most recent addition is the .to domain associated with the island nation of Tonga. That commercial registry operates out of San Francisco, charges fees identical to those charged by Network Solutions’ InterNIC operation and, like the other open registries, admits registrants from any country in the world.

   [See Chart Four]

   The notion of country code is less clear than it first appears. At this time, the relevance of geographic and country codes is questionable. As a Network Wizards Survey of domain hosts notes, there is no correlation between a host name and its location. A host with a .nl domain name could easily be located in the U.S. or any other country. In addition, hosts under domains .edu, .org, .net, .com and .int could be located anywhere. There is no way to determine where a host is without asking its administrator. Thus, although the registrant might supply a registration address in the country he is registering, his host location might be anywhere in the world. There is currently no way to control this.

   One must recognize that the problems that are being encountered in .com are related to volume, not geography. These problems will occur in any TLD that reaches substantial mass in terms of the number of users. Retiring TLDs will only shift the problem to the other TLDs operations, or to the country codes TLDs as Internet use expands geographically. Nominet, the .uk name registry, after close consultation with NSI/InterNIC, has recently issued a domain name dispute policy. During a visit to the U.S., the company indicated that .uk was about two years behind .com in experiencing growth and the inevitable dispute problems. (NSI was informed recently that Nominet has encountered its first instance of dispute litigation.) Other registries are probably in a similar position as a result of growth.

   ^*Generic (or global) TLDs (gTLDs) was a term created by the International/Internet Ad Hoc Committee (IHAC) to distinguish certain three-letter TLDs from other TLDs. The term was created on December 20, 1996 by IAHC in their press release "IHAC Makes Its Preliminary Conclusions on Internet Top Level Domains Available for Public Comment," for the purposes of isolating .com, .org and .net TLDs for further discussion. The term gTLD is not used in NSI's responses.

   CHART FOUR

   Registry franchises where you can register without a local address or company:

   Country	Domain	Country	Domain
   Antigua and Barbuda	.com.ag	Macedonia	.mk
   Armenia	.am	Malaysia	.com.my
   Azerbaijan	.com.az	Malta	.com.mt
   Bahamas	.com.bs	Martinique	.mq
   Bolivia	.com.bo	Mexico	.com.mx
   Burundi	.bi	Mongolia	.mn
   Cambodia	.com.kh	Mozambique	.mz or .co.mz
   Channel Islands, Guernsey	.co.gg	New Caledonia	.com.nc
   Channel Islands, Jersey	.co.je	New Zealand	.co.nz
   Chile	.cl	Nicaragua	.com.ni
   Congo	.cg	Norfolk Island	.com.nf
   Cook Islands	.co.ck	Panama	.co.pa
   Denmark	.dk	Peru	.com.pe
   Dominica	.com.dm	Poland	.com.pl
   Dominican Republic	.com.do	Puerto Rico	.com.pr
   Ecuador	.ec	Romania	.ro
   Fiji	.fj	Russia	.com.ru
   Germany	.de	Rwanda	.rw
   Gibraltar	.gi	Saint Kitts and Nevis	.com.kn
   Grenada	.gd or .com.gd	Saint Lucia	.com.lc
   Guadeloupe	.gp	Saint Vincent & the Grenadines	.com.vc
   Guatemala	.com.gt	South Africa	.co.za
   Isle of Man	.co.im	Sri Lanka	.lk
   Israel	.co.il	Suriname	.sr
   Jamaica	.com.jm	Switzerland	.ch
   Kazakhstan	.kz	Tonga	.to
   Latvia	.com.lv	Turkey	.com.tr
   Libya	.com.ly	United Kingdom	.co.uk
   Liechtenstein	.li	U.S. Virgin Islands	.co.vi
   Luxembourg	.lu	Uzbekistan	.uz
   Macao	.com.mo	Venezuela	.com.ve
   		Zaire	.zr

    

    

    

6. Are there any technological solutions to current domain name registration issues? Are there any issues concerning the relationship of registrars and gTLDs with root servers?

    

   NSI Response to 6:

   Technical solutions. The DNS performs reasonably well, especially in the non-hostile environment that has existed until recently. The biggest difficulties in registration now are not technical. The recommended technology improvements to today’s DNS registration system were previously discussed in the first two questions in this section. They involve standardization, more secure DNS software and additional directory capability. Changes to the operational model for registration, such as shared registration, will require technical development and operational changes.

