Skip to main content

Letter from Stuart Lynn to Stratton Sclavos Regarding Proposed Revisions to VeriSign Agreements

Stratton Sclavos
Chairman and CEO
VeriSign Inc.

Dear Stratton:

After considering the various community comments received on the ICANN public comment page and elsewhere, and the communications from the Names Council and the various constituencies of the DNSO, and reviewing the draft amendments in more detail with those comments and communications in mind, ICANN management believes that the proposed agreements would be improved with the addition of a small number of text changes and certain other related undertakings between ICANN and VeriSign. We have discussed these with your representatives, and I understand that VeriSign is willing to agree to these undertakings. I would appreciate your confirmation of the following understandings:

1. There are a number of technical amendments required to correct errors and clarify meanings. Those for the proposed new .com agreement are attached to this letter; there would be similar conforming changes for the .net and .org agreements.

2. The continuing work of the ICANN budget process has produced a somewhat different approach to the cost recovery process than is reflected in the current draft agreements. We indicated to you at the time of our initial negotiations that this process was continuing, and included in the draft agreements the then-current articulation of the cost-recovery provisions that would be included in all the new TLD registry agreements. The attached technical amendment document also includes the replacement language that will now be included in all the new TLD registry agreements; this is not literally a technical change, but it is consistent with our previous discussions and I assume it presents no problems.

3. Perhaps the most common concern raised by the various DNSO constituency statements relates to the desire for a centralized WHOIS service for the com/net/org registries. While we believe that the proposed agreements as drafted commit VeriSign to develop and deploy a centralized WHOIS for the com/net/org registries if mandated by ICANN, at least parts of the community would be comforted by your explicit agreement that to that effect. Obviously, to the extent that such a mandate would cause VeriSign to incur additional costs, VeriSign would have whatever rights are provided under Section 22 to recover those costs, net of any relevant cost reductions.

In addition, some in the community have called for the dedication of a portion of the $200 million commitment to research and development contained in your letter of February 28,2001 to R&D related to a universal WHOIS service -- one that would allow effective use across all registries for all TLDs. We think this would be desirable, given the important public service that such a universal WHOIS service would provide. Any service resulting from this technology development effort should provide a truly open, standards-based interface, so that all applications developers would have access to the API's necessary to be able to utilize the service. Finally, if such a service was developed and deployed, we believe it should be available for use at a standardized reasonable fee. We understand you are willing to make these commitments to the community, which I believe are very valuable.

4. There have been a number of other issues raised during the various discussions relating to the operation by VeriSign of its registries or its registrar. Some of these seem to have merit, and I understand that VeriSign is willing to agree to certain changes in operations that would respond to these concerns. They include the following:

  • Providing greater advance notice of new or significantly changed registry services to all registrars. The existing agreement (in Appendix E) requires 60 days prior notice of various changes to the SRS, but it may well be that stability would be served by a slightly longer notice period (say 90 days) for the full range of Registry Services, as defined in Definition 9 of the proposed new .com agreement and in Section 1.16 of the proposed new .net and .org agreements.
  • Considerable concern has been raised about the potential for abuse of the ability to offer volume discounts contained in Section 22B of the proposed new .com agreement, and in Section 3.4.3 of the proposed new .net and .org agreements. Given the fact that the number of names under management by NSI Registrar is considerably larger than those of its next-largest competitor, a volume discount schedule could favor VeriSign's affiliated registrar. The simplest way to eliminate that possibility is to eliminate the volume exception to the language in the Sections cited above, which in general require that the same price be charged to all ICANN-Accredited Registrars. I take it that is agreeable to VeriSign.
  • The existing agreement allows VeriSign to charge new ICANN-Accredited Registrars a $10,000 fee for initial access to the SRS. While I understand that this fee is intended to recover out-of-pocket personnel costs of that initial implementation of the SRS, it is a small barrier to new entry that could have some impact. I understand that VeriSign is willing to abandon that fee.
  • Finally, there have been various concerns raised about the fact that the VeriSign registry charges a full $6 transfer fee for all registration transfers from one registrar to another, even when those transfers are the result of the bankruptcy or imminent failure of a registrar, and the resulting acquisition of that registrar or its assets by another registrar. It is an important contribution to stability to make the process of picking up the pieces of a registrar business failure easy and relatively inexpensive, since that will minimize any disruption to the registrants previously served by that registrar. On the other hand, it would not be appropriate to require a registry operator to absorb the costs of all transfers for any reason. Therefore, we have agreed to a process where, when ICANN certifies to VeriSign that a particular proposed transfer would serve the general community interest in stability because of actual or imminent business failure of a registrar, the registries operated by VeriSign would undertake to make the necessary one-time changes in the registry database for no charge, up to some absolute number of names (we propose 50,000). If the transfer involved more than that number of names, VeriSign would charge a reasonable, one-time flat fee to offset the costs of such changes.

5. Obviously, the common ownership of registries and registrars is a matter of concern to some in the community, particularly where the registries and registrars enjoy significant market shares. We believe that the combination of strict firewall protections, structural separation (operation of the registrar business through a separate subsidiary), and the potential that repeated or uncorrected violations of these requirements could result in the termination of the right to continue to operate the registries in question sufficiently reduce the risk of the competitive problems that have been raised. Nevertheless, some might argue that termination is such an extreme sanction that ICANN would be reluctant to employ it. Thus, we have agreed that there should be a separate and additional set of specific monetary sanctions, up to some reasonable cap, for violations of these separation requirements. Obviously, the amount of the financial sanction should be proportional to the violation and other relevant facts, including the number of prior violations (if any).

We believe that the points outlined here would increase the community benefits that supported our previously negotiated amendments to the existing agreement. Thus, I am pleased that you are willing to make these commitments. Please let me know if you believe I have accurately described our understandings.




M. Stuart Lynn
President and CEO

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."