ICANN New gTLD Application

Mission

dot BENTLEY will augment the Applicant’s commitment to Driving Luxury Performance, the brand’s essence.

In this new namespace, Internet traffic will be driven to sites that are a reflection of the brand and users will gain the full benefit of the Bentley experience, secure in the knowledge of its authentic, credible and reliable source. dot BENTLEY will be positioned, promoted and deployed as the single, dependable and trustworthy domain for Internet users to access information relating to the brand.

Applicant’s History

Bentley is the definitive British prestige motor car company, dedicated to developing and crafting the world’s most desirable high performance cars.

The Applicantʹs origins date back to 1919 when Mr. Walter Owen Bentley built Bentley Number One at a property in New Street Mews in London, England. The company rapidly became a byword for motor racing success (winning the Le Mans twenty four hour race six times between 1924 and 2003) and, following acquisition by Rolls-Royce in 1931, Bentley became synonymous with luxury motoring.

Between 1931 and 1998 the Applicant was known as ʹRolls Royce and Bentley Motor Carsʹ and following acquisition by Volkswagen AG in 1998 the Applicantʹs name reverted to Bentley Motors Limited. Thereafter, the Applicant commenced a £500 million investment programme to improve its factory facilities and support future product development programmes. It now employs approximately 4,000 staff worldwide and has a global retail network in excess of 175 dealerships including 52 in Europe and 38 in the USA. The Applicant registered the domain name bentleymotors.com on September 26, 1996 in the early days of the commercial Internet and bentleymotors.com has been the Applicantʹs online home on the Internet for over fifteen years.

Globally, the company sold just over 7,000 motor cars in 2011, a year-on-year growth of 37% from 2010.

More details of the Applicantʹs history with comprehensive information on the companyʹs activities in every decade from 1910-1919 to 2000-2009 are available on the Applicantʹs website at http:⁄⁄www.bentleymotors.com⁄distinguished_heritage⁄history⁄1910__1919.

Bentley - the brand

Many unmistakable characteristics define a Bentley - handcrafted luxury, distinctive design, breathtaking power and performance, a refined and exhilarating driving experience. Yet it is the combination of these characteristics that make the brand so unique. A Bentley is unmistakable - all it takes is a glance at the twin headlights, matrix grille or the high waistline to know one. The paradox is that although the car is instantly recognisable, it takes time and effort to hand-build each one using the finest quality natural materials.

Bentley has always been about passion. In fact, its entire reputation rests on the experienced skills and passion of its people, handed down through generations. Many say that they work on each Bentley as if it were going to be their car. It’s no wonder that every machinist who creates a set of upholstery signs the back with their initials.

Rather than focusing on typical marketing characteristics, Bentley seek to create the essence of the brand which speaks to several, diverse, audiences with one common voice. dot BENTLEY will enable the Applicant to communicate this essence to these various groups with that same singular voice in an online environment. This will be innovative, ground breaking and indicative of Bentley’s commitment to Driving Excellence by driving Internet traffic to its TLD.

Audiences - the community of interest surrounding dot BENTLEY

The present application is not for a Community-based Designation. The Applicant intends the TLD to represent its brand on the Internet. Nevertheless, it is important to note that the TLD will focus on Bentley’s communications with an online audience who are interested in the brand - which might be described as a ‘community of interest’. This group of interested parties is diverse and covers both internal and external stakeholders.

Internally, the audience for the new TLD includes the Applicant’s various business units and personnel. Externally, it covers third parties who are close to the brand, namely customers, suppliers, potential employees including those interested in the Applicant’s apprentice programme, the dealer network, franchisees and licensees; together with the media and the extensive group of Bentley enthusiasts including those interested in heritage and motorsport. Accordingly, where throughout this application the expression ‘community of interest’ is mentioned, it means this diverse group of Internet users who will ultimately engage with dot BENTLEY.

dot BENTLEY - a new online resource within the namespace

It is anticipated that post delegation, dot BENTLEY will be promoted as the single source for trusted on-line communication related to the Applicant, its range of products and other related information and resources. Internet users will be encouraged (via a range of marketing techniques) to recognise and only access information contained at dot BENTLEY as being the exclusive trustworthy source of data relating to the company and its automobiles.

The delegation of dot BENTLEY will negate the opportunity for confusion among Internet users as communication from the Applicant will educate them to appreciate that no other source can provide the levels of assurance of trust that will be found at this new TLD.

It is anticipated that immediately following delegation of dot BENTLEY, second level domains will be limited to modest numbers. For example, www.bentley and⁄or mulsanne.bentley. In this way, the Applicant will afford itself the opportunity to begin the process of educating Internet users to access data about the brand at this new TLD. The requirements for this task should not be underestimated; Internet users have long been accustomed to .com and the indigenous ccTLD for the country in which they are domiciled. Accordingly, the Applicant intends that the promotion of dot BENTLEY will be continuous and vigorous such that the Registry will achieve its promotional goals.

Traffic to the TLD will be continuously analysed to determine the number of users continuing to access the Applicant at bentleymotors.com and those that are migrating to the new platform over time. As the education process gathers momentum and traffic increases, Bentley would seek to deploy greater numbers of domains at the second level for example accessories.bentley, parts.bentley, service.bentley etc.

It is difficult to establish just how long it will take to migrate Internet users however it is anticipated that within a 24 month period there will be a sufficient shift in patterns of behaviour, warranting increases in the deployment of domains at the second level.

Looking further to the future, the Applicant anticipates that within 36 months of delegation all on-line communication will be accessed at dot BENTLEY and that vistors to the .com domains and other generic and country code TLDs will be redirected to the new TLD.

Throughout this process, the Applicant will conduct regular research among Internet users to quantify the effects of the education process and its effectiveness in establishing dot BENTLEY in the consciousness of the community of interest. This combination of traffic analysis and user feedback will provide useful data and intelligence as to the success of the new TLD post delegation.

It is also anticipated that dot BENTLEY will be deployed for a variety of Internet services besides the World Wide Web; specifically email for the dissemination of internal and external information.

i. Goal

Introduction

The overall goal of the dot BENTLEY top level domain is to drive excellence by becoming the trusted, authentic resource for online communication from and with the Applicant. This is the goal for dot BENTLEY’s specialty.

The Applicant has established a global reputation for an extremely high quality product and service levels that are the very best in the motoring industry worldwide. Its brand defines Driving Luxury Performance. The Applicant believes that, as the exclusive official online resource for the Bentley brand, dot BENTLEY will swiftly develop a quality reputation derived in large part from the Applicant’s own consistently strong, authentic and dynamic status. This is the goal for dot BENTLEY’s reputation.

Building on its longstanding experience of engagement with its community of interest via the Internet, the Applicant plans to use the gTLD to take the user experience to the next level - that of a newly relevant namespace which will directly engage the Internet user. The Applicant prides itself on its responsiveness to external and internal stakeholders, whether they be customers, the media, licensees or individuals within the dealer network. The Applicant believes that its existing approach can be further enhanced by delivering relevant information to the relevant Internet user via the newly relevant namespace, thus giving rise to the best of communication. This is the goal for dot BENTLEY’s service level.

The Internet and Bentley

Bentley has engaged with the commercial Internet since 1996. Its website at the URL www.bentleymotors.com serves as a source of information for its entire community of interest.

The Applicant’s website seeks to reach out to all parties who may be interested in the Bentley brand. Accordingly, it seeks to offer information to potential buyers as well as details in which wider enthusiasts may have an interest such as clubs and associations, factory tours and official merchandise. The site offers support to owners of Heritage Bentleys and provides a retail portal for the purchase of accessories and pre-owned vehicles.

dot BENTLEY is seen by the Applicant as a natural progression in its commitment to this very real and substantial online community of over 600,000 monthly visitors. It will serve to expand the Applicant’s commitment to Driving Luxury Performance into this new namespace such that corresponding Internet traffic will be driven to sites where users will gain the full benefit of the Bentley experience, secure in the knowledge of its authentic, credible and reliable source.

The Applicant is the definitive British luxury car company; it specialises in developing, crafting and selling the most desirable of automobiles and the Bentley brand stands for such values as power, exclusivity and individuality. Bentley’s vision is to become the world’s most successful luxury car company. These aims would be underpinned by the deployment of dot BENTLEY. Via this top level domain, Bentley will build on its reputation of exemplary customer satisfaction and sustainable business success.

These reputational drivers will be reinforced at every website associated with the dot BENTLEY TLD and will create a seamless online environment.

dot BENTLEY: Driving the Brand - Driving the Traffic

At Bentley’s core is a commitment to driving excellence - at the core of dot BENTLEY will be these same values in terms of driving Internet traffic to associated web sites, delivering a luxurious and individual user journey and an online performance concomitant with the offline experience.

In providing an exclusive top level resource for the community of interest in the Bentley brand, the Applicant will establish dot BENTLEY as one of the leading facets of the post-delegation new gTLD landscape. dot BENTLEY will serve to bring relevance and indeed innovation to the namespace, aligning with ICANN’s own goals for this important online development.

The delegation of dot BENTLEY will negate the opportunity for confusion as communication from the Applicant will educate Internet users to understand that no other source can provide the levels of assurance of trust that will be found at the new TLD.

Post-Delegation activities

It is anticipated that immediately following delegation of dot BENTLEY, second level domains will be limited to modest numbers. In this way, the Applicant will afford itself the opportunity to begin the process of educating Internet users to access the brand at this new TLD. The promotion of dot BENTLEY will require to be continuous and vigorous such that the Registry will achieve its promotional goals.

The analysis of traffic to the newly established TLD will be an ongoing process which will be regularly monitored to determine the number of users that continue to access the Applicant at bentleymotors.com and those that are migrating to the new platform over time. As the education process gathers momentum and the numbers of unique hits increase, Bentley would seek to deploy greater numbers of domains at the second level for example accessories.bentley, parts.bentley, service.bentley etc.

It is difficult to establish just how long it will take to move Internet users from what is the current norm however it is anticipated that within a twelve month period there will be sufficient shift in users patterns of behaviour which will warrant an increase in the deployment of domains at the second level.

Looking further to the future, the Applicant anticipates that within 36 months of delegation all on-line communication will be accessed at dot BENTLEY and that visitors to the .com domains and other generic and country code TLDs will be redirected to the new TLD.

The Applicant will conduct regular research to quantify the results of their education process and its effectiveness in establishing dot BENTLEY in Internet users’ consciousness.

ii. Competition, Differentiation, and Innovation

Introduction

Throughout the life of the Internet there have been many innovations that have improved trust and confidence among its userbase and which have in turn led to the development of enhanced products and services; the invention of the SSL certificate to name but one. However, there has to date been no corresponding advancement in the namespace itself.

With dot BENTLEY, the Applicant proposes to provide just such an innovation, namely an official brand resource, as a component of the generic namespace at the top level, which will be the trusted location for communications from and with the brand owner, directed at all of the relevant communities of interest. The opportunity to provide such an innovative resource within a TLD is unprecedented.

Through a variety of second level domains of close relevance to the Bentley brand, mission, values and goals, the Applicant will in time extend its pursuit of Driving Luxury Performance further into this new namespace such that the corresponding Internet traffic will arrive at the full benefit of the Bentley experience, secure in the knowledge of its authentic, credible and reliable source.