   To clarify our points, consider the following observations on the morphology of DNS. DNS is a hierarchical system with exclusive registry points at each level in the tree, not just at the top (i.e., TLDs). At each authority level in the DNS tree, the substructure is also a tree with the current top node acting as a TLD. There is nothing magical about the absolute top level; any distinction made between TLDs and the lower levels in the DNS is artificial. Every level in the DNS is the (exclusive) top level and authority for everything below it. "Shared" registration calls for changing this only at one level in the DNS.

   [See Chart Five]

   To implement the proposal for registry "sharing" at only the TLD level in the DNS will require technical solutions including software and databases to accommodate multiple concurrent registrars with time-stamping requirements, standardized online authentication of registrars and a very sophisticated certificate program to reduce unauthorized access. The more challenging problems are operational and are addressed in section D: Policies for Registries.

   Root server relationships. Today the root server operators’ relationship with the registrars, TLDs and the larger Internet community is informal. The problems with this framework are detailed in section B question 1. A legal framework, as well as performance contracts or compensation provisions, would shape a relationship with accountability between the root server operators and registrars.

    

    

    

7. How can we ensure the scalability of the domain name system, and address spaces, as well as ensure that root servers continue to interoperate and coordinate?

    

   NSI Response to 7:

   DNS today is highly scalable, as is confirmed by respected technical experts.

   To secure DNS and ensure its scalability the following measures should be taken:

   • Coordinate an industry approach that protects Internet users from any entity that displays hostile action. Examples of such hostile actions should include:

     - DNS hijacking through software vulnerabilities.

     - Generation of extremely excessive traffic such as flooding a machine by pings, DNS queries, SMTP mail bombing, etc.

   • ISPs should be held accountable for a level of performance that includes having fault tolerance, entering correct routing information, correct maintenance of customers’ DNS records, etc.
   • The industry should be encouraged to adopt IPV6 and secure DNS as soon as possible.
   • Move forward with establishing the American Registry for Internet Numbers (ARIN) and other IP registries to manage IP number allocation under IPV4.
   • Root zone servers should also be subject to a secure framework as the number of servers is technically limited to 13 under the current DNS structure.

    

    

    

8. How should the transition to any new systems be accomplished?

    

   NSI Response to 8:

   An important element of this transition would involve institutionalizing the functions performed by the IANA relating to the "dot" root, IP numbers and network identifiers. These functions must be managed in a way that transcends the personal interest of any group. We have proposed earlier in our responses that a legally anchored International Public Advisory Group (IPAG) be formed under U. S. sponsorship. This approach would allow a stable period of transition for public input in the development of new processes and new structures. It is not unreasonable that the sponsorship of the U. S. Government continue through these turbulent times.

   A realistic structure that includes appropriate, yet limited, government oversight is needed for the transition of management of all of these functions and services. This proposed structure will provide a badly needed stabilizing sponsorship for all of the Internet administrative functions and services that are required by the growing number of business (and personal) users of the Internet.

   As we have noted before, although it has become a global communication medium, the Internet was primarily developed and funded by the U.S. Government and research community. For more than 20 years, the U. S. Government underwrote the development of the Internet both technically and financially. Given the tremendous importance of the Internet and the billions of dollars now being invested in the Internet by global businesses, it seems unreasonable to divest the U.S. of a sponsorship role in the administration of essential functions until stability is assured and a long-term global alternative can be agreed upon.

   NSI therefore proposes that a branch of the U. S. Government, through the IPAG, assume an interim sponsorship role to guide Internet administration through the transition period. The IPAG should have international membership (like the North American Numbering Council) that is based on Internet use.

    

    

    

9. Are there any other issues that should be addressed in this area?

    

   NSI Response to 9:

   • Stability should be the preeminent issue as we forge a new framework for the growth and expansion of the Internet. Stability is an absolutely necessary for consumers to have confidence in the new technologies and for businesses to make investments in new products and services.
   • Any attempted disruption of key elements of the Internet structure should be treated as a criminal act with associated property damage. The concept that "hacking" is not a crime should not be tolerated in the future. The industry and government should close ranks to ensure that proper measures are taken to protect the network and the million of dollars in investment that it represents.
   • The global nature of this technology should be recognized and should be dealt with within each and every new software generation. This includes internationalization such as currency translation and a priori assumptions as to business hours.

    

    

    

   ---

   C. Creation of New gTLDs

   There is no technical impediment to the creation of new TLDs, however there are other issues such as the impact on trademark disputes and the potential for consumer confusion. Adding new TLDs does not significantly increase the number of second-level domain names available. The distinctions often made between TLDs are artificial and are not supported by reality.

    

    

    

10. Are there technical, practical, and/or policy considerations that constrain the total number of different gTLDs that can be created?

