[RRA] [RRA-Review] FW: RE: RRA Amendment Notification for .net [ ref:_00D616tJk._5004MnYS1n:ref ]

Thu Jan 27 21:12:34 UTC 2022

Verisign,

Thank you for your response.  Based on this, the RrSG has no
further comments or objections.

Best,
Catherine
Chair of the RRA Amendment Notification Review Team
*Catherine Merdinger**| *Associate Corporate Counsel *|*Donuts Inc. *|*
+1.319.541.9416

> *From:* Kane, Pat <pkane at verisign.com>
> *Sent:* Tuesday, January 18, 2022 1:51 PM
> *To:* Ashley Heineman <aheineman at godaddy.com>; globalsupport at icann.org;
> secretariat at icannregistrars.org; rra at icann.org
> *Cc:* Verd, Brad <bverd at verisign.com>; netRRA <netRRA at verisign.com>;
> camia.frank at icann.org; jeanne.gregg at icann.org; robert.gomez at icann.org;
> andrew.dickson at icann.org; amanda.fessenden at icann.org; andee.hill at icann.org
> *Subject:* RE: RE: RRA Amendment Notification for .net [
> ref:_00D616tJk._5004MnYS1n:ref ]
>
>
>
> Caution: This email is from an external sender. Please do not click links
> or open attachments unless you recognize the sender and know the content is
> safe. Forward suspicious emails to isitbad at .
>
>
>
> Hello Ashley,
>
>
>
> Happy New Year to you and all who are in receipt of this email.
>
>
>
> Thank you for your inquiry.
>
>
>
> This email responds to the questions raised by the Registrar Stakeholder
> Group (RrSG) regarding Verisign’s proposed amendment to the *force
> majeure* section in the .NET Registry-Registrar Agreement (RRA).
>
>
>
> We proposed the following revisions (in redline) to the *force majeure*
> section in the .NET RRA:
>
>
>
> *6.3. Force Majeure.* Neither Party shall be responsible for any failure
> to perform any
>
> obligation (other than payment obligations) or provide service hereunder
> because of any Act of God, strike, work stoppage, cyberattack, to protect
> against imminent and substantial threats to the security and stability of
> the Registry TLD, System, Verisign’s name server operations or the internet,
> governmental acts or directives, war, riot or civil commotion, equipment or
> facilities shortages which are being experienced by providers of
> telecommunications services generally, or other similar force beyond such
> Party's reasonable control.
>
> In response, the RrSG questioned the inclusion of “cyberattack” in the *force
> majeure* clause, stating:
>
>
>
> “In regard to the .net RRA amendment, the RrSG has concerns about the
> changes to the Force Majeure language in Section 6.3 and the impact it
> could have on registrants.  Specifically, by including cyberattacks as a
> force majeure events, registrars negatively impacted by the registry’s
> failure to perform will have no recourse for such events. We worry that
> this leaves our customers without remedy in such a case.
>
>  Could Verisign provide us with some additional details on the context and
> intent behind this language, particularly as it applies to our concern
> noted above?
>
> Verisign has proposed adding cyberattacks to the *force majeure* section
> of the .NET RRAs to confirm and make explicit what we believe legal
> authorities and current industry practice in the DNS and other industries
> already provide. The change will align the *force majeure *provisions of
> .NET RRAs with the express provisions of other RRAs previously approved by
> ICANN and registrant agreements already used by registrars.
>
>
>
> More specifically, the change in the *force majeure* section is made for
> the following reasons.
>
>
>
> First, the .COM and .NAME RRAs were recently amended, with ICANN’s
> approval, and without objection or comment by the RrSG, to include
> cyberattack in the *force majeure* clauses of those agreements.
> “Cyberattack” is further explicitly included in the *force majeure*
> clause of the “root zone maintainer” agreement between ICANN and Verisign.
> The proposed amendment to the .NET RRA aligns it with these other
