28 Abuse Prevention and Mitigation

Prototypical answer:

1. Overview

Our objective in answering question 28 is to provide a thorough explanation of our policies and procedures to minimize abuse registration and other activities that have a negative impact on Internet users.

Protection of Internet users is a core value and a fundamental commitment of Lancaster and AFNIC, its registry backend service provider and is key to ensure consumer trust and to optimise user experience as described in the response to question 18. By implementing anti-abuse policy the registry will also contribute and protect the integrity, security and stability of the DNS.

In its online presentation of Registration Abuse Policy (RAP - available at http:⁄⁄www.icann.org⁄en⁄resources⁄policy⁄background⁄rap), ICANN offers the following definition:

“In general, the term covers a broad variety of illegal or illegitimate behaviors considered contrary to the intent and design of normal domain registration processes. Registration abuse often involves malicious actors trying to register in ways that avoid lawful authorities or conceal a registrantʹs identity. Registration abuse can also enable other kinds of abuses, such as phishing and spam.”

The .LANCASTER registry is committed to create and implement policies and procedure that prevent abusive registrations and other activities that have a negative impact on Internet users. According to the industry best practices presented in the Registration Abuse Policies Issues Report (ICANN 2008), the .LANCASTER registry will offer a wide range of effective safeguards to prevent abusive uses of domain names such as phishing, spamming, and also unlawful or fraudulent actions. The registry operator will regularly update these policies and procedures in order to maximize its readiness to deal with new threats at all levels and new forms of abuse.

For that purpose, the .LANCASTER registry will implement prevention and mitigations policies.

The main and most crucial strategy of the .LANCASTER TLD in terms of abuse prevention and mitigation results from the single user ⁄ single registrant registry model which will be followed to operate .LANCASTER.

Lancaster will thus be able to fully control and oversee operation of the .LANCASTER TLD. As a result, the .LANCASTER TLD will by its very nature be associated with trusted and genuine content. This model will allow the Applicant to control the operations of the .LANCASTER TLD and prevent violation of public interest, trade mark infringement and other types of malicious conducts. The .LANCASTER TLD will thus create an environment where opportunities for abuse and malevolent conduct will be virtually eliminated.

Whilst the very nature of the .LANCASTER TLD will help avoiding abuse and infringements, the Applicant is fully committed to address potential abuses and infringements in a timely and efficient manner if and when they occur.


Prevention starts at the time of registration, Whois accuracy (2) is therefore the first and main focus of .LANCASTER abuse prevention policies. The following answer describes in details the mechanisms in place to maximize Whois accuracy. Others mechanisms (3) will be implemented and described here, including removal of orphan glue records (4).

In addition to strong preventive measure against various forms of abuse, .LANCASTER will implement mitigation policies to address actual cases of abuse that may eventually occur. This answer will describe these mitigation measures in detail: single abuse point of contact (5), complaint handling policy and takedown procedures (6).

Resources allocated to handle prevention and mitigation (7) will be described at the end of this answer.
2. Definitions of what constitutes abuse in the TLD (based on the “Domain Name Anti-Abuse Policy” of PIR)

Spam: The use of electronic messaging systems to send unsolicited bulk messages. The term applies to e-mail spam and similar abuses such as instant messaging spam, mobile messaging spam, and the spamming of Web sites and Internet forums. An example, for purposes of illustration, would be the use of email in denial-of-service attacks;

Phishing: The use of counterfeit Web pages that are designed to trick recipients into divulging sensitive data such as usernames, passwords, or financial data;

Pharming: The redirecting of unknowing users to fraudulent sites or services, typically through DNS hijacking or poisoning;

Willful distribution of malware: The dissemination of software designed to infiltrate or damage a computer system without the ownerʹs informed consent. Examples include, without limitation, computer viruses, worms, keyloggers, and trojan horses.

Fast flux hosting: Use of fast-flux techniques to disguise the location of Web sites or other Internet services, or to avoid detection and mitigation efforts, or to host illegal activities. Fast-flux techniques use DNS to frequently change the location on the Internet to which the domain name of an Internet host or name server resolves. Fast flux hosting may be used only with prior permission of PIR;

Botnet command and control: Services run on a domain name that are used to control a collection of compromised computers or ʺzombies,ʺ or to direct denial-of-service attacks (DDoS attacks);

Distribution of child pornography;

Illegal Access to Other Computers or Networks: Illegally accessing computers, accounts, or networks belonging to another party, or attempting to penetrate security measures of another individualʹs system (often known as ʺhackingʺ). Also, any activity that might be used as a precursor to an attempted system penetration (e.g., port scan, stealth scan, or other information gathering activity).

