.org Proposal

3. At the point of registration, the organization is queried for additional information for the DotOrg Directory (see C27) and provided with an option to purchase validation services from a list of validators. [2]

4. The Organization determines which validation service is appropriate for it and purchases that service through the registrar.

7. Validator completes its evaluation and the Organization’s Whois and DotOrg records are contacted by a secure Internet connection using a digital certificate and EPP.

8. The Registry and DotOrg records are marked as being “Validated” as of that specific date and the expiration date is noted.

9. The Organization is notified of their validation completion and an “Official” serialized DotOrg Seal is issued to that Organization for placement on their website. The DotOrg Seal will be issued by the DotOrg Foundation and will provide a link to the Organization’s record in the DotOrg Directory (see below).

10. An SSL server certificate is issued for installation on the Organization server. This certificate has a link in the certificate information field that provides a secure HTTPS connection to the DotOrg directory. The digital certificate and Seal are included in the overall Validation services price.

11. Consumers can obtain information on the Organization and view the “Validated” DotOrg Record by:

Validation or renewal of Validation can be done post-registration after a connection through the registrar or directly through the validator, if permitted by the registrar. The process is much the same as above, except that the interface would allow the registrant to login with its username and password and initiate the validation. The registrant would choose a validator from among those listed by the registrar and supply additional information as needed. The validator is notified as in Step 5 above, and Steps 5 – 11 would follow.

There is one special circumstance to be considered. If a registrant/registrar wants to modify the data in the Registry database record that has already been validated, then the validation will be released. This record would then have to be revalidated, if desired, but only through the validator.

The following is a list of potential validation categories available to noncommercial registrants. The final categories for validation ultimately would be provided by the validators.

See Attachment H6 for a list of potential validators. Please note that these validators have yet to be asked to participate in this initiative.

At the time of purchasing a validation, the .org registrant is entitled to receive a digital certificate and a Secure Server Seal for the basic validation price. The certificate will link back to the Whois record and the DotOrg Directory Record of the registrant, providing the public with reassurance that such website is that of the organization being sought.

Kintera is working with GlobalSign, a Belgium-based provider of certification and trusted third party technologies based upon European Union law. GlobalSign is privately owned by Vodafone (international mobile telecoms), ING (an international bank), KBC (a major Belgian bank), and Ubizen (software). GlobalSign products are designed to provide multilingual services to large public key infrastructure (PKI) projects in which the certificate numbers run into many millions. PKI is the basis of cryptographic (secure) communication on the Internet and PKI infrastructure is the network that underlies the use of public/private keys on the Internet. GlobalSign is currently providing products to nations such as Iceland and Bulgaria, to the European Commission as well as to large organizations and multinational companies. GlobalSign can provide certificates containing an HTML link to a validating site. Their Secure Seals can link to a validating site, as well. See Attachment H8 GlobalSign.

The database schema will contain the same objects as those in the registry database, as described in C17.2. Data transmission to the Registry is one way, and only the validator can write the validated flag, although it can be released by either the validator or the registrant. Status Attributes will be used to control this parameter and lock data records while validation is taking place.

New data fields will be accommodated as part of the contact object, related to a particular registrant (see C17.2). This will allow one registrant to be associated with multiple domain records. There may be some new data fields for the Domain object, such as free-form text to describe a particular domain and its relation to the noncommercial registrant.

Kintera has built its infrastructure in a manner very similar to that of Registry Advantage. The requirements are similar with the need to support at least 5 million domains in the database and large scale registrations, up to 100,000 per day. However, the Whois records of registrants participating in the DotOrg Directory will be replicated to Kintera which will substantially lower the relative processing needs over what would be required were there simultaneous writing to the DotOrg database. Validation recording will be brisk and the system is engineered to support five times the expected requirements. Kintera will substitute hardware and supporting software of greater or equal functionality as it becomes available and indicated from a scalability, reliability and throughput basis.

Kintera will use the concept of primary and secondary data facilities to maintain system reliability. The primary facility will be at Inflow San Diego and the secondary facility at a location to be determined in Europe or Japan. In the event of a failure at the primary site, failover will direct traffic to the secondary backup site. Sun Fire 6800 servers with Solaris 8 and Oracle 9i will be used for the database application. EMC storage arrays, Symmetrix 3930 for the active database and backup database and Clarion FC4700 for the standby database will be initiated with 500 GB of primary table space. EMC Connectrix switches will be used for the storage area network for the database. A NetApp 810 in a clustered configuration will be used to store database log files and compressed database files in the primary and secondary data facilities. Clustered IBM x330 servers running Linux will support the applications of Kintera, including the DotOrg Directory and the validators/registrars interface to the DotOrg database, and the certificate/seal issuing process. Alteon (Nortel) load balancer switches will be used for local and geographical load balancing of these application servers. Cisco routers, switches, and firewalls (Pix 525) will be used. There are no single points of failure. High-Availability is provided by redundant network devices, redundant colocation facilities and cluster technologies. See Attachment H9, Colocation, for an overview of the primary data center. The equipment chosen has been shown to perform well in the field and parts are reasonably well available.