Today, Bentley stands for “powerful, exquisite and individual”. This unique message of exclusivity will be conveyed via the trusted and powerful resource that will underpin a dedicated top level generic domain name for the brand, both to differentiate the Applicant from other luxury car manufacturers and to innovate in methods of communication with all interested parties.

Previous challenges in the existing namespace

There are multiple parties who would seek to compromise the Applicant’s brand values in the existing namespace by registering domain names that aim to confuse Internet users and indeed divert traffic away from Bentley’s bona fide on-line offering. This is evidenced by various enforcement actions (including UDRP complaints) that have been necessitated by malicious activity of this nature. By establishing a strong and reliable presence at dot BENTLEY however the Applicant will be in a position to provide ABSOLUTE reassurance to Internet users that the dot BENTLEY TLD is the source of trusted data about the brand.

Furthermore, the existing namespace has made it somewhat challenging in the past for any organization with a global dealer network to be able to ensure consistency of approach and, more importantly, presentation within domain names throughout that network. Today, most brands strive to deliver dealer consistency via contractual arrangements however with a series of open namespaces and with a large and global dealer network this becomes difficult to police. Inevitably, consumer confusion can result from dealers adopting a range of different naming approaches.

It follows therefore that the delegation of dot BENTLEY will augment the existing domain name space by removing the opportunity for vulnerability among Internet users who may be deceived by confusingly similar domains in the existing space or simply unsure as to the authenticity of the dealership network. Further, by establishing dot BENTLEY, Internet users will be able to differentiate between the bona fide on-line offering and those of questionable or even merely unauthorized third parties.

Innovation and differentiation

It is anticipated that post delegation the TLD will be deployed in a variety of visionary and innovative ways including new ways of allocating domains at the second level for use by the Bentley dealer network. These could in turn be developed for the deployment of unique and innovative applications that could be exclusive to their field.

A Bentley motor car is, in its physical being, a vehicle that differentiates its driver from the crowd. The delegation of dot BENTLEY will further serve to differentiate the Applicant from other motor manufacturers and create an exclusive on-line presence for the communities the Applicant seeks to serve and with whom it seeks to communicate.

In time to come the Applicant envisages that the namespace could be the venue for the deployment of exciting and innovative automotive technologies which will allow owners the ability to communicate with their vehicles or simply to engage more efficiently and directly with the Applicant or its dealer network. While many of these technologies have yet to progress beyond the level of research and development it is inevitable that all such innovations will be enhanced by the ability to be deployed within a trusted portion of the namespace such as dot BENTLEY.

It is also noteworthy that the application is in itself an indicator of the far sightedness of the Applicant and is demonstrative of innovation. In an offline setting, the Applicant constantly seeks to innovate in its research and development programme for the production of pioneering motor vehicles. The application for dot BENTLEY is an extrapolation of that very same commitment.

iii. User Experience

In common with the themes adopted throughout this application the proposed gTLD will aim to establish a trusted presence for the Applicant at dot BENTLEY. Quite simply, dot BENTLEY will be developed to convey all that the brand stands for in the offline world to Internet users world wide.

The user experience itself will be as long as it is broad although at its core will be the key goal of relevance and authenticity of content, direct from the Bentley brand owner. Much of the individual experience will depend upon the stakeholder, whether they be internal or external, and whether they be customer, dealer, media or licensee.

The Applicant has historically been an innovative user of the present namespace to enhance relevance of content for its Internet users. The volume of relevant third level subdomains in the Applicant’s core domain, from continentalgt.bentleymotors.com to supersports.bentleymotors.com which point to specific content (and indeed which fulfil distinct yet consistent user experiences) bears witness. Such use of the existing namespace is true of relatively few brand owners. The Applicant intends to build on its innovations in the existing namespace by developing similar and extended relevant resources in the second level of dot BENTLEY.

dot BENTLEY will provide the Applicant with the eventual capability to personalise the user experience in line with the “Individual - ‘made for me’” aspect of its brand essence and values. This will give rise to a highly relevant user experience, compared to doing so via a third level domain within an existing open gTLD such as .com. While however this is the ultimate goal for the domain, the Applicant proposes a gentle migration to this new space so as to minimise the potential for confusion. Accordingly, while the Applicant looks forward to the ultimate goal, the initial user experience for dot BENTLEY can be expected to be closer to that of the Applicant’s existing online presence which, in itself, provides a powerful experience commensurate with Bentley brand values.

iv. Registration Policies

The Applicant proposes the dot BENTLEY Registry Domain Management Policy (DMP) designed to ensure 100% compliance with establishing a trusted presence on the Internet.

1. Eligibility

Only Bentley Motors Limited will be eligible to register second level domains at dot BENTLEY. Thus the only registrant of any given second level domain within the TLD will be the Applicant. In this manner, the Applicant’s goals of authenticity, credibility and reliability together with the assurances it proposes to its community of interest, all as mentioned throughout this application, may be assured. Furthermore, only proposals for registration containing an appropriate statement as to the business need for the domain name and emanating from or sponsored by personnel within the Applicant and its group of companies will be entitled to proceed to authorization.

2. Authorization

The Applicant will establish a Naming Committee which will authorize second level names to be registered. This group will comprise senior members of the Applicant’s personnel. Initially, they will meet on a weekly basis (depending on the number of applications for second level domains) and thereafter at regular intervals. The opportunity to conduct interim ad hoc meetings will be provided should the need arise. The Naming Committee will consider all applications from within the group to add domains at the second level. This scrutiny will ensure that rogue, bogus or unofficial second level domains will not be authorised and indeed that suitable internal due diligence will be performed before new registrations are effected.

3. Scrutiny

The Naming Committee will consider each proposed domain name from the perspective of the goals established for the top level domain as outlined throughout this application. This is, in effect, merely a slightly more sophisticated version of the policy already in force within the Applicant for the scrutiny of proposed third level domains within its current core domain name, bentleymotors.com, which has today around 500 third level sub-domains each of which has been individually assessed by an authorized official point of contact within the Applicant prior to its entry in the relevant zone file. Once a proposed second level domain passes this scrutiny it will proceed to clearance as outlined below.

4. First clearance check

As part of their remit, the Naming Committee will instruct that a clearance check be carried out on all proposed second level domains with a view to minimizing the possibility of infringement of third party rights. This will be achieved via meticulous checking of various online resources (such as the relevant trademark registries). In essence, it is anticipated that this process will be no different from the typical clearance check in which the Applicant engages should it be developing a new sub-brand within the overall Bentley brand.

It should be noted that the Applicant considers that it is highly unlikely that desired second level domain names within dot BENTLEY will fail a clearance check principally because only personnel within the Applicant will be seeking the registration of such domain names. Accordingly, the prospect of intentionally abusive registrations being entered within the registry is extremely low and in fact probably nil.

5. Submission to registrar and second clearance check

Authorised domains will be thereafter be submitted by the Naming Committee, or by an official within the Applicant upon whom the requisite permission has been delegated by the Naming Committee, for registration via an ICANN Accredited Registrar. In light of the eligibility requirements, the Registrar will only be entitled to take registration instructions from the Naming Committee or from a person within the Applicant having the Committee’s delegated authority. The Registrar will, either at the request of the Naming Committee or at random, undertake further checks such as a check within ICANN’s proposed Trademark Clearinghouse to ensure that the rights of third parties are not in any way compromised by the registration of specific domains.

6. Registration

Following any further checks as outlined above, the Registrar will proceed to register the desired second level domain name within the registry. The registrant of all such domain names will be the Applicant.

Clearly in addition to the DMP, and post delegation of dot BENTLEY, the Applicant will institute a Sunrise period for initial registrations, utilizing the Trademark Clearinghouse as mandated by ICANN. That said, given the eligibility rule outlined above, only the Applicant will be entitled to request that domain names be registered in dot BENTLEY and accordingly third parties will not require to protect their intellectual property in this new generic top level domain.

v. Privacy and Confidential Information

As noted at (iv), only the Applicant will be (within the policies of the Registry) eligible to register at dot BENTLEY. Accordingly, there will be no need to maintain registrant privacy as there can only be one – i.e. Bentley Motors Limited.

The Applicant is already committed to user privacy. Its current Privacy Statement may be reviewed online at its website. It is not at present anticipated that users will supply personal data in connection with dot BENTLEY however should this change (such as with possible innovations outlined in this application) Bentley will simply apply its Privacy Statement then in force to such data. With the restrictive registration policy outlined above, assuring the privacy of users should be straightforward.

Outreach and Communications

It will be vitally important for the Applicant to reach out to its community of interest. Bentley is known for its drive to create curiosity and innovation. The promotion of the new TLD will be an extension of these embedded values.

To promote dot BENTLEY, the Applicant will develop a communications programme (both on and offline) to include advertisements, posters, public relations and outreach to the dealer network. The programme will also encompass such audiences as schools and local community groups; graduate and apprentice audiences as well as the extensive base of enthusiasts.

The Applicant will seek to implement the above noted communications programme from the date of execution of the Registry Agreement. Between this time and delegation, it will work relentlessly to ensure that the launch will be abundantly anticipated and the transitional journey from .com to dot BENTLEY will have begun.

Bentley Motors Limited plan to create and operate a new dot BENTLEY Top Level Domain. This will be a standard but closed domain registry, with additions, changes and deletions being made solely by Bentley itself. The registry will operate initially through a single independent registrar who will interface with Nominet, the registry services provider, through their standard registry services outlined below.

Nominet, the registry services provider, will administer a comprehensive list of registry services all of which are developed, managed and maintained in house. The services Nominet will provide are:

- Operation of authoritative nameservers for dot BENTLEY
- Dynamic updates to zone files
- Extensible Provisioning Protocol (EPP)
- Dissemination of zone files
- Whois service (port 43 and web based)
- Searchable Whois
- Domain Name System Security Extensions (DNSSEC)
- Billing
- Customer support
- Abuse prevention

All registry services will be supported and reachable over both Internet Protocol (IP) Version 4 (IPv4) and IP Version 6 (IPv6).

It should be noted that Internationalised Domain Names (IDNs) are not being implemented for dot BENTLEY.

DNS operations

Nominet will operate authoritative nameservers for dot BENTLEY. The DNS constellation consists of a ʹhiddenʹ master nameserver, DNSSEC signer, one primary Unicast DNS node, six slave Unicast DNS nodes and four primary Anycast nodes.

Dynamic updates to zone files

All changes to nameservers for domain names result in an update to the dot BENTLEY zone file. All zone file changes are applied dynamically for the most rapid publishing to DNS. Propagation of updates through the nameserver network will be done using incremental zone transfer (IXFR).

EPP

An EPP system, compliant with Request for Comments (RFC) 5730 will be provided for registrars to register and administer domain names, contacts and nameservers. The EPP server is provided over TCP and is compliant with RFC 5734. EPP connectivity is protected using the Secure Sockets Layer (SSL) protocol.

Registrars may register new domain names in dot BENTLEY using the object definitions given in RFC 5731. Once a domain name is registered, the registrar of record will be able to update, renew, delete and query that domain name, using the respective operations as defined in RFC 5731. All registrars may issue domain check or domain transfer operations using the EPP system. If a domain transfer operation is requested, the correct authInfo value must be provided by the new registrar. The registrar of record is notified and has five days to prevent the transfer from occurring.