     

    NSI Response to 10:

    Technical issue. NSI believes that there is no technical reason why the number of worldwide TLDs needs to be limited. Domains are equally scalable at all levels of the DNS. There can be as many TLDs as there are potential second- and third-level domains.

    This view is shared by Dr. Paul Mockapetris, the original creator of the DNS. In an interview that appeared in a May issue of Web Week^*, Dr. Mockapetris stated, "I believe that there are no problems in expanding the TLD space that we couldn’t solve in time. In fact, there may be no problems at all. But we don’t know for sure, so I would favor adding a small number (say 20) to start, then maybe 100, then 1,000, etc. if you want to get to a very large number. I’m just being cautious in my old age."

    Other factors. Though there is no technical reason to limit TLDs, an increase in the number of TLDs may generate consumer confusion. In all likelihood it will increase the number and cost of trademark and domain name disputes. The addition of new TLDs will also generate a new, more vigorous round of speculator activity.

    ^*Web Week, volume 3, issue 15, May 19, 1997 © Mecklermedia Corp.

     

     

     

11. Should additional gTLDs be created?

     

    NSI Response to 11:

    Market interest should be the best determiner of the maximum number of TLDs. The addition of new TLDs to the market as exclusive brands establishes a greater incentive for registrars to invest in improved services. It appears that consumers are split on this issue.

    There are no current market data to support the notion of consumer interest in new TLDs. Demand for new TLDs is largely assumed. Moreover, in some segments of the commercial world -- particularly among well-known consumer product companies -- there is a desire to have no new TLDs. These companies are purveyors of many popular brands and spend significant sums to police these brands. They will feel compelled to register in whatever new TLD emerges to offset the possibility of "warehousing" by domain name speculators. This generates a particularly difficult dilemma for owners of strong trademarks.

    On the other hand, small businesses and those who failed to get the domain name that they initially wanted see new TLDs as an additional chance. The reality, however, is that without large numbers of new TLDs, the system does not scale. Adding seven TLDs only allows seven new entries for each desirable name that is not a strong trademark. In the case of strong trademarks, new TLDs offer no relief and, as we have noted, they likely would create new and additional difficulties.

    The demand may increase for new TLDs if they are perceived to add benefit. Specific industry groups may form their own TLDs to offer unique services within industry practices. For example, .law could offer DNS registration and possibly software or digital identification specific to the legal profession.

    Whatever the decision, we must ensure stability of the Internet by introducing new TLDs to the DNS in phases.

     

     

     

12. Are there technical, business, and/or policy issues about guaranteeing the scalability of the name space associated with increasing the number of gTLDs?

     

    NSI Response to 12:

    Without large numbers of new TLDs, the system does not scale. Adding seven TLDs only allows seven new entries for each desirable name. (See the first two questions in this section for additional thoughts.)

     

     

     

13. Are gTLD management issues separable from questions about ISO country code domains?

     

    NSI Response to 13:

    Uniformity in the management of all TLDs would be both appropriate and fair to the registrars. There is no rationale for imposing practices on worldwide TLDs that are not also imposed on the others. The topology of TLDs, hosts and networks does not conform to our a priori notions of geography.

    In fact, the distinction between worldwide TLDs and ISO country code TLDs is not all that clear, as virtually all TLDs are managed by private enterprises, not governments, and over 60 of the ISO TLDs have no residency requirement for registration. [See Chart Four]. They are functionally identical to worldwide TLDs.

    Note there is not necessarily a correlation between a host’s domain name and where the host is actually located. A host with a .nl domain name could easily be located in the U.S. or in any other country. In addition, hosts under domains .edu/.org/.net/.com/.int could be located anywhere. There is no way to determine where a host actually is without asking its administrator. There is not necessarily any correlation between a network number and a domain name. A single network number could span many countries, and a single domain may have hosts on multiple network numbers. (See section B question 5 for additional related discussion.)

     

     

     

14. Are there any other issues that should be addressed in this area?

    NSI Response to 14:

    The .us TLD remains largely underdeveloped and is unused by the commercial sector and individuals. The future of the .us TLD should be addressed in the overall consideration for TLD administration.

     

     

     

    ---

    D. Policies for Registries

    A transition to shared registration in TLDs will require research, design, and the development of software systems. It must be extensively tested before being introduced to the current DNS. The scope of the operational challenges significantly exceed the technical development complexities. The Internet remains a frontier where exploitation of any weakness in the system is likely.

     

     

     

15. Should a gTLD registrar have exclusive control over a particular gTLD? Are there any technical limitations on using shared registries for some or all gTLDs? Can exclusive and non-exclusive gTLDs coexist?