This architecture is inherently scalable, with more memory and processors able to be added to the Sun Fire computers and more application servers able to be added to the local clusters as needed, and provides the same capacity as detailed above for Registry Advantage.

Security would be provided by the physical restriction of access to the colocation facilities, the firewall and the Layer 4 switches (Alteon), the use of internal IP addresses behind the Alteon, the encryption in the database, the use of VLANs and DMZs, Unix authentication procedures, and generally accepted measures for security. Read-Write access to the database is by the SSL secure protocol and this database cannot be reached directly from the Internet.

Tape backup will be performed daily and the tapes are secured offsite. There are redundant copies of the database available at all times.

All computers that can access Network servers have antivirus software running on a continuous basis. There are strict corporate controls in place to prevent introduction of viruses.

The DotOrg Foundation has an important responsibility to steward the development of the .org community, particularly in developing regions and communities. As part of this stewardship, the DotOrg Foundation may develop plans for new products and services that will be of use to the noncommercial community, as well as the .org registrants at large. Among such products may be new search capabilities for the intellectual property community, Whois-related products, or other products designed to improve registration or transfer capabilities. Products and services would be introduced by the Foundation upon consultation with the .org stakeholders and its Advisory Board in order to be responsive to the needs of the community and to build the competitiveness of the registry. These proposed new services must meet the same criteria outlined at the beginning of our response to Question C38.

The DotOrg Foundation may in the future provide for automated validation by registrants participating in the DotOrg Directory. This would allow noncommercial registrants to be validated through automated look-ups in third-party databases. While the DotOrg Foundation believes that the initial adopters of this validation would be legally registered nonprofit organizations, this system could easily accommodate various other noncommercial organizations that are members of associations, trade groups, or identified in government databases, or any other group that has a verifiable and web-enabled database of its members.

The DotOrg Foundation may in the future provide the ability for trademark holders and other intellectual property professionals to conduct advanced Boolean searches – in fields and by more text strings than available today.

However, many noncommercial organizations do not have the resources to professionally monitor the database. To help these organizations protect their names from malicious uses and to help the public avoid scams and other negative situations, the DotOrg Foundation may introduce a service that would allow registrants in the Directory to protect their intellectual property through a notification system that informs them of others registering using the same validation criteria.

The DotOrg Foundation believes in reaching out globally, which means serving registrants and registrars in countries where English is not the primary language. In order to effectively serve this community, the Foundation will strive to make its outreach and products and services accessible in multiple languages. The Foundation’s expansion into multiple languages will be gradual – beginning with the major languages (identified in consultation with the .org community).

In addition to expanding the .org TLD services, the DotOrg Foundation proposes to promote increased use of .org through an ambitious marketing and outreach campaign. The DotOrg Foundation’s campaign will in part rely on Kintera, whose core business, experience, and expertise is marketing to the noncommercial sector.

The DotOrg Foundation believes it can significantly enhance the .org registry by undertaking several marketing outreach initiatives:

Upon award of the bid, the DotOrg Foundation proposes to conduct further market research to better segment and evaluate the .org product and potential customers. The research would include a fully confidential, comprehensive survey project, conducted in coordination with registrars, targeting all tiers of customers, e.g., registrars, commercial end users and noncommercial organizations. The results of this survey would be shared with all .org registrars in order to help them ensure that they offer .org domain names to the appropriate customer segments. In order to respect registrar-registrant relationships and privacy concerns, the DotOrg Foundation would not disclose any particular registrant’s information or any particular registrar’s information without the appropriate registrar or registrant permissions.

To supplement the results of the survey, the DotOrg Foundation proposes to conduct focus groups with both noncommercial end users and registrars to capture more anecdotal and detailed information regarding how or why they use / offer the .org TLD. Other research initiatives would include general research on the state of the domain name market, gTLD versus ccTLD registrations, and changes in technology that may impact usage of domain names.

The DotOrg Foundation also proposes to undertake registrar outreach initiatives in an attempt to make the .org TLD more widely available to noncommercial organizations. The DotOrg Foundation would reach out to currently accredited ICANN registrars to ensure enhanced participation in the .org TLD. Outreach to current registrars would include email updates, seminars at ICANN conferences, and participation in other Registrar Constituency activities and programs, to inform such registrars of any new benefits in the .org registry and any impending changes. Programs designed for current registrars would include live demonstrations of the registry’s Account Management Interface (AMI), which is an on-line interface through which registrars can manage new and existing registrations, as well as run reports and monitor billing activities. Such programs would also include access to account managers who would provide individual and timely assistance as registrars negotiate new registrar agreements with the DotOrg Foundation and implement and launch the new registry-registrar protocol. The account managers would also be the registrars’ main point of contact for any questions, new product introductions, or support on an on-going basis once the registrars launch their systems and are actively registering .org domain names.

In addition to current registrars, the DotOrg Foundation would also like to reach out to associations and similar entities that specifically communicate with noncommercial organizations, both in the US and globally. Outreach to these organizations would focus on encouraging them to become ICANN accredited registrars or partner with registrars in order to better serve their noncommercial constituents by offering .org registrations. The DotOrg Foundation would post a list of all .org registrars, with contact information, on its website.