Unlawful content or any content that contravene public order according to applicable legislation including French law and in particular to Law on the Freedom of the Press of 29 July 1881 (crimes against humanity apology⁄promotion or contestation, incitement to discrimination, hatred or violence).

2. Whois Abuse Prevention Policies

2.1 Whois Accuracy

RFC3912 specifies the Whois protocol and explain it as follows:

Whois is a TCP-based transaction-oriented query⁄response protocol that is widely used to provide information services to Internet users. While originally used to provide ʺwhite pagesʺ services and information about registered domain names, current deployments cover a much broader range of information services. The protocol delivers its content in a human-readable format.

Information about registered domain names is very sensitive. Lancaster and AFNIC, its registry backend service provider, shall insure the accuracy of the registrant contact information, including administrative, technical and billing contact details. In case of malicious or abusive activity, the Whois contact is usually the first and most important source of information. Whois accuracy is therefore a major step to counter malicious conducts. This information may be required by law-enforcement authorities to identify individuals and organizations responsible for domain names.

Given that the Applicant will be the only registrant of second level domain names under the .LANCASTER TLD to the exclusion of any other entity or individual, Whois accuracy should be extremely high or even perfect.

2.1.1 Syntactic and semantic registration constraints:

The .LANCASTER registry is firmly committed to run a “thick-registry” with high quality of data. The first step to accuracy is achieved through syntactic and semantic checks.

Standard EPP checks : a first set of tests is implemented in compliance with standards :
- RFC 5733, the Extensible Provisioning Protocol (EPP) Contact Mapping, requires contact data to contain a name, a city, a country code and an e-mail address for a syntactically complete EPP request

Additional checks : the following syntactic checks are implemented :
- a test to ensure that the domain name has the proper number of labels (which is two for a traditional registry that allows only second level domains to be registered),
- a test to ensure that no hyphens occur in position 3 and 4 of any of the domainʹs U-labels (to protect ʺxn--ʺ and future ACE prefixes),
- a test to disallow hyphens at the beginning or end of the name,
- a test to find ASCII characters which are neither a letter, nor a digit or a hyphen,
- a test to find invalid IDN characters, i.e. characters not contained in any of the support IDN character tables
- a test to validate IP address format using the following scheme :
〈ipv4-addr〉 [1-255](\.[0-255]){3,3}
〈ipv6-addr〉 [a-fA-F0-9:]+(:〈ipv4-addr〉)?
- a test to validate telephone and mail format using the following scheme (with specific tests for fr numbers):
〈num tel〉 \+[1-9][0-9]{0,3}〈sp〉[1-9]([〈sp〉\.-]?[0-9])+
〈num tel fr〉 \+33〈sp〉[1-9]([〈sp〉\.-]?[0-9]){8}
〈e-mail〉 (([^\s\(\)\[\]\.\\〉〈,;:ʺ@]+(\.[^\s\(\)\[\]\.\\〉〈,;:ʺ@]+)*)|(ʺ[^ʺ@\\\r\n]+ʺ))@〈label〉(\.〈label〉)*

Additional checks : the following semantic checks are implemented :
- a test to disallow reserved names if authorisation code is not present
- a test to disallow registry reserved names if authorisation code is not present
- a test to disallow ICANN reserved names
- a test to disallow otherwise reserved or unsuitable names
- a test to ensure that at least one address element is given

2.1.2 Verification tools

This verification procedure is designed to guarantee the reliability and the accuracy of the Whois database.

The .LANCASTER registry will conduct Whois accuracy verification for compliance with criteria concerning the reliability of registrant identification: the registry will verify whether the information provided by the registrant when registering the domain name contains inaccurate or false information about the registrantʹs identity.

Those verifications will be carried out periodically, on a random basis and following legitimate third-party requests.

A domain name may be blocked when a verification of the identification data provided by the registrant shows that it is inaccurate or that the registrant is not eligible.

A domain name may also be deleted further to such procedure. The deletion of a domain name can only occur after the registrant has been formally asked to rectify the situation and to modify its registration data to comply with eligibility criteria.

During the redemption period, the domain name can be reactivated with the same configuration. Once deleted, the domain name will re-enter the public domain and can be registered by a new applicant.