> agreements.
>
>
>
> Second, Verisign believes that cyberattacks are a recognized external
> threat that fall under the existing *force majeure* clause because they
> are beyond a party’s reasonable control and often constitute ‘acts of war’
> or ‘governmental acts’ by state actors.  That said, it is in everyone’s
> interest for the *force majeure* clause to be as clear and specific as
> possible, and thus to expressly identify a recognized third-party threat
> that clearly is increasing in likelihood and severity.  This is similar to
> the express inclusion of ‘terrorism’ in *force majeure* after 9/11: it
> simply recognizes and makes explicit the current reality.
>
>
>
> Furthermore, we note the *force majeure* clause is mutual, thereby
> providing protection to both the registry and registrars.  In addition, by
> expressly providing that either party may suspend certain performance for a
> cyberattack falling under the provision, Verisign, registrars (and
> ultimately registrants) may be preventing the ill effects certain kinds of
> cyberattacks may pose on their partner’s/customer’s systems from the
> failure to quickly halt system communications.
>
>
>
> Third, given the increased concerns regarding cyberattacks, Verisign
> believes its proposal is consistent with the current trend for *force
> majeure* clauses, including those adopted by certain registrars and
> across industries.
>
>
>
> Verisign understands that many or most domain name registration agreements
> with registrants (“Registrant Agreement(s)”) currently have provisions that
> protect registrars from liability in the event that Verisign or the
> registrar is forced to suspend performance pursuant to the *force majeure*
> clause by reason of a cyberattack.  For example, GoDaddy’s Registrant
> Agreement excludes from its service level commitments any downtime caused
> by “hostile network attacks.”  Many registrars further include strong
> limitations of liability and disclaimers of warranties related to service
> outages in their Registrant Agreements on top of broad *force majeure*
> clauses.[1] <#m_-4679824691573267719__ftn1>
>
>
>
> Finally, most registrars preserve the right unilaterally to amend their
> Registrant Agreements.  Thus, registrars have the choice to bring the *force
> majeure* clauses in their Registrant Agreements in line with industry
> trends, as some already have done, and in line with the RRA.
>
>
>
>
>
> [1] *See e.g.*, *Amazon Route 53 Domain Name Registration Agreement* at
> Section 13.11 (excluding liability and compensation, reimbursement or
> damages “arising in connection with (a) your inability to use the domain
> name registration services, including as a result of any . . . any
> unanticipated or unscheduled downtime of all or a portion of the services
> for any reason, including as a result of power outages, system failures or
> other interruptions.”);  *Google Domains Domain Name Registration
> Agreement* at Section 11 (noting that “Neither we nor our suppliers,
> warrant that the [domain name registration] Services will be error-free or
> uninterrupted.”)
>
>
>
> If you have any further questions, please feel free to contact me.
>
>
>
> Best regards,
>
>
>
> Pat
>
>
>
> *Patrick Kane*
> Senior Vice President
>
> Verisign Naming and Directory Services
> PKane at Verisign.com
>
> t: 703.948.3349
> 12061 Bluemont Way
>
> Reston, VA  20190
>
>
> Verisign.com
> <https://nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.verisigninc.com%2F&data=04%7C01%7Caheineman%40godaddy.com%7C37d669554ea6468489dd08d9dab372c4%7Cd5f1622b14a345a6b069003f8dc4851f%7C0%7C0%7C637781286658678152%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=uhCapapqkllvWT5HlT%2FI3wv92Soj18XCdOwtzburLTc%3D&reserved=0>
> The Manifesto of Done – Laugh at perfection.  It’s boring and keeps you
> from being done.
>
> [image: Verisign™]
>
>
>
> *From:* aheineman at godaddy.com <aheineman at godaddy.com>