Much of the media placement strategy on behalf of the DotOrg Foundation will be educational in nature and focus on noncommercial trade publications and conferences. Elements of the program to be implemented will include speaking engagements to raise public awareness of the .org TLD and its renewed focus on the noncommercial community. The DotOrg Foundation proposes to increase contact with noncommercial stakeholders, and to provide written materials to those organizations outlining its renewed commitment to them, which they can distribute to their members to publicize the improved .org TLD. The DotOrg Foundation also proposes to participate in and make presentations at meetings and conferences with a noncommercial focus in order to further raise public awareness of the new .org TLD and .org registry.

In addition to members of the DotOrg Foundation attending such events, the registry will encourage registrars to attend and sponsor events at various domestic and international conferences, and if possible, support their attendance. Support to build public awareness could include co-marketing funds, facilitating travel arrangements, and helping to prepare materials and presentations for the events.

The DotOrg awareness campaign would include the following outreach to noncommercial entities:

In addition to reaching out to the noncommercial community, the DotOrg Foundation would reach out to current .org registrants to make them aware of the renewed noncommercial focus within the .org TLD. This outreach would focus on the benefits of having a new registry administrator, and any new and beneficial features of the .org TLD. This effort would also focus on ensuring continued domain name renewals in the .org space by emphasizing the trust and stability associated with noncommercial entities with a .org TLD. The mechanisms for this general education effort will include: information on the DotOrg Foundation website, links allowing .org registrants to send information and suggestions to the registry; and information and educational materials sent to registrars to disseminate among their customers.

Much of any marketing strategy targeting end-users would be the responsibility and decision of the .org registrars. The DotOrg Foundation’s marketing strategy would encourage registrars to heavily promote the .org TLD, and provide them with a new message to offer to their existing customers and as a way to increase new registrations and renewals. The DotOrg Foundation, in consultation with registrars, proposes to develop materials for use in registrar marketing and would encourage aggressive media strategies at the registrar level. To further encourage registrar marketing activities, the DotOrg Foundation may offer co-marketing funds to registrars to be used to target noncommercial end users. Marketing initiatives that are likely to be eligible for co-marketing initiatives include media and creative costs for online, print and direct mail. Additionally, the DotOrg Foundation would consider co-sponsoring various registrar promotions such as product giveaways and renewal incentives.

The DotOrg Foundation proposes to host an interactive community outreach space on its website to provide regular updates and information regarding the .org TLD and enable .org stakeholders, users, and other Internet consumers to provide input to The DotOrg Foundation Registry and share ideas amongst themselves. The website would provide a range of useful information, including transition schedule, and registration procedures, rules, and policies. This would enable anyone seeking information regarding the .org TLD to independently access such information at any time and from any location. A publicly available site with such information would especially help smaller nonprofit entities and smaller registrars who may not have the resources to respond to inquiries in a timely manner.

[1] It is estimated that the radio gained a population of 10 million listeners in 20 years. Television reached that audience in 10 years. Hotmail reached it in 7 months. Use of the Internet is bringing this revolutionary growth to philanthropy. It is only natural to expect that donors would seek opportunities to use the power of the Internet to promote the causes they support.

However, the dark side of the Internet is that it is very easy to exploit unwary donors who think that they are giving to a real nonprofit. Not unlike telemarketing scams that convince consumers to donate to non-existent organizations, the Internet provides an easy vehicle to do the same. It is important to the integrity of the philanthropic sector in general and the ePhilanthropy movement in particular that we take a proactive approach in providing trusted verification of nonprofits.

Electronic communication provides an unprecedented opportunity for the noncommercial organizations to reach out, to communicate the nature of continuing (as well as new) societal problems, to offer innovative solutions, and to seek support. The Internet in general and ePhilanthropy in particular can enhance this effort for large and small organizations alike.

[2] The validation purchase and attendant query described in this Step 3 and the subsequent Steps 4-11 may also occur at any point after successful registration, through the Organization returning to the registrar’s website.

[3] If validation occurs at a point subsequent to registration, the Whois data would have already been populated in the registry database. Similarly if validation occurs after a DotOrg Directory Record had been created, the relevant data would have been mostly populated in the Directory.

