.museum Agreement Appendix 5 | Whois Specifications
  ICANN Logo

.MUSEUM Agreement Appendix 5
Whois Specifications
(3 November 2007)


Appendix 5
Whois Specifications

Public Whois Specification

The Registry Operator will provide RFC954-conformant Whois service. This Appendix is subject to change by agreement of the Registry Operator and ICANN during the design process as well as during the IETF standards process. The following provides the target architecture and initial functionality. In addition, Registry Operator agrees to implement changes to this Appendix specified by ICANN to conform to the IETF provreg working group's protocol specification no later than 135 days after the IETF specification is adopted as a Proposed Standard [RFC 2026, section 4.1.1].

RFC954-Conformant Whois

The standard registry-level Whois service is intended as a lookup service for registries, registrars, registrants, as well as for other individuals and businesses that wish to query details about domain names or nameservers stored in the registry. The standard Whois service will provide a central location for all authoritative .museum TLD data. It will be in addition to Whois services provided by registrars.

The RFC954-conformant Whois service will be engineered to handle moderate transaction load and be integral to the standard suite of Registry Services. The RFC954-conformant Whois service will conform to the requirements of this Appendix.
The registry-level Whois service will provide Whois data in response to queries over port 43, in conformity to the RFC 954 standard. The Registry Operator, or other vendor arranged by the Registry Operator, will also provide a port 80 (web) interface to allow convenient user access to the Whois service.

Whois Service Data Elements

The registry-level Whois service will include the following data elements:

Minimum Data Update Frequency

The Registry Operator shall make reasonable efforts to have the data updated continuously as requests are processed, in a matter of seconds or minutes. The Registry Operator shall ensure that records in the Whois server are updated no later than 24 hours after the completion of the registration or modification transaction with the registrar.

Extensible Field Capability

MuseDoma will provide a directory service at directory.museum as described in Appendix 6. Means for accessing selected records in the database underlying that service may be provided as an extension of the Whois facility.

Privacy Capability

The Registry Operator may introduce the optional ability to associate privacy labels to a record in the Registry Database. These fields would appear in an "additional information" section of the Whois data. The maximum number of custom fields allowed per record is yet to be determined. The privacy label capability allows registrants to associate with certain data an indication of any special disclosure or handling restrictions.

Query Control/Object Type Control

The following keywords restrict a search to specific object type:

Domain: Search only by domain objects. The input string is searched in the Name field.

Contact: Search only contact objects. The input string is searched in the ID field.

Nameserver: Search only by nameserver objects. The input string is searched in the
nameserver name field or the IP address field.

Registrar: Search only registrar objects. The input string is searched in the Name field.
By default, if no object type control is specified, then the Name field of the Domain object is searched.

Whois Output Fields

The Whois service will provide responses to queries as described below. In the event that a query produces no match, the response of the Whois server will begin with the words "No matching data found."

Domain Record:

A Whois query that results in domain information will return the following fields from the Domain object and the associated data from host and contact objects. This set of data is also referred to as the Domain Record.

Domain ID
Domain Name
Domain Status
Sponsoring Registrar
ENS Identity
Registrant, Administrative, Technical and Billing Contact Information including
Contact ID
Contact Name
Contact Organization
Contact Address, City, State/Province, Country
Contact Postal Code
Contact Phone, Fax, E-mail
Name Servers associated with this domain
Created Date
Last Updated Date
Last Transferred Date
Additional fields (Sponsor specified)
Domain Registration Date
Domain Expiration Date
Domain Last Updated Date
Nameserver Record:
Nameserver ID
Nameserver name
Currently Associated (true/false)
Nameserver status
IP addresses associated
Created Date
Sponsoring Registrar
Last Updated Date
Last Transferred Date
Additional fields (Sponsor specified)

Contact Record:

A Whois query that results in contact information will return the following. This set of information is referred to as the Contact Record.