Given that the Applicant will be the only registrant of second level domain names under the .LANCASTER TLD to the exclusion of any other entity or individual, it will be virtually impossible for any domain name registrations not to comply with the registryʹs eligibility rules.

2.1.3 Whois Data Reminder Policy (WDRP)

In 2003, ICANN adopted the ʺWhois Data Reminder Policyʺ (WDRP, http:⁄⁄www.icann.org⁄en⁄registrars⁄wdrp.htm) which obliges ICANN-accredited registrars to send yearly Whois data reminder notices to registrants. These notices contain the Whois data currently on file for the respective domain, as well as instructions for the registrant about ways to correct the data if required. While the .LANCASTER Registry does not intend to replicate this reminder procedure on the registry level, the .LANCASTER registry will require that ICANN accredited registrar comply with WDRP.

2.2 Protection against unfair use of Whois service

The .LANCASTER registry is committed to insure the protection of said data against abusive behaviours. Firstly, the .LANCASTER registry will implement technical measures to prevent data mining on the Whois, such as automated collection of registrants’ email addresses, that may result in spamming. Secondly, the .LANCASTER registry and its registry backend service provider, AFNIC, will deploy all necessary means to secure access to its database, specifically by implementing procedures in order to prevent Unauthorized Data Modifications. These procedures will reinforce the security of both EPP and Web-based access to Whois data.

2.2.1 Protection against Data Mining

The .LANCASTER registry database user commits to using the published data according to the laws and regulations in effect. Besides, the user shall respect the provisions of all applicable data protection legislations.

As the user is accessing personal data, he must refrain from any collection, misuse or any act that could lead to invasion of privacy or damaging the reputation of individuals.

The .LANCASTER registry will be able at any time to filter the access to its services in case of malevolent use suspicions.

2.2.1.1 Captcha: users shall pass a Captcha before access is granted to the web based RDDS.

2.2.1.2 Rate-limiting: The registry has chosen limitation measures for the number of requests in order to prevent abuse in the use of personal data and to guarantee the quality of the service.

By a transparent parameter adjustment policy, the registry guarantees quality of service to the punctual users and professionals. The rates and thresholds of this system are described in the registry use case as part of answer to question 26.

2.2.1.3 White list: The white list mechanism offers specific access for registrars to the port 43 Whois considering that the incoming traffic must come from two pre-defined IP address. This white list access offers higher thresholds of rate limiting for the users.
2.2.2 Prevention of Unauthorized data modification

Data modification is managed through strict authentication and access policies.
- SSL⁄TLS protocol is used on all interfaces with clients (both EPP and web based SRS).
- a password policy is applied both on the password itself (minimum length, mandatory digits and non-alphanumerical characters), and on the live length of the password
- use of an SSL client certificate pre-installed by the registry for EPP access.
- IP authentication limited to two addresses.

The .LANCASTER registry backend service provider, AFNIC, will deploy its experience in the .FR ccTLD with a view to ensuring effective, timely and sufficient Domain Data Access Control.

Importantly, given that Lancaster will fully control and oversee operation of the .LANCASTER TLD, unauthorised data modifications will be virtually impossible.

3 Prevention of other abusive conducts

Whilst the very nature of the .LANCASTER TLD will help avoiding abuse and infringements, the Applicant is fully committed to address potential abuses and infringements in a timely and efficient manner if and when they occur.

3.1 DNSSEC (cache poisoning):
One of the main authentication issue encountered on the DNS is cache poisoning. This directly affects data flow at the DNS level without having to corrupt or modify data in the registry database.
The answer to this issue is implementation and deployment of DNSSEC. The registry operator already manages DNSSEC-enabled zones successfully: on September, 29th 2010, the .LANCASTER registry back-end service provider, AFNIC, finished adding its 6 ccTLDs key materials (DS records) into the IANA root zone, ending with .FR after extensive tests with its other TLDs. Since then, related DNSSEC operations and monitoring are spread inside the organization, alongside all other standard day to day operations, so that DNSSEC is a core service enabled by default.

3.2 Domain name Sniping (grabbing):
Domain name sniping refers to the practice of trying to re-register potentially interesting domain names immediately after they are deleted.

The .LANCASTER Registry supports the Redemption Grace Period as proposed by ICANN and implements it in full compliance with RFC 3915 (ʺDomain Registry Grace Period Mapping for the Extensible Provisioning Protocol (EPP)ʺ). This greatly reduces the possibility of a domain name being “forgotten” by its registrant.

