Third Amendment to the .com Registry Agreement between VeriSign, Inc. and the Internet Corporation for Assigned Names and Numbers, entered into on March 27, 2020

This THIRD AMENDMENT TO THE .COM REGISTRY AGREEMENT (“Amendment 3”) is dated as of March 27, 2020 (the “Amendment 3 Effective Date”) and is entered into by and between the INTERNET CORPORATION FOR ASSIGNED NAMES AND NUMBERS, a California non-profit public benefit corporation (“ICANN”) and VERISIGN, INC., a Delaware corporation (“Verisign”), and amends the parties’ executed .com Registry Agreement effective as of December 1, 2012, as amended by the First Amendment to the .com Registry Agreement dated October 20, 2016 (“First Amendment”), and the Second Amendment to the .com Registry Agreement dated March 27, 2019 (collectively the “Agreement”). Capitalized terms used herein shall have the meanings assigned to them in the Agreement. ICANN and Verisign may be referred to individually as a “Party” and collectively as the “Parties.”

WHEREAS, the Parties agree that this Amendment 3, together with the accompanying Letter of Intent dated March 27, 2020, satisfy each Party’s obligations under Section 2 (Future Amendments) of the First Amendment; and

WHEREAS, Verisign and ICANN desire to amend the Agreement as set forth herein.

NOW, THEREFORE, in consideration of the promises, mutual covenants and agreements in this Amendment 3, and other good and valuable consideration the receipt and sufficiency of which is hereby acknowledged, the Parties agree as follows:

“3.1(c)(i) Data Escrow. Registry Operator shall establish at its expense a data escrow or mirror site policy for the Registry Data compiled by Registry Operator. Registry Data, as used in this Agreement, shall mean the following: (1) data for domains sponsored by all registrars, consisting of domain

name, server name for each nameserver, registrar id, updated date, creation date, expiration date, status information, and DNSSEC delegation signer ("DS") data; (2) data for nameservers sponsored by all registrars consisting of server name, each IP address, registrar id, updated date, creation date, expiration date, and status information; (3) data for registrars sponsoring registered domains and nameservers, consisting of registrar id, registrar address, registrar telephone number, registrar e-mail address, whois server, referral URL, updated date and the name, telephone number, and e-mail address of all the registrar's administrative, billing, and technical contacts; and (4) any domain name registrant data collected by the Registry Operator from registrars as part of or following registration of a domain name.  The escrow agent or mirror-site manager, and the obligations thereof, shall be mutually agreed upon by ICANN and Registry Operator on commercially reasonable standards that are technically and practically sufficient to allow a successor registry operator to assume management of the TLD.”

“3.1(c)(iii) Bulk Zone File Access. Registry Operator will make available bulk access to zone files to third parties and ICANN in accordance with the terms of Appendix 3A (Zone File Access), attached hereto and incorporated herein by this reference.”

“3.1(c)(iv) Monthly Reporting. Within 20 calendar days following the end of each calendar month, Registry Operator shall prepare and deliver to ICANN reports providing such data and, in the format specified in Appendix 4 (Registry Operator’s Monthly Report). Notwithstanding the foregoing, beginning on June 20, 2020, Appendix 4 (Registry Operator’s Monthly Report) shall be deleted in its entirety and replaced with Appendix 4A (Format and Content for Registry Operator Monthly Reporting), attached hereto and incorporated herein by this reference, and no later than the 20^th calendar day of each calendar month thereafter, Registry Operator shall prepare and deliver to ICANN reports providing such data and in the format set forth in Appendix 4A (Format and Content for Registry Operator Monthly Reporting).”

“3.1(c)(v) Registration Data Publication Services. Registry Operator shall provide the registration data as set forth in Appendix 5A (Registration Data Publication Services Specification) relevant to the type of top level domain operated (e.g. “thick” or “thin” registry model). As of the Updated Bulk Zone File and Whois Service Effective Date, the TLD is a “thin” registry model.”

“3.1(c)(vi) Registration Data Access Protocol.

considered a fundamental change for purposes of this subsection), then the Parties will extend the timeframe set forth in the definition of “Ramp-up Period” in Section 2.4 of Appendix 5B by 90 days, and extend the timeframe set forth in Section 2.3(i) of Appendix 5B by six months; and (iii) the terms are reasonably applicable to the TLD. In addition, except to the extent in the reasonable judgment of Registry Operator, the implementation of any such terms could jeopardize the security and stability of the TLD, the parties agree that the terms set forth in the RDAP Global Amendment related to RDDS (as defined in Appendix 5A), the RDAP Service (as defined in Appendix 5B) and/or sunsetting of the Whois Service shall be incorporated into Appendix 5B (and other terms of the Agreement solely as are necessary to incorporate such terms), in the form and substance such provisions are set forth in the RDAP Global Amendment.

“● Consolidate/Sync Service, in accordance with Registry Operator’s Registrar Reference Manual;”

“3.1(c)(vii) Public Interest Commitments. Registry Operator shall comply with the public interest commitments set forth in Appendix 11 (Public Interest Commitments) attached hereto and incorporated by this reference (“Appendix 11”) beginning on the 45^th day following ICANN’s approval of the .com RRA attached hereto as Appendix 8A (the “RRA Effective Date”).”