Contact ID
Contact Name
Contact Organization
Contact Address, City, State/Province, Country + 3 street fields
Contact Postal Code
Contact Phone, Fax, E-mail
Contact Registration Date
Contact Last Updated Date
Currently Associated
Contact Status
ENS Identity
Sponsoring Registrar
Created Date
Last Transferred Date

Registrar Record:

A Whois query that results in registrar information will return the following. This set of information is referred to as the Registrar Record.

Registrar ID (conforming to the IANA registrar-ids registry)
Registrar Name
Registrar Status
Registrar Address, City, State/Province, Country
Registrar Postal Code
Registrar Phone, Fax, E-mail
Registrar Administrative Contacts
Registrar Billing Contacts

Sample Whois Output

This section provides sample output from the Whois server for each type of Registry Object: Domain, Contact, and Nameserver. The output is structured as key/value pairs, which simplifies machine-readability.

Domain Record:

Input: whois "domain = musedoma.museum"
Output: Domain ID: AAA-0001
Domain Name: MUSEDOMA.MUSEUM
Sponsoring Registrar: SAMPLE
ENS Identity: ORG-00001
Domain Status: ACTIVE
Registrant Name: CARY KARP
Registrant Organization: MUSEUM DOMAIN MANAGEMENT ASSOCIATION
Registrant Address: FRESCATIVÄGEN 40
Registrant City: STOCKHOLM
Registrant State/Province: A
Registrant Country: SE
Registrant Postal Code: 10405
Registrant Phone Number: +46-8-5195-4055
Registrant Facsimile Number: +46-8-5195-5100
Registrant Email: KARP@MUSEDOMA.MUSEUM
Admin ID: PER-00001
Admin Name: CARY KARP
Admin Organization: MUSEUM DOMAIN MANAGEMENT ASSOCIATION
Admin Address: FRESCATIVÄGEN 40
Admin City: STOCKHOLM
Admin State/Province: A
Admin Country: SE
Admin Postal Code: 10405
Admin Phone Number: +46-8-5195-4055
Admin Facsimile Number: +46-8-5195-5100
Admin Email: KARP@MUSEDOMA.MUSEUM
Tech ID: PER-00001
Tech Name: CARY KARP
Tech Organization: MUSEUM DOMAIN MANAGEMENT ASSOCIATION
Tech Address: FRESCATIVÄGEN 40
Tech City: STOCKHOLM
Tech State/Province: A
Tech Country: SE
Tech Postal Code: 10405
Tech Phone Number: +46-8-5195-4055
Tech Facsimile Number: +46-8-5195-5100
Tech Email: KARP@MUSEDOMA.MUSEUM
Billing ID: PER-00001
Billing Name: CARY KARP
Billing Organization: MUSEUM DOMAIN MANAGEMENT ASSOCIATION
Billing Address: FRESCATIVÄGEN 40
Billing City: STOCKHOLM
Billing State/Province: A
Billing Country: SE
Billing Postal Code: 10405
Billing Phone Number: +46-8-51954055
Billing Facsimile Number: +46-8-51955100
Billing Email: KARP@MUSEDOMA.MUSEUM
Name Server: NIC.MUSEUM.ORG
Name Server: WWW.ICOM.ORG
Created On: JANUARY 2, 2002
Expires On: JANUARY 2, 2004
Updated On: JANUARY 2, 2002

Contact Record:

Input: whois "contact = Cary Karp"
Output: Contact ID: PER-00001
Name: CARY KARP
ENS Identity: ORG-0001
Organization: MUSEUM DOMAIN MANAGEMENT ASSOCIATION
Address: FRESCATIVÄGEN 40
City: STOCKHOLM
State: A
Country: SE
Postal Code: 10405
Phone Number: +46-8-5195-4055
Facsimile Number +46-8-5195-5100
E-mail: KARP@MUSEDOMA.MUSEUM
Sponsoring Registrar: SAMPLE
Created On: JANUARY 2, 2002
Updated On: JANUARY 2, 2002

