Conclusion

 

This proposal is consistent with the continued expansion of the TLD name space,
and a globally unique public name space.  This proposal would not create
an alternative root structure, but rather seeks to be included. in the root
managed by ICANN.  Please see the remainder of the proposal. For details of
how the particular implementation plan would address issues such as
security, redundancy, and reliability, and the escrow of data to protect the
interests of the domain holders and the sponsors. As the technology for the
Internet and the DNS change over time, the applicants anticipate continued
attention to deployment of new technologies and new protocols that will improve
the functionality and reliability of the DNS.

 

This last conclusion section answers fully the concerns of ICANN as the first
criteria for assesing TLD proposals

 

Provisions to minimize unscheduled outages of registry or registration systems
due to technical failures or malicious activity of others;

Key points are:

• The registry server and TLD names servers are redundant, hot-swappable
  multiprocessor systems. The systems are safeguarded by two
  uninterruptible power supplies (UPS). RAID mass storage are used for
  fault-tolerancy and disk mirroring.
• Operating system of the registry server is an security enhanced version of
  Linux (buffer overflows exploits proof).
• Communications between registry server and remote elements such as
  whois and TLD name servers are done by using authentified,
  encrypted network links (Virtual Private Networks implementing IPSec
  technology).

 

Provisions to ensure consistent compliance with technical requirements in
operation of the TLD;

Key points are:

• The use of common DNS software such as BIND (The use of open source
  software can help).
• The respect to the relative RFCs and drafts.
• An intensive test phase before going live (see point g).
• While TLD in live, Zone files for new domain names will be systematically
  tested, only valid ones will be transmitted to TLD name servers.

 

Effects of the new TLD on the operation and performance of the DNS in general
and the root-server system in particular;

 

The small volume of new domains (30,000/year) comparing to others gTLDs will
have no effect on the root servers.

 

Measures to promote rapid correction of any technical difficulties that occur
(whether or not due to the TLD's operation), such as availability of accurate,
consistent, and helpful Whois information;

 

• Fast reactivity is first done by the quality of our engineering staff.
• Multiple TLD name servers are located at different physical locations and
  connected on different backbones.
• Whois servers: a load balancing system between multiple Whois servers
  will be implemented according to the RFC 1794 (DNS Support for
  Load Balancing), coordination will be done by incremental updates
  thru Virtual private networks.
• Technical choices are done to increase our reactivity such as, unique
  operating system and tools used on all elements of the registry (registry
  server, TLD name servers, Whois servers).

 

The protection of domain-name holders from the effects of registry or
registration-system failure, such as procedures for rapid restoration of services
from escrowed data in the event of a system outage or failure;

 

Protection of domain-name holders is done by the following ways:

• Two registry servers called central registry and mirror registry will hold
  exactly the same data. In case of failure of one of those systems,
  automatic switching is provided to the other system.
• Daily backups are performed, data are compressed, encrypted by using
  PGP and stored on a magnetic device. Additionally,  the encrypted
  backup file is transmitted to data escrow service providers thru virtual
  Private Networks. The information will be stored in an encrypted
  form. ICANN will hold the private key for accessing data.
   

 Provisions for orderly and reliable assignment of domain names during the initial
period of the TLD's operation.

 

The live operation of the TLD’s operation will be preceded by an extensive test
phase, with a complete simulation on an intranet of the elements of the
network, thus including registry, TLD name servers, whois servers and “pseudo”
root root-servers.

 

Analyses of the DNS request for the new gTLD on this intranet should match the
DNS requests on the internet using the existing TLD (.com,.net,.org). This
test phase passed, we will be confident of the compatibility of our
architecture with the existing DNS system.