“7.1(c) Restrictions on Acquisition of Ownership or Controlling Interest in Registrar. Registry Operator shall not acquire, directly or indirectly, control of, or a greater than fifteen percent ownership interest in, any ICANN-accredited registrar for the TLD.”

“For each domain name registration in the TLD for which a registrar extends the registration term pursuant to the Registry Operator’s Consolidate/Sync Service (“Sync Service”) (referenced in Appendix 9 (Approved Services)) on or after May 1, 2020, Registry Operator shall pay ICANN an additional fee, prorated from the amount of US$0.25, based on the number of days the domain name registration is extended past its expiry date through the Sync Service (“Sync Transaction Fee”). Registry Operator shall pay ICANN the Sync Transaction Fee by the 20^th calendar day following the end of the calendar quarter in which the Sync Services occurred (i.e., April 20, July 20, October 20 and January 20). For the avoidance of doubt, the Parties agree that the Sync Transaction Fee will not be applied retroactively, and the calculation for payment to ICANN shall begin on May 1, 2020.”

     

“(d) Maximum Price. The Maximum Price for Registry Services subject to this Section 7.3 shall be as follows:

(i) Subject to increase pursuant to Section 7.3(d)(ii) and Section 7.3(d)(iii), the Maximum Price for Registry Services shall be US $7.85;

(ii) beginning on October 26, 2018, Registry Operator shall be entitled to increase the Maximum Price by the smaller of (A) the Maximum Price for the preceding Pricing Year (as defined in section (iii) below), multiplied by 1.07, or (B) the highest price charged by Registry Operator for Registry Services during the preceding Pricing Year, multiplied by 1.07, and in the case of (A) or (B), in each Pricing Year of the final four Pricing Years of every six year period, with the first six year period beginning on October 26, 2018; and

(iii) beginning on October 26, 2018, Registry Operator shall be entitled to increase the Maximum Price by an amount sufficient to cover any additional incremental costs incurred, or to be incurred, by Registry Operator due to the imposition of any new Consensus Policy or documented extraordinary expense resulting from an attack or threat of attack on the Security or Stability of the DNS (“Consensus Policy or Documented Extraordinary Expense”) in each Pricing Year by an amount not to exceed the smaller of (A) the Maximum Price for the preceding Pricing Year, multiplied by 1.07, or (B) the highest price charged by Registry Operator for Registry Services during the preceding Pricing Year, multiplied by 1.07, provided that, Registry Operator may only increase the Maximum Price for a Consensus Policy or Documented Extraordinary Expense pursuant to this Section 7.3(d)(iii) in a Pricing Year where Registry Operator has not, and will not, increase the Maximum Price for Registry Services pursuant to Section 7.3(d)(ii) above. For purposes of Section 7.3, “Pricing Year” shall mean the period from October 26 to October 25.

IN WITNESS WHEREOF, ICANN and Verisign have caused this Amendment 3 to be executed and delivered by their duly authorized officers as of the Amendment 3 Effective Date.

2.2 ICANN Access. Registry Operator shall provide bulk access to the zone files for the TLD to ICANN or its designee on a continuous basis in the manner ICANN may reasonably specify from time to time. Access will be provided at least daily. Zone files will include SRS data committed as close as possible to 00:00:00 UTC.

ICANN may request in the future that the reports be delivered by other means and using other formats. For each of the reports, ICANN will use reasonable commercial efforts to preserve the confidentiality of the information reported until three (3) months after the end of the month to which the reports relate. Unless set forth in this Appendix 4A, any reference to a specific time refers to Coordinated Universal Time (UTC). Monthly reports shall consist of data that reflects the state of the registry at the end of the month (UTC).

The first line shall include the field names exactly as described in the table above as a “header line” as described in section 2 of RFC 4180. The last line of each report shall include totals for each column across all registrars; the first field of this line shall read “Totals” while the second field shall be left empty in that line. No other lines besides the ones described above shall be included. Line breaks shall be <U+000D, U+000A> as described in RFC 4180.

The first line shall include the field names exactly as described in the table above as a “header line” as described in section 2 of RFC 4180. No other lines besides the ones described above shall be included. Line breaks shall be <U+000D, U+000A> as described in RFC 4180.

For gTLDs that are part of a single-instance Shared Registry System, the Registry Functions Activity Report may include the total contact or host transactions for all the gTLDs in the system.

1.1.     “Appendix 5B Effective Date” is as defined in Section 3.1(c)(vi) of the Agreement.

1.2    “Base Registry Agreement” is defined in Section 3.1(c)(vi) of the Agreement.

1.3.    The “RDAP Service” is a standard for the querying of registration data using a RESTful web service and uniform query patterns. For the purposes of this Agreement, implementation of RDAP shall be defined by the RDAP Technical Implementation Guide version dated February 15, 2019 https://www.icann.org/en/system/files/files/rdap-technical-implementation-guide-15feb19-en.pdf and the RDAP Response Profile version dated February 15, 2019 https://www.icann.org/en/system/files/files/rdap-response-profile-15feb19-en.pdf. Registry Operator shall implement the RDAP Service solely in accordance with the IETF standards documents set forth in the RDAP Technical Implementation Guide and RDAP Response Profile versions listed above and any additional references set forth in those documents shall be considered informational only.

