Become a Domain Name Registrar

New gTLDs

ICANN accredited registrars may add TLDs for which Verisign is the backend registry services provider to their domain name portfolios using this process.

Verisign provides registry services to many Registry Operators for new gTLDs being launched under ICANN’s New gTLD Program, including registration, resolution, billing and first-level registrar support.

For assistance or questions, please contact the Verisign Customer Affairs Office at 1-703-925-6999 or send an email.

Step 1: ICANN Accreditation / Requirements

Your business must be ICANN-accredited before you can become a registrar for the new top level domains (TLDs). The Internet Corporation for Assigned Names and Numbers (ICANN) is a not-for-profit, public-benefit corporation that coordinates the unique identifiers used for computers connected to the Internet across the world. Go to the ICANN web site to start the ICANN accreditation process or contact ICANN to enter into the 2013 version of Registrar-Accreditation Agreement ("RAA") if you are already accredited but are operating under an older version of the RAA. If you plan to participate in the Sunrise or Claims periods of any new gTLD launch, you must also be certified by ICANN's Trademark Clearinghouse service provider.

Step 2: Registry Registrar Agreement

The new TLDs are managed by various Registry Operators. To become a registrar for each of the new TLDs, you will need to execute a Registry-Registrar Agreement with the Registry Operator. The applicable Registry Operator will advise Verisign that you have executed the Registry-Registrar Agreement for their TLD.

STEP 3: Authentication

Next, if you have not completed the authentication process with Verisign previously, ACP, a vendor of Verisign, will contact you to request documents required to validate your business as well as your authority to represent and act on behalf of your company, an ICANN-accredited registrar.

STEP 4: Verisign Certification

After you establish an account, you may complete the next steps simultaneously: provide financial information and determine technical readiness. Use the tabs below to proceed.

Establish a Contractual Relationship & Create Your Registrar Account with Verisign

To offer one or more of the new TLDs, you will be required to enter into a Master Service Agreement, a Platform Access Service Order and a TLD Service Order Form. Upon request, the Verisign Customer Affairs Office will forward the required contracts to you electronically.

Master Services Agreement (Conditional)

If you do not have a Master Services Agreement in effect with Verisign, you will be required to execute this agreement.

Platform Access Service Order (Conditional)

If you do not have a Platform Access Service Order in effect with Verisign, you will also be required to execute one.

Service Order Form (Required)

You will be required to enter into a Service Order Form for each new gTLD that you wish to offer. If you have already entered into a Master Services Agreement and a Platform Access Service Order, you will only be required to enter into a Service Order Form.

Registrar Information Form (Conditional)

If you have not already completed a Registrar Information form, or if you need to update your account information with Verisign, you will be required to complete a Registrar Information Form. You will need the following technical information: Web server name, Whois server name, and no more than three subnets in Classless Inter-Domain Routing Protocol (CIDR) format, up to a total of 96 hosts (/26 = 64 hosts, /27 = 32 hosts, /28 = 16 hosts, /29 = 8 hosts, /30 = 4 hosts, /31 = 2 hosts, /32 = 1 host).

To establish an account with Verisign, email the Registrar Information Form to the Customer Affairs Office.

Financial Requirements (Conditional)

Existing .com, .net registrars have already established a financial account with Verisign and may use their existing payment security to support transactions for new gTLDs. If you expect a considerable increase in your monthly transaction volume, you must re-evaluate the amount of your payment security and adjust it accordingly.

NOTE: You may start this process before you receive your user IDs and passwords.

Calculate Minimum Payment Security

Verisign requires registrars to establish a payment security to secure registration activity. To estimate your payment security, calculate:

# of TLD registrations x duration (1 to 10 years) x $TLD Annual Registration Fee = Minimum Payment Security

Registrars are required to increase the payment security when registration levels repeatedly exceed the current payment security.

Note: A single financial account secures multiple TLDs so this needs to be taken into consideration when determining your payment security requirement.

Payment Security Options

Non-cash payment securities are held without action unless invoices are not paid in accordance with the terms of the Registry-Registrar Agreements. Acceptable payment security vehicles include:

  • Cash Deposit
  • Irrevocable Standby Letter of Credit from a bank
  • Payment Security Bond from an approved surety or bank

Payment Security Remittance

Methods of Remitting Funds:

  • Wire Transfer
  • ACH Transfer
  • Check

*Credit card payments are not an accepted form of payment.

If selecting the cash option to fulfill your Payment Security, please note the following information:

Post Office Mailing Address (Check Payments Only):
Verisign, Inc.
Lockbox 404326
Atlanta, GA 30384

Overnight/Express Delivery (ex. UPS/Fed Ex )
Verisign, Inc.
Lockbox 404326
6000 Feldwood Road
College Park, GA 30349

Please contact the Customer Affairs Office if you select the cash method for satisfying your Payment Security obligation at with the amount and exact date the funds were submitted.

Technical Requirements

Registrars must demonstrate full and correct operation of client systems within the Operational Test and Evaluation (OT&E) environment before connecting to the Verisign Shared Registration System (SRS). You may begin development of your client applications before you receive your user IDs and passwords, but you will not be able to integrate with the Verisign SRS until your account has been established.

SSL Certificates

Verisign requires that each server that communicates with the SRS has a 40- or 128-bit SSL Certificate installed. Verisign accepts the following SSL Certificates:


  • RapidSSL
  • RapidSSL Wildcard
  • QuickSSL
  • QuickSSL Premium
  • True BusinessID
  • True BusinessID MultiDomain
  • True BusinessID Wildcard


  • Starfield Standard SSL


  • Secure Site (40bit)
  • Secure Site Pro (128bit)


  • SSL 123
  • SSL Web Server
  • SGC SuperCerts
  • Wildcard SSL

Extensible Provisioning Protocol (EPP) SDK

To develop the client end to the SRS, you must implement EPP software. Verisign has developed EPP SDKs and guides to help you develop your client application.

If you choose to develop your own EPP implementation, it must be based on RFC-5730, the published protocol specification. You will need to acquire and incorporate an implementation of the Secure Sockets Layer (SSL) protocol into their EPP software. You will also need to secure a license for the use of RSA cryptographic algorithms through RSA Data Security, Inc.

You will receive your user IDs and passwords to the OT&E environment when Verisign has established your account. Your informational packet will include testing information to complete this process. When you are ready to demonstrate technical operation and qualify for access to the production SRS, contact Verisign Customer Affairs Office. For assistance with testing, contact Customer Support. Verisign reserves the right to waive the OT&E certification requirement in some circumstances.