Site Map    |    Site Index    | 

Quick Links: Select A Link Below About ICANN Accountability and Review Accountability and Transparency Address Supporting Organization (ASO) Announcements Annual Report Articles of Incorporation At-Large Advisory Committee (ALAC) Blog Board Meeting Minutes Board of Directors Budget Bylaws Calendar of Events Committees - Other Committees - Advisory Committees - Board Committees - Past Contact Information Contracts Contractual Compliance Newsletter Contractual Compliance Program Corporate Documents Correspondence Country Code TLD Managers - Information for Country-Code Names Supporting Organization (ccNSO) Country-Code Top-Level Domain Agreements Country-Code Top-Level Domain Board Materials Country-Code Top-Level Domain Listings Current Topics Dashboard Documents Domain Name Dispute Resolution Policies Employment Opportunities Factsheets Fellowship Office Financial Information First-Time Visitors Former Directors Frequently Asked Questions Generic Names Supporting Organization (GNSO) Generic Top-Level Domain (gTLD) Program Generic Top-Level Domain (gTLDs) Life Cycle Generic Top-Level Domain Information (gTLDs) Global Partnerships Glossary Governmental Advisory Committee IANA Agreement IANA ccTLD Reports IANA ICANN Info IDN Glossary IPv6 Policy Independent Reviews of ICANN Structures InterNIC Internal Procedure for Conflicts with Privacy Law Internationalized Domain Names Links Litigation Documents Major Agreements Maps Meetings Mission Monthly Magazine Monthly Registry Reports News Newsletters & News Alerts Newsletters Archive Nominating Committee Ombudsman Operating Plan Organizational Chart PGP Keys Participate in ICANN Partnership Memorandums of Understanding Payments to ICANN Planning Process Policy Documents Presentations President and CEO President's Strategy Committee Press Resources Public Comment Public Participation Site Publications RSS Feed Registrants Information Registrar Accreditation Agreement Amendments Consultation Registrar Accreditation Overview Registrar Advisories Registrar Agreements Registrar Complaints Registrar Data Escrow Program Registrar Information Registrar Problem - Get Help Registrars - Accredited Registry Agreements Registry Information Registry Listings Registry Monthly Reports Registry Services Evaluation Process Report Inaccurate Whois Information Resources Root Server System Advisory Committee (RSSAC) Security and Stability Advisory Committee (SSAC) Speeches Sponsored Top-Level Domains Staff Strategic Plan Supporting Organizations Technical Liason Group Transfers Translations Transparency Universal Acceptance of All Top-Level Domains Vint Cerf's Legacy Letter to ICANN Community Website Enhancement Whois Information Whois Search

Search:

Internet Corporation for Assigned Names and Numbers

  |  Subscribe: Newsletters & News Alerts  |  ICANN Blog  |  Public Comment

• Home
• About
• News
• Current Topics
• Events
• Structure
• Processes
• Resources
• Documents
• Contact    

^ Home

> Current Topics

 

On 30 June 2006, ICANN completed its first gTLD Registry Compliance Audit. This audit was based on requirements contained in the Public Whois Specifications in ICANN's gTLD Registry and Sponsorship Agreements. Each registry's audit was individually tailored based on specific requirements in the relevant agreement (e.g., "thick" versus "thin" registry models)[1]. This audit was the first in a series of upcoming audits, published to ensure openness and transparency of ICANN's registry compliance program.

Background Information

In 2005, ICANN posted an outline for its Contractual Compliance Program to explain the purpose of designing a comprehensive compliance program and to lay out the elements necessary to ensure its success. The program encompasses a new staff function dedicated to ensuring a thorough audit of all parties on all areas enumerated in the agreements as ICANN performs routine compliance checks throughout the year.

The overall goal of the compliance program is to ensure that both ICANN and its contracted parties fulfill the requirements set forth in the agreements between the parties. In achieving this goal, ICANN intends to:

• Demonstrate the openness and transparency of ICANN's operations
• Provide fair and equitable treatment in applying compliance efforts
• Establish clear and easy-to-use channels for communication on compliance matters
• Supplement staff knowledge and enable greater responsiveness to changes in the environment
• Enhance clarity and certainty for the community about the agreements
• Identify potential areas for reform to be considered by the ICANN community

In accordance with the goals of the program, the proposed budget for the fiscal year 2006-2007 (http://www.icann.org/announcements/proposed-budget-2006-07-cln.pdf) provides that ICANN will expand the corporate compliance program, including the system for auditing gTLD Registry and Sponsorship Agreements and Registrar Accreditation Agreements. In addition, the 2006-2009 Strategic Plan emphasizes the necessity of a fully staffed and fully equipped compliance department (see http://www.icann.org/announcements/strategic-plan-22jun06.htm#challenges).