1.4.    “RDAP-query RTT” means the round-trip time (“RTT”) of the sequence of packets from the start of an RDAP testing probe’s TCP connection to its end, including the reception of the HTTPS response for only one HTTPS request. If implementing a multiple step process to get to the information, only the last step shall be measured. If the RTT is 5-times or more the corresponding SLR/performance specifications, the RTT will be considered undefined.

1.5.    “RDAP Availability” refers to the ability of the RDAP Service for the TLD, to respond to queries from an Internet user with the data from the Registry Operator System. If 51% or more of the verifiably working RDAP testing probes see the RDAP Service as unavailable during a given time, the RDAP Service will be considered unavailable, subject to Section 3.7 below, and as otherwise set forth in this Agreement.

 

1.6.     “RDAP Update Time” refers to the time measured from the receipt of an EPP confirmation to a transform command on a domain name, host or contact, up until at least 51% of the verifiably working RDAP testing probes detect the changes made.

 

1.7.    “RDAP Outage” means a failure to meet the same parameter of the RDAP Service Level Requirements in Section 2.1 for two (2) consecutive months, provided, however, no failure shall be deemed an “RDAP Outage” for the RDAP Availability parameter unless the failure is also the result of two (2) separate incidents for which the conclusion of the impact period for the first incident and the commencement of the impact period for the second incident are at least seven (7) calendar days apart.

1.8.    “SLA Credits” means the Service Level Credits set forth in the Table SLA Credits in Section 2 of Appendix 10 (Service Level Agreement (SLA)) and in accordance with Section 2.8 below.

 

2.2.    Registry Operator is encouraged to do maintenance for RDAP at the times and dates of statistically lower traffic for each parameter. However, there is no provision for planned outages or similar periods of unavailability; any downtime, be it for maintenance or due to system failures, will be noted simply as downtime and counted for Service Level Requirement measurement purposes.

 

2.3.    The remedies for a failure to meet an RDAP Service Level Requirement set forth in Section 2.1 shall be solely as set forth in this Agreement as it pertains to the equivalent remedies for a failure to meet the corresponding Performance Specification for the Whois service, provided, however, that (i) for six months after the Ramp-Up Period (as defined in Section 2.4 below), a failure of a Registry Operator to meet a service-level requirement for the RDAP Service shall only apply if the Registry Operator has experienced an “RDAP Outage” of the RDAP Service; and (ii) in the event of a concurrent failure of the RDAP

Service and Whois service in a given month, SLA Credits, if applicable, for Registrars shall not exceed the total amount of SLA Credits attributable solely to the failure of the service-level requirement for the Whois service, pursuant to Registry Operator’s Agreement.  

 

2.4.    Ramp-Up Period. With respect to the Service Level Requirements identified in Section 2.1, Registry Operator shall not be deemed to have breached such Service Level Requirements due to any failure to meet those Service Level Requirements during the first 90 days following the Appendix 5B Effective Date (“Ramp-up Period”).

2.5.    The Parties agree that the SLA Credits are the total credits, penalties and/or liabilities that may be assessed to Registry Operator and the sole remedies available to registrar for Registry Operator’s failure to meet the Service Level Requirements for the RDAP Service.

3.1.    RDAP test. Means one query sent to a particular “IP address” of one of the servers of one of the RDAP Service. Queries shall be about existing objects in the Registry Operator System and the responses shall contain the corresponding information otherwise the query will be considered unanswered. Queries with an RTT 5 times higher than the corresponding Service Level Requirement will be considered as unanswered. The possible results to an RDAP test are: a number in milliseconds corresponding to the RTT or undefined/unanswered.

3.2.    Measuring RDAP parameters. Every 5 minutes, each of the RDAP testing probes will query the DNS to obtain the IP address(es) of the RDAP Service, select an IP address (if there is more than one), and make an “RDAP test” to that IP address. If an “RDAP test” result is undefined/unanswered, the corresponding RDAP Service will be considered as unavailable from that probe until it is time to make a new test.

3.3.    Collating the results from RDAP probes. The minimum number of verifiably working RDAP testing probes to consider a measurement valid is 20 at any given measurement period, otherwise the measurements will be discarded and will be considered ‘inconclusive’; during this situation no fault will be flagged against the Service Level Requirements.

3.4.    Placement of RDAP probes. Probes for measuring RDAP parameters shall be placed by ICANN inside the networks with the most RDAP users across the different geographic regions; ICANN shall take care not to deploy probes behind high propagation-delay links, such as satellite links.

3.5.    No interference. Registry Operator shall not interfere with measurement probes, including any form of preferential treatment of the requests for the monitored services. Registry Operator shall respond to the measurement tests described in this Appendix as it would to any other request from an Internet user for RDAP.

3.6.    Base URL of RDAP Service. Registry Operator shall submit the base URL of its RDAP Service for publication in the Bootstrap Service Registry for Domain Name Space in accordance with the RDAP Technical Implementation Guide.