     

    NSI Response to 15:

    Exclusive control at every level is the basis of the DNS and has been since its inception. Adding new, exclusive TLDs is certainly the easiest, quickest and most stable manner in which to increase competition in DNS registration. This approach has the collateral effect of expanding the name space. NSI is prepared to support the development of a stable and secure shared registration system, if that is the ultimate determination. However, NSI believes that any requirements for sharing should be applied equally across all TLDs, second-level domains and ISO country codes. At this time, NSI is unaware of any existing technical system capable of achieving global "shared" registration of TLDs. Over the last four years, NSI has built the most advanced registration system available anywhere. The difficulty NSI experienced in this effort indicates that the operational complexity and technical requirements of achieving a global shared registration system is underestimated by virtually everyone. The answer is more complex than "sticking a database on a server" somewhere. The peer-to-peer nature of DNS and the stability of the Internet demands that rigorous testing of the system must be done and that adequate safeguards must be in place prior to implementation.

    Shared Registration. A "shared" registration system proposal likely has a two-tiered structure consisting of a Central Registry Facility (CRF) for all TLDs at the top-level, and a potentially unlimited number of authorized competing registrars at the second-level. All registrars must have concurrent online access to the CRF database and systems in order to register, update and delete second-level domain names on behalf of their clients.

    In some cases there will be a three-tiered structure consisting of an ISP or name "re-seller," a registrar and the CRF registry. This assumes that ISPs and name "re-sellers," who are not approved registrars, are not authorized to access the CRF systems directly, and therefore must deal through a registrar.

    How customer data (both back-office and front-office) will be duplicated or distributed among these three parties is an important operational issue. There will be a significant potential for confusion, endless communications and costly telephone conferences to resolve customer difficulties. Without carefully tested policies and operational procedures, NSI’s experience has shown that unforeseen problems arise and client frustration levels are very high.

    Technical Requirements. Starting with the basic assumption of a shared registration system, we will examine the technical requirements of such a system. The most significant technical problems arise in implementing the CRF systems. These systems will need to at least functionally duplicate those of the InterNIC registry, which have taken several years and many millions of dollars to develop and refine. Designing these systems so that they are accessible to a large number of registrars, and yet simultaneously provide secure and protected operations, presents a significant new challenge. To avoid chaos, this system must be very well designed and will require coordination among all of the registrars before operations commence. To implement shared registration on the Internet will require research, design, development and testing of software to introduce this new technology into the DNS.

    The most visible system that is needed is the CRF database. If we assume that it employs a modern relational database management system (RDBMS), we estimate that it could be initially operational in 18 months of design and testing after completion of the operational concept (which we estimate would require at least six months).

    Operational Complexities. There are too many unknowns to specify the operations of a CRF system. Our approach here is to indicate a few areas where careful consideration of the operational policies and procedures is needed, and to illustrate the nature of problems (based on NSI’s experience) that might be experienced. This is not meant to be a thorough or exhaustive operational critique.

    • System Loading. The rush to register names on the first day of operation, before they are taken by competitors, is likely to result in tremendous initial loading. The InterNIC registry experienced a gradual buildup of registration volumes over a several year period, allowing phased operational improvement, a luxury the new CRF is unlikely to experience.

    • Client Responsibility. Who ultimately is responsible to the registrant? Is it the registrar, the CRF, the ISP or a name reseller? This is a critical design decision. This could generate massive customer confusion.

    • Changing Registrars. Registrants would be able to switch registrars. If the registrar is also the ISP, then switching registrars has implications on the choice of ISP, collateral hosting and IP numbers. Recall that IP addresses are not portable over ISPs. In some cases, switching registrars may result in a costly and disruptive situation for customers and users.

    • Delinquent Payments. If customers owe money to a registrar, would they be allowed to switch to another registrar without paying their debt to the current registrar? How would customers know who to call for assistance, and couldn’t customers be switched unscrupulously such as in the long distance telephone industry? Malicious activities would be much more difficult to detect, discourage or prevent.

    • Template Updates. Could updates be made through any registrar? Updates across registrars would require agreed-upon standards. Authentication (identification) and authorization (legal representation) would be extremely important operationally. An authentication system standard would have to be the same "end-to-end" from registrar to registrar as well as from ISP to registrar to CRF. Would registration updates be free or would they require a fee? This has a significant financial impact as indicated by the fact that at NSI the volume of registration updates exceeds that of new registrations.

    • Online Directory. The CRF must allow free exchange of data with a new whois directory interface. This has competitive implications for registrars: who will maintain the new whois directory? What data will it have? Will use of the data be restricted?

    • Help Desk and Customer Support. The CRF would need a significant help desk to assist in disputes and to enforce registrar policies and procedures. The assumption is that the individual registrars would have their own customer support facilities.

