Feeds

The .org whois saga and why EPP may save the Net

Click here for the future of domain names

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

Far from committing Hari-Kiri as some over-zealous emailers suggested last week, we decided to find out exactly what the Public Interest Registry's plan for .org domains were and how come its whois information is currently so limited.

Rather fortuitously, we also learnt of the new EPP protocol which may soon, finally, mean an end to the Kafkaesque experience of transferring and updating domains - something that has infuriated hundreds of thousands of Web users over the past five years.

Last week, the failure of VeriSign's crsnic whois servers to provide information on .org domains meant that in many cases people were unable to pick up any information on who owned what .org domain, which servers the domain pointed at and other such information. VeriSign is not the main source of data for ,org domains however, having been forced to hand over running of the domain to the Public Interest Registry (PIR) on 1 January 2003.

PIR's authoritative whois for .org domains is not all that useful either though. It contains only the dates of when the domain was created, when it expires and what servers it points at. For any information of who actually owns the domains and what their contact details are, you are instead asked to visit the "sponsoring registrar". If this is, say, Register.com, running a second whois enquiry on Register.com's site will yield the owner's details.

Why is this case when nearly all other domains need only one whois query and you get all the information you need? Well, as Bruce Beckwith (VP of operations at PIR and the man who oversaw the move of ownership of .org from VeriSign to PIR) and Heather Carle (communications manager at Afilias, the company actually running the servers) explained, it's all to do with "thick" and "thin" data.

"VeriSign's original .org registry only contained "thin" details - meaning who the sponsoring registrar was, the date it was registered, and name server information, etc. - and referred the person querying the Whois system to the sponsoring registrar. Because this was all the data the Verisign registry contained (all the other info was stored at the registrars), they were only able to hand over that level of information to PIR," says Ms Carle.

PIR decided that to make the transition as smooth as possible it would first pull in only this information and then gradually introduce a new system that would offer "thick" details (i.e. everything else such as owner information) on its own servers.

"On 1 January, PIR assumed responsibility for the .org domain," says Bruce Beckwith, "and in late January we transferred two-and-a-half million domains over. We did it in a methodical phased approach and we did it with no outages." So the basic information was there. However, to enlarge the information to include "thick" data, PIR has to go through a second lengthy procedure where all the registrars that people have used to buy their .org domains move onto different software that allows for faster and fuller communication with PIR.

"Our second phase is converting all the registrars from RRP [Registry Registar Protocol - created by VeriSign in 1998/99 to relay all domain information] to EPP [Extensible Provisioning Protocol - again devised by VeriSign and the future of domain information sharing]," says Bruce Beckwith. "We have 110 to 115 registrars and we are migrating them group by group in six groups over the course of the year until by 31 December, they should all be running EPP."

The future of the Internet

While this will certainly make PIR's whois more practical, the existence and introduction of EPP across the world is set to revolutionise the purchase, transfer, update and sale of all Internet domains.

As we covered in great depth in January, the current system of exchange of domain information is a mish-mash of systems that frequently leaves domain owners frustrated at attempts to shift domains. Usually involving long waits and acres of paperwork, what could easily be a fully automated system is currently over-complex and anti-competitive.

It has also meant that people's domains have been wrongly handed over to others, that multiple registrations have seen people out of pocket and angry and that information in a per-second system is frequently hours out of date.

EPP may well be set to change all that in one fell swoop. It is, in short, the dream ubiquitous protocol for registrant-registrar-registry information that means fast, seamless and accurate exchange of information - the HTML of domains. Well, in fact, the XML of domains.

Created by Scott Hollenbeck at Verisign, EPP is not without its problems but has so far been enthusiastically greeted by registries and registrars - not only for global domain names but also country-code domains.

The fact that it was created by VeriSign is a good sign (although you may ask what took it so long) since without the Net behemoth, its introduction would prove difficult. And VeriSign has promised to introduce EPP on its systems soon after it is run by all the registrars. EPP is also passing through the stages at the IETF, meaning that it should be recognised as a global Internet standard.

Not everyone is entirely happy though. Although the two biggest country-code domains - Germany and the UK - have pledged support to EPP and others have already implemented versions of it in their system, several problems with EPP have meant that the IETF has held up the process until it considers problems that ccTLDs have with it.

These problems stem from the fundamental difference in gTLDs and ccTLDs. In generic top-level domains such as .com, .net etc, ownership of a domain is drawn in a contract between the registrant (owner) and the registrar (company you buy it from). The ccTLD model tends to assume that the contract is between the registrant and the company that runs the entire domain registry. This different approach has meant the EPP will need to be altered to encompass both models.

However, the potential advantages of an EPP system introduced across the world are huge. Domain problems and overlaps would be hugely reduced. The speed of updates on who owns a domain would be reduced from the current 12 hours on VeriSign's system to a remarkable five minutes and, in future, even faster.

Transfers of domains to different registrars could be completed quickly and efficiently since EPP attaches a password to the domain. This would mean Average Joe can decide to renew his domain with a cheaper company and then do so seamlessly with just a few clicks of his mouse. The implications on competition and hence price are obvious. The same can be done with domain details.

One registrar should also be able to link directly to different registries all over the world, making the system far more like the actual Internet. The automation in each case should also see domain charges fall. In short, EPP - if bodies continue to work together and someone doesn't cock it up - is a god-send that solves a fundamental flaw in the current Internet system.

Back to PIR

But back briefly to PIR. One of the more interesting aspect of PIR and the .org domain, as Bruce Beckwith was keen to stress to us, is how it intends to run the domain.

In a wonderful return to the origins of Internet philosophy, PIR intends to feed back all the money it makes in profit from the sale of .org domains into funding and educating non-profit organisations about the Internet and websites and what uses the Web can be put to.

Think charities, schools and such like being given expert advice or subsidised courses on how to make the Web work for them. Bruce Beckwith was short on real details, talking of "putting together frameworks" and "defining thought processes" and other such nonsense, but the will and the intention is there.

Which, like EPP, can only be a good thing. ®

Related story
Where the hell is my website?
.org registry vanishes into thin air

Security for virtualized datacentres

More from The Register

next story
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
Spies, avert eyes! Tim Berners-Lee demands a UK digital bill of rights
Lobbies tetchy MPs 'to end indiscriminate online surveillance'
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
How the FLAC do I tell MP3s from lossless audio?
Can you hear the difference? Can anyone?
4chan outraged by Emma Watson nudie photo leak SCAM
In the immortal words of Shaggy, it wasn't me us ... amirite?
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.