The .org whois saga and why EPP may save the Net

Click here for the future of domain names


Far from committing Hari-Kiri as some over-zealous emailers suggested last week, we decided to find out exactly what the Public Interest Registry's plan for .org domains were and how come its whois information is currently so limited.

Rather fortuitously, we also learnt of the new EPP protocol which may soon, finally, mean an end to the Kafkaesque experience of transferring and updating domains - something that has infuriated hundreds of thousands of Web users over the past five years.

Last week, the failure of VeriSign's crsnic whois servers to provide information on .org domains meant that in many cases people were unable to pick up any information on who owned what .org domain, which servers the domain pointed at and other such information. VeriSign is not the main source of data for ,org domains however, having been forced to hand over running of the domain to the Public Interest Registry (PIR) on 1 January 2003.

PIR's authoritative whois for .org domains is not all that useful either though. It contains only the dates of when the domain was created, when it expires and what servers it points at. For any information of who actually owns the domains and what their contact details are, you are instead asked to visit the "sponsoring registrar". If this is, say, Register.com, running a second whois enquiry on Register.com's site will yield the owner's details.

Why is this case when nearly all other domains need only one whois query and you get all the information you need? Well, as Bruce Beckwith (VP of operations at PIR and the man who oversaw the move of ownership of .org from VeriSign to PIR) and Heather Carle (communications manager at Afilias, the company actually running the servers) explained, it's all to do with "thick" and "thin" data.

"VeriSign's original .org registry only contained "thin" details - meaning who the sponsoring registrar was, the date it was registered, and name server information, etc. - and referred the person querying the Whois system to the sponsoring registrar. Because this was all the data the Verisign registry contained (all the other info was stored at the registrars), they were only able to hand over that level of information to PIR," says Ms Carle.

PIR decided that to make the transition as smooth as possible it would first pull in only this information and then gradually introduce a new system that would offer "thick" details (i.e. everything else such as owner information) on its own servers.

"On 1 January, PIR assumed responsibility for the .org domain," says Bruce Beckwith, "and in late January we transferred two-and-a-half million domains over. We did it in a methodical phased approach and we did it with no outages." So the basic information was there. However, to enlarge the information to include "thick" data, PIR has to go through a second lengthy procedure where all the registrars that people have used to buy their .org domains move onto different software that allows for faster and fuller communication with PIR.

"Our second phase is converting all the registrars from RRP [Registry Registar Protocol - created by VeriSign in 1998/99 to relay all domain information] to EPP [Extensible Provisioning Protocol - again devised by VeriSign and the future of domain information sharing]," says Bruce Beckwith. "We have 110 to 115 registrars and we are migrating them group by group in six groups over the course of the year until by 31 December, they should all be running EPP."

The future of the Internet

While this will certainly make PIR's whois more practical, the existence and introduction of EPP across the world is set to revolutionise the purchase, transfer, update and sale of all Internet domains.

As we covered in great depth in January, the current system of exchange of domain information is a mish-mash of systems that frequently leaves domain owners frustrated at attempts to shift domains. Usually involving long waits and acres of paperwork, what could easily be a fully automated system is currently over-complex and anti-competitive.

It has also meant that people's domains have been wrongly handed over to others, that multiple registrations have seen people out of pocket and angry and that information in a per-second system is frequently hours out of date.

EPP may well be set to change all that in one fell swoop. It is, in short, the dream ubiquitous protocol for registrant-registrar-registry information that means fast, seamless and accurate exchange of information - the HTML of domains. Well, in fact, the XML of domains.

Created by Scott Hollenbeck at Verisign, EPP is not without its problems but has so far been enthusiastically greeted by registries and registrars - not only for global domain names but also country-code domains.

The fact that it was created by VeriSign is a good sign (although you may ask what took it so long) since without the Net behemoth, its introduction would prove difficult. And VeriSign has promised to introduce EPP on its systems soon after it is run by all the registrars. EPP is also passing through the stages at the IETF, meaning that it should be recognised as a global Internet standard.

Not everyone is entirely happy though. Although the two biggest country-code domains - Germany and the UK - have pledged support to EPP and others have already implemented versions of it in their system, several problems with EPP have meant that the IETF has held up the process until it considers problems that ccTLDs have with it.

These problems stem from the fundamental difference in gTLDs and ccTLDs. In generic top-level domains such as .com, .net etc, ownership of a domain is drawn in a contract between the registrant (owner) and the registrar (company you buy it from). The ccTLD model tends to assume that the contract is between the registrant and the company that runs the entire domain registry. This different approach has meant the EPP will need to be altered to encompass both models.

However, the potential advantages of an EPP system introduced across the world are huge. Domain problems and overlaps would be hugely reduced. The speed of updates on who owns a domain would be reduced from the current 12 hours on VeriSign's system to a remarkable five minutes and, in future, even faster.

Transfers of domains to different registrars could be completed quickly and efficiently since EPP attaches a password to the domain. This would mean Average Joe can decide to renew his domain with a cheaper company and then do so seamlessly with just a few clicks of his mouse. The implications on competition and hence price are obvious. The same can be done with domain details.

One registrar should also be able to link directly to different registries all over the world, making the system far more like the actual Internet. The automation in each case should also see domain charges fall. In short, EPP - if bodies continue to work together and someone doesn't cock it up - is a god-send that solves a fundamental flaw in the current Internet system.