Registrars may also issue requests to create new contact and host objects, in compliance with RFC 5733 and 5732 respectively. Only the registrar of record may then issue requests to update, delete and query contact and host objects in line with those RFCs. A delete operation will only be successful if there are no domain names linked to the object. Host update operations will be successful only if all the domain names linked to the host are sponsored by that registrar.

All ICANN accredited registrars that have signed a dot BENTLEY registrar agreement will be eligible to use the EPP system. The identity of registrars will be verified with SSL certificates - if a valid SSL certificate is not used, the server will close the connection and no operations will be possible.

Registrars may only transform or query domain names if they are the registrar of record. The exception is for transfer operations, which may be requested by all registrars if they have access to the authInfo field for the domain name. The registrar of record may prevent transfer operations from completing.

Nominetʹs EPP server is fully standards compliant and all operations described by RFC 5730, RFC 5731, RFC 5732 and RFC 5733 will be accepted by the server. All inputs to the server are checked for validity and action is taken if an input will adversely affect the service provision. All data fields are sanitised to prevent Structured Query Language (SQL) Injection attacks. Bind variables are always used for database query statements. If a connection is open but unused for more than a given time, it is closed. If a registrar opens more than a given number of connections then the oldest connection is closed.

Nominetʹs EPP service is hosted at a primary data centre and fully replicated at a secondary data centre to ensure stability. Failover procedures are well practiced and comply with BS 25999.

The dot UK service Nominet currently provides accepts RFC compliant commands and meets all of the SLAs within Specification 10 comfortably. In December 2011 Nominet handled an average daily load of more than 1.3 million EPP operations with a read-write ratio of 12 to 1. EPP availability has averaged at 99.9% over the 12 months to December 2011.

Dissemination of zone file data

Nominet will provide daily zone files to ICANNʹs Zone File Dissemination Partner using the format specified in RFC 1034 section 3.6.1 and RFC 1035 section 5. Transportation will be via a method agreed with them.

Zone server status updates

Nominet will update registrars on changes to zone server status using a variety of methods including:

- email updates
- zone server status web page
- RSS feeds
- Twitter updates

Whois Services

Nominet will provide a real time Whois service for domain names, nameserver data and for registrar data. The Whois may be accessed by any internet user either through a web-based portal or via the Port 43 service.

The Whois Service will accept Transmission Control Protocol (TCP) connections on port 43 at whois.nic.bentley. Queries, terminated as specified in RFC 3912 by a carriage return and line feed, will be accepted. If the domain name is registered in dot BENTLEY then Whois information will be returned to the client. If it is not then an appropriate error message is returned.

The web-based Whois will be available at whois.nic.bentley. The user may enter the domain name, nameserver or registrar into a web form and will receive a response.

For both interfaces, if the request cannot be parsed as a domain name, nameserver or registrar then an appropriate error message will be returned.

The Whois service that Nominet currently provides for dot UK handles an average of between 800,000 and 1,000,000 lookups per day. Over the year to December 2011, the average monthly availability for this service was 99.99%. The server is designed to allow the limiting of requests from a single IP address to prevent denial of service. Nominet also monitors usage and performs statistical analysis to detect distributed abuse of the Whois.

Searchable Whois

Nominet will provide a searchable Whois service. This will be available on subscription to internet users. Nominet have provided this service for the dot UK domain name registry since 2006.

Nominetʹs searchable Whois allows for wildcard searches to be made on the domain name and registrant name. Results can be then exported as a comma separated values (CSV) file. Nominet will also offer the facility to allow users to set up to 20 search terms to be monitored automatically. Notifications will be sent by daily email if domain names are registered matching these search terms.

DNSSEC

The dot BENTLEY zones will be signed using DNSSEC. Nominetʹs EPP server will support the DNSSEC extensions defined in RFC 5910 to allow DS records to be set in the zone.

Customer services

Nominet has a large customer support department from which it will provide support to Bentley, its chosen registrar(s), registrants and other stakeholders. Nominet has a team of 24 support advisors that manage both first and second-line support activities. This team is backed up by a third-line IT support team consisting of an additional 30+ staff. Support is provided by telephone, email, rss feeds and social media, with first and second line support available Monday to Friday (8am to 6pm) and additional emergency support available 24x7x365.

Billing system

Nominet has developed a customised billing system for domain names. Whenever a chargeable event, such as a registration or renewal, occurs in the registry, a record is made in the billing system. This feeds through to the monthly invoicing runs.

The billing system has an automated and fully configurable credit management system. The available credit or funds are audited for all registrars with warnings sent using email if they run low. The system may be configured to set any credit limit for registrar, including a zero limit to allow no credit.

Nominet also provide an online service for registrars to pay invoices and to put money on account.

Abuse prevention

Nominet has extensive abuse prevention policies and measures which include the following:
- technical solutions to enforce usage policies
- Sharing information with registrars about notifications from anti phishing companies such as Netcraft
- Registry⁄registrar agreement policies to enforce good practice
- Checking the quality of Whois data

Risk and business continuity planning

A comprehensive Risk Register, aligned to BS31100 is maintained by Nominet, the Registry Services Provider (ʺRSPʺ), which anticipates and identifies the events which may produce uncertainty or negatively impact its operations and the achievement of its objectives. Risks are prioritised based on impact and likelihood, mitigating factors identified and remediation activities carried out. Risk owners and risk response owners are responsible for actively managing identified risks. The register is reviewed monthly by the Senior Management Team and bi-annually by the RSP’s Audit Committee.

The RSP has achieved BS25999 Business Continuity certification recognising its best practice approach to business continuity. It operates a full business continuity management system including a routine rehearsals schedule to ensure it can continue to operate in the most challenging situations safeguarding the registry and those that rely on it.

Stability

A registry service has an adverse effect on internet stability if it is not applicable with relevant authoritative standards or adversely affects the throughput, response time, consistency or coherence of responses to servers or end systems which are themselves operating in accordance with relevant authoritative standards.

Nominetʹs registry services will be fully stable as:
- They will fully comply with all RFCs listed in specification 6 to the Registry Agreement
- All responses given will be consistent and coherent.
- Nominetʹs registry systems will be responsive, comfortably meeting all SLAs given in specification 10 to the Registry Agreement.

Security

To prevent the unauthorised disclosure or access to information or to registry systems architecture and to prevent the unauthorised disclosure, alteration, insertion or destruction of registry data, Nominet secures its registry systems in a number of ways including, but not restricted to:

- Securing of networks using SSL
- Access to different network segments (both internally and externally) is controlled through firewalls, and VPNs
- VPN access uses two factor authentication
- Role based authentication of users providing the lowest level of access required to perform required functions
- Permanently manned reception and CCTV
- Geographically diverse datacentres
- Two factor authentication for physical entry to datacentres - one of which must be biometric
- Regular penetration testing by an independent organisation
- Regular vulnerability scanning by an independent organisation

Availability and continuity

All components making up Nominetʹs dot BENTLEY Registry Services will be provided on duplicated load balanced servers. A minimum of two virtualised servers will be provisioned on separate server racks and configured to each handle half of the traffic. In the event of a problem with one server, the load balancers will automatically direct traffic to the other server. The servers will be set up so that in the event of the loss of one server, the remaining servers will have enough capacity to handle the traffic.

The architecture making up the dot BENTLEY Registry Services will be fully provisioned upon Nominetʹs primary datacentre and replicated in full on the secondary datacentre. The database on the secondary datacentre will be replicated to within a few seconds of the primary.

This architecture allows Nominet to have standard operating procedures to enable transition within minutes if necessary and this procedure will be practiced on a monthly basis with the secondary datacentre becoming the primary and vice versa.

SRS overview

Nominet, the registry service provider, will administer a Shared Registry System (SRS) consisting of an Extensible Provisioning Protocol (EPP) interface to the registry. The interface is compliant with Specification 6 (section 1.2), complying with Request for Comments (RFCs) 5910, 5730, 5731, 5732, 5733 and 5734.

The implementation of EPP for dot BENTLEY is based upon Nominetʹs current EPP service for dot UK and will be deployed on the same architecture as the dot UK domain.

Nominet has run the dot UK EPP for the last 8 years and the service is used by 900 registrars, representing over 6 million domains out of the total of 10 million on the register. The dot UK EPP service easily handles over 2 million transactions per day with an average availability for 2011 of 99.90%.

High Level SRS system description

The network infrastructure for Nominetʹs SRS consists of two firewalls, two EPP application servers, and two middleware servers. All are load balanced. This is shown in figure 24.1 of the attachment Q24_SRS_Figures.pdf. The server specifications are shown in table 24.1 of the attachment Q24_SRS_Tables.pdf.

Nominetʹs EPP architecture for dot BENTLEY has been designed using a three-tier architecture. The two EPP application servers handle connection management and authentication along with confirming that requests are well-formed. The two middleware servers handle all business logic and manipulation of domain names and their associated objects. Finally, the registry data is stored in an Oracle database.

All EPP application and middleware servers are load balanced using a pair of f5 Network Big-IP servers.

Like Nominetʹs dot UK implementation, the EPP network for dot BENTLEY will be fully reachable over Internet Protocol Version 6 (IPv6).

Interconnectivity with other registry systems

All registry systems connect to one clustered Oracle database, which provides a single point of truth and prevents the occurrence of conflicting registration data updates.

When a domain is registered by a registrar using EPP, an entry is made in the database representing that domain name. Because the Whois reads directly from this database, the domain immediately becomes visible in the Whois with no delay.

Whenever changes are made to nameservers - when domains are registered or deleted or the nameservers are modified - a row is inserted into a database table that represents a list of updates to be made to the zone file. These updates are then pushed into the DNS using the IXFR protocol.

If a domain name is registered or renewed, then the SRS service programmatically triggers an update to the billing system. A chargeable event representing the registration or renewal is generated which feeds into the monthly invoicing system.

Availability and continuity

All components making up Nominetʹs Registry Services, including the EPP service, are provided on duplicated load balanced servers. A minimum of two virtualised servers will be provisioned on separate server racks and configured to each handle half of the traffic. In the event of a problem with one server, the load balancers will automatically direct traffic to the other server. The servers will be set up so that in the event of the loss of one server, the remaining servers will have enough capacity to handle the traffic.

The EPP architecture is shown in Figure 24.1 of the attachment Q24_SRS_Figures.pdf. Nominet will provision the network in full on both their primary and secondary datacentres. In particular, the database will be replicated in both datacentres. Nominetʹs two datacentres will be connected by two 10GB dual path and geographically diverse links. Each link will have a latency of less than one millisecond. Replication between the two datacentres will be asynchronous but the replicated data will only be a few milliseconds behind that of the live data. Should connectivity to one datacentre fail, the other will automatically assume the role of being the primary datacentre. The two datacentres will be connected to Nominetʹs main office by 1GB links. This allows mechanisms to be put in place to avoid possible ʺsplit brainʺ scenarios where connectivity between the datacentres is lost but both believe the other is lost and assume the primary datacentre role. Each datacentre will have a multi-homed 100MB transit link to the outside world. This connectivity will be handled by six Tier-1 providers in order to ensure availability and redundancy. Nominet will also maintain 100MB links to peering points with Internet Exchanges such as the London Internet Exchange (LINX https:⁄⁄www.linx.net⁄) and the London Access Point (LoNAP http:⁄⁄www.lonap.net⁄) from each datacentre.