Nameserver Record:

Input: whois "nameserver nic.musedoma.museum"
Output: Nameserver ID: HST-1
Nameserver name: NIC.MUSEDOMA.MUSEUM
Currently Associated (true/false):T
Nameserver status: ACTIVE
IP addresses associated: 130.242.24.6
Sponsoring Registrar: SAMPLE
Created by registrar: JANUARY 2, 2002
Last Updated by Registrar: JANUARY 2, 2002
Last Transferred Date: JANUARY 2, 2002
Additional fields (Sponsor specified)

Registrar Record:

Input: whois "registrar SAMPLE"
Output: Registrar ID: REG-01
Registrar Name: SAMPLE
Registrar Status: ACTIVE
Registrar Address 1: 123 Some Street
Registrar Address 2:
Registrar City: Acity
Registrar State/Province: RE
Registrar Country: CC
Registrar Postal Code: 12345
Registrar Phone: +11-11-1111-1111
Registrar E-mail: jdoe@sample.museum
Admin Contact Name: Jane Doe
Admin Contact Phone: +11-11-1111-1111
Admin Contact E-mail: jdoe@sample.museum
Billing Contact Name: Jane Doe
Billing Contact Phone: +11-11-1111-1111
Billing Contact E-mail: jdoe@sample.museum

Whois Provider Data Specification

Registry Operator shall provide bulk access to up-to-date data concerning domain name and nameserver registrations maintained by Registry Operator in connection with the Sponsored TLD on a daily schedule, only for purposes of providing free public query-based access to up-to-date data concerning domain name and nameserver registrations in multiple TLDs, to a party designated from time to time in writing by ICANN (the "Designated Recipient"). Any agreement between ICANN and a Designated Recipient for the license of such data (a "Whois License Agreement") will provide Registry Operator with the right to enforce the Designated Recipient's obligations under this Appendix and the Whois License Agreement directly against the Designated Recipient, whether through being made a party to or third-party beneficiary of such agreement or through such other means as may be appropriate. In addition, any Whois License Agreement will include the following provisions governing the use of such data by the Designated Recipient:

1. The Designated Recipient shall only use the data provided by the Registry Operator for the purpose of providing free public query-based Whois access as described in Section 3.1(c)(v) of the TLD Sponsorship Agreement. The Designated Recipient may not use such data for any other purpose.

2. The Designated Recipient shall use best efforts to implement any corrections to the data provided by the Registry Operator as soon as practicable.

3. The Designated Recipient must take such technical and organizational security measures as are, at a minimum, equivalent to those implemented by the Registry Operator with respect to such data.

4. Except for providing free public query-based access according to item 1 above, the Designated Recipient shall not transfer the data to any third party for any purpose except in the event that such third party becomes bound in the same manner as a Designated Recipient by the provisions of this Appendix and the Whois License Agreement.
The procedures for providing access, and the specification of the content and format of this data, will be as stated below, until changed according to the TLD Sponsorship Agreement. This Appendix is subject to change by agreement of Registry Operator and ICANN during the design process as well as during the IETF standards process. In addition, Registry Operator agrees to require Registry Operator to implement changes to this Appendix specified by ICANN to conform to the IETF provreg working group's protocol specification no later than 135 days after the IETF specification is adopted as a Proposed Standard [RFC 2026, section 4.1.1]. Accordingly, the following provides the target architecture and initial functionality.

A. Procedures for Providing Access

Registry Operator shall ensure Registry Operator prepares (i) full data sets for one day of each week (the day to be designated by ICANN) and (ii) incremental data sets for all seven days of each week. Full and incremental data sets shall be up-to-date and coherent as of 1200 UTC on the day to which they relate. Until a different day is designated by ICANN, the full data sets will be prepared for Sundays. (Note that on the ICANN-designated day both an incremental and a full data set are prepared.)