3.7.    Right to Challenge Probes’ Measurements. In the event Registry Operator believes that the RDAP testing probes measuring any of the RDAP parameters set forth in Section 2.1 above have not accurately measured one or more parameters, the Registry Operator shall have the right to challenge the RDAP testing probes’ measurements with ICANN, and, in that event, ICANN and the Registry Operator will cooperate to address and resolve any discrepancies prior to finalization of the measurement.

This Registry-Registrar Agreement (the "Agreement") is entered into by and between VeriSign, Inc., a Delaware corporation, with a place of business located at 12061 Bluemont Way, Reston, VA 20190, and its wholly owned subsidiaries, including VeriSign Sarl and VeriSign Naming and Directory Services LLC ("VNDS LLC") (collectively, "Verisign"), and ____________, a ______________, with its principal place of business located at _______("Registrar"), through their authorized representatives, and takes effect on DAY, MONTH YEAR (the "Effective Date"). Verisign and Registrar may be referred to individually as a "Party" and collectively as the "Parties."

WHEREAS, multiple registrars provide Internet domain name registration services within the .COM top-level domain wherein Verisign operates and maintains certain TLD servers and zone files;

WHEREAS, Registrar wishes to register second-level domain names in the multiple registrar system for the .COM TLD.

NOW, THEREFORE, for and in consideration of the mutual promises, benefits and covenants contained herein and for other good and valuable consideration, the receipt, adequacy and sufficiency of which are hereby acknowledged, Verisign and Registrar, intending to be legally bound, hereby agree as follows:

1.1.    "Confidential Information" means all information and materials including, without limitation, computer software, data, information, databases, protocols, reference implementation and documentation, and functional and interface specifications, provided by the disclosing party to the receiving party and marked or otherwise identified as Confidential, provided that if a communication is oral, the Disclosing Party will notify the Receiving Party in writing within 15 days of the disclosure.

1.2.     "DNS" refers to the Internet domain name system.

1.3.    "EPP" means the Extensible Provisioning Protocol.

1.4.    "ICANN" refers to the Internet Corporation for Assigned Names and Numbers.

1.5.    "IP" means Internet Protocol.

1.7.    "Personal Data" refers to data about any identified or identifiable natural person.

1.8.    "Registered Name" refers to a domain name within the domain of the Registry TLD, whether consisting of two or more (e.g., john.smith.name) levels, about which Verisign or an affiliate engaged in providing registry services maintains data in a registry database, arranges for such maintenance, or derives revenue from such maintenance. A name in a registry database may be a Registered Name even though it does not appear in a TLD zone file (e.g., a registered but inactive name).

1.9.    “Registered Name Holder(s)” means the holder(s) of a Registered Name.

1.10.    “Registrar Accreditation Agreement” means that certain Registrar Accreditation Agreement between Registrar and ICANN pursuant to which ICANN has accredited Registrar to act as a registrar for one or more TLDs.

1.11.    "Registry TLD" means the .COM TLD.

1.12.    "Supported Protocol" means Verisign's implementation of EPP, or any successor protocols, supported by the System.

1.13.    The "System" refers to the shared registration system operated by Verisign for registration of Registered Names in the Registry TLD.

1.14.    A "TLD" is a top-level domain of the DNS.

2.1.    System Operation and Access. Throughout the term of this Agreement, Verisign shall operate the System and provide Registrar with access to the System to transmit domain name registration information for the Registry TLD to the System. Nothing in this Agreement entitles Registrar to enforce any agreement between Verisign and ICANN.

2.2.    Maintenance of Registrations Sponsored by Registrar. Subject to the provisions of this Agreement, ICANN requirements, and Verisign requirements, including, without limitation, those authorized by ICANN, Verisign shall maintain the registrations of Registered Names sponsored by Registrar in the System during the term for which Registrar has paid the fees required by Subsection 5.1.

2.3.    Distribution of EPP, APIs and Software. No later than three (3) business days after the Effective Date of this Agreement, Verisign shall make available to Registrar (i) full documentation of the Supported Protocol, (ii) "C" and/or "Java" application program interfaces ("APIs") to the Supported Protocol with documentation, and (iii) reference client software ("Software") that will allow Registrar to develop its system to register second-level domain names through the System for the Registry TLD. If Verisign elects to modify or upgrade the APIs and/or Supported Protocol, Verisign shall provide updated APIs to the Supported Protocol with documentation and updated Software to Registrar promptly as such updates become available.

2.4.    Registrar Responsibility for Customer Support. Registrar shall provide (i) support to accept orders for registration, cancellation, modification, renewal, deletion or transfer of Registered Names and (ii) customer service (including domain name record support) and billing and technical support to Registered Name Holders. Registrar shall, consistent with ICANN policy, provide to Registered Name Holders emergency contact or 24/7 support information for critical situations such as domain name hijacking.

2.5.    Data Submission Requirements. As part of its registration and sponsorship of Registered Names in the Registry TLD, Registrar shall submit complete data as required or permitted: (a) by Verisign’s Registry Agreement with ICANN, as may be amended from time to time; and/or (b) by technical specifications of the System that are made available to Registrar by Verisign from time to time (collectively the “Required Data Elements”). Registrar shall submit any corrections or updates from a Registered Name Holder relating to the registration information for a Registered Name to Verisign in a timely manner.