This architecture will allow Nominet to have standard operating procedures to enable transition within minutes if necessary and this procedure will be practiced on a monthly basis, with the secondary data centre becoming the primary and vice versa. The relational database in the secondary datacentre will be asynchronously updated from the primary using Oracleʹs Dataguard Maximum Performance architecture.

In the very unlikely scenario that connectivity was lost to both datacentres (such that none of the six Tier-1 providers could connect to either datacentre), Nominet will maintain a third datacentre in Geneva, Switzerland that will be able to provide essential registry services in such a catastrophe.

Nominet already has a comprehensive business continuity management system with a full set of business continuity plans in place and is certified to the British Standard for business continuity, BS25999-2:2007.

Scalability

Provisioning applications on load balanced virtual machines means that Nominet can easily provision further servers should the load increase. However, Nominetʹs experience with operating the dot UK top level domain with its 10 million domain names, indicates that two application servers will easily meet the performance requirements in Specification 10 to the Registry Agreement.

The EPP service for dot BENTLEY will be deployed on dedicated virtual servers in Nominetʹs datacentre. The servers making up the dot BENTLEY EPP service will have their own dedicated resources as shown in Figure 24.1 of the attachment Q24_SRS_Figures.pdf.

Connectivity is shared with the other registry systems deployed at the datacentre for dot BENTLEY, dot UK and up to five other gTLDs. The total available bandwith is 10 gigabits per second and the available connectivity for each service will be throttled to an appropriate level to both provide sufficient connectivity for the EPP traffic levels and to mitigate against the impact of any traffic surges.

Performance

Nominet measures the internal processing time of all commands submitted to the EPP server to ensure that the SLAs given in Specification 10 of the Registry Agreement are met. Recent performance and availability figures for this are given in table 24.2 of the attachment Q24_SRS_Tables.pdf.

Based on all projections Nominet is more than confident that the capacity and redundancy of the SRS system for the dot BENTLEY domain, with an expected 500 domain names after two years, will result in equal performance figures to the dot UK domain.

Resource plan

Nominet has fully developed its SRS systems with pre-launch testing to be done in 2012. Nominet has large development, infrastructure and customer support teams experienced in running all its dot UK services. Nominet will dedicate the following resources and time from these existing teams, as well as additional resources where appropriate, to the pre-launch and post launch maintenance tasks:

Pre-launch

- Testbed deployment: 5 days by a system administrator
- Testing: 5 days by a developer
- Packaging: 2 days by a developer
- Production deployment: 5 days by a system administrator

Total pre-launch resource time 17 days.

Post launch

- Customer support: 1 hour per week
- Technical support: 1 hour per week

Total post launch resource 2 hours per week.

Introduction

Registrars will use Extensible Provisioning Protocol (EPP) to register and administer domain names, nameservers and contact objects for dot BENTLEY. Nominet, the registry service provider, will administer an EPP server which is fully compliant with Request for Comments (RFCs) 5730 to 5734. DNSSEC extensions compliant with RFC 5910 will be implemented.

Grace periods as defined in RFC 3915 will not be implemented for dot BENTLEY. However, they have been included in the underlying architecture and can be added at any point.

Nominet will modify the EPP server as necessary to support and comply with any EPP extensions which may emerge from ICANNʹs policy making process.

The EPP interface fully supports the registration lifecycle given in the answer to question 27.

Technical Plan

Nominet is experienced in running a highly available EPP service and has provided such a service to dot UK registrars since February 2008. It is used by 900 registrars, representing over 6 million domain names out of the total of 10 million on the register. The EPP server is provided over TCP and is compliant with RFC 5734. EPP connectivity is protected using SSL. The dot UK EPP service easily handles over 2 million queries per day and the monthly percentage availability figures for the 12 months to December 2011 are shown in table 25.1 of attachment Q25_EPP_Tables.pdf.

The EPP implementation for dot BENTLEY has been designed and will be built to match the scope and size of the dot UK registry implementation outlined above.

The EPP system has been designed using a three-tier interface-middleware-database architecture. The backend registry database will be Oracle 11g R2 Enterprise Edition based. Duplicate nodes will be used to ensure stability. The middleware will handle all business logic and will be implemented using Java and the Spring Framework (www.springsource.org). The interface module will handle connectivity and authentication of commands, and will be implemented using Java and Netty (http:⁄⁄www.jboss.org⁄netty).

Domain Name Mapping (RFC 5731)

The EPP server for dot BENTLEY will implement the domain object mapping defined in RFC 5731 and the following commands for domain objects will be available to registrars, as specified in that RFC:

- Info command to query the attributes of a domain name, including its nameservers, contacts and status values.
- Check command to check if a domain name is registered and the likely success of a subsequent Create command.
- Transfer query to query the status of a previous transfer request.
- Create command to register a domain name.
- Delete command to cancel or ʺunregisterʺ a domain name.
- Renew command to renew a domain name and extend its expiry date.
- Transfer command to move a domain name to a new registrar. This command may also be used to accept or reject transfer requests made on domain names by other registrars.
- Update command to modify the attributes of a domain name.

Registrars can use the EPP update command to set status values on domain names to prevent operations as specified in RFC 5731:
- clientDeleteProhibited. If this is set, requests to delete the domain are rejected.
- clientRenewProhibited. If this is set, requests to renew the domain are rejected. Automatic renewal on expiry still occurs.
- clientTransferProhibited. If this is set, requests to transfer the domain are rejected.
- clientUpdateProhibited. If this is set, requests to update the attributes of the domain are prohibited
- clientHold. If this is set, the domain name is not published in the zone file.

Domain Name System Security Extensions (DNSSEC) extensions Mapping (RFC5910)

DS records may be added to domain names in dot BENTLEY using the EPP extensions defined in RFC 5910.

Host Mapping (RFC 5732)

The EPP server will implement the host object mapping defined in RFC 5732 and the following commands for host objects will be available to registrars as specified in that RFC:

- Info command to query the attributes of the host object.
- Check command to find if a host object exists in the registry and the anticipated success of a subsequent create command.
- Create command to add a host object to the registry.
- Delete command to remove a host object from the registry, provided there are no domain names linked to it.
- Update command to modify the IP addresses or status values for the host object. IP addresses are only set if the superordinate domain name for the host is in the dot BENTLEY registry.

Registrars will be able to use the EPP update command to set status values on host objects to prevent operations as specified in RFC 5732:

- clientDeleteProhibited. If this is set, requests to delete the host object will be rejected.
- clientUpdateProhibited. If this is set, requests to update the attributes of the host object - to add or remove IP addresses or status values - will be rejected.

Contact Mapping (RFC 5733)

The EPP server for dot BENTLEY will implement the contact object mapping defined in RFC 5733 and the following commands for contact objects will be available as specified in that RFC:

- Info command to query the attributes of a contact object
- Check command to determine if a client identifier has been provisioned in the registry and the anticipated success of a subsequent create command.
- Transfer query command to query the status of a previously requested transfer operation.
- Create command to add a new contact object to the registry.
- Delete command to remove a contact object from the registry, provided no domain names are linked to it.
- Transfer command to move the object to a new registrar.
- Update command to modify the attributes of a contact object.

Registrars will be able to use the EPP update command to set status values on contact objects to prevent operations as specified in RFC 5733:

- clientTransferProhibited. If this status is set then requests to transfer the contact will be rejected.
- clientDeleteProhibited. If this status is set then requests to delete the contact will be rejected.
- clientUpdateProhibited. If this status is set then requests to update the contacts attributes will be rejected.

Resource Plan

The EPP server for dot BENTLEY has been implemented with pre production load testing and customisation to be completed in 2012. Nominet has large development, infrastructure and customer support teams experienced in running all its dot UK services. Nominet will dedicate the following resources and time from these existing teams, as well as additional resources where appropriate, to the post launch maintenance tasks:

- Monitoring and involvement in EPP standards development: 1 hour per week by a research team member and development team member.

Resources for technical and customer support of EPP have been included in the answer to question 24 and are not duplicated here.

High-level System Description

Nominet, the registry service provider, will provide a real time Whois for domain names, nameserver data and for registrar data. The Whois may be accessed by any Internet user either through a web-based portal or via the port 43 service.

The Whois services interface with the rest of the registry via a shared database. This ensures that data is correct and up-to-date, and a correct response can be generated at the instant that a query is received. The searchable Whois maintains its own cache for efficiency, which is refreshed hourly, directly from the shared registry database.

The services are implemented in a virtualised architecture (see Q32) and share a common infrastructure.

Standards compliance

The dot BENTLEY Whois service will be compliant with specification 4 of the registry agreement. It will be available on whois.nic.bentley. The Whois services (port 43 and web based) respond as described in Specification 4 of the Registry Agreement; an outline for this is presented in the paragraphs ʺData Objectsʺ below.

The web-based Whois will also be available at whois.nic.bentley as required by specification 4. The user may enter the domain name, nameserver or registrar into a web form and will receive a response. If the request cannot be parsed as any of these three categories then an appropriate error message will be returned.

The Whois service will be compliant with Request for Comments (RFC) 3912. As specified by the RFC, the Whois service will listen on Transmission Control Protocol (TCP) port 43 for requests from clients. If a valid request, terminated as specified in RFC 3912 by an ascii carriage return and line feed, is received then a response will be returned.

Performance and availability of the Whois service exceed the requirements given in Specification 10 of the registry agreement.

Data objects

The Whois services (port 43 and searchable) respond as described in Specification 4 of the Registry Agreement; an outline for this is presented in the paragraphs below.

Data objects: Domain names

If a request for a valid and registered dot BENTLEY domain name is received by either Whois interface then a response will be returned displaying information about that domain name in the key-value pair format described in Specification 4 of the Registry Agreement. The following information will be returned:

- Domain Name
- Whois server
- Dates - creation, last update, expiry
- Registrar details
- Any status values
- All contact details - Registrant, admin, tech and billing
- Nameserver information including Domain Name System Security Extensions (DNSSEC) status information.
- Time of last update of Whois database, which is the time at which the lookup was made.

If a valid request is received and parsed as a domain name, but the domain name is either not registered or out-of-registry then an appropriate error message will be returned.

Data objects: Hosts

If a request for a nameserver held within the registry is received then a response will be returned displaying information about that nameserver. Nameserver information will be displayed in the key value pair format described in Specification 4 of the Registry Agreement. The following information will be returned:

- Nameserver name
- Internet Protocol (IP) addresses, both Internet Protocol Version 4 (IPv4) and Internet Protocol Version 6 (IPv6)
- Registrar information
- Time of update of the Whois database, which is the time at which the lookup was made.

If a request is parsed as a nameserver but is not in the registry then an appropriate error message will be returned.

Data objects: Registrars

If a request for a dot BENTLEY registrar is received then a response will be returned displaying information about that registrar in the key-value pair format described in Specification 4 of the Registry Agreement. The following information will be returned:

- Name
- Address
- Contact name, phone numbers, fax numbers and email addresses.
- Website information

If a valid registrar Whois request is received and the requested registrar is not in the registry then an appropriate error message will be returned.