Back to PIR

But back briefly to PIR. One of the more interesting aspect of PIR and the .org domain, as Bruce Beckwith was keen to stress to us, is how it intends to run the domain.

In a wonderful return to the origins of Internet philosophy, PIR intends to feed back all the money it makes in profit from the sale of .org domains into funding and educating non-profit organisations about the Internet and websites and what uses the Web can be put to.

Think charities, schools and such like being given expert advice or subsidised courses on how to make the Web work for them. Bruce Beckwith was short on real details, talking of "putting together frameworks" and "defining thought processes" and other such nonsense, but the will and the intention is there.

Which, like EPP, can only be a good thing. ®

Related story
Where the hell is my website?
.org registry vanishes into thin air


Other stories you might like

  • Employers in denial over success of digital skills training, say exasperated staffers

    Large disparities in views from bosses vs workers on 'talent transformation initiatives,' says survey

    Digital transformation projects are being held back by a lack of skills, according to a new survey, which finds that while many employers believe they are doing well at training up existing staff to meet the requirements, their employees beg to differ.

    Skills shortages are nothing new, but the Talent Transformation Global Impact report from research firm Ipsos on behalf of online learning provider Udacity indicates that although digital transformation initiatives are stalling due to a lack of digital talent, enterprises are becoming increasingly out of touch with what their employees need to fill the skills gap.

    The report is the result of two surveys taking in over 2,000 managers and more than 4,000 employees across the US, UK, France, and Germany. It found that 59 per cent of employers state that not having enough skilled employees is having a major or moderate impact on their business.

    Continue reading
  • Saved by the Bill: What if... Microsoft had killed Windows 95?

    Now this looks like a job for me, 'cos we need a little, controversy... 'Cos it feels so NT, without me

    Former Microsoft veep Brad Silverberg has paid tribute to Bill Gates for saving Windows 95.

    Silverberg posted his comment in a Twitter exchange started by Fast co-founder Allison Barr Allen regarding somebody who'd changed your life. Silverberg responded "Bill Gates" and, in response to a question from Microsoft cybersecurity pro Ashanka Iddya, explained Gates's role in Windows 95's survival.

    Continue reading
  • UK government opens consultation on medic-style register for Brit infosec pros

    Are you competent? Ethical? Welcome to UKCSC's new list

    Frustrated at lack of activity from the "standard setting" UK Cyber Security Council, the government wants to pass new laws making it into the statutory regulator of the UK infosec trade.

    Government plans, quietly announced in a consultation document issued last week, include a formal register of infosec practitioners – meaning security specialists could be struck off or barred from working if they don't meet "competence and ethical requirements."

    The proposed setup sounds very similar to the General Medical Council and its register of doctors allowed to practice medicine in the UK.

    Continue reading
  • Microsoft's do-it-all IDE Visual Studio 2022 came out late last year. How good is it really?

    Top request from devs? A Linux version

    Review Visual Studio goes back a long way. Microsoft always had its own programming languages and tools, beginning with Microsoft Basic in 1975 and Microsoft C 1.0 in 1983.

    The Visual Studio idea came from two main sources. In the early days, Windows applications were coded and compiled using MS-DOS, and there was a MS-DOS IDE called Programmer's Workbench (PWB, first released 1989). The company also came up Visual Basic (VB, first released 1991), which unlike Microsoft C++ had a Windows IDE. Perhaps inspired by VB, Microsoft delivered Visual C++ 1.0 in 1993, replacing the little-used PWB. Visual Studio itself was introduced in 1997, though it was more of a bundle of different Windows development tools initially. The first Visual Studio to integrate C++ and Visual Basic (in .NET guise) development into the same IDE was Visual Studio .NET in 2002, 20 years ago, and this perhaps is the true ancestor of today's IDE.

    A big change in VS 2022, released November, is that it is the first version where the IDE itself runs as a 64-bit process. The advantage is that it has access to more than 4GB memory in the devenv process, this being the shell of the IDE, though of course it is still possible to compile 32-bit applications. The main benefit is for large solutions comprising hundreds of projects. Although a substantial change, it is transparent to developers and from what we can tell, has been a beneficial change.

    Continue reading
  • James Webb Space Telescope has arrived at its new home – an orbit almost a million miles from Earth

    Funnily enough, that's where we want to be right now, too

    The James Webb Space Telescope, the largest and most complex space observatory built by NASA, has reached its final destination: L2, the second Sun-Earth Lagrange point, an orbit located about a million miles away.

    Mission control sent instructions to fire the telescope's thrusters at 1400 EST (1900 UTC) on Monday. The small boost increased its speed by about 3.6 miles per hour to send it to L2, where it will orbit the Sun in line with Earth for the foreseeable future. It takes about 180 days to complete an L2 orbit, Amber Straughn, deputy project scientist for Webb Science Communications at NASA's Goddard Space Flight Center, said during a live briefing.

    "Webb, welcome home!" blurted NASA's Administrator Bill Nelson. "Congratulations to the team for all of their hard work ensuring Webb's safe arrival at L2 today. We're one step closer to uncovering the mysteries of the universe. And I can't wait to see Webb's first new views of the universe this summer."

    Continue reading

Biting the hand that feeds IT © 1998–2022