Upload
icann
View
51
Download
3
Embed Size (px)
Citation preview
How it Works: TLD Registry Protocols Ed Lewis – Steve Conte | ICANN 53 | 21 June 2015
| 3
What is a Domain Name Registry?
•! !"#"$"%&'()'*(+",-'-"+&%'"-*'"%%(.,"#&*',-)(/+"0(-',-'#1&'#(2'3&4&3'*(+",-%'()'#1&'!(+",-'5"+&'67%#&+'8!569'%7%#&+'
•! :(2;3&4&3'*(+",-'8:<!9'%2".&'(=&-'."33&*'"'>?(-&@'A1&-'*,%.B%%,-C')/(+'"'#&.1-,."3'2&/%2&.04&'
| 4
Other Kinds of Registries
•! D&C,(-"3'E-#&/-&#'D&C,%#/,&%'8DED%9'–!5&#A(/F'"**/&%%&%'"-*'/(B0-C',-)(/+"0(-'
•! G/(#(.(3'2"/"+&#&/'/&C,%#/,&%'–! E-#&/-&#'H%%,C-&*'5B+$&/%'HB#1(/,#7'8EH5H9'
•! <"-*'(A-&/%1,2'•! I(#(/'4&1,.3&'(A-&/%1,2'•! J,='/&C,%#/,&%'8&KCKL'A&**,-CL'$"$79'
| 5
Registries in the DNS Tree
!"#$%%&'"
!()*"
+%,-./!&0+" 12-,301!&0+"
!%&41$()*"
5-,301!%&41$()*"
host.domain.TLD
Root Zone
Registry
Domains
| 6 | 6
:<!'D&C,%#/7'
D&C,%#/"-#'
D&%&33&/'
D&C,%#/"/'
D&C,%#/"/'
D&C,%#/"-#'
TLD Registry Relationship
| 7 | 7
:<!'D&C,%#/7'
!"#"'M%./(A'
:/"*&+"/F'N3&"/,-C1(B%&'
From the Other Side…
| 8
Protocols of a TLD Registry
DNS Domain Name System
| 10
What is the DNS Protocol?
•! H'3((FB2L'+B.1'"F,-'#('3((F,-C'B2'%(+&(-&O%'21(-&'-B+$&/',-'"-'(3*'%#73&'21(-&'$((F'
•! PB&/7'"%F%')(/',-)(/+"0(-'8&KCKL'*(+",-'-"+&L'#72&9'
•! D&%2(-%&'.(-#",-%'#1&',-)(/+"0(-'(/'Q-(Q''
| 11
Significance of the DNS
•! R-&'()'#1&'&"/3,&%#'2/(#(.(3%'–! E+2".#%'*&%,C-L'"S&+2#%'#(',+2/(4&'–!T"%'2/(4&-'#('$&'/&%,%#"-#'#('/&23".&+&-#'
•! !(+",-'5"+&'D&C,%#/,&%'&U,%#'$&."B%&'()',#'–!I&"-%'#('&-#&/'"-*'+"-"C&'*"#"'#/"-%)&//&*'
| 12
What DNS Means to a Registry
•! I(%#',+2(/#"-#'.(+2(-&-#',-'#&/+%'()'/&%,3,&-.7'–!V-3,F&'(#1&/'.(+2(-&-#%L'"22/(".1&%'./,0."3'%#"#B%'
•! I(%#'B%&*'.(+2(-&-#L'B-#(3*'/&37,-C'2"/0&%'–!T,C1'."2".,#7')(/'4(3B+&'()'B%&'–!6&-*&/%'()'WB&/,&%'"/&'"-(-7+(B%'
| 13
617.5&$-$"#617.5&$-/&"871/&'"
617.5&$-9%/":/&1$;-<15"
617.5&$="*-&->-51"
*?@"@1$A1$"
:8?8"#:/&1$/1&"855.7/1+"?B,>1$5"8B&4%$.&='"
!56'
| 14
Components of the DNS
•! HB#1(/,#"04&'%&/4&/'–!X1"#'#1&'/&C,%#/7'(2&/"#&%'
•! D&.B/%,4&'%&/4&/'–!X1"#',%%B&%'WB&/,&%'#('/&C,%#/7'%&/4&/%'
•! 6#B$Y.3,&-#%'–! E-*,4,*B"3'B%&/%'82&(23&'(/'"B#(+"#&*'%7%#&+%9'
| 15
61<B$5.A1"@1$A1$"
*?@"@1$A1$"#8B&4%$.&-9A1'"
@&B>"C0.1/&5"
!56'
!56'
DNSSEC DNS Security Extensions
| 17
What does DNSSEC do?