1. Preparation of Files Containing Data Sets. Each full and incremental data set consists of an XML document meeting the content and format requirements of Parts B and C of this document. Once the XML document is generated, the following preparation steps will be performed:

a. The XML document will be placed in a file named according to the following convention:

For full data sets: "wfYYMMDD" where "YYMMDD" is replaced with the date (YY=last two digits of year; MM=number of month; DD=day; in all cases a single-digit number should be leftpadded with a zero).

For incremental data sets: "wiYYMMDD" where "YYMMDD" follows the same format.

b. The Registry Operator may optionally split the document using the Unix SPLIT command (or equivalent) to produce files no less than 1GB each (except the final file). If files are split, an MD5 file (produced with MD5SUM or equivalent) must be included with the resulting files to isolate errors in case of transfer fault. The Registry Operator may optionally compress the document using the Unix GZIP command (or equivalent) to reduce the file size.

c. The file(s) will then be encrypted and signed using PGP, version 6.5.1 or above, with a key of DH/DSS type and 2048/1024-byte length. (Note that PGP compresses the escrow file in addition to encrypting it.) The Data Recipient's public key will be used for the encryption and the Registry Operator's private key will be used for the signature. Public keys will be exchanged between the Registry Operator and the Designated Recipient by e-mail, physical delivery of floppy diskettes, or other agreed means.

2. Transmission of Full Data Sets. Once prepared, full data sets will be provided either by the procedures for incremental data sets described in item A(3) below or, at the option of either the Registry Operator or the Designated Recipient, by writing the full data set to DAT tape (or other media mutually agreed by Registry Operator and the Designated Recipient) and sending it to the Designated Recipient by expedited delivery service (such as FedEx or DHL). If sent by expedited delivery service, the full data set will be scheduled for arrival no later than the second calendar day following the day to which the full backup relates.

3. Transmission of Incremental Data Sets. To permit the transmission of incremental data sets, Registry Operator shall make them available for download by the Designated Recipient by Internet File Transfer Protocol. Incremental data sets will be made available for download no later than 2000 UTC on the day to which they relate.

B. Content

The data sets (whether full or incremental) will consist of four types of objects:

1. Domain Objects. One type of object is the domain object, which corresponds to a single Registered Name. Each domain object includes the following data:

Domain ID
Domain Name
Sponsoring Registrar (IANA-assigned identifier)
Domain Status
Registrant, Administrative, Technical and Billing Contact Information including
ENS Identity
Contact ID
Contact Name
Contact Organization
Contact Address, City, State/Province, Country
Contact Postal Code
Contact Phone, Fax, E-mail
Name Servers associated with this domain
Created by Registrar (IANA-assigned identifier)
Last Updated by Registrar (IANA-assigned identifier)
Last Transferred Date
Additional fields (Registrar specified)
Additional fields (Sponsor specified)
Domain Registration Date
Domain Expiration Date
Domain Last Updated Date

2. Nameserver Objects. A second type of object is the nameserver object, which corresponds to a single registered nameserver. The nameserver object includes the following data:

Nameserver ID
Nameserver Name
IP Addresses associated
Sponsoring Registrar (IANA-assigned identifier)
Created by Registrar (IANA-assigned identifier)
Name Server Last Updated by Registrar (IANA-assigned identifier)
Last Transferred Date

3. Contact Objects. A third type of object is the contact object, which corresponds to a single contact (whether registrant, administrative, technical or billing contact). The contact object includes the following data:

Contact ID
Contact Name
Contact Organization
ENS Identity
Contact Address, City, State/Province, Country
Contact Postal Code
Contact Phone, Fax, E-mail
Contact Registration Date
Contact Last Updated Date
Currently Associated
Contact Status
Additional fields (Sponsor specified)
Sponsoring Registrar (IANA-assigned identifier)
Created Registrar (IANA-assigned identifier)
Last Transferred Date