Bulk access

Nominet will provide ICANN with bulk access to Whois data as described in specification 4 of the Registry Agreement:

- Nominet will provide a weekly data file, using the Data Escrow format described in Specification 2, containing the thin Whois data described in Specification 4. The file will be made available to ICANN for download by SFTP. Other download methods will be provided to ICANN if requested in the future.

- In the case of registrar failure or other event that prompts the transfer of a registrars domain names to another registrar, Nominet will provide ICANN with up-to-date data for the domain names affected. Nominet will provide the data to ICANN in the Data Escrow Format described in Specification 2 within two business days. The file will be made available for download by SFTP or by any other method agreed with ICANN.

Data Protection

Nominet will ensure that data supplied by registrants is protected in accordance with all applicable laws (specifically the UK Data Protection Act 1998 and the European Union (EU) Data Protection Directive which informed it), including through an appropriately designed Whois implementation.

It should be noted that EU data protection laws place significant restrictions on the circumstances under which personal data can be distributed to the public. The Information Commissioner’s Office (the UK data protection authority to which the registry would be subject) has indicated to Nominet that the indiscriminate publishing of the personal data of individual registrants via the Whois would not be compatible with EU data protection laws. They regard an opt-out model of the kind used by dot UK and dot TEL to be the best compromise between ensuring the integrity of the Whois and protecting the data protection rights of individuals.

It is not intended to allow third parties to register domain names in dot BENTLEY as it is a closed registry and so there is no risk of publishing personal data.

Abuse

Potential forms of abuse to a Whois service include:

- Harvesting data - querying all domain names to provide a catalogue of contact details.
- Denial of service - making many connections to the Whois server, or flooding connections with data.
- Structured Query Language (SQL) Injection - crafting queries to the service to attempt to modify the underlying database.

The Whois server has a number of measures built into it to prevent such abuse:

- If a clientʹs request is not terminated within a reasonable number of characters then the connection with the client is closed automatically.
- Whois lookups are checked and sanitised to prevent SQL injection attacks.
- Bind variables are always used in all our database queries to prevent SQL injection attacks.
- The Whois server is implemented in a way that allows a limit to be placed on lookups from any single location.

Statistical analysis on lookups to detect distributed abuse is also performed.

Stability, availability and performance

Nominet is experienced in providing a stable Whois system and has done so for dot UK for many years. The Whois server is provided on a primary data-centre and fully duplicated on a secondary data-centre. Failover procedures are well practiced.

Percentage availability figures for the dot UK Whois are shown in table 26.1 of attachment Q26_Whois_Tables.pdf

Performance and availability will exceed the requirements given in Specification 10 of the new gTLD Agreement.

Searchable Whois

Nominet will provide a searchable Whois service to Internet Users on a subscription basis. Nominet has provided this service for the dot UK domain name registry since 2006 (known as the Public Register Search Service (PRSS)).

The Searchable Whois technology enables wildcard searches to be made on any fields, including:

- domain name
- registrant name
- postal address
- contact names
- registrar ids
- nameservers
- IP addresses

Searches on multiple fields may be combined using boolean logic.

Results can be exported as a comma separated values (CSV) file. Nominet also has the facility to allow users to set up to 20 search terms to be monitored automatically. Notifications are sent by daily email if domain names are registered matching the search terms.

The searchable Whois uses a separate database to the main Whois. This database uses the search and indexing technology provided by Apache Solr (http:⁄⁄lucene.apache.org⁄solr) to provide optimum search facility and speeds. The search database will be synchronised with the main registry database on an hourly basis.

The Searchable Whois has measures to detect and deal with abuse, similar to those for the port 43 Whois (see above).

Whois Architecture

The Whois server obtains its information directly from the main registry database so its responses are real time. The Whois server is developed in Java using the Spring Framework. Connection management is implemented using Netty (www.jboss.org⁄netty).

The Port 43 Whois infrastructure is shown in figure 26.1 of attachment Q26_Whois_Figures.pdf

The Port 43 Whois server specifications shown in table 26.2 of attachment Q26_Whois_Tables.pdf

The Searchable Whois Architecture is as shown in figure 26.2 of attachment Q26_Whois_Figures.pdf

The Searchable Whois server specifications are shown in table 26.3 of attachment Q26_Whois_Tables.pdf

The Searchable Whois is implemented as part of Nominetʹs interactive online services using the Spring Framework. The front end handles the interface with the user, including authentication, taking details of the search required and presenting the results. The middleware handles the mechanics of the search.

The front end and middleware servers are each provisioned as a load balanced pair, using the same load balancer topology and technology as the main Whois architecture above, namely a pair of F5 Networks big-IP servers.

The Whois service for dot BENTLEY will be deployed on dedicated virtual servers in Nominetʹs datacentres. The servers making up the dot BENTLEY Whois service will have their own dedicated resources as shown in Figure 26.1 of the attachment Q26_Whois_Figures.pdf.

Connectivity is shared with the other registry systems deployed at the datacentre for dot BENTLEY, dot UK and up to five other gTLDs. The total available bandwith is 10 gigabits per second and traffic through each server will be throttled to an appropriate level to both provide sufficient connectivity for the Whois traffic levels and to mitigate against the impact of any traffic surges.

It is estimated, from the Whois traffic experienced for Bentley domain names within the .uk zone that there will be up to 1,000 lookups per day. The dot BENTLEY Whois service is provisioned to handle more than 1,000,000 lookups per day.

IT and infrastructure resources

Nominetʹs two datacentres will be connected by two 10GB dual path and geographically diverse links. Each link has a latency of less than one millisecond. Replication between the two datacentres will be asynchronous but the replicated data will be only a few milliseconds behind that of the live data. Should connectivity to one datacentre fail, the other will automatically assume the role of being the primary datacentre.

The two datacentres will be connected to Nominetʹs main office by 1GB links. This allows mechanisms to be put in place to avoid possible ʺsplit brainʺ scenarios where connectivity between the datacentres is lost and both believe the other is lost and assume the primary datacentre role. Each datacentre will have a multi-homed 100MB transit link to the outside world. This connectivity will be handled by six Tier-1 providers in order to ensure availability and redundancy. Nominet will also maintain 100MB links to peering points with Internet Exchanges such as the London Internet Exchange (LINX https:⁄⁄www.linx.net⁄) and the London Access Point (LoNAP http:⁄⁄www.lonap.net⁄) from each datacentre.

The Whois infrastructure is described in the preceding paragraph ʺWhois Architectureʺ.

Service continuity

Nominet will provide the Whois network architectures shown in figures 26.1 and 26.2 of attachment Q26_Whois_Figures.pdf in a primary datacentre and replicated in full in a secondary datacentre. The registry database is replicated from the primary datacentre to the secondary using Dataguardʹs Maximum Performance Replication. The SOLR index is generated on both datacentres for the searchable Whois. This architecture allows Nominet to have standard operating procedures to enable transition within minutes if necessary and this procedure will be practiced on a monthly basis. The Whois servers maintain high availability via SAN and virtualisation replication technologies. Should connectivity to the primary datacentre be lost the service will instantly be available in the secondary datacentre.

Nominet has a full set of business continuity plans and these have been accredited to the BS25999 business continuity standard.

Customisation of Whois service

Nominet will customise the dot BENTLEY Whois service as required to handle any change in Whois output that may be deemed necessary by ICANN.

Resource plan

The dot BENTLEY main Whois service has been implemented, with pre production testing and customisation to be completed in 2012. Nominet has large development, infrastructure and customer support teams experienced in running all its dot UK services. Nominet will dedicate the following resources and time from these existing teams, as well as additional resources where appropriate, to the pre-launch and post launch maintenance tasks:

Pre-launch

- Test bed deployment: 5 days by a Systems administrator
- Pre-launch load testing: 5 days split between a systems administrator and a java developer
- Packaging for production: 2 days by a java developer
- Deployment to production: 5 days by a systems administrator

Total pre launch resource time 17 days.

Post launch

- Customer support: 8 hours per week
- Technical support: 4 hours per week
- Monitoring of and involvement in Whois standards development: 2 hours per week by a research team member and member of development team

Total post launch resource 14 hours per week.

Nominet, the registry provider, has implemented a lifecycle for dot BENTLEY domains which is based around Request for Comments (RFCs) 5730 and 5731. These RFCs define the Extensible Provisioning Protocol (EPP) interface for domain names including domain name registrations, updates, transfers, renewals and deletes.

Because the registry is closed, grace periods, as defined in RFC 3915, have not been implemented for dot BENTLEY.

Registrars who have signed a dot BENTLEY registry⁄registrar agreement will be able to register domain names that are not already registered for a period of one to 10 years. Registrars are able to renew their domain names to extend the registration period and may also delete domain names. If a domain name reaches the end of its registration period then it is automatically renewed for one year. If a domain is cancelled then it becomes immediately available for re-registration.

The lifecycle for dot BENTLEY domain names is shown in the state diagram in Figure 27.1 of attachment Q27_Registration_Lifecycle_Figures.pdf. Domain name states, which represent the stage that a domain name is at in the lifecycle, are shown in boxes. Trigger points, representing events that move a domain name onto a new stage in the lifecycle, are shown by arrows on the diagram. A domain name can also change state as the result of the passage of time. State changes defined in the Uniform Rapid Suspension System are considered exceptions to the state diagram, further details are set out in the penultimate section of this response. Domain name states are described below:

State: Available for registration

A domain name in this state is not registered and may be registered on a first come, first served basis by a registrar. The only EPP command that may be performed on the domain name is a create command to register the domain name.

State: Registered

This is the default state for a registered domain name. The registrar of record may use EPP to perform update, renew, transfer or delete commands.

State: Renewed

A domain name is in this state immediately after it has been successfully renewed, either by the registrar or automatically by the registry at expiry.

Trigger points represent the events that cause a domain name to change state, that is to move to an new stage in the lifecycle. The trigger points are described below:

Trigger point: create

This trigger point represents the registration of new domain names. Any registrar, that has signed a registry-registrar agreement for dot BENTLEY, may use the EPP create command to register a new domain name subject to the following pre-conditions:

- The domain name is a sub-domain of dot BENTLEY.
- The domain name is in the ʺavailable for registrationʺ state and so not already registered.
- The domain name is not reserved.
- The domain name consists only of the lower case ascii letters a-z, the numbers 0-9 or a hyphen -.
- The domain name does not have hyphens in the third and fourth characters.
- The domain name label does not begin or end with a hyphen.

If the above pre-conditions hold, a registration request will be successful and the domain name will be added to the registry database. The registration period and expiry date will be set according to the period specified in the create command. Following this, if the domain name has nameservers, a dynamic update will be made to add the domain name to the zone file.

All registration requests are performed immediately and there is no pending state.

Following registration, the domain name moves into the ʺregisteredʺ state.

Trigger point: renew

A domain name may be renewed, at any time by the registrar of record using the EPP renew command, subject to the following pre-conditions:

- The resultant expiry date for the domain name is less than 10 years in the future
- The domain name does not have either clientRenewProhibited or serverRenewProhibited locks set.

If these preconditions hold then the renewal will take place and the expiry date for the domain name will be extended by the period specified in the renewal request. The domain name moves into the ʺrenewedʺ state.