	Proposal Home \| Attachments
Proposal by Questions:
	C1 \| C2 \| C3 \| C4 \| C5 \| C6 \| C7 \| C8 \| C9 \| C10 \| C11 \| C12 \| C13 \| C14 \| C15 \| C16 \| C17 \| C18 \| C19 \| C20 \| C21 \| C22 \| C23 \| C24 \| C25 \| C26 \| C27 \| C28 \| C29 \| C30 \| C31 \| C32 \| C33 \| C34 \| C35 \| C36 \| C37 \| C38 \| C39 \| C40 \| C41 \| C42 \| C43 \| C44 \| C45 \| C46 \| C47 \| C48 \| C49 \| C50 \|

	VIII. DIFFERENTIATION OF THE .ORG TLD C38. Describe any measures you propose to make to differentiate the .org TLD from TLDs intended for commercial purposes. Your proposal should describe in detail any planned marketing practices designed to differentiate the .org TLD, promote and attract registrations from the global noncommercial community, and minimize defensive and duplicative registrations. The DotOrg Foundation will focus on two areas to differentiate the .org TLD: a) Creation of new services that provide added benefit to the global noncommercial .org registrants, as well as the Internet users interacting with noncommercial organizations; and b) Outreach and Marketing to the global noncommercial community, particularly in under-served regions, to registrants, and to registrars. The DotOrg Foundation anticipates that providing products and services that focus on the global noncommercial community will increase overall .org registrations by noncommercial organizations. At the same time, this renewed focus will not diminish the Foundation’s commitment or delivery of world-class registry services to all current and future .org registrants. New Services The DotOrg Foundation plans to implement a series of new technologies and services over the next several years to increase the usefulness of the .org TLD and to increase the adoption of .org by the noncommercial community. These proposed new products and services will be shared with the .org community for comment and suggestions prior to development. Development of new products and services must meet some or all of the following criteria: Support registry operations to high standards of reliability and security; Increase the number of noncommercial registrants in .org; Protect the rights of all .org registrants; Support and foster the participation of the noncommercial sector on the Internet, particularly those in developing countries and under-served communities; Enhance the global dialogue among the noncommercial registrants; Support the use of multi-lingual interfaces as much as is technically and financially feasible; Support noncommercial registrants’ understanding of and meaningful participation in the domain name system and ICANN; Provide solutions that increase the Internet as a secure and reliable place for noncommercial entities, including for nonprofit organizations around the world to engage in on-line philanthropy; and Provide value to civil society. In keeping with these goals, the first new service proposed by DotOrg Foundation is an optional validation service for noncommercial registrants, accompanied by a digital certificate for each domain name. Validation Services The DotOrg Foundation anticipates building a validation product that will allow trusted and respected third party validators to evaluate and validate the bona fides of noncommercial organizations registering in the .org TLD. The Foundation would rely on Kintera, Inc. to provide the technology, infrastructure and management of the services necessary to support such Authentication/Validation, while continuing to oversee all policies. The value of this product is two-fold: First, it will engender a far greater level of public confidence when encountering validated noncommercial organizations online; and, second, it will facilitate the validated organizations reaching their audience and conducting transactions with them. This is an important differential from the commercial TLDs in that it focuses on a benefit of value specifically for noncommercial organizations. Additionally, the DotOrg Foundation’s strategy creates value to the public, which in turn promotes a differentiation of the TLD. Public trust in .org registrants must be supported and improved, yet consumer familiarity about Internet interactions with noncommercial organizations has been stunted by the mistrust of the unknown. See Attachment H1. In some cases this is expressed through the mistrust these noncommercial organizations have in deploying the technology and in other cases the mistrust consumers have in using it. “[Nonprofit organizations] ... are torn between a desire to join the online party and fear of mingling with pirates,” according to SmartBusinessMag.Com. The concept of trust is crucial because it affects a number of factors essential to online transactions and activities, including security and privacy. Therefore, the DotOrg Directory and Validation / Digital Security services proposed by the DotOrg Foundation offer noncommercial organizations a reliable, tested and trusted technology resource that responds directly to consumers’ need to feel secure in their on-line activities with the .org community. Independent Validators The DotOrg Foundation envisions that validators from around the world would apply to validate those subsets of noncommercial organizations that they know. These validators currently serve an important function in society by providing trusted guidance for the public regarding noncommercial organizations. The importance of providing third-party evaluations on a large scale at this juncture in on-line activism and philanthropy cannot be overstated. [1] Two societal streams – financial and technological – are converging and creating an opportunity and a challenge to expand and strengthen this sector’s use of the Internet. But, this convergence depends on building public trust. Validators may include a number of entities: universities, trade groups, watchdog organizations, and government agencies. For an example, see Attachment G1. The validation process may also link to governmental databases containing information on noncommercial organizations, for example. Databases containing information on nonprofit entities exist currently in North America and parts of Europe. The DotOrg Foundation may also work with governmental agencies in countries that do not currently have databases of registered noncommercial organizations and foster the development of such databases. As more countries provide validation services and linkable databases and more of their population uses the Internet, the DotOrg Foundation believes that the number of noncommercial organizations registering for .org will increase world-wide. Consumer Choice, Privacy, and Other Policies In addition to overseeing the independent validators – using Kintera’s services – the DotOrg Foundation would provide overall policy guidance, based on community input. Among the key policies already considered are: privacy, competition, and criteria for eligible noncommercial organizations. Privacy. First, this validation function is an optional value-add service that would be based on a worldwide