2.6.    License. Registrar grants Verisign a non-exclusive, royalty-free, nontransferable (except to ICANN or its designee pursuant to Verisign’s Registry Agreement with ICANN) worldwide limited license to the Required Data Elements: (a) for use as required or permitted by technical specifications of the System as made available to Registrar by Verisign from time to time; and/or (b) for use and display as required or permitted by Verisign's Registry Agreement with ICANN, as may be amended from time to time.

2.7.    Registrar's Registration Agreement and Domain Name Dispute Policy.

(i) a provision prohibiting the Registered Name Holder from distributing malware, abusively operating botnets, phishing, pharming, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law and providing (consistent with applicable law and any related procedures) consequences for such activities, including suspension of the registration of the Registered Name;

(ii) a provision that requires the Registered Name Holder to acknowledge and agree that Verisign reserves the right to deny, cancel, redirect or transfer any registration or transaction, or place any domain name(s) on registry lock, hold or similar status, as it deems necessary, in its unlimited and sole discretion: (1) to comply with specifications adopted by any industry group generally recognized as authoritative with respect to the Internet (e.g., RFCs), (2) to correct mistakes made by Verisign or any Registrar in connection with a domain name registration, (3) for the non-payment of fees to Verisign, (4) to protect against imminent and substantial threats to the security and stability of the Registry TLD, System, Verisign’s nameserver operations or the internet, (5) to ensure compliance with applicable law, government rules or regulations, or pursuant to any legal order or subpoena of any government, administrative or governmental authority, or court of competent jurisdiction, and/or (6) to stop or prevent any violations of any terms and

conditions of this Agreement, the Operational Requirements, or pursuant to Verisign’s Registry Agreement with ICANN; and

(iii) a provision requiring the Registered Name Holder to indemnify, defend and hold harmless Verisign and its subcontractors, and its and their directors, officers, employees, agents, and affiliates from and against any and all claims, damages, liabilities, costs and expenses, including reasonable legal fees and expenses arising out of or relating to, for any reason whatsoever, the Registered Name Holder's domain name registration. The registration agreement shall further require that this indemnification obligation survive the termination or expiration of the registration agreement.

2.8.     Secure Connection.

Verisign shall notify Registrar of the purposes for which Personal Data submitted to Verisign by Registrar is collected, the intended recipients (or categories of recipients) of such Personal Data, and the mechanism for access to and correction of such Personal Data. Verisign shall take reasonable steps to protect Personal Data from loss, misuse, unauthorized disclosure, alteration or destruction. Verisign shall not use or authorize the use of Personal Data in a way that is incompatible with the notice provided to registrars. Verisign may from time to time use the demographic data collected for statistical analysis, provided that this analysis will not disclose individual Personal Data and provided that such use is compatible with the notice provided to registrars regarding the purpose and procedures for such use.

2.8.2.        Authorization Codes. Registrar shall not provide identical Registrar-generated authorization <authinfo> codes for domain names registered by different Registered Name Holders with the same Registrar. Verisign in its sole discretion may choose to modify <authinfo> codes for a given domain and shall notify the sponsoring registrar of such modifications via EPP compliant mechanisms (i.e., EPP<poll> or EPP<domain:Info>). Documentation of these mechanisms shall be made available to Registrar by Verisign. The Registrar shall provide the Registered Name Holder with timely access to the authorization code along with the ability to modify the authorization code. Registrar shall respond to any inquiry by a Registered Name Holder regarding access to and/or modification of an authorization code within five (5) calendar days.

2.9.    Domain Name Lookup Capability. Registrar agrees to employ in its domain name registration business Verisign's registry domain name lookup capability to determine if a requested domain name is available or currently unavailable for registration. Registrar also agrees, at its expense, to provide a Registration Data Directory Service providing free public query-based access to up-to-date (i.e., updated at least daily) data concerning all active Registered Names sponsored by Registrar for the Registry TLD. The data accessible shall consist of elements that are designated from time to time according to an ICANN adopted specification or policy or the Registrar Accreditation Agreement between Registrar and ICANN.

2.10.    Transfer of Sponsorship of Registrations. Registrar agrees to implement transfers of Registered Name registrations from another registrar to Registrar and vice versa or from one Registered Name Holder to another pursuant to the Inter-Registrar Transfer Policy as may be amended from time to time by ICANN (the "Transfer Policy").

2.11.    Time. Registrar agrees that in the event of any dispute concerning the time of the entry of a domain name registration into the registry database, the time shown in the Verisign records shall control.

2.12.    Compliance with Operational Requirements. Registrar shall comply with each of the following requirements, and further shall include in its registration agreement with each Registered Name Holder, as applicable, an obligation for such Registered Name Holder to comply with each of the following requirements:

2.13.    Resolution of Technical Problems or Breach of Agreement. Registrar agrees to employ necessary employees, contractors, or agents with sufficient technical training and experience to respond to and fix all technical problems concerning the use of the Supported Protocol, the APIs and the systems of Verisign in conjunction with Registrar's systems. Registrar agrees that in the event of significant degradation of the System or other emergency, or upon Registrar's violation of Operational Requirements or breach of this Agreement, Verisign may, in its sole discretion,

temporarily suspend or restrict access to the System. Such temporary suspensions or restrictions shall be applied in a non-arbitrary manner and shall apply fairly to any registrar similarly situated.