Trigger point: auto-renew

A dot BENTLEY domain name will be renewed by the registry if the following pre-conditions hold:

- The expiry date for the domain name has passed.
- The domain name does not have either clientRenewProhibited or serverRenewProhibited status values set.

The expiry date will be moved forward by one year and the domain name is placed into the ʺrenewedʺ state.

Trigger point: complete-renew

This trigger point occurs immediately after a domain name is placed into the ʺrenewedʺ state. The domain name is placed back into the ʺregisteredʺ state.

Trigger point: delete

A registrar may use the EPP delete command to cancel a domain name at any time provided the following pre-conditions hold:

- The registrar is the registrar of record for the domain name.
- The domain name does not have either serverDeleteProhibited or clientDeleteProhibited locks set.

Once a domain name has been deleted, it is placed into the ʺavailable for registrationʺ state and is immediately available for re-registration.

Grace Periods

Grace periods are defined in RFC 3915 and add registration states and trigger points to implement time periods following registrations, renewals, transfers and cancellations where the command can be reversed without penalty. Because dot BENTLEY is a closed registry, there is no penalty for undoing any of these commands at any time and grace periods are therefore not required. If, at any time, dot BENTLEY is opened up then grace periods can be easily added.

Domain Transfers

Domain transfers follow the process described in ICANN policy on transfer of registrations between registrars.

When a domain name is in the ʺregisteredʺ state, any registrar may issue a transfer request to move sponsorship of the domain to them. Transfer requests take up to 5 days to complete, during which time the registrar of record may reject the transfer and prevent it from completing.

The transfer process state diagram is shown in Figure 27.2 of the attachment Q27_Registration_Lifecycle_Figures.pdf. Domain name states are shown in boxes with arrows depicting the events that trigger change of state. The states and trigger points are described below.

State: registered

Any currently registered domain name may be transferred.

State: transfer pending

A domain name in the ʺtransfer pendingʺ state has had a transfer request submitted within the last 5 days and the registrar of record has neither accepted nor rejected the request.

When a domain name has been in the ʺtransfer pendingʺ state for 5 days, the ʺtransfer pendingʺ state is removed and the ʺtransfer acceptedʺ state is added.

State: transfer accepted

A domain name in the ʺtransfer acceptedʺ state has had a transfer request accepted, either directly by the registrar of record positively accepting the request using EPP or indirectly by the domain spending 5 days in the ʺtransfer pendingʺ state.

Trigger point: transfer request

A registrar may request a transfer for a domain name at any time provided the following preconditions are true:

- The registrar has signed a dot BENTLEY registry-registrar agreement
- The registrar can provide the correct authInfo value
- The domain name does not have the transfer pending status set
- The domain name does not have either the clientTransferProhibited or serverTransferProhibited locks set.

The transfer pending status is added to the domain name for five days and the registrar of record is notified. If, after five days, the ʺtransfer pendingʺ state is still set, the domain name is moved to the requesting registrar and the ʺtransfer pendingʺ state is removed.

Trigger point: reject transfer

The registrar of record may reject a transfer request when the domain name is in the ʺtransfer pendingʺ state. The ʺtransfer pendingʺ state is removed and the domain name returns to the ʺregisteredʺ state.

Trigger point: accept transfer

The registrar of record may accept a transfer request when the domain name is in the ʺtransfer pendingʺ state. The ʺtransfer pendingʺ state is removed and the domain name has the ʺtransfer acceptedʺ state added.

Trigger point: transfer

This trigger point happens immediately after the domain name has the ʺtransfer acceptedʺ state set.

The domain name is moved to the registrar that requested the transfer, the ʺtransfer acceptedʺ state is removed and the domain name returns to the ʺregisteredʺ state.

If a registration period was specified in the request, and adding that period to the current expiry date will result in the expiry date being less than 10 years in the future, then the domain is renewed for the period requested. The renew trigger point in the registration lifecycle described above is triggered.

Domain name attribute updates

A registrar may update the attributes of a dot BENTLEY domain name at any time provided the following preconditions are true:

- The registrar is the registrar of record for the domain name
- The domain name does not have either clientUpdateProhibited or serverUpdateProhibited locks set

The registrar may change the nameservers, add or remove contacts, or add or remove a lock.

If the clientUpdateProhibited lock is set and the other preconditions above hold then the registrar of record may remove the clientUpdateProhibited lock only.

Nominet would make updates to dot BENTLEY domain names upon direct request by Bentley themselves. This may include a transfer or addition of one of the registry set domain locks listed below.

Domain name locks

The registry and registrar of record may place locks upon the domain name to prevent EPP commands from succeeding. The registrar of record may place the following locks upon a domain name:

- clientUpdateProhibited to prevent update of the domain nameʹs attributes
- clientDeleteProhibited to prevent cancellation of the domain name
- clientTransferProhibited to prevent transfer of the domain name
- clientRenewProhibited to prevent renewal of the domain name
- clientHold to prevent publication of the domain name in the zone file.

The registry may place any of the following locks upon a domain name:

- serverUpdateProhibited to prevent update of the domain nameʹs attributes
- serverDeleteProhibited to prevent cancellation of the domain name
- serverTransferProhibited to prevent transfer of the domain name
- serverRenewProhibited to prevent renewal of the domain name
- serverHold to prevent publication of the domain name in the zone file.

Uniform Rapid Suspension

The Registry Operator will adhere to the URS procedure (currently in draft form). Within 24 hours of receipt of notification by email from the URS Provider the Registry Operator will lock domain name. This lock will prevent all changes to the registration data, including transfer and deletion of the domain name. The domain name will continue to resolve.

In the event of a URS determination in favour of the Complainant, on notifcation of the determination the Registry Operator will suspend the domain name for the balance of the registration period. The WHOIS output will reflect the requirements set out in the URS. The Complainant will be given the option to extend the registration period for a further year at commercial rates.

Resourcing plan

Nominetʹs registry systems supporting the lifecycle in this document have been fully developed. Nominet has large development, infrastructure and customer support teams experienced in running all its dot UK services. Nominet will dedicate the following resources and time from these existing teams, as well as additional resources where appropriate, to the following post launch maintenance tasks:

Post launch:

- Technical support: 1 hour per week by a customer support advisers

Total post launch resource: 1 hour per week.

This support level is consistent with the number of registrars and domain names that will be registered in the Bentley domain.

The dot BENTLEY Top Level Domain (TLD) will be a closed registry. All domain names will be registered to and used by authorised representatives of Bentley, the registry operator. As such, domain names will be subject to direct controls by the registry operator to avoid abuse and the risk of abusive registrations will therefore be significantly mitigated.

Abuse

Abuse is defined as action in the registration or usage of a domain in the TLD that would cause actual and substantial harm, and is illegal or illegitimate. Such abuse may occur at any stage of the domain name lifecycle.

In the context of domain name registration, abuse includes infringement of a third party right where the domain is used in a way that is unfairly detrimental to that third party. Abuse also includes phishing, pharming, botnets, fraud and other abuses that are identified in the future or that are brought to the Registry’s attention.

Abusive activity also includes that which gives rise to the registry’s reasonable belief that the dot BENTLEY domain space is being brought into disrepute; or where the activity related to a dot BENTLEY domain name risks placing the Registry in breach of any applicable laws, government rules or requirements; requests of law enforcement; or where any such activity would be likely to give rise to any liability, civil or criminal, on the part of the Registry Operator and Registry Services Provider, affiliates, subsidiaries, officers, directors, and employees.

Single point of contact

In advance of the launch of the dot BENTLEY TLD, a single abuse point of contact responsible for addressing matters requiring expedited attention will be published. This will be clearly visible on the Registryʹs existing website at bentleymotors.com and on the new registry website.

Registration policy

Bentley will establish a Naming Committee to be responsible for the development, maintenance and enforcement of the dot BENTLEY Registry Domain Management Policy (DMP). This policy defines the rules associated with eligibility and domain name allocation, sets out the license terms governing the use of a dot BENTLEY domain name and describes the dispute resolution policies for the dot BENTLEY TLD. This policy is intended to be updated and revised regularly to reflect Bentley’s strategic plans and, where appropriate, ICANN consensus policies.

The policy sets out that registration must comply with the following regarding abuse prevention:
- Domains must be used solely for purposes that enhance the strategic goals of Bentley.
- dot BENTLEY domains may not be used in a way which knowingly infringes any third party intellectual property rights.
- A dot BENTLEY registration must be an acceptable term that will not give rise to any moral or public order questions or in any way damage the strategic interests or reputation of Bentley.
- All dot BENTLEY domains will carry accurate and up to date registration records.
- dot BENTLEY domain names may not be used for illegal activities
- dot BENTLEY domain names may not be used for other activities that would be considered as abusive. This includes, but is not limited to: phishing, pharming, fraud, distribution of malware.

The Naming Committee reserves the right to place the domain name in ʹserverHoldʹ status, thus removing it from the zone file, or to delete a Bentley domain name at any time.

Complaints policy and procedure

Bentley treats complaints from members of the public extremely seriously and will establish a complaints procedure to enable members of the public to complain about dot BENTLEY domain names, or any content accessed via those domain names. The procedure will be publicised on the Registry’s existing website at bentleymotors.com and at the new Registry website. It will provide a first stage complaints procedure to Bentley’s dedicated complaints team, a second stage internal appeals procedure to the Naming Committee and a third stage procedure for further appeal, to Bentley’s senior management team. Complainants will be able to submit their complaint via the website, by post or by telephone and Bentley will generally respond to complaints within 10 working days. Bentleyʹs response may include, if appropriate, an apology and an explanation as to how Bentley intends to resolve the complaint.

Any person wishing to complain about alleged abusive registrations or other activities concerning the operation of the dot BENTLEY domain would be entitled to utilise this complaints procedure in the usual manner.

In the event that resolving a complaint requires the suspension (placing the domain in ʹserverHoldʹ status thus removing the domain name from the zone file, but not from Whois records) or cancellation of a domain name, this will be handled by the Naming Committee.

Rights holders will also have the option to complain via the UDRP and URS about any registration that they regard as abusive, but the Applicant would encourage any concerned rights holders to contact it in the first instance to attempt to resolve their concerns informally. Further details regarding rights protection can be found in the answer to question 29.

Nominet, the registry provider, have well-established relationships with UK Law Enforcement agencies. Nominet and Bentley will work together to respond to complaints by these agencies, and such complaints will be acknowledged by Nominetʹs abuse team within twenty four hours. Following review, the complaint may result in one of the following actions:

- Modification of the usage of the domain name
- Suspension of the domain name
- Cancellation of the domain name.

Proposed measures for removal of orphan glue records

The default process for dot BENTLEY is to automatically detect and remove orphan glue records. However, where clear evidence in written form is presented that orphan glue records are present in the zone files of dot BENTLEY, Nominet, the registry service provider, will take the following action:
- A change request will be presented to Nominet’s second line support team by the person handling the complaint. The orphan glue record will be manually removed from the register and, if necessary, locks will be put in place which will prevent any further changes being made to the domain name record in question.
- The dot BENTLEY zone files update dynamically and so within 5 minutes of the change being made on the register the zone files will reflect the changed name server record.