Compliance Audit Process

Preparation for the gTLD Registry Compliance Audit included advance notification to the registries and sponsors explaining what the audit would entail and alerting them to the two week auditing period from June 19- 30 2006.

The testing began with a random selection of three domain name records per gTLD to query, in order to check for availability of Whois service and display of required fields in the output. Following this, queries were performed on contact records, nameserver records, and registrar records, and these results checked for display of required fields. In testing for display of required fields, results for a given type of query tended to be repetitive within a TLD, making duplicative audits of a large sample size unnecessary. The explanatory terms and conditions provided with Whois results after querying a record were also reviewed to ensure compliance with each registry agreement.

The statistics provided below are based on results compiled from web-based[2] and port 43[3] lookups of data elements required in the Public Whois Specifications[4] of the registry agreements. Accuracy of the Whois information displayed by registries was not checked in testing for display of required fields.[5]

The following categories were tested:

• Availability of web-based and port 43 lookup service
• Display of required fields in domain record query for web-based and port 43 access
• Display of required fields for contact record query for web-based and port 43 access
• Display of required fields for nameserver record query for web-based and port 43 access
• Display of required fields for registrar record query for web-based and port 43 access
• Terms and Conditions for web-based and port 43 queries

At the conclusion of the audit, each registry or sponsor was given its results, an explanation of any areas in need of reform, and a deadline to respond. Prior to publication of these results, the registries and sponsors were offered an opportunity to submit initial feedback for improvement of the compliance program as it moves forward.

Audit Summary:

The table below shows the number of issues identified in each category.

Registries tested in each category	Name of Category Tested	# of reported issues (web-based)	# of reported issues (port 43)
14	Availability of Whois lookup service	0	0
14	Domain Record Query	6	5
14	Nameserver Record Query	6	6
14	Contact Record Query	5	3
14	Registrar Record Query	9	9
14	Terms and Conditions	3	3
	Total Number of Reported Problems	29	26

Registries and sponsors reported back that corrective action is being taken based upon:

• Modifications by registry and sponsor technical staff
• Time required to request and secure amendments to the registry agreements with ICANN

The table below shows the number of issues that have been resolved to date.

ICANN will provide updates of problem areas corrected using subsequent tables to reflect problems that have been resolved.

Category Tested	# of reported issues	# of items resolved	# of Items in process of resolution	# of Items still pending
Availability of web-based and Port 43 Whois service	0	0	0	0
Domain Record Whois Output - Web-based	6	1	2	3
Domain Record Whois Output - Port 43	5	1	2	2
Nameserver Record Whois Output - Web-based	6	2	2	2
Nameserver Record Whois Output - Port 43	6	2	2	2
Contact Record Whois Output - Web-based	5	1	1	3
Contact Record Whois Output - Port 43	3	0	1	2
Registrar Record Query - Web-based	9	2	4	3
Registrar Record Query - Port 43	9	2	4	3
Terms and Conditions – Web-based	3	1	1	1
Terms and Conditions – Port 43	3	1	1	1
Total problems identified:	55	13	20	22

As ICANN proceeds with the implementation of a standardized compliance schedule, the initial results from the gTLD Registry Compliance Audit and collective feedback from the registry community will serve to improve the procedures of the Compliance Program.

---

[1] Registries or sponsors have the ability to store Whois data for a domain name in two ways, "thin" or "thick." A thin domain record will contain the name of the registrar, nameservers, and term of the registration. A thick domain record will provide the above data as well as contact data associated with the registration.

[2] All of the registry operators provide a front-end web interface to allow user access to the Whois service (commonly known as web-based lookup).

[3] A protocol TCP Port 43 (commonly known as port 43 service is used to supply Whois information). This is an older protocol that provides a direct method of accessing information.

[4] Depending on the agreement, Public Whois specifications can either be found in Appendix O, Attachment 15, or Appendix S. See http://www.icann.org/registries/agreements.htm.

[5] There is no contractual requirement for registries to ensure accuracy of Whois data provided by registrars.

This file last modified 20-May-2007

© 2008 Internet Corporation For Assigned Names and Numbers