4. Registrar Object. The final type of object corresponds to a single registrar. It includes the following data:

Registrar ID (conforming to the IANA registrar-ids registry)
Registrar Name
Registrar Status
Registrar Address, City, State/Province, Country
Registrar Postal Code
Registrar Phone, Fax, E-mail
Registrar Administrative Contacts
Registrar Billing Contacts

5. Objects Contained in Full and Incremental Data Sets. Full data sets include one domain object for each Registered Name within the Sponsored TLD; and nameserver, contact, and registrar objects for each nameserver, contact, and registrar referred to in any domain object. Incremental data sets consist of (a) those of the objects constituting a full data set that have been added or updated since the last incremental data set and (b) notations of deletion of any objects since the last incremental data set.

C. Format
Full and incremental data sets will be XML version 1.0, UTF-8 encoded documents conforming to the following schema:

<?xml version="1.0"?>
<schema targetNamespace="urn:musedoma:whoisdb"
xmlns="http://www.w3.org/2001/XMLSchema"
xmlns:whoisdb="urn:musedoma:whoisdb"
xmlns:eppcom="urn:ietf:params:xml:ns:eppcom-1.0"
xmlns:epp="urn:ietf:params:xml:ns:epp-1.0"
xmlns:contact="urn:ietf:params:xml:ns:contact-1.0"
xmlns:domain="urn:ietf:params:xml:ns:domain-1.0"
xmlns:host="urn:ietf:params:xml:ns:host-1.0"
elementFormDefault="qualified">
<!--Import EPP Element Types-->
<import namespace="urn:ietf:params:xml:ns:eppcom-1.0" schemaLocation="eppcom-1.0.xsd"/>
<import namespace="urn:ietf:params:xml:ns:epp-1.0" schemaLocation="epp-1.0.xsd"/>
<import namespace="urn:ietf:params:xml:ns:contact-1.0" schemaLocation="contact-1.0.xsd"/>
<import namespace="urn:ietf:params:xml:ns:domain-1.0" schemaLocation="domain-1.0.xsd"/>
<import namespace="urn:ietf:params:xml:ns:host-1.0" schemaLocation="host-1.0.xsd"/>
<annotation>
<documentation>XML Schema for Whois Data Escrow From MuseDoma
</documentation>
</annotation>
<!--Child Element-->
<element name="whois-data" type="whoisdb:whoisDbType"/>
<complexType name="whoisDbType">
<choice>
<element name="full" type="whoisdb:fullsetType"/>
<element name="incremental" type="whoisdb:partialType"/>
</choice>
<attribute name="tld" type="whoisdb:tldType" use="required"/>
<attribute name="date" type="dateTime" use="required"/>
</complexType>
<simpleType name="tldType">
<restriction base="string">
<enumeration value="museum"/>
</restriction>
</simpleType>
<complexType name="fullsetType">
<sequence minOccurs="1">
<element name="contact" type="ContactType" minOccurs="0" maxOccurs="unbounded"/>
<element name="domain" type="DomainType" minOccurs="0" maxOccurs="unbounded"/>
<element name="host" type="host:infDataType" minOccurs="0" maxOccurs="unbounded"/>
<element name="registrar" type="whoisdb:registrarType" minOccurs="0"
maxOccurs="unbounded"/>
</sequence>
</complexType>
<complexType name="partialType">
<sequence minOccurs="1">
<element name="contact" type="ContactType" minOccurs="0" maxOccurs="unbounded"/>
<element name="domain" type="DomainType" minOccurs="0" maxOccurs="unbounded"/>
<element name="host" type="host:infDataType" minOccurs="0" maxOccurs="unbounded"/>
<element name="registrar" type="whoisdb:registrarType" minOccurs="0"
maxOccurs="unbounded"/>
<element name="del-contact" type="contact:sIDType" minOccurs="0"
maxOccurs="unbounded"/>
<element name="del-domain" type="domain:sNameType" minOccurs="0"
maxOccurs="unbounded"/>
<element name="del-host" type="host:sNameType" minOccurs="0"
maxOccurs="unbounded"/>
<element name="del-registrar" type="eppcom:clIDType" minOccurs="0"
maxOccurs="unbounded"/>
</sequence>
</complexType>
<complexType name="registrarIDType">
<sequence>