Nominet runs a daily audit of the contents of its zone files and compares these against the contents of the registry database. In the event of a mismatch, Nominet personnel are alerted and the mismatch is corrected. This audit will help to reduce the occurrence of orphan glue records.

Measures to promote WHOIS accuracy

Bentley is committed to transparency in relation to domain name registration records and to the provision of complete and accurate Whois records.

As a closed registry, in which only Bentley personnel will be able to register second level domain names and only for business purposes, Bentley will be able to ensure the accuracy and completeness of all Whois records.

All domain names must be registered through the Naming Committee. As part of this process, Bentley personnel requesting the registration of a new second level domain will be required to provide a statement as to their business need for the domain name as well as full contact details of their name, position and business area.

The Naming Committee will perform regular audits to ensure this data remains up to date and accurate.

Information sharing

Nominet is well established in national and international industry networks covering registry specific threats as well as threats to the broader Internet landscape. It will continue this work, ensuring dot BENTLEY is as resilient and secure as it can be.

Nominet provides an aggregated feed of information highlighting domain names in its domains used for phishing purposes to the relevant registrar. This feed is collated from trusted sources and allows registrars to take prompt action against abusive domains. In the event that any dot BENTLEY domain names appear in the feed, action will be taken by Bentleyʹs Naming Committee to remove abusive content or to place the domain name in ʹserverHoldʹ status.

Controls to ensure proper access to domain functions

The ability to register domain names and amend details on the register will be limited to members of the Naming Committee. Access to the mechanisms by which such changes can be made will be password protected as a minimum, and consideration will be given to implementing further security measures (such as multi-factorial authentication). Records will be kept of all registration and amendment requests to maintain a full audit trail.

Resource plan

Bentley will establish a Naming Committee that will be responsible for all domain name registrations for Bentley. It is anticipated that this team will be responsible for the accuracy of Whois details.

In addition, Bentley has a dedicated team responsible for responding to complaints. As to whether additional personnel will be required to accommodate any uplift in complaints as a result of the operation of dot BENTLEY, this will be closely monitored and addressed as necessary.

Nominet has a large customer support team from which it operates the dot UK registry. It will provide sufficient resources to deal with orphan glue records and Law enforcement complaints. It is expected that this will require less than one hour per week from this team.

The purpose of the dot Bentley registry is to provide a stable and secure platform for electronic communication that is within the direct control of Bentley; to keep Bentley at the forefront of Internet technological development and to ensure that the integrity of the Bentley brand is maintained.

Safeguards against unqualified registrations

Bentley will establish a Naming Committee to be responsible for the development, maintenance and enforcement of the dot Bentley Registry Domain Management Policy (DMP). To ensure that all registrations are made in compliance with the registryʹs policies and eligibility restrictions, all dot Bentley registrations are managed through this Naming Committee. As part of this process, Bentley personnel requesting the registration of a new second level domain will be required to provide a statement as to their business need for the domain name as well as full contact details of their name, position and business area. The Naming Committee will scrutinise each statement prior to passing the application for rights protection clearance.

Rights protection

It is Bentleyʹs policy and practice to treat the intellectual property rights of others with respect and therefore rights protection is a core objective of the Registry. In particular, Bentley already has well-developed internal processes for clearing domain names prior to their adoption by the business so as to ensure as far as possible that new models, services and other initiatives do not infringe the rights of others. These processes include conducting a search against relevant trademark databases and a fuller legal advice process in the event that problems are identified by this search.

Bentley will implement and adhere to any rights protections mechanisms that may be mandated by ICANN at any time and will adhere to the requirements listed in Specification 7 of the registry agreement.

Sunrise period

ICANN mandate that sunrise registration services must be offered for a minimum of 30 days during the pre-launch phase. A 30 day sunrise period will be offered for dot Bentley and during this period eligible trademark owners registered in the Trademark Clearinghouse will have an early opportunity to register names in the TLD.

It should be noted that as only members of Bentley’s corporate group will be eligible to register domain names in dot Bentley, there will be limited registrations during the Sunrise period.

Trademark claims service

ICANN mandate that a trademark claims service is offered for at least the first 60 days that the registration is open for general registration. During this period, all potential registrants must be notified of the presence of trademark holders registered in ICANNʹs Trademark Clearinghouse.

A trademark claims service will be offered for dot Bentley and attempts to register a domain name which corresponds with a mark registered in the Trademark Clearinghouse will have to be approved by Bentley’s in-house Legal Team.

The checks will be carried out by Nominet UK, the Applicant’s registry services provider, who will fulfil the requirements to send notices out under the claims service, in order to keep the process at arms’ length.

Post the initial 60 days of general registration, clearance will proceed as outlined in the Applicant’s response to Q18 (b), namely eligibility; authorization; first clearance; second clearance; and registration.

Protection of third party trademark rights: implementation of the trademark Post-delegation Dispute Resolution Policy

The dot BENTLEY registry will follow the PDDRP process as required under the registry agreement. We believe that the approach to the operation of the dot BENTLEY registry set out in this application demonstrates that we intend to operate the dot BENTLEY registry in a way which will not harm the interests of trademark holders and therefore complaints under the PDDRP are unlikely. However, the dot BENTLEY registry commits to entering into good faith negotiations with parties who have a valid concern regarding their trademark rights, and to participating in good faith in the PDDRP process. In the unlikely event that a PDDRP complaint is brought against the dot BENTLEY registry, the complaint will be dealt with by Bentley’s in-house Legal Team.

Abusive use and takedown procedures

While registrations in the dot Bentley registry will clearly be subject to the UDRP and URS, the Applicant’s preference is for any rights holders with a concern about dot Bentley registrations to approach it in the first instance to discuss their concerns.

In the rare event that Bentley receives such a complaint of trademark infringement, this is treated extremely seriously. Bentley has a dedicated in-house Legal Team who investigate such complaints and respond accordingly.

Because dot Bentley will be a closed registry, Bentley does not anticipate that it will be subject to a significant number of third party claims of abusive registrations or activities otherwise harmful to the legal rights of others. That said, Bentley is committed to providing appropriate mechanisms to enable third parties to complain in the event that they consider their rights to have been infringed or otherwise harmed by Bentleyʹs conduct, and to provide a remedy in the unlikely event that such a claim is made out. Complaints will initially be addressed by Bentleyʹs in-house Legal Team and if a complaint is considered to be well-founded, Bentley will take one or more of the following actions:

- cease the harmful conduct
- suspend the domain name to remove it from the zone file
- cancel the domain name.

If at any time the complainant is unsatisfied with Bentleyʹs response then they can utilise the UDRP or URS policies. Alternatively, Bentley will ask Nominet to mediate the dispute. The mediation will be provided by Nominetʹs two qualified mediators who have substantial experience of such disputes from their role in mediating dot UK disputes under the dot UK Dispute Resolution Service.

Uniform Rapid Suspension (URS)

The URS process offers an accelerated process for trademark holders to protect their marks. The process will award in favour of the aggrieved party if they are able to show for a registered domain name the following:

- the domain name is identical or confusingly similar to their eligible trade mark
- the registrant has no legitimate right or interest to the domain name
- the domain name is being used in bad faith

If the URS process awards in favour of an aggrieved party then the domain name in question will be suspended. The nameservers for the domain name will be redirected to an informational web page provided by the URS Provider about the URS. The Whois will continue to display the original registrant information and will reflect that the Whois will not be transferred, deleted or modified for the life of the registration.

When a domain name that is subject to URS expires, then it will be deleted.

The dot Bentley registry will adhere to all URS decisions. Results of URS decisions will be implemented by Nominet, the registry services provider. Nominet has significant experience in implementing the results of dispute resolution processes as it has operated the dot UK Dispute Resolution Service for more than 10 years.

Nominetʹs four-person second-line support team will deal with any URS notifications relating to dot Bentley domain names as soon as is reasonably practicable, and in any event within 24 hours of receipt of the decision from the URS provider. The support team works 08:00 to 18:00 local UK time, with one member on-call outside of those hours to address any urgent issues. The on-call support team member will implement all URS notifications received outside of core working hours.

Uniform Dispute Resolution Policy (UDRP)

Under the UDRP, a trademark owner may submit a complaint to an approved dispute resolution service provider. In the event that the provider finds for the complainant then they may order a transfer, deletion or other action on the domain name. UDRP decisions are implemented by the relevant ICANN accredited registrar.

The dot Bentley registry will fully comply with all UDRP decisions and it will be a requirement on dot Bentley registrars to do so.

Resource plan

Bentley already has a dedicated in-house Legal Team responsible, inter alia, for responding to complaints of IP infringement. As to whether additional personnel will be required to accommodate any uplift in complaints as a result of the operation of dot Bentley, this will be closely monitored and addressed as necessary. However, given the modest number of registrations expected in the TLD, it is not presently anticipated that further resource will be necessary.

Nominetʹs existing Dispute Management team incorporating 2 qualified lawyers and 2 experienced mediators will handle mediation. URS decisions will be handled by Nominetʹs abuse team made up of four staff.

Nominet, the Registry Services Provider has been running the dot UK TLD for the past 15 years and has an impeccable security record in protecting both the dot UK TLD and the information within the registry. Nominet works at the forefront of information security and contributes to the development of both global and national security standards to further protect the security, stability and resilience of the Internet.

The aim of Nominetʹs Security Programme is to secure the business, its data, its people, and the services that the organisation provides. Nominet maintains policies, standards and procedures that are designed to protect the company assets according to their sensitivity, criticality and value.

The goals of Nominetʹs Security programme are:

- Allocation of responsibility by Nominet management for development, implementation, monitoring and review of information security policies and standards
- Monitoring, evaluation and management of information security threats, vulnerabilities and risks
- Awareness of, and adherence to, all published information security policies, standards and processes applicable to management or use of information assets by Nominet Personnel with access to such information assets
- Access controls and business continuity management of Nominet information processing facilities, information assets and business processes
- Implementation of an information security incident management process
- Periodic review of the Information Security Programme to ensure its effectiveness.

Processes and Solutions

Nominet employs security capabilities which are robust and appropriate for the high profile and large TLD registry that it operates. Nominet is fully compliant and certified with the British Standard for Business Continuity BS25999-2:2007. Any gTLD that Nominet operates will benefit from this proven security approach.

Physical security at Nominet includes a permanently manned reception area with CCTV monitoring of all entrances including recording of video. All staff wear visible corporate photo ID cards and are encouraged to challenge unaccompanied strangers. Access to server areas requires biometric identification in addition to ID cards. In addition to these physical checks already mentioned, Nominetʹs datacentre locations employ further physical security measures including a 24x7 manned reception, ballistic resistant glass mantrap, and air locks. Security staff ensure that access is only available to those specifically authorised. Nominetʹs servers are housed in a secure caged area within the datacentre with a card access controlled door.

Server security starts with a minimal install of the operating system, with extra software only being installed if required. Access is restricted to those required to administer the server and its software, with audits carried out at regular intervals to ensure that access is still required.

Patching is carried out as part of a regular and ongoing patch management programme to ensure that critical servers and services are kept secure. Nominet also maintain a very close relationship with DNS software providers and have reported bugs to them to help patch their software, following responsible disclosure guidelines.