4. Removal of Orphan Glue Records

According to the definition found in the ʺSSAC Comment on the Orphan Glue Records in the Draft Applicant Guidebook”, a glue record becomes an ʺorphanʺ when the delegation point NS record (the ʺparent NS recordʺ) that references is removed while retaining the glue record itself in the zone. Consequently, the glue record becomes ʺorphanedʺ since it no longer has a parent NS record. In such a situation, registrars and registrants usually lose administrative control over the record, and the recordʹs attribution to a certain registrar may become unclear, which makes it a potential vector for abuse.

The glue record policy in effect for the .LANCASTER TLD avoids this situation entirely by disallowing orphan glue records altogether. This corresponds to policy #3 mentioned in section 4.3 (page 6) of the SSAC document mentioned above. The technical implementation within the Registry and its associated zone generation process ensures this by the following measures:

- Any host object which is a glue record can be created only if the domain name exist and is sponsored by the registrar creating the host.

- Any deletion of a domain name which will subordinate hosts can be done only when these hosts are deleted. If these hosts are used in delegations for other .extension domain names, these delegations have to be removed to delete the host objects and then the domain name.
If the sponsored registrar of the domain name cannot remove these delegations (explicit refusal or inactivity from subordinate hosts registrar’s), it is possible to use a specific procedure by asking directly the registry. Then, the registry will contact the domain name(s) registrar which used in delegation the host object(s) and ask them to remove the delegations. Registrars have 10 days to remove these delegations, failing which registry will deactivate directly the DNS configuration of the domain name(s) concerned. At the end of the procedure, the registry will contact the sponsored registrar to tell them that he can delete the host object(s) and the domain name.

5. Single Abuse Point of Contact

To avoid abusive registration practices, the .LANCASTER registry will provide Internet users with a single point of contact on its website to report abuses.

This point of contact will include a contact web interface offering the possibility to Internet users to report any abuse concerning a name registered in the .LANCASTER registry.

Such contact web interface will be displayed on the registry’s website (phishing, spamming, trademark abuse etc.)

This single point of contact will enable a quicker and better management of complaints. Complaints will be addressed by filling out form through online services on the .LANCASTER registry website.

A dedicated team will be in charge of handling these various complaints in a due time. All requests should be acknowledged and processed within 24 hours. According to the nature of the reported abuse (phishing, spamming, trademark abuse, etc), an appropriate response will be taken by the .LANCASTER registry.

Moreover, Internet users will be given access to all necessary information regarding remedies for abusive online conducts on the registry Single Point of Contact webpage. The single abuse point of contact webpage will also contain links to all the relevant organizations addressing these issues.

6. Policies for handling complaints regarding abuse

6.1 Response to Abuse Notifications

The .LANCASTER registry will process each complaint in a timely manner and will take all the necessary steps to ensure a fully satisfactory and compliant resolution including by rapid takedown or suspension mechanisms.

Should immediate action be taken by competent authorities, the .LANCASTER registry is committed to alert such authorities without delay. As the French registry, AFNIC has already a proven record of handling such cases and will continue to work closely with these authorities. This may concerns the following cases (but limited to):

● Court orders
● Inquiries from law enforcement bodies (e.g, OCLCTIC - The Office central de lutte contre la criminalité liée aux technologies de lʹinformation et de la communication is the French Police unit specialized in cybercrime)
● Anti-phishing groups (e.g, CERTs)


6.2 Trademark abuse

Mechanisms aimed at addressing trade mark abuse and infringements are detailed as part of response to question 29.

7. Resourcing Plans

The .LANCASTER back-end registry services provider AFNIC provides the following resources:
Initial Implementation : Thanks to the experience and prior investment by its Registry Back-end Service Provider (AFNIC), the registry already supports the above mentioned technical abuse prevention and mitigation measures. No additional engineering is required for these, nor are additional development resources needed.
Ongoing maintenance: In support of the Registry Operator’s staff allocated to this function, AFNIC will have specially trained support staff available to assist in the implementation of potential verifications and takedown procedure for the prevention and resolution of potential abuse. Given the scale of the .LANCASTER TLD as well as the restrictive nature of its registration policy, we estimate that this would require no more than 5 man days per year of AFNIC anti-abuse support staff.

Similar gTLD applications: (0)