> *Sent:* Thursday, December 9, 2021 2:10 PM
> *To:* ICANN Global Support Center <globalsupport at icann.org>;
> secretariat at icannregistrars.org; rra at icann.org
> *Cc:* camia.frank at icann.org; jeanne.gregg at icann.org;
> robert.gomez at icann.org; andrew.dickson at icann.org;
> amanda.fessenden at icann.org; andee.hill at icann.org; NEW GTLD <
> newgtld at Verisign.com>
> *Subject:* [EXTERNAL] RE: RRA Amendment Notification for .net [
> ref:_00D616tJk._5004MnYS1n:ref ]
>
>
>
> *Caution:* This email originated from outside the organization. Do not
> click links or open attachments unless you recognize the sender and know
> the content is safe.
>
> Dear Camia and Verisign,
>
>
>
> In regard to the .net RRA amendment, the RrSG has concerns about the
> changes to the Force Majeure language in Section 6.3 and the impact it
> could have on registrants.  Specifically, by including cyberattacks as a
> force majeure events, registrars negatively impacted by the registry’s
> failure to perform will have no recourse for such events. We worry that
> this leaves our customers without remedy in such a case.
>
>
>
> Could Verisign provide us with some additional details on the context and
> intent behind this language, particularly as it applies to our concern
> noted above?
>
>
>
> Many thanks,
>
>
>
> Ashley Heineman
>
> Chair, RrSG
>
>
>
> *From:* ICANN Global Support Center <globalsupport at icann.org>
> *Sent:* Thursday, November 18, 2021 12:11 PM
> *To:* secretariat at icannregistrars.org; rra at icann.org; Ashley Heineman <
> aheineman at godaddy.com>
> *Cc:* camia.frank at icann.org; jeanne.gregg at icann.org;
> robert.gomez at icann.org; andrew.dickson at icann.org;
> amanda.fessenden at icann.org; andee.hill at icann.org; newgtld at verisign.com
> *Subject:* RRA Amendment Notification for .net [
> ref:_00D616tJk._5004MnYS1n:ref ]
>
>
>
> Caution: This email is from an external sender. Please do not click links
> or open attachments unless you recognize the sender and know the content is
> safe. Forward suspicious emails to isitbad at .
>
>
>
> Hello Ashley,
>
> Attached, please find the cover letter and the red-lined RRA Amendment for
> the following TLD submitted by *Verisign,  LLC* to be shared with your
> Stakeholder Group:
>
>    - *.net*
>
> Please respond by *23:59 UTC on Thursday, 09 December 2021* to let us
> know if your Stakeholder Group has concerns, does not have concerns, or if
> additional review time is required. If the Stakeholder Group has concerns,
> ICANN org will continue with the next step of the RRA Amendment Procedure,
> which is to consult with the RrSG and the Registry Operator to attempt to
> resolve any such concerns.
>
> Warm Regards,
>
> Camia Frank
> GDS Service Delivery[image: Image removed by sender.]
>
> ref:_00D616tJk._5004MnYS1n:ref
>
>
> ------------------------------
>
> ------------------------------
>
> [1] <#m_-4679824691573267719__ftnref1> *See e.g.*, *Amazon Route 53
> Domain Name Registration Agreement* at Section 13.11 (excluding liability
> and compensation, reimbursement or damages “arising in connection with (a)
> your inability to use the domain name registration services, including as a
> result of any . . . any unanticipated or unscheduled downtime of all or a
> portion of the services for any reason, including as a result of power
> outages, system failures or other interruptions.”);  *Google Domains
> Domain Name Registration Agreement* at Section 11 (noting that “Neither
> we nor our suppliers, warrant that the [domain name registration] Services
> will be error-free or uninterrupted.”)
> --
> Rra-review mailing list
> Rra-review at rrsg.org
> http://rrsg.org/mailman/listinfo/rra-review_rrsg.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/rra/attachments/20220127/3832a0d0/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 823 bytes
Desc: not available
URL: <https://mm.icann.org/pipermail/rra/attachments/20220127/3832a0d0/image001-0001.jpg>