All external connections to Nominetʹs systems are encrypted using TLS (Transport Layer Security), with internal connections being encrypted where possible. TLS ensures that where appropriate TCP, UDP and BGP connections are encrypted. All privileged access to Nominetʹs servers is protected with two factor authentication. HSMs are used where appropriate to store private key information.

Networks are separated with firewalls (Juniper SRX3600) deployed between different network segments to help protect Nominetʹs sensitive information. All external access to Nominetʹs services is through firewalls to servers located in a DMZ. Wireless access points in Nominetʹs offices are also located in a DMZ to prevent direct access to internal systems. Wireless access is encrypted following best practice guidelines. Only authorised devices are permitted to connect to the company network.

Access to all devices (desktop devices, servers, network devices etc) is via individual usernames and passwords controlled by a central directory service (Microsoft Active Directory). This allows easy control of all user access from a single location, helping simplify user access control. Access to Nominetʹs systems is forbidden unless expressly permitted, and users are granted the minimal access required to perform their job function effectively. Users are assigned unique user ids, and these user ids are never re-issued to other users. Accounts are disabled for any user who no longer requires access or has left the company, and user access is reviewed on a regular basis. The following roles are not carried out by the same people - Systems operation, Systems development, Systems⁄Network administration.

The following controls are also applied to separate systems:

- Development and production software are run in separate environments.
- Development and test work are separated.
- Development facilities are not loaded on production systems.
- Development personnel use separate logon IDs for development and test systems to reduce the risk of error.
- Development staff do not have access to production systems.

Anti-virus software from a reputable supplier is used to scan computers and media on a routine basis. Anti-virus software is kept up to date on a centralised basis.

All access to Nominetʹs services and servers is logged locally, and also to a central location. Nominet also collect logs from firewalls, Intrusion Detection Systems (IDS)⁄Intrusion Prevention Systems (IPS), network devices, security devices, applications, databases etc. Event correlation is performed on all these logs to help identify any unusual activity. Nominet use security information and event management software (Arcsight Express) to do this event correlation.

In addition to the monitoring that is carried out by the devices listed above, Nominet has developed a proprietary technology platform to capture and analyse traffic at its name servers. With this technology Nominet can discover trends, identify abuse patterns and research the behaviour of botnets etc. Using this Nominet can identify security flaws and help the company understand the effect they may have on global DNS infrastructure.

Security for in-house written applications is controlled in many ways:

- All application code is peer reviewed.
- Security guidelines for software development have been written and are followed.
- All source code is held in a central repository, access to which is restricted by password.
- All changes to code are regression tested to ensure the application continues to function as expected.
- All changes to code can be attributed to the developer who made them.

Secure disposal of equipment is tightly controlled, with all storage media removed from equipment prior to disposal and all media is then wiped in accordance with best practice guidelines.

Change control is a tightly controlled process at Nominet, with identification and recording of significant changes, including all changes to security configuration. Approval must be gained at every stage, with all changes tested before being put into the live environment. System owners are always involved in these changes to ensure that no registry system is affected without the business being made aware of upcoming changes. Assessment of the potential impact of any changes is made, and there is an approval procedure for proposed changes. Nominet try to ensure that implementation of change causes minimal disruption to normal operations, bundling up changes into a formal release where applicable. All changes must have an approved rollback plan for recovering from unsuccessful changes.

Staff are encouraged to report security incidents, and all such incidents are investigated by Nominetʹs system administration team, who have access to the research team if required. Action is taken to reduce the impact of the problem initially, and the root cause of the problem is determined. Action is then taken to deal with the problem, making changes as required. Any affected users are notified along with any recommended action (such as changing passwords).

Independent Assessment Reports

Nominet currently undergoes specific security testing as part of an approach to maintain PCI-DSS (Payment Card Industry Data Security Standard) Compliance. Using a third party (Trustkeeper), monthly scans are carried out against a section of Nominetʹs internet facing systems to test for vulnerabilities. These scans are designed to detect more than 5,000 known network, operating system and application vulnerabilities including the SANS Institute Top 20 list and are executed without any impact on Nominetʹs systems. The most recent scan was carried out on the 17th January 2012 and the result was a pass.

Nominet is also undergoing a three year programme of security testing using an ISO27001 certified third party assessor (First Base Technologies). The scope of the testing that First Base is carrying out includes (but is not limited to):

- Public IP Address Scan
- External Infrastructure Penetration Test
- Authenticated Remote Access Test
- Web Application Penetration Test
- Internal Infrastructure Penetration Test
- Server and Network technical Audit
- Wireless network Discovery
- Wireless Client Device Discovery and Analysis
- Building Access Test
- Email Spear Phishing
- USB Spear Phishing
- Telephone Social Engineering
- Technical Workshop participation

In addition to the above, First Base have also carried out training programmes for staff on information security vulnerability, and social engineering compliance. Nominet is fully committed to passing the programme of work being carried out by First Base, and where applicable, putting suitable remediation plans in place.

Other Security Measures

Nominet is fully engaged with National and International security agencies to fully understand the ever changing global risk register for security vulnerabilities. Agencies include the US NTIA, UK Cabinet Office, UK GCHQ (Government Communications Head Quarters), UK EC-RRG (Electronic Communications Resilience and Response Group) and many other formal and informal security groups.

Nominet works closely within the internet community to develop, support and publicise security standards and best practice across the global internet. Staff at Nominet helped develop the global DNSSEC security standard and authored a number of the key RFCs (Requests for Comments) that make up this standard. Nominet is currently at the forefront of DNS research, attempting to understand patterns of misuse and criminal behaviour with the global DNS. Nominetʹs Director of IT was selected as one of 12 global experts to analyse and audit ICANNʹs security, stability and resilience work and report back to both the ICANN board and the NTIA on areas for improvement. Nominetʹs Head of Research is a member of the DSSAWG (Domain Stability and Security Working Group) looking into how best to coordinate global DNS security incidents.

Commitments to registrants

We will commit to dot BENTLEY registrants that:

- All data will be secured and protected in line with ISO 27001 guidelines
- We will not take any action in relation to a domain name registration unless we are satisfied that it has been received from the right person;
- We will require registrars to prove their identity, including by the use of unique identifiers and multi-factorial authentication where appropriate, when they submit transactions to our systems;
- Our registrars will be contractually obliged to maintain the security of their system identifiers and passwords and prevent the unauthorised disclosure of the same; and
- The registry will be operated in accordance with the Data Protection Act 1998 which, amongst other things, requires us to implement appropriate technical and organisational measures to prevent unauthorised or unlawful processing of personal data, and against accidental loss or destruction of, or damage to, personal data.

Resourcing plan

Nominet employs a dedicated Head of Information and Technology Security to help develop best-practice security policy and to liaise with national and international security agencies, organisations and groups in order to ensure that both Nominet and the TLDs that it operates are as secure as possible.

The implementation of Nominetʹs security policy is already in place. Nominet has a dedicated security team and large infrastructure team from which it will dedicate the following resources to post launch maintenance tasks related to the security policies that will be used by the dot BENTLEY registry.

- Maintenance, review and improvement of the security policy and arrangements: 5 hours a week by the Head of IT Security
- Technical support: 5 hours per week

Total post launch resource: 10 hours per week.

Alisdair Stewart	Director
Christine Gaskell	Director
Hans Dieter Pötsch	Director
Jan-Henrik Lafrentz	Director
Martin Winterkorn	Director
Michael Straughan	Director
Rolf Frech	Director
Wolfgang Dürheimer	Director

New gTLD Application Submitted to ICANN by: Bentley Motors Limited

String: BENTLEY

Originally Posted: 13 June 2012

Application ID: 1-1096-37266

Applicant Information

1. Full legal name

2. Address of the principal place of business

3. Phone number

4. Fax number

5. If applicable, website or URL

Primary Contact

6(a). Name

6(b). Title

6(c). Address

6(d). Phone Number

6(e). Fax Number

6(f). Email Address

Secondary Contact

7(a). Name

7(b). Title

7(c). Address

7(d). Phone Number

7(e). Fax Number

7(f). Email Address

Proof of Legal Establishment

8(a). Legal form of the Applicant

8(b). State the specific national or other jursidiction that defines the type of entity identified in 8(a).

8(c). Attach evidence of the applicant's establishment.

9(a). If applying company is publicly traded, provide the exchange and symbol.

9(b). If the applying entity is a subsidiary, provide the parent company.

9(c). If the applying entity is a joint venture, list all joint venture partners.

Applicant Background

11(a). Name(s) and position(s) of all directors

11(b). Name(s) and position(s) of all officers and partners

11(c). Name(s) and position(s) of all shareholders holding at least 15% of shares

11(d). For an applying entity that does not have directors, officers, partners, or shareholders: Name(s) and position(s) of all individuals having legal or executive responsibility

Applied-for gTLD string

13. Provide the applied-for gTLD string. If an IDN, provide the U-label.

14(a). If an IDN, provide the A-label (beginning with "xn--").

14(b). If an IDN, provide the meaning or restatement of the string in English, that is, a description of the literal meaning of the string in the opinion of the applicant.

14(c). If an IDN, provide the language of the label (in English).

14(c). If an IDN, provide the language of the label (as referenced by ISO-639-1).

14(d). If an IDN, provide the script of the label (in English).

14(d). If an IDN, provide the script of the label (as referenced by ISO 15924).

14(e). If an IDN, list all code points contained in the U-label according to Unicode form.

15(a). If an IDN, Attach IDN Tables for the proposed registry.

15(b). Describe the process used for development of the IDN tables submitted, including consultations and sources used.

15(c). List any variant strings to the applied-for gTLD string according to the relevant IDN tables.

16. Describe the applicant's efforts to ensure that there are no known operational or rendering problems concerning the applied-for gTLD string. If such issues are known, describe steps that will be taken to mitigate these issues in software and other applications.

17. (OPTIONAL) Provide a representation of the label according to the International Phonetic Alphabet (http://www.langsci.ucl.ac.uk/ipa/).

Mission/Purpose

18(a). Describe the mission/purpose of your proposed gTLD.

18(b). How do you expect that your proposed gTLD will benefit registrants, Internet users, and others?

18(c). What operating rules will you adopt to eliminate or minimize social costs?

Community-based Designation

19. Is the application for a community-based TLD?

20(a). Provide the name and full description of the community that the applicant is committing to serve.

20(b). Explain the applicant's relationship to the community identified in 20(a).

20(c). Provide a description of the community-based purpose of the applied-for gTLD.

20(d). Explain the relationship between the applied-for gTLD string and the community identified in 20(a).

20(e). Provide a description of the applicant's intended registration policies in support of the community-based purpose of the applied-for gTLD.

20(f). Attach any written endorsements from institutions/groups representative of the community identified in 20(a).

Geographic Names

21(a). Is the application for a geographic name?

Protection of Geographic Names

22. Describe proposed measures for protection of geographic names at the second and other levels in the applied-for gTLD.

Registry Services

23. Provide name and full description of all the Registry Services to be provided.

Demonstration of Technical & Operational Capability

24. Shared Registration System (SRS) Performance

25. Extensible Provisioning Protocol (EPP)

26. Whois

27. Registration Life Cycle

28. Abuse Prevention and Mitigation

29. Rights Protection Mechanisms

30(a). Security Policy: Summary of the security policy for the proposed registry

© Internet Corporation For Assigned Names and Numbers.