    • Complaints and Disputes. The CRF would require a new system for dispute resolution. A universal dispute policy would be needed for registrar disputes, end-user complaints about registrars, etc. Who handles complaints about the CRF? What are a customer’s options if they are dissatisfied with the CRF? How would disputes between contacts be handled? Will the geographic separation exacerbate dealing with disputes?

    • ISP Host Data. How will ISPs change host (name server) information? Will the CRF do it? If not, how will multiple registrars handle host information?

    Coexistence. At the risk of possible consumer confusion, both shared registration and the current exclusive registration could coexist. This is fortunate, since it would seem to be prudent to fully test a newly developed shared system in a significant operational setting on new TLDs before attempting to use it on existing exclusive Internet TLDs.

     

     

     

16. Should there be threshold requirements for domain name registrars, and what responsibilities should such registrars have? Who will determine these and how?

     

    NSI Response to 16:

    There should be threshold requirements for domain name registrars, however they should be kept to a minimum so as not to discourage competition. Those who meet minimum technical and financial criteria should be allowed to compete in DNS registration. Consumer demand will quickly improve the quality of the offerings.

    We propose the following approach:

    • Interested parties meeting the minimum technical and financial requirements should be allowed to compete in the TLD registration business.
    • Specific, individual, and exclusive TLDs would be proposed by every registrar and would be issued on a first-come, first-served basis (with some limitation, e.g. three per registrar).
    • Each registrar would deploy and operate a set of servers to support their own specific TLDs where they deemed appropriate, or contract this service to others.
    • All TLD registrars would be assessed fees, based on business volume, to support the IPAG and its DNS root server contractor(s).

    Registrars would establish their own operating procedures, including second-level domain name dispute policies, marketing, service standards, and collateral services consistent with their own brand identity for their own TLDs within the policy guidelines of the IPAG. Consumers could then select from among widely differing and competing concepts and price/service offerings. Competition will drive quality. Registrars will set their own contractual terms, including pricing. Client information databases would be proprietary, while DNS databases would be public.

    The framework for handling practical and policy issues allows for a limitless number of TLDs. The procedures NSI is proposing will encourage investment by participating registrars and guarantee ever-increasing gains in efficiency and improved customer service.

     

     

     

17. Are there technical limitations on the possible number of domain name registrars?

     

    NSI Response to 17:

    No technical limitations. There is nothing magical about the top-level of the DNS. Any subset of the DNS system is structurally analogous to the whole DNS. Just as there can be a virtually limitless number of second-level domain names (and therefore "registrars"), so can there be a limitless number at the top-level. This is the nature of hierarchical tree structures. As Dr. Mockapetris stated in an interview, "I believe that there are no problems in expanding the TLD space that we couldn’t solve in time. In fact, there may be no problems at all."

     

     

     

18. Are there technical, business and/or policy issues about the name space raised by increasing the number of domain name registrars?

     

    NSI Response to 18:

    The Internet is still a frontier and retains somewhat the character of the "Wild West." NSI’s experience has shown that abuse will occur, if possible, and that people will exploit any hole in any system, no matter how obscure.

    Management challenge. Managing a very large number of registrars could introduce major policy issues and procedural problems. Unlike today, where registrars are functionally independent, they would be required to cooperate.

    Viability. The financial viability of a large number of registrars and the inherent instability of marginally successful registrars is a concern. A failed registrar can have severe impacts on the business of its clients and effect the overall perception of the Internet as a viable medium for commerce.

    New form of speculation. Speculation could become a much more significant problem than it is today. The CRF must be able to handle the expected load from a new class of semi-legitimate speculators. Registrars could register large numbers of names at minimal cost (the cost charged by the CRF) to resell later at market prices. As an example, web-hosting firms could be tempted to become speculators to better position themselves for gaining clients. One could conceive of a scenario where a hosting firm registers a large number of names for themselves that are known or desirable marks, and then offers them to clients as a condition for contracted services.

     

     

     

19. Should there be a limit on the number of different gTLDs a given registrar can administer? Does this depend on whether the registrar has exclusive or non-exclusive rights to the gTLD?

     

    NSI Response to 19:

    No physical limits. There can be an unlimited number of registrars at each level within DNS - either shared or exclusive. The CRF’s and registrar’s bandwidth, memory and CPU capability define the limit of their respective delegations. There is empirical evidence that the top level of the DNS can easily handle 1.5 million delegations, and this empirical limit is increasing daily.