2.14.    Prohibited Domain Name Registrations. In addition to complying with ICANN standards, policies, procedures, and practices limiting domain names that may be registered, Registrar agrees to comply with applicable statutes and regulations limiting the domain names that may be registered. Registrar further acknowledges and agrees that Verisign reserves the right to deny, cancel, redirect or transfer any registration or transaction, or place any domain name(s) on registry lock, hold or similar status, as it deems necessary, in its unlimited and sole discretion, for the purposes set forth in Section 2.7(b)(ii) of this Agreement.

2.15.    ICANN Requirements. Verisign's obligations hereunder are subject to modification at any time as the result of ICANN-mandated requirements, including consensus policies. Notwithstanding anything in this Agreement to the contrary, Registrar shall comply with any such ICANN requirements in accordance with the timeline defined by ICANN.

2.16.    Accredited Registrar. During the term of this Agreement, Registrar shall maintain in full force and effect the Registrar Accreditation Agreement and its accreditation by ICANN as a registrar for the Registry TLD.

3.    LICENSE

3.1.    License Grant. Subject to the terms and conditions of this Agreement, Verisign hereby grants Registrar and Registrar accepts a non-exclusive, royalty-free, nontransferable, worldwide limited license to use for the term and purposes of this Agreement the Licensed Product, as well as updates and redesigns thereof, to provide domain name registration services in the Registry TLD only and for no other purpose. The Licensed Product, as well as updates and redesigns thereof, will enable Registrar to register domain names in the Registry TLD with the Registry on behalf of its Registered Name Holders. Registrar, using the Licensed Product, as well as updates and redesigns thereof, will be able to invoke the following operations on the System: (i) check the availability of a domain name, (ii) register a domain name, (iii) re-register a domain name, (iv) cancel the registration of a domain name it has registered, (v) update the nameservers of a domain name, (vi) transfer a domain name from another registrar to itself with proper authorization, (vii) query a domain name registration record, (viii) register a nameserver, (ix) update the IP addresses of a nameserver, (x) delete a nameserver, (xi) query a nameserver, and (xii) establish and end an authenticated session.

3.2.    Limitations on Use. Notwithstanding any other provisions in this Agreement, except with the written consent of Verisign, Registrar shall not: (i) sublicense the Licensed Product or otherwise permit any use of the Licensed Product by or for the benefit of any party other than Registrar, (ii) publish, distribute or permit disclosure of the Licensed Product other than to employees, contractors, and agents of Registrar for use in Registrar's domain name registration business, (iii) decompile, reverse engineer, copy or re-engineer the Licensed Product for any unauthorized purpose, (iv) use or permit use of the Licensed Product in violation of any federal, state or local rule, regulation or law, or for any unlawful purpose. Registrar agrees to employ the necessary measures to prevent its access to the System granted hereunder from being used to (i) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than Registrar's customers; or (ii) enable high volume, automated, electronic processes that send queries or data to the systems of Verisign, any other registry operated under an agreement with ICANN, or any ICANN-Accredited Registrar, except as reasonably

necessary to register domain names or modify existing registrations in accordance with any Operational Requirements.

3.3.    Changes to Licensed Materials. Verisign may from time to time replace or make modifications to the Licensed Product licensed hereunder. Verisign will provide Registrar with at least ninety (90) days’ notice prior to the implementation of any material changes to the Supported Protocol, APIs or software licensed hereunder.

4.    SUPPORT SERVICES

4.1.    Engineering Support. Verisign agrees to provide Registrar with reasonable engineering telephone support (between the hours of 9 a.m. to 5 p.m. EST or at such other times as may be mutually agreed upon) to address engineering issues arising in connection with Registrar's use of the System.

4.2.    Customer Service Support. During the term of this Agreement, Verisign will provide reasonable telephone, web based and e-mail customer service support to Registrar, not Registered Name Holder or prospective customers of Registrar, for nontechnical issues solely relating to the System and its operation. Verisign will provide Registrar with a telephone number and e-mail address for such support during implementation of the Supported Protocol, APIs and Software. First-level telephone support will be available on a 7-day/24-hour basis.

5.    FEES

5.1.    Registration Fees.

5.2.    Change in Registrar Sponsoring Domain Name. Registrar may assume sponsorship of a Registered Name Holder's existing domain name registration from another registrar by following the Transfer Policy.

Fees under this Section 5.2 shall be due immediately upon receipt of Verisign's invoice pursuant to the Payment Security.

5.3.    Charges for ICANN Fees. Registrar agrees to pay to Verisign, within five (5) days of the date when due, any variable registry-level fees paid by Verisign to ICANN, which fees shall be secured by the Payment Security. The fee will consist of two components; each component will be calculated by ICANN for each registrar:

5.4.    Non-Payment of Fees. Timely payment of fees owing under this Section 5 is a material condition of performance under this Agreement. In the event that Registrar fails to pay its fees within five (5) days of the date when due, Verisign may: (i) stop accepting new initial or renewal registrations from Registrar; (ii) delete the domain names associated with invoices not paid in full from the

Registry database; (iii) give written notice of termination of this Agreement pursuant to Section 6.1(b) below; and (iv) pursue any other remedy under this Agreement.