<element name="registrar-id" type="eppcom:clIDType"/>
</sequence>
</complexType>
<complexType name="registrarType">
<sequence>
<element name="roid" type="eppcom:roidType"/>
<element name="registrar-id" type="eppcom:clIDType"/>
<element name="name" type="whoisdb:registrarNameType"/>
<element name="address" type="contact:addrType"/>
<element name="web-url" type="whoisdb:registrarWebUrlType"/>
<element name="iana-id" type="whoisdb:registrarIanaIDType"/>
<element name="contact" type="whoisdb:registrarContactType" maxOccurs="5"/>
<element name="status" type="whoisdb:registrarStatusType"/>
<element name="crDate" type="dateTime"/>
<element name="upDate" type="dateTime" minOccurs="0"/>
</sequence>
</complexType>
<simpleType name="registrarNameType">
<restriction base="token">
<minLength value="1"/>
<maxLength value="128"/>
</restriction>
</simpleType>
<simpleType name="registrarWebUrlType">
<restriction base="token"/>
</simpleType>
<simpleType name="registrarIanaIDType">
<restriction base="token"/>
</simpleType>
<complexType name="registrarContactType">
<simpleContent>
<extension base="eppcom:roidType">
<attribute name="type" use="required">
<simpleType>
<restriction base="string">
<enumeration value="administrative"/>
<enumeration value="billing"/>
<enumeration value="technical"/>
</restriction>
</simpleType>
</attribute>
</extension>
</simpleContent>
</complexType>
<simpleType name="registrarStatusType">
<restriction base="string">
<enumeration value="active"/>
<enumeration value="suspended"/>
<enumeration value="defunct"/>
</restriction>
</simpleType>
<complexType name="DomainType">
<sequence>
<element name="name" type="eppcom:labelType"/>
<element name="roid" type="eppcom:roidType"/>
<element name="status" type="domain:statusType" maxOccurs="14"/>
<element name="registrant" type="domain:contactType" minOccurs="0"/>
<element name="contact" type="domain:contactType" minOccurs="0"
maxOccurs="unbounded"/>
<element name="ns" type="eppcom:labelType" minOccurs="0" maxOccurs="unbounded"/>
<element name="host" type="eppcom:labelType" minOccurs="0" maxOccurs="unbounded"/>
<element name="clID" type="eppcom:clIDType"/>
<element name="crID" type="eppcom:clIDType"/>
<element name="crDate" type="dateTime"/>
<element name="upID" type="eppcom:clIDType" minOccurs="0"/>
<element name="upDate" type="dateTime" minOccurs="0"/>
<element name="exDate" type="dateTime" minOccurs="0"/>
<element name="trDate" type="dateTime" minOccurs="0"/>
<element name="authInfo" type="eppcom:authInfoType" minOccurs="0"/>
<element name="ENSIdentity" type="whoisdb:ENSIdType"/>
</sequence>
</complexType>
<complexType name="ContactType">
<sequence>
<element name="id" type="eppcom:clIDType"/>
<element name="roid" type="eppcom:roidType"/>
<element name="status" type="contact:statusType" maxOccurs="8"/>
<element name="ascii" type="contact:postalType"/>
<element name="i15d" type="contact:postalType" minOccurs="0"/>
<element name="voice" type="contact:e164Type" minOccurs="0"/>
<element name="fax" type="contact:e164Type" minOccurs="0"/>
<element name="email" type="normalizedString"/>
<element name="clID" type="eppcom:clIDType"/>
<element name="crID" type="eppcom:clIDType"/>
<element name="crDate" type="dateTime"/>
<element name="upID" type="eppcom:clIDType" minOccurs="0"/>
<element name="upDate" type="dateTime" minOccurs="0"/>
<element name="trDate" type="dateTime" minOccurs="0"/>
<element name="authInfo" type="eppcom:authInfoType" minOccurs="0"/>
<element name="ENSIdentity" type="whoisdb:ENSIdType"/>
</sequence>
</complexType>
<simpleType name="ENSIdType">
<restriction base="token">
<minLength value="8"/>
<maxLength value="14"/>
<pattern value="MUSEUM-[a-zA-Z0-9]+"/>
</restriction>
</simpleType>
</schema>