list of accredited validators (see Third Party Authenticators/Validators as Attachment H6.) through participating registrars. The Validation offering may be provided through registrars and purchased at the time of a domain name registration, renewal, or at any time thereafter during the registration term. Choice. No registrant would be required to post information that it considered private, personal, or proprietary. Further, validation is not included in the domain name registration price and would be offered as a separate item, based on free market pricing. Each validator would be responsible for establishing a wholesale price for its services. Registrars would decide which, if any, validators’ services to offer through their websites and set the retail prices to be charged to their customers. The validators’ wholesale prices would be based on open and free market competition and the type and level of validation offered. Registrars choosing to offer the Authentication / Validation services would be able to generate a new revenue stream from such services. Eligibility. The DotOrg Foundation would oversee development of minimum eligibility criteria. For example, it would develop a mechanism for excluding organizations considered by relevant authorities to be in breach of national or international laws or agreements. Such lists could include Interpol’s lists of wanted persons or "Specially Designated Nationals and Blocked Persons" produced by the U.S. Office of Foreign Assets Control. These can be highly sensitive issues, and the DotOrg Foundation Board and management would consult with its Advisory Council and relevant stakeholders on such policies. Validation Process Under the process as planned, validation would be available as soon as a noncommercial organization registers its domain name, and any time thereafter during the term of the registration. The organization will have the opportunity to be validated based upon its specific characteristics (service focus, geographic location, etc.) The organization would choose the validator from a list posted by the registrar. The registrar would be in control of which validators to include in its offering. The organization (registrant) would be given access to web-based forms querying for the information to be validated by the selected validator. Once the noncommercial registrant has been validated, it has the option to post on its website the results or simply a symbol, the DotOrg Seal, showing it was validated and the name of the validator. The DotOrg Seal would point to the validated DotOrg Record showing the entity that had conducted the validation and the evidence used for such validation. When purchasing this validation service, the .org registrant would also receive at no extra charge an optional digital certificate that securely links to its DotOrg Record (see DotOrg Directory description in our response to Question C27). Validations would be renewed on at least an annual basis to maintain their currency and accuracy. The DotOrg Foundation will establish and update the overriding policies in regard to the responsibilities of validators to keep their validation data up-to-date. Registrants may update their validated records at any time, upon approval by the validating authority. A secure mechanism would update the DotOrg Record. This process would ensure the security and trustworthiness of the validated record and validation process. This validation product would engender a higher level of trust within the public as well as an increase in the overall value of the .org TLD to the noncommercial community. While many validating organizations exist today for the nonprofit community, much of their information is dispersed or simply not available online. It is envisioned that a new industry of worldwide validators will be born out of the DotOrg initiative, making their data much more widely available and accessible. The following is the validation process that follows a registration: 1 An Organization visits a registrar to register a .org domain name. 2 The Organization supplies Whois information. 3. At the point of registration, the organization is queried for additional information for the DotOrg Directory (see C27) and provided with an option to purchase validation services from a list of validators. [2] 4. The Organization determines which validation service is appropriate for it and purchases that service through the registrar. 5. Registration is completed and a. The Organization’s Whois data is populated in the Registry Database. b. The Whois information and the additional information provided for the DotOrg Directory is populated in the DotOrg Directory. c. The information described in 5.b. and any additional information required by the validator is communicated to the validation authority. [3] 6. The validator initiates its services. Such services may include: a. Requesting the Organization (registrant) to log on to either the registrar or the validator (at the option of the registrar) to provide more information that will be delivered directly (by EPP) to the DotOrg database. b. Authentication by direct contact and verification of the Organization’s identity. c. Validating legal, financial, and/or association type of information related to the requesting organization, etc. Figure C38.1a The Validation Process 7. Validator completes its evaluation and the Organization’s Whois and DotOrg records are contacted by a secure Internet connection using a digital certificate and EPP. 8. The Registry and DotOrg records are marked as being “Validated” as of that specific date and the expiration date is noted. 9. The Organization is notified of their validation completion and an “Official” serialized DotOrg Seal is issued to that Organization for placement on their website. The DotOrg Seal will be issued by the DotOrg Foundation and will provide a link to the Organization’s record in the DotOrg Directory (see below). 10. An SSL server certificate is issued for installation on the Organization server. This certificate has a link in the certificate information field that provides a secure HTTPS connection to the DotOrg directory. The digital certificate and Seal are included in the overall Validation services price. Figure C38.1b The Validation Process 11. Consumers can obtain information on the Organization and view the “Validated” DotOrg Record by: Visiting the DotOrg Foundation website and looking up the Organization’s domain name Using the Whois database function (a link is provided to each DotOrg Record) [OPTIONAL] Clicking on a “GotOrg?” logo and/or HTML link provided by a website [OPTIONAL] Clicking on the DotOrg Seal provided on the Organization’s website. [OPTIONAL] Clicking on the link provided in the digital certificate (“yellow lock”) from the Organization’s website. Figure C 38.1c The Validation Process Periodic Validation or Renewal Validation or renewal of Validation can be done post-registration after a connection through the registrar or directly through the validator, if permitted by the