6.    MISCELLANEOUS

6.1.    Term of Agreement and Termination.

processed by Registrar prior to the date of such expiration or termination, provided that Registrar's payments to Verisign for Registration Fees are current and timely. Immediately upon any expiration or termination of this Agreement, Registrar shall (i) transfer its sponsorship of Registered Name registrations to another licensed registrar(s) of the Registry, in compliance with Part B of the Transfer Policy, or any other procedures established or approved by the U.S. Department of Commerce or ICANN, as appropriate, and (ii) either return to Verisign or certify to Verisign the destruction of all Confidential Information it has received under this Agreement. In the event of termination, Verisign reserves the right to immediately contact any and all Registered Name Holders to facilitate the orderly and stable transition of Registered Name Holders to other ICANN-accredited registrars. All fees owing to Verisign shall become immediately due and payable.

6.2.    No Third Party Beneficiaries; Relationship of the Parties. This Agreement does not provide and shall not be construed to provide third parties (i.e., non-parties to this Agreement), including any Registered Name Holder, with any remedy, claim, cause of action or privilege. Nothing in this Agreement shall be construed as creating an employer-employee or agency relationship, a partnership or a joint venture between the Parties.

6.3.    Force Majeure. Neither Party shall be responsible for any failure to perform any obligation (other than payment obligations) or provide service hereunder because of any Act of God, strike, work stoppage, cyberattack, to protect against imminent and substantial threats to the security and stability of the Registry TLD, System, Verisign’s name server operations or the internet, governmental acts or directives, war, riot or civil commotion, equipment or facilities shortages which are being experienced by providers of telecommunications services generally, or other similar force beyond such Party's reasonable control.

6.4.    Further Assurances. Each Party hereto shall execute and/or cause to be delivered to each other Party hereto such instruments and other documents, and shall take such other actions, as such other Party may reasonably request for the purpose of carrying out or evidencing any of the transactions contemplated by this Agreement.

6.5.    Amendment in Writing. Except as otherwise provided in this Agreement, any amendment or supplement to this Agreement shall be in writing and duly executed by both Parties. Any new services approved by ICANN and purchased by Registrar will be subject to such terms and conditions as may be established by Verisign through an appendix to this Agreement or such other agreement executed by Registrar and Verisign.

6.6.    Attorneys' Fees. If any legal action or other legal proceeding (including arbitration) relating to the performance under this Agreement or the enforcement of any provision of this Agreement is brought against either Party hereto, the prevailing Party shall be entitled to recover reasonable attorneys' fees, costs and disbursements (in addition to any other relief to which the prevailing Party may be entitled).

6.7.    Dispute Resolution; Choice of Law; Venue. The Parties shall attempt to resolve any disputes between them prior to resorting to litigation. This Agreement is to be construed in accordance with and governed by the internal laws of the Commonwealth of Virginia, United States of America without giving effect to any choice of law rule that would cause the application of the laws of any jurisdiction other than the internal laws of the Commonwealth of Virginia to the rights and duties of the Parties. Any legal action or other legal proceeding relating to this Agreement or the enforcement of any provision of this Agreement shall be brought or otherwise commenced in any state or federal court located in the eastern district of the Commonwealth of Virginia. Each Party to this Agreement expressly and irrevocably consents and submits to the jurisdiction and venue of each state and federal court located in the eastern district of the Commonwealth of Virginia (and each appellate court located in the Commonwealth of Virginia) in connection with any such legal proceeding.

6.8.    Notices. Any notice or other communication required or permitted to be delivered to any Party under this Agreement shall be in writing and shall be deemed properly delivered, given and received when delivered (by hand, by registered mail, by courier or express delivery service, by e-mail or by telecopier during business hours) to the address or telecopier number set forth beneath the name of such Party below, unless Party has given a notice of a change of address in writing:

6.9.    Assignment/Sublicense. Except as otherwise expressly provided herein, the provisions of this Agreement shall inure to the benefit of and be binding upon, the successors and permitted assigns of the Parties hereto. Registrar shall not assign, sublicense or transfer its rights or obligations under this Agreement to any third person without the prior written consent of Verisign. Verisign may assign its rights or obligations under this Agreement to an affiliate without the consent of Registrar.

6.9.1.    Assignment in Connection with Assignment of Agreement with ICANN. In the event that Verisign's Registry Agreement with ICANN for the Registry TLD is validly assigned, Verisign's rights under this Agreement shall be automatically assigned to the assignee of the Registry Agreement, provided that the assignee assumes the duties of Verisign under this Agreement. In the event that Registrar's Registrar Accreditation Agreement with ICANN for the Registry TLD is validly assigned, Registrar's rights under this Agreement shall be automatically assigned to the assignee of Registrar’s Registrar Accreditation Agreement, provided that the subsequent registrar assumes the duties of Registrar under this Agreement.

6.10.    Use of Confidential Information. During the term of this Agreement, each Party (the "Disclosing Party") may disclose its Confidential Information to the other Party (the "Receiving Party"). Each Party's use and disclosure of Confidential Information disclosed hereunder are subject to the following terms and conditions:

Confidential Information, provided the Receiving Party shall advise such personnel of the confidential nature of the Confidential Information and take reasonable steps to maintain the confidentiality thereof.