    Procedural limits. NSI is concerned that moving to a totally unregulated marketplace and allowing unlimited TLDs could result in an undesirably chaotic environment if the appropriate infrastructure (policies, procedures, technical systems and operational support) is not in place. This is especially true in the case of non-exclusive registration models. It would seem prudent in either case to limit the initial number of new TLDs, adopting a phased program for their introduction.

     

     

     

20. Are there any other issues that should be addressed in this area?

     

    NSI Response to 20:

    Unique legal concerns. Adopting non-exclusive TLDs generates some unique policy questions with legal impacts. These following issues must be addressed prior to system design:

    • How will enforcement of policies and procedures across registrars be managed? What will be the legal enforcement mechanism? Shared TLDs could motivate unscrupulous tactics between registrars. How will registration information be protected to avoid malicious changes? What would be done to protect one registrar from the possibility of a competing registrar using its customer information to steal customers? How would any of this activity be detected and controlled, particularly across national boundaries?

    • How would delinquent accounts be handled in light of registrar switching? Would switching to another registrar be allowed without payment to the first one?

    • Would shared TLDs necessitate a universal policy for trademark disputes, registrar disputes, and end-user complaints about registrars? How would disputes between different points of contact for the same domain name be handled?

    • If customer information is shared across registrars, will there need to be controls about how that data is used and/or disseminated by registrars (e.g., mailing lists)?

    • Would the shared TLD model force registrars to operate at the lowest common denominator with regard to security? What would be done to avoid this potentially destabilizing requirement?

    • Updates of host name server records associated with one domain usually have impacts on all other domain names associated with that host; what would happen when the host involved has names registered by different registrars?

    • What systems would be put in place to provide for an audit trail of domain name record changes to provide the necessary history for dispute resolution? How would these systems be implemented across registrars sharing the same TLDs? In cases where multiple registrars have had involvement throughout a name’s history, would all associated registrars be liable for damages assessed against one? Would there be joint liability just because it is a shared process?

    • How would the first-come, first-served rule be applied in relation to inherent disadvantages such as multiple time zones, and temporary disadvantages such as partial network outages?

     

     

     

    ---

    E. Trademark Issues

    There is a vacuum in international law defining the relationship between domain names, which are global, and trademarks, which are governed by various national statutes. As a result of a few highly visible cases, the extent of conflicts between trademark owners and domain name holders is perceived to be greater than the actual facts support. Employing its dispute policy since July 1995, NSI has experienced 1300 disputes in 1.6 million registrations. This is less than one-tenth of one percent of registrations or, in other words, one in one thousand registrations result in a dispute. Some of these disputes have resulted in law suits brought by either the trademark owner or the domain name holder against the other claimant. To date, 30 such suits also have included NSI, as registrar of the domain names in issue. All registrars will eventually experience such difficulties as the worldwide volume of registrations grows to U.S. levels. Pre-registration review of domain names against an ever-changing database of trademarks is fatally flawed. Immunization of registrars in such disputes would allow registrars to utilize simpler dispute policies.

     

     

     

21. What trademark rights (e.g., registered trademarks, common law trademarks, geographic indications, etc.), if any, should be protected on the Internet vis-a-vis domain names?

     

    NSI Response to 21:

    Given the state of the law at present, it is unclear what rights should be protected with respect to domain names. Owners of valid trademarks are protected from infringement and dilution of those trademarks by federal statutes enacted in virtually every country of the world. If trademark laws apply to domain names, anyone who obtains a domain name under a registrar’s policies of issuance must do so subject to whatever liability is provided for by law.

    A domain name can be more than a mere Internet address. At the present time, it also identifies the Internet site to those who reach it, much like a person’s name identifies a particular person, or more relevant to trademark disputes, a company’s name identifies a specific company.

    Confusion on the part of the public, as to the origin or source of goods and/or services, is exactly what the trademark laws were designed to protect against. Although some trademarks are easily discerned, such as Pepsi or Ford, other trademarks, such as Disc or Acme, are more difficult to protect. Federal trademark statutes do not specifically address the issues presented on the Internet. Case law, however, is beginning to emerge. Unauthorized use of a domain name by a domain name holder, which includes a protected trademark, to engage in commercial activity over the Internet has been held to constitute "use in commerce" in violation of federal statutes. Such use has been held to be in direct conflict with federal trademark law. How the trademark laws of the world will be applied or interpreted remains to be seen. For all of the instances when a domain name is considered by the trademark owner to be "close enough" to its protected trademark to be disputed, it is for the trademark owner, in its discretion, to police its own trademark rights.