Whois Data Specification – ICANN

Registry Operator shall provide bulk access by ICANN to up-to-date data concerning domain name and nameserver registrations maintained by Registry Operator in connection with the Sponsored TLD on a daily schedule, only for purposes of verifying and ensuring the operational stability of Registry Services, the DNS, and the Internet.
The procedures for providing access, and the specification of the content and format of this data, will be as stated below, until changed according to the Sponsorship Agreement. This Appendix is subject to change by agreement of Registry Operator and ICANN during the design process as well as during the IETF standards process. In addition, Registry Operator will implement changes to this Appendix specified by ICANN to conform to the IETF provreg working group's protocol specification no later than 135 days after the IETF specification is adopted as a Proposed Standard [RFC 2026, section 4.1.1]. Accordingly, the following represents the target architecture and initial functionality.

A. Procedures for Providing Access
Registry Operator shall prepare a full data set for one day of each week (the day to be designated by ICANN). Full data sets shall be up-to-date and coherent as of 1200 UTC on the day to which they relate. Until a different day is designated by ICANN, the full data sets will be prepared for Sundays.

1. Preparation of Files Containing Data Sets. Each full data set consists of an XML document meeting the content and format requirements of Parts B and C of this document. Once the XML document is generated, the following preparation steps will be performed:

a. The XML document will be placed in a file named according to the following convention: "wfYYMMDD" where "YYMMDD" is replaced with the date (YY=last two digits of year; MM=number of month; DD=day; in all cases a single-digit number should be left-padded with a zero).

b. The Registry Operator may optionally split the document using the Unix SPLIT command (or equivalent) to produce files no less than 1GB each (except the final file). If files are split, an .MD5 file (produced with MD5SUM or equivalent) must be included with the resulting files to isolate errors. The Registry Operator may optionally compress the document using the Unix GZIP command (or equivalent) to reduce the filesize.

c. The file(s) will then be encrypted and signed using PGP, version 6.5.1 or above, with a key of DH/DSS type and 2048/1024-byte length. (Note that PGP compresses the escrow file in addition to encrypting it.) An ICANN public key will be used for the encryption and the Registry Operator's private key will be used for the signature. Public keys will be exchanged between the Registry Operator and ICANN by e-mail, physical delivery of floppy diskettes or other agreed means.

2. Transmission of Full Data Sets. Once prepared, full data sets will be provided according to paragraph a below or, at Registry Operator's option, according to paragraph b below:

a. Registry Operator shall make full data sets available for download by ICANN by Internet File Transfer Protocol (FTP) (FTP access will be password protected and limited to prespecified IP ranges). The data sets will be made available for download beginning no later than 2000 UTC on the day to which they relate and until the next full data set becomes available for download.

b. Registry Operator shall write the full data set to DAT (DDS-4) tape (or other media specified by ICANN) and sends it to ICANN by expedited delivery service (such as FedEx or DHL). The full data set will be scheduled for arrival at ICANN no later than the second calendar day following the day to which the data set relates.

B. Content

The full data sets will consist of four types of the objects and contents described for full data sets in the “Public Whois” section above.

C. Format

Full data sets will be XML version 1.0, UTF-8 encoded documents conforming to the
schema/document type declaration set forth in Exhibit B of Appendix 1.