6.11.    Delays or Omissions; Waivers. No failure on the part of either Party to exercise any power, right, privilege or remedy under this Agreement, and no delay on the part of either Party in exercising any power, right, privilege or remedy under this Agreement, shall operate as a waiver of such power, right, privilege or remedy; and no single or partial exercise or waiver of any such power, right, privilege or remedy shall preclude any other or further exercise thereof or of any other power, right, privilege or remedy. No Party shall be deemed to have waived any claim arising out of this Agreement, or any power, right, privilege or remedy under this Agreement, unless the waiver of such claim, power, right, privilege or remedy is expressly set forth in a written instrument duly executed and delivered on behalf of such Party; and any such waiver shall not be applicable or have any effect except in the specific instance in which it is given.

6.12.    Limitation of Liability.

(a)     IN NO EVENT WILL VERISIGN BE LIABLE TO REGISTRAR FOR ANY SPECIAL, INDIRECT, INCIDENTAL, PUNITIVE, EXEMPLARY OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES RESULTING FROM LOSS OF PROFITS, ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, EVEN IF VERISIGN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.IN NO EVENT SHALL THE MAXIMUM AGGREGATE LIABILITY OF THE PARTIES EXCEED THE LESSER OF (I) THE TOTAL AMOUNT PAID TO VERISIGN UNDER THE TERMS OF THIS AGREEMENT FOR THE IMMEDIATELY PRECEDING TWELVE (12) MONTH PERIOD, OR (ii) $500,000 USD.

(b)    THE LIABILITY CAP AND EXCLUSION OF DAMAGES SET FORTH IN SECTION 6.12(a) SHALL NOT APPLY TO SECTION 6.10 (CONFIDENTIALITY) AND SECTION 6.16 (INDEMNIFICATION).

6.13.    Construction. The Parties agree that any rule of construction to the effect that ambiguities are to be resolved against the drafting Party shall not be applied in the construction or interpretation of this Agreement.

6.14.    Intellectual Property. Subject to Section 2.6 above, each Party will continue to independently own its intellectual property, including all patents, trademarks, trade names, service marks, copyrights, trade secrets, proprietary processes and all other forms of intellectual property.

6.15.    Representations and Warranties

ACCURACY, RELIABILITY, OR OTHERWISE. SHOULD THE LICENSED PRODUCT, SUPPORTED PROTOCOL, EPP, APIs OR SOFTWARE PROVE DEFECTIVE, REGISTRAR ASSUMES THE ENTIRE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION OF REGISTRAR'S OWN SYSTEMS AND SOFTWARE.

6.16.    Indemnification. Registrar, at its own expense and within thirty (30) days of presentation of a demand by Verisign under this paragraph, will indemnify, defend and hold harmless Verisign and its employees, directors, officers, representatives, agents and affiliates, against any claim, suit, action, or other proceeding brought against Verisign or any affiliate of Verisign based on or arising from any claim or alleged claim (i) relating to any product or service of Registrar; (ii) relating to any agreement, including Registrar's dispute policy, with any Registered Name Holder of Registrar; or (iii) relating to Registrar's domain name registration business, including, but not limited to, Registrar's advertising, domain name application process, systems and other processes, fees charged, billing practices and customer service; provided, however, that in any such case: (a) Verisign provides Registrar with prompt notice of any such claim, and (b) upon Registrar's written request, Verisign will provide to Registrar all available information and assistance reasonably necessary for Registrar to defend such claim, provided that Registrar reimburses Verisign for its actual and reasonable costs. Verisign shall have the right to control the defense of Verisign to any claim or in litigation, through counsel of its choice, whose fees shall be subject to indemnification as provided herein. Registrar will not enter into any settlement or compromise of any such indemnifiable claim without Verisign's prior written consent, which consent shall not be unreasonably withheld. Registrar will pay any and all costs, damages, and expenses, including, but not limited to, reasonable attorneys' fees and costs awarded against or otherwise incurred by Verisign in connection with or arising from any such indemnifiable claim, suit, action or proceeding.

6.17.    Entire Agreement; Severability. This Agreement, which includes Exhibits A and B, constitutes the entire agreement between the Parties concerning the subject matter hereof and supersedes any prior agreements, representations, statements, negotiations, understandings, proposals or undertakings, oral or written, with respect to the subject matter expressly set forth herein. If any provision of this Agreement shall be held to be illegal, invalid or unenforceable, each Party agrees that such provision shall be enforced to the maximum extent permissible so as to effect the intent of the Parties, and the validity, legality and enforceability of the remaining provisions of this Agreement shall not in any way be affected or impaired thereby. If necessary to effect the intent of the Parties, the Parties shall negotiate in good faith to amend this Agreement to replace the unenforceable language with enforceable language that reflects such intent as closely as possible.

6.18.    Service Level Agreement. Appendix 10, as may be amended from time to time, of the Registry Agreement shall be incorporated into this Agreement and attached hereto as Exhibit B.

IN WITNESS WHEREOF, the Parties hereto have executed this Agreement as of the Effective Date.