    Until legislation or case law defines the relationships between the various intellectual property rights and domain names, there can be no answer to "what trademark rights, if any, should be protected on the Internet vis-à-vis domain names." As with each new medium (radio, television and, now, the Internet), the law will continue to be the law and will continue to apply to the actions of the Internet’s participants until a more suitable framework for addressing the complexity and global nature of these disputes can be implemented.

     

     

     

22. Should some process of preliminary review of an application for registration of a domain name be required, before allocation, to determine if it conflicts with a trademark, a trade name, a geographic indication, etc.? If so, what standards should be used? Who should conduct the preliminary review? If a conflict is found, what should be done, e.g., domain name applicant and/or trademark owner notified of the conflict? Automatic referral to dispute settlement?

     

    NSI Response to 22:

    It has been proposed that applications for domain name registrations be reviewed to determine if the domain name "conflicts" with a trademark, a tradename, a geographic indication, etc. While this is an interesting concept, and one that has certain appeal to the trademark bar and trademark owners, it is a concept that would be neither reasonable nor practical in practice.

    To conduct a pre-registration review of a domain name application would probably require something like the "notice of publication" period in the trademark registration process. To establish such a process in the domain name registration system would impose an inordinate cost and burden. A representative indicator of the effect of such a requirement lies in the U.S. Patent and Trademark Office (U.S.P.T.O). Its trademark registration process includes a 16-month pendency period between the time an application is submitted and the time an application is granted. Network Solutions, as one of approximately 200 registries worldwide, is currently registering a volume of domain name applications that is several times larger than the volume of U.S.P.T.O. applications each year. Significant additional time and cost would be involved by applying a U.S.P.T.O.-type process to domain name registrations.

    Determination of trademark infringement involves the application of up to 16 different factors. In different parts of the world, courts apply varying degrees of emphasis to those factors. A domain name registrar should not be expected to have the knowledge, expertise and experience of an intellectual property attorney or a judge on a global basis and, without that, determination of infringement cannot be rendered. Additionally, having to make such evidentiary determinations would expose a domain name registrar to significant liability in the event a wrong decision was made.

    The entire issue of pre-registration determinations becomes even more difficult and unreasonable when considering the global nature of the Internet. Pre-registration determinations of trademark conflict would require the availability of a database of trademark registrations from every country in the world. Such a database does not exist.

     

     

     

23. Aside from a preliminary review process, how should trademark rights be protected on the Internet vis-a-vis domain names? What entity (ies), if any, should resolve disputes? Are national courts the only appropriate forum for such disputes? Specifically, is there a role for national/international governmental/nongovernmental organizations?

     

    NSI Response to 23:

    Trademark rights should be policed and protected on the Internet in the same manner as they are in other aspects of commerce. It should be each trademark owner’s responsibility to monitor domain name registrations, and to take appropriate action against a domain name registrant when the trademark owner, in its discretion, believes its intellectual property rights are being violated. The same forums that deal with intellectual property rights in international commerce are also the appropriate forums to resolve disputes when domain name registrants and trademark owners are residents of different nations.

     

     

     

24. How can conflicts over trademarks best be prevented? What information resources (e.g. databases of registered domain names, registered trademarks, trade names) could help reduce potential conflicts? If there should be a database(s), who should create the database(s)? How should such a database(s) be used?

     

    NSI Response to 24:

    Conflicts over trademarks cannot be prevented, but they can be reduced. Nothing will eliminate either the intentional or unintentional registration and use of a domain name on the Internet by someone who either seeks to confuse the public as to the source of the product or service or, alternatively, was unaware that his/her actions caused such confusion. The question, however, starts with the premise that the millions upon millions of potential domain names will, in fact, conflict with trademarks. The premise is incorrect and will, if applied, forever change the nature and direction of this global communications medium. In fact, to date Network Solutions has applied its Domain Name Dispute Policy to about 1,300 domain name registrants, or approximately one tenth of the one percent of the total number of domain name registrants in the database.

    The conflicts, which will occur on a global basis, can be drastically shortened and resolved with minimal cost to both the trademark owners and domain name holders of the world through the passage of a simple rule of civil procedure to be enacted, jurisdiction by jurisdiction, as it proves successful. The procedure would have the following goals:

    • Allow for the rapid expansion of the Internet;

    • Keep any technical portion of the solution simple and universal;

    • Keep the "first-come, first-served" assignment of second-level domain names;

    • Allow registries world-wide to follow their own procedures for disputes;

    • Limit government involvement, administration and regulation to increase global commercial investment in the use of the Internet; the model for commerce would be contractual rather than regulatory;

    • Allow for the necessary divergence of trademark law and legal systems worldwide;

    • Prevent the formation of an "administration" over disputes, including personnel and regulations;

    • Use only existing global legal systems;

    • Protect trademark owners to the maximum extent possible; in instances where a domain name directly conflicts with an identical federal registered trademark, allow for an administrative alternative to judicial proceedings for domain name holders;

    • Protect domain name holders’ rights to use their own names or their assignment of domain names which predate trademarks; and

    • Allow jurisdictional prerequisites for personal jurisdiction over the disputants to be unaffected worldwide.