registrar. The process is much the same as above, except that the interface would allow the registrant to login with its username and password and initiate the validation. The registrant would choose a validator from among those listed by the registrar and supply additional information as needed. The validator is notified as in Step 5 above, and Steps 5 – 11 would follow. There is one special circumstance to be considered. If a registrant/registrar wants to modify the data in the Registry database record that has already been validated, then the validation will be released. This record would then have to be revalidated, if desired, but only through the validator. Validation Options The following is a list of potential validation categories available to noncommercial registrants. The final categories for validation ultimately would be provided by the validators. Authentication: Validation services provide direct contact and confirmation (e.g., phone call and verification) Category: Validation services based on category of organization (e.g., validates only associations) Cause: Validation based on mission of organization (e.g., validates based on % of funds going to cause/mission) Financial: Validation based on financial policies and practices (e.g., validates based on financial status, use of funds) Geographic: Validation services based on geographic regions (e.g., validates European based organizations) Governance: Validation based on adequate governing structure (e.g., board compensation, conflict of interest, etc) Governmental. Link to governmental databases containing verified information regarding noncommercial organizations. Group: Validation services based on pre-existing membership/grouping (e.g., validates member nonprofits) Legal: Validation based on legal or governmental regulations (e.g., IRS 501c(3), tax status, etc.) Level/Type: Validation services based on certain level and/or types of validation Security: Validation based on completion of privacy and security audit (e.g., meets security audit criteria) Standards: Validation based on established standards. (e.g., meets the XYZ standards of charitable solicitations) See Attachment H6 for a list of potential validators. Please note that these validators have yet to be asked to participate in this initiative. Digital Certificates and Seals At the time of purchasing a validation, the .org registrant is entitled to receive a digital certificate and a Secure Server Seal for the basic validation price. The certificate will link back to the Whois record and the DotOrg Directory Record of the registrant, providing the public with reassurance that such website is that of the organization being sought. Kintera is working with GlobalSign, a Belgium-based provider of certification and trusted third party technologies based upon European Union law. GlobalSign is privately owned by Vodafone (international mobile telecoms), ING (an international bank), KBC (a major Belgian bank), and Ubizen (software). GlobalSign products are designed to provide multilingual services to large public key infrastructure (PKI) projects in which the certificate numbers run into many millions. PKI is the basis of cryptographic (secure) communication on the Internet and PKI infrastructure is the network that underlies the use of public/private keys on the Internet. GlobalSign is currently providing products to nations such as Iceland and Bulgaria, to the European Commission as well as to large organizations and multinational companies. GlobalSign can provide certificates containing an HTML link to a validating site. Their Secure Seals can link to a validating site, as well. See Attachment H8 GlobalSign. Database Schema The database schema will contain the same objects as those in the registry database, as described in C17.2. Data transmission to the Registry is one way, and only the validator can write the validated flag, although it can be released by either the validator or the registrant. Status Attributes will be used to control this parameter and lock data records while validation is taking place. New data fields will be accommodated as part of the contact object, related to a particular registrant (see C17.2). This will allow one registrant to be associated with multiple domain records. There may be some new data fields for the Domain object, such as free-form text to describe a particular domain and its relation to the noncommercial registrant. Network Architecture Kintera has built its infrastructure in a manner very similar to that of Registry Advantage. The requirements are similar with the need to support at least 5 million domains in the database and large scale registrations, up to 100,000 per day. However, the Whois records of registrants participating in the DotOrg Directory will be replicated to Kintera which will substantially lower the relative processing needs over what would be required were there simultaneous writing to the DotOrg database. Validation recording will be brisk and the system is engineered to support five times the expected requirements. Kintera will substitute hardware and supporting software of greater or equal functionality as it becomes available and indicated from a scalability, reliability and throughput basis. Reliability and High-Availability Kintera will use the concept of primary and secondary data facilities to maintain system reliability. The primary facility will be at Inflow San Diego and the secondary facility at a location to be determined in Europe or Japan. In the event of a failure at the primary site, failover will direct traffic to the secondary backup site. Sun Fire 6800 servers with Solaris 8 and Oracle 9i will be used for the database application. EMC storage arrays, Symmetrix 3930 for the active database and backup database and Clarion FC4700 for the standby database will be initiated with 500 GB of primary table space. EMC Connectrix switches will be used for the storage area network for the database. A NetApp 810 in a clustered configuration will be used to store database log files and compressed database files in the primary and secondary data facilities. Clustered IBM x330 servers running Linux will support the applications of Kintera, including the DotOrg Directory and the validators/registrars interface to the DotOrg database, and the certificate/seal issuing process. Alteon (Nortel) load balancer switches will be used for local and geographical load balancing of these application servers. Cisco routers, switches, and firewalls (Pix 525) will be used. There are no single points of failure. High-Availability is provided by redundant network devices, redundant colocation facilities and cluster technologies. See Attachment H9, Colocation, for an overview of the primary data center. The equipment chosen has been shown to perform well in the field and parts are reasonably well available. Scalability This architecture is inherently scalable, with more memory and processors able to be added to the Sun Fire computers and more application servers able to be added to the