Feeds

The .org whois saga and why EPP may save the Net

Click here for the future of domain names

  • alert
  • submit to reddit

Boost IT visibility and business value

Far from committing Hari-Kiri as some over-zealous emailers suggested last week, we decided to find out exactly what the Public Interest Registry's plan for .org domains were and how come its whois information is currently so limited.

Rather fortuitously, we also learnt of the new EPP protocol which may soon, finally, mean an end to the Kafkaesque experience of transferring and updating domains - something that has infuriated hundreds of thousands of Web users over the past five years.

Last week, the failure of VeriSign's crsnic whois servers to provide information on .org domains meant that in many cases people were unable to pick up any information on who owned what .org domain, which servers the domain pointed at and other such information. VeriSign is not the main source of data for ,org domains however, having been forced to hand over running of the domain to the Public Interest Registry (PIR) on 1 January 2003.

PIR's authoritative whois for .org domains is not all that useful either though. It contains only the dates of when the domain was created, when it expires and what servers it points at. For any information of who actually owns the domains and what their contact details are, you are instead asked to visit the "sponsoring registrar". If this is, say, Register.com, running a second whois enquiry on Register.com's site will yield the owner's details.

Why is this case when nearly all other domains need only one whois query and you get all the information you need? Well, as Bruce Beckwith (VP of operations at PIR and the man who oversaw the move of ownership of .org from VeriSign to PIR) and Heather Carle (communications manager at Afilias, the company actually running the servers) explained, it's all to do with "thick" and "thin" data.

"VeriSign's original .org registry only contained "thin" details - meaning who the sponsoring registrar was, the date it was registered, and name server information, etc. - and referred the person querying the Whois system to the sponsoring registrar. Because this was all the data the Verisign registry contained (all the other info was stored at the registrars), they were only able to hand over that level of information to PIR," says Ms Carle.

PIR decided that to make the transition as smooth as possible it would first pull in only this information and then gradually introduce a new system that would offer "thick" details (i.e. everything else such as owner information) on its own servers.

"On 1 January, PIR assumed responsibility for the .org domain," says Bruce Beckwith, "and in late January we transferred two-and-a-half million domains over. We did it in a methodical phased approach and we did it with no outages." So the basic information was there. However, to enlarge the information to include "thick" data, PIR has to go through a second lengthy procedure where all the registrars that people have used to buy their .org domains move onto different software that allows for faster and fuller communication with PIR.

"Our second phase is converting all the registrars from RRP [Registry Registar Protocol - created by VeriSign in 1998/99 to relay all domain information] to EPP [Extensible Provisioning Protocol - again devised by VeriSign and the future of domain information sharing]," says Bruce Beckwith. "We have 110 to 115 registrars and we are migrating them group by group in six groups over the course of the year until by 31 December, they should all be running EPP."

The future of the Internet

While this will certainly make PIR's whois more practical, the existence and introduction of EPP across the world is set to revolutionise the purchase, transfer, update and sale of all Internet domains.

As we covered in great depth in January, the current system of exchange of domain information is a mish-mash of systems that frequently leaves domain owners frustrated at attempts to shift domains. Usually involving long waits and acres of paperwork, what could easily be a fully automated system is currently over-complex and anti-competitive.

It has also meant that people's domains have been wrongly handed over to others, that multiple registrations have seen people out of pocket and angry and that information in a per-second system is frequently hours out of date.

EPP may well be set to change all that in one fell swoop. It is, in short, the dream ubiquitous protocol for registrant-registrar-registry information that means fast, seamless and accurate exchange of information - the HTML of domains. Well, in fact, the XML of domains.

Created by Scott Hollenbeck at Verisign, EPP is not without its problems but has so far been enthusiastically greeted by registries and registrars - not only for global domain names but also country-code domains.

The fact that it was created by VeriSign is a good sign (although you may ask what took it so long) since without the Net behemoth, its introduction would prove difficult. And VeriSign has promised to introduce EPP on its systems soon after it is run by all the registrars. EPP is also passing through the stages at the IETF, meaning that it should be recognised as a global Internet standard.

Not everyone is entirely happy though. Although the two biggest country-code domains - Germany and the UK - have pledged support to EPP and others have already implemented versions of it in their system, several problems with EPP have meant that the IETF has held up the process until it considers problems that ccTLDs have with it.

These problems stem from the fundamental difference in gTLDs and ccTLDs. In generic top-level domains such as .com, .net etc, ownership of a domain is drawn in a contract between the registrant (owner) and the registrar (company you buy it from). The ccTLD model tends to assume that the contract is between the registrant and the company that runs the entire domain registry. This different approach has meant the EPP will need to be altered to encompass both models.

However, the potential advantages of an EPP system introduced across the world are huge. Domain problems and overlaps would be hugely reduced. The speed of updates on who owns a domain would be reduced from the current 12 hours on VeriSign's system to a remarkable five minutes and, in future, even faster.

Transfers of domains to different registrars could be completed quickly and efficiently since EPP attaches a password to the domain. This would mean Average Joe can decide to renew his domain with a cheaper company and then do so seamlessly with just a few clicks of his mouse. The implications on competition and hence price are obvious. The same can be done with domain details.

One registrar should also be able to link directly to different registries all over the world, making the system far more like the actual Internet. The automation in each case should also see domain charges fall. In short, EPP - if bodies continue to work together and someone doesn't cock it up - is a god-send that solves a fundamental flaw in the current Internet system.

Back to PIR

But back briefly to PIR. One of the more interesting aspect of PIR and the .org domain, as Bruce Beckwith was keen to stress to us, is how it intends to run the domain.

In a wonderful return to the origins of Internet philosophy, PIR intends to feed back all the money it makes in profit from the sale of .org domains into funding and educating non-profit organisations about the Internet and websites and what uses the Web can be put to.

Think charities, schools and such like being given expert advice or subsidised courses on how to make the Web work for them. Bruce Beckwith was short on real details, talking of "putting together frameworks" and "defining thought processes" and other such nonsense, but the will and the intention is there.

Which, like EPP, can only be a good thing. ®

Related story
Where the hell is my website?
.org registry vanishes into thin air

Build a business case: developing custom apps

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Nadella: Apps must run on ALL WINDOWS – PCs, slabs and mobes
Phone egg, meet desktop chicken - your mother
White? Male? You work in tech? Let us guess ... Twitter? We KNEW it!
Grim diversity numbers dumped alongside Facebook earnings
Microsoft: We're making ONE TRUE WINDOWS to rule us all
Enterprise, Windows still power firm's shaky money-maker
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.