     

     

     

25. Should domain name applicants be required to demonstrate that they have a basis for requesting a particular domain name? If so, what information should be supplied? Who should evaluate the information?

    On the basis of what criteria?

     

    NSI Response to 25:

    No. Inherent in this question is the concept of prescreening and the accompanying delays and bureaucratic review that will bring this medium to a standstill. Proposals have even surfaced that would require such invasions of privacy as the production of the tax returns, social security numbers and corporate charters. Who is qualified to review these materials and who would make such decisions? Who would decide what an appropriate "basis" would be? How would these decisions be appealed?

     

     

     

26. How would the number of different gTLDs and the number of registrars affect the number and cost of resolving trademark disputes?

     

    NSI Response to 26:

    An increase in the number of different TLDs would, in all likelihood, significantly increase the number and cost of resolving disputes over the registration and use of domain names. Ignoring the ISO-3166 two letter country code TLDs, trademark owners presently have to monitor and "police", if they so choose, three TLDs: .com, .org, and .net. A domain name in any one of the TLDs could be the subject of a dispute initiated by a trademark owner that believed the registration of the domain name violated the trademark owner’s intellectual property rights. All other things being equal, a trademark owner could currently be involved in up to three separate disputes, each with its corresponding cost, if the trademarked word or phrase was registered as a domain name in each of the three TLDs. It logically follows that there is a direct relationship between the number of TLDs and the potential number and costs of disputes related to the protection of trademark rights.

    An increase in the number of worldwide TLDs could also affect costs to individual companies as they seek to protect their trademarks on the Internet by registering all their trademarks as domain names in each of the worldwide TLDs. If, for example, there were a total of 50 TLDs, a large company with 1,000 trademarks could decide to incur the costs (time and resources) associated with registering and maintaining 50,000 domain names (50 times 1,000). Such a burden would be unreasonable.

    As long as domain name registries or registrars are susceptible to allegations of contributory infringement of intellectual property rights of trademark owners, an increase in the number of registries or registrars would, in all likelihood, significantly increase the number and cost of resolving disputes over the registration and use of domain names. More registrars would simply provide more candidates for trademark owners to include as a named party to litigation. The potential for cost growth would be compounded if the registries were located outside the United States. Registries located outside the United States increase the possibility that trademark-domain name disputes would take on an international character, with the proportional increase in cost and complexity.

    An increased number of worldwide TLDs also increases the possibility of a type of dispute not yet seen. That dispute would be between two registrants, each with the same second-level domain name but in different TLDs, arguing over confusion and superiority of rights based upon the date of registration or activation of each second-level domain name in its respective TLD. The significance of the nature of these disputes lies in the fact they would not necessarily involve entities with trademarks. They would involve simply "first use" on the Internet.

     

     

     

27. Where there are valid, but conflicting trademark rights for a single domain name, are there any technological solutions?

     

    NSI Response to 27:

    There may be some technical relief available. Registrars might employ a shared top-level home page with HTML "links" to each user. Therefore Delta Airlines, Delta Faucet and other Delta’s would share a simple top-level home page, Delta.com, with "links" to each one’s unique home page. This is a service that each registrar could provide. NSI has attempted to persuade disputing claimants to employ this tactic. All have declined, preferring to seek exclusive control at great risk and expense.

     

     

     

28. Are there any other issues that should be addressed in this area?

     

    NSI Response to 28:

    The legal issues related to the registration and use of domain names are complex and multifaceted. Answers are not readily at hand because of the absence of legislation pertaining to the relationships between domain names and intellectual property rights. Even when existing legislation may apply, it varies from country to country. Case law is just starting to evolve, and that too, will vary from country to country.

    Beyond the applicability of existing and emerging intellectual property laws, legal issues must include consideration of international laws such are embodied in the Paris and Berne Conventions. These, and possibly others, must be examined for applicability to the area of DNS and the Internet.

    In addition to intellectual property matters, the United States has federal statutes which limit or prohibit the use of specific words or phrases. For example, the U.S. Amateur Sports Act addresses the use of the words Olympic, Olympiad and Citius Altius Fortius (the Olympic motto). There are, in all likelihood, similar statutes in most countries of the world that must be considered when dealing with legal issues related to global domain name registration and use.