local clusters as needed, and provides the same capacity as detailed above for Registry Advantage. Security Security would be provided by the physical restriction of access to the colocation facilities, the firewall and the Layer 4 switches (Alteon), the use of internal IP addresses behind the Alteon, the encryption in the database, the use of VLANs and DMZs, Unix authentication procedures, and generally accepted measures for security. Read-Write access to the database is by the SSL secure protocol and this database cannot be reached directly from the Internet. Backups Tape backup will be performed daily and the tapes are secured offsite. There are redundant copies of the database available at all times. Privacy There are strict policies in place to protect privacy of data. Virus Protection All computers that can access Network servers have antivirus software running on a continuous basis. There are strict corporate controls in place to prevent introduction of viruses. Potential Future Products and Services The DotOrg Foundation has an important responsibility to steward the development of the .org community, particularly in developing regions and communities. As part of this stewardship, the DotOrg Foundation may develop plans for new products and services that will be of use to the noncommercial community, as well as the .org registrants at large. Among such products may be new search capabilities for the intellectual property community, Whois-related products, or other products designed to improve registration or transfer capabilities. Products and services would be introduced by the Foundation upon consultation with the .org stakeholders and its Advisory Board in order to be responsive to the needs of the community and to build the competitiveness of the registry. These proposed new services must meet the same criteria outlined at the beginning of our response to Question C38. Automated Directory Records The DotOrg Foundation may in the future provide for automated validation by registrants participating in the DotOrg Directory. This would allow noncommercial registrants to be validated through automated look-ups in third-party databases. While the DotOrg Foundation believes that the initial adopters of this validation would be legally registered nonprofit organizations, this system could easily accommodate various other noncommercial organizations that are members of associations, trade groups, or identified in government databases, or any other group that has a verifiable and web-enabled database of its members. Intellectual Property Searches The DotOrg Foundation may in the future provide the ability for trademark holders and other intellectual property professionals to conduct advanced Boolean searches – in fields and by more text strings than available today. However, many noncommercial organizations do not have the resources to professionally monitor the database. To help these organizations protect their names from malicious uses and to help the public avoid scams and other negative situations, the DotOrg Foundation may introduce a service that would allow registrants in the Directory to protect their intellectual property through a notification system that informs them of others registering using the same validation criteria. Language Expansion The DotOrg Foundation believes in reaching out globally, which means serving registrants and registrars in countries where English is not the primary language. In order to effectively serve this community, the Foundation will strive to make its outreach and products and services accessible in multiple languages. The Foundation’s expansion into multiple languages will be gradual – beginning with the major languages (identified in consultation with the .org community). Outreach and Marketing In addition to expanding the .org TLD services, the DotOrg Foundation proposes to promote increased use of .org through an ambitious marketing and outreach campaign. The DotOrg Foundation’s campaign will in part rely on Kintera, whose core business, experience, and expertise is marketing to the noncommercial sector. The DotOrg Foundation’s marketing objectives are as follows: Position the .org TLD as a highly functional, user-friendly, reliable and trustworthy source of information among noncommercial audiences; Renew the .org TLD’s commitment to the noncommercial sector, thereby reducing the need for trademark protection within the .org space; Preserve the current .org registrants’ use of the .org TLD; and Build a reputation as a strong and innovative registry. The DotOrg Foundation believes it can significantly enhance the .org registry by undertaking several marketing outreach initiatives: Market Research Upon award of the bid, the DotOrg Foundation proposes to conduct further market research to better segment and evaluate the .org product and potential customers. The research would include a fully confidential, comprehensive survey project, conducted in coordination with registrars, targeting all tiers of customers, e.g., registrars, commercial end users and noncommercial organizations. The results of this survey would be shared with all .org registrars in order to help them ensure that they offer .org domain names to the appropriate customer segments. In order to respect registrar-registrant relationships and privacy concerns, the DotOrg Foundation would not disclose any particular registrant’s information or any particular registrar’s information without the appropriate registrar or registrant permissions. To supplement the results of the survey, the DotOrg Foundation proposes to conduct focus groups with both noncommercial end users and registrars to capture more anecdotal and detailed information regarding how or why they use / offer the .org TLD. Other research initiatives would include general research on the state of the domain name market, gTLD versus ccTLD registrations, and changes in technology that may impact usage of domain names. Registrar Outreach The DotOrg Foundation also proposes to undertake registrar outreach initiatives in an attempt to make the .org TLD more widely available to noncommercial organizations. The DotOrg Foundation would reach out to currently accredited ICANN registrars to ensure enhanced participation in the .org TLD. Outreach to current registrars would include email updates, seminars at ICANN conferences, and participation in other Registrar Constituency activities and programs, to inform such registrars of any new benefits in the .org registry and any impending changes. Programs designed for current registrars would include live demonstrations of the registry’s Account Management Interface (AMI), which is an on-line interface through which registrars can manage new and existing registrations, as well as run reports and monitor billing activities. Such programs would also include access to account managers who would provide individual and timely assistance as registrars negotiate new registrar agreements with the DotOrg Foundation and implement and launch the new