Registrar Accreditation Agreement

From DNSSeal Wiki
Jump to: navigation, search
ICANN Policy
Adopted: 2001, 2009, updated 2013
Summary: agreement between ICANN and an approved registrar
Addresses: registrar behavior and mandated requirements,
including False Whois
Also addressed by U.S. Legislation: N
Related to: RA

The Registrar Accreditation Agreement or RAA is a contract between ICANN and a registrar. By signing this agreement, the registrar agrees to comply with all mandated requirements set forth in the RAA. Noncompliance can result in a breach of contract and the loss of ICANN accreditation.[1] ICANN currently has over 900 accredited registrars, though not all of them have signed the most recent 2013 RAA as their current contracts have not expired.[2] As of March 2014, a third of ICANN accredited registrars have signed the 2013 RAA.[3]

Major Points of the 2013 RAA

  • The RAA has 7 sections and multiple specifications.[1] It outlines both ICANN and the registrar's obligations.[1]
  • In order to sell new gTLDs, a registrar must sign the 2013 RAA, even if its current contract has not expired.[4]
  • Changes to the RAA include new specifications on Whois information.[1] Under the new RAA, registrars are required to validate a large amount of the personal information supplied by registrants in addition to actively verifying their phone numbers or email addresses.[1][5] Falsifying the Whois information provided to registrars results in a 15 day period where the registrant is asked to correct the errors; if the registrant does not respond, it can "constitute a material breach of the Registered Name Holder-registrar contract and be a basis for cancellation of the Registered Name registration."[1]
  • The RAA states that any consensus policy agreed upon that addresses warehousing must be followed.[1]
  • Registrars are also required to provide an abuse contact that is monitored continuously and must "investigate reports of abuse."[1]
  • Privacy and proxy services used by accredited registrars must abide by the terms laid out in the Specification on Privacy and Proxy Registrations, including establishing abuse points of contact and publishing terms and conditions of service.[1]
  • The annual renewal fee to maintain accreditation is $4000.[4]


Data Retention and Privacy Concerns

In the EU, keeping records on registrants that are no longer customers for 2 years after termination, as specified by ICANN, can constitute a legal violation of privacy.[6] European registrars, in order to remain compliant with legal obligations, can opt out of this 2013 RAA requirement using ICANN's Data Retention Waiver.[7] The process thus far, however, has been extremely slow and only one registrar has successfully applied for and been granted the exemption.[3]

Verification Emails

One of the 2013 RAA's requirements states that registrars must verify the email addresses of registrants.[1] Verification, as opposed to validation, requires a response from the registrant within 15 days.[8] This change from previous versions of the RAA may cause uninformed registrants to lose their domain names by failing to respond to the registrar's email. Additionally, some registrar verification emails are being blocked by email service providers, leading some registrants to never receive the registrar verification email in the first place.[9] These concerns have lead certain registrars to request that the clause removed from the 2013 RAA.[8]

Additional Resources

Related Pages


  1. 1.0 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 Internet Corporation for Assigned Names and Numbers (ICANN)
  2. Internet Corporation for Assigned Names and Numbers (ICANN)
  3. 3.0 3.1 PDF Download and Audio Links, RAA FAQ Session from ICANN 49 Conference
  4. 4.0 4.1 Internet Corporation for Assigned Names and Numbers (ICANN)
  5. by Kevin Murphy (March 8, 2013), DomainIncite
  6. by Kevin Murphy (January 29,2014), DomainIncite
  7. Internet Corporation for Assigned Names and Numbers (ICANN)
  8. 8.0 8.1 by Kevin Murphy (April 2, 2014), DomainIncite
  9. by Andrew Allemann (April 1, 2014), Domain Name Wire