In a request made yesterday to the Internet Corporation for Assigned Names and Numbers, Verisign outlined a new “anti-abuse” policy that would allow the company to terminate, lock, or transfer any domain under its registration jurisdiction under a number of circumstances. And one of those circumstances listed was “requests of law enforcement.”
The request, submitted through ICANN’s Registry Services Evaluation Process on October 10, proposes a new malware scanning service for domains as well as a new Verisign Anti-Abuse Domain Use Policy. In the request letter, Verisign stated that its policy would help the registrar align with requirements ICANN is placing on new generic top level domains. “All parts of the internet community are feeling the pressure to be more proactive in dealing with malicious activity,” Verisign explained. “ICANN has recognized this and the new gTLD Applicant Guidebook requires new gTLDs to adopt a clear definition of rapid takedown or suspension systems that will be implemented.”
In part, the policy is aimed at empowering Verisign to act quickly to take down sites that are harboring malware, launching phishing attacks, or otherwise being used to launch attacks across the Internet. The scanning service, which registrars can opt into voluntarily, would scan sites on all .com, .net and .name sites for “known malware,” and inform the registrar and the site owner when malware is detected. Verisign has been soliciting domain registrars to participate in a pilot of the program, derived from the company’s Verisign Trust Seal program, since March.