registry-registrar protocol. The account managers would also be the registrars’ main point of contact for any questions, new product introductions, or support on an on-going basis once the registrars launch their systems and are actively registering .org domain names. In addition to current registrars, the DotOrg Foundation would also like to reach out to associations and similar entities that specifically communicate with noncommercial organizations, both in the US and globally. Outreach to these organizations would focus on encouraging them to become ICANN accredited registrars or partner with registrars in order to better serve their noncommercial constituents by offering .org registrations. The DotOrg Foundation would post a list of all .org registrars, with contact information, on its website. Education and Public Awareness Much of the media placement strategy on behalf of the DotOrg Foundation will be educational in nature and focus on noncommercial trade publications and conferences. Elements of the program to be implemented will include speaking engagements to raise public awareness of the .org TLD and its renewed focus on the noncommercial community. The DotOrg Foundation proposes to increase contact with noncommercial stakeholders, and to provide written materials to those organizations outlining its renewed commitment to them, which they can distribute to their members to publicize the improved .org TLD. The DotOrg Foundation also proposes to participate in and make presentations at meetings and conferences with a noncommercial focus in order to further raise public awareness of the new .org TLD and .org registry. In addition to members of the DotOrg Foundation attending such events, the registry will encourage registrars to attend and sponsor events at various domestic and international conferences, and if possible, support their attendance. Support to build public awareness could include co-marketing funds, facilitating travel arrangements, and helping to prepare materials and presentations for the events. The DotOrg awareness campaign would include the following outreach to noncommercial entities: Advertising in trade publications; Participation in tradeshows; Viral email campaigns; Direct mail campaigns; Banners on partner registrars if applicable; and A public relations campaign, including a Video News Reel (VNR) featuring industry experts stressing to the public the importance of looking for a validation Seal prior to transacting with any nonprofit site, a schedule of press releases reiterating content featured in the VNR, and pitching the story to major news organizations. In addition to reaching out to the noncommercial community, the DotOrg Foundation would reach out to current .org registrants to make them aware of the renewed noncommercial focus within the .org TLD. This outreach would focus on the benefits of having a new registry administrator, and any new and beneficial features of the .org TLD. This effort would also focus on ensuring continued domain name renewals in the .org space by emphasizing the trust and stability associated with noncommercial entities with a .org TLD. The mechanisms for this general education effort will include: information on the DotOrg Foundation website, links allowing .org registrants to send information and suggestions to the registry; and information and educational materials sent to registrars to disseminate among their customers. Registry / Registrar Co-Marketing Much of any marketing strategy targeting end-users would be the responsibility and decision of the .org registrars. The DotOrg Foundation’s marketing strategy would encourage registrars to heavily promote the .org TLD, and provide them with a new message to offer to their existing customers and as a way to increase new registrations and renewals. The DotOrg Foundation, in consultation with registrars, proposes to develop materials for use in registrar marketing and would encourage aggressive media strategies at the registrar level. To further encourage registrar marketing activities, the DotOrg Foundation may offer co-marketing funds to registrars to be used to target noncommercial end users. Marketing initiatives that are likely to be eligible for co-marketing initiatives include media and creative costs for online, print and direct mail. Additionally, the DotOrg Foundation would consider co-sponsoring various registrar promotions such as product giveaways and renewal incentives. Interactive Community Outreach The DotOrg Foundation proposes to host an interactive community outreach space on its website to provide regular updates and information regarding the .org TLD and enable .org stakeholders, users, and other Internet consumers to provide input to The DotOrg Foundation Registry and share ideas amongst themselves. The website would provide a range of useful information, including transition schedule, and registration procedures, rules, and policies. This would enable anyone seeking information regarding the .org TLD to independently access such information at any time and from any location. A publicly available site with such information would especially help smaller nonprofit entities and smaller registrars who may not have the resources to respond to inquiries in a timely manner. [1] It is estimated that the radio gained a population of 10 million listeners in 20 years. Television reached that audience in 10 years. Hotmail reached it in 7 months. Use of the Internet is bringing this revolutionary growth to philanthropy. It is only natural to expect that donors would seek opportunities to use the power of the Internet to promote the causes they support. However, the dark side of the Internet is that it is very easy to exploit unwary donors who think that they are giving to a real nonprofit. Not unlike telemarketing scams that convince consumers to donate to non-existent organizations, the Internet provides an easy vehicle to do the same. It is important to the integrity of the philanthropic sector in general and the ePhilanthropy movement in particular that we take a proactive approach in providing trusted verification of nonprofits. Electronic communication provides an unprecedented opportunity for the noncommercial organizations to reach out, to communicate the nature of continuing (as well as new) societal problems, to offer innovative solutions, and to seek support. The Internet in general and ePhilanthropy in particular can enhance this effort for large and small organizations alike. [2] The validation purchase and attendant query described in this Step 3 and the subsequent Steps 4-11 may also occur at any point after successful registration, through the Organization returning to the registrar’s website. [3] If validation occurs at a point subsequent to registration, the Whois data would have already been populated in the registry database. Similarly if validation occurs after a DotOrg Directory Record had been created, the relevant data would have been mostly populated in the Directory.
	<< Previous Question	Next Question >>