•! :1&'&-*'B%&/'/"/&37'.(-#".#%'#1&'#/B&'%(B/.&'()'!56',-)(/+"0(-'*,/&.#37'–!!56'*"#"',%'%#(/&*',-',-#&/+&*,"#&'%&/4&/%'–!!56'*"#"',%'#/"-%)&//&*',-'#1&'(2&-''
•! M-*;#(;&-*'&-./720(-L'3,F&'T::G6L',%-O#'"'%(3B0(-'–!G/(4,*&'"B#1&-0.,#7L'.(+23&#&-&%%'–!X,#1,-'.(-%#/",-#%'()'!56'
| 18
History of DNSSEC
•! !&4&3(2&*',-'Z[[\O%L'A(/F%1(2%'A,#1'(2&/"#(/%'#1/(BC1']\\^'
•! E-#&/-&#'M-C,-&&/,-C':"%F'_(/.&'8EM:_9'$"%&'*(.B+&-#%'2B$3,%1&*']\\^'
•! !"-'`"+,-%F7O%']\\a'#"3F'&3&4"#&*'2/,(/,#7'–! !"#$%&'$()$!"#$*+,"#$-.$/#$0&12$34$–! b3".F'T"#'N(-)&/&-.&']\\a'
•! 6,-.&']\\['1"%'$&&-',-'(2&/"0(-%',-':<!%'"-*'#1&'/((#'?(-&'8]\Z\9'
| 19
Approach to DNSSEC
•! !"#"',%'"..(+2"-,&*'A,#1'"'*,C,#"3'%,C-"#B/&'A1,.1'."-'$&'4"3,*"#&*'A,#1'"'2B$3,.'F&7'
•! GB$3,.'F&7'./72#(C/"217'&-"$3&%'"'%."3"$3&'#/B%#'$B,3*,-C')/"+&A(/F'
•! H'1,&/"/.17'+"#.1,-C'#1&'!56'#/&&'&-"$3&%'"'4&/,c"$3&'#/B%#'$B,3*,-C')/"+&A(/F'
| 20
The Registry's Portion of DNSSEC
•! I"-"C,-C'F&7%')(/'#1&':<!'
•! D&C,%#&/,-C'*&3&C"0(-'%,C-&/'8!69'/&.(/*%')/(+'/&C,%#/"-#%'
•! 6,C-,-C'!6'/&.(/*%'"-*'2B$3,%1,-C'
•! 6,C-,-C'-&C"04&'"-%A&/%'8Q-(Q9'
•! E-#&/".0-C'A,#1'EH5H'#('/&C,%#&/':<!'F&7'+"#&/,"3'
| 21
617.5&$-$"#617.5&$-/&"871/&'" *?@@DC"EB/<9%/5" 617.5&$="*-&->-51"
*?@"@1$A1$"
:8?8"6%%&"617.5&$="
!566MN'
WhoIs
| 23
History of WhoIs
•! G/&*"0-C'&4&-'!56'
•! I&"-%'#(',*&-0)7'#1&'(#1&/'&-*8%9'()'#1&'-&#A(/F'
•! 6,+23,%0.'WB&%0(-'"-*'"-%A&/'
•! H#'#1&'0+&L'-('.(-.&/-%'"$(B#'2/,4".7L'%&.B/,#7L'"..B/".7'
| 24
WhoIs Protocol Definition
•! R2&-'"':NG'.(--&.0(-'#('2(/#'^d'•! 6&-*'"'WB&%0(-'•! X",#'•! D&.&,4&'"-'"-%A&/'•! N3(%&'#1&'.(--&.0(-'
| 25
X1(E%'N3,&-#'
X1(E%'6&/4&/'
D&C,%#/7'!"#"$"%&'
X1(E%
X1(E%
X1(E%'
| 26
Why is that a Problem? (WhoIs Challenges?)
•! PB&%0(-%'"-*'"-%A&/%'B-*&c-&*'–!_/&&')(/+',%'-(#'C((*')(/',-#&/(2&/"$,3,#7'–!M"/37'%(=A"/&'"%%B+&*'H6NEE'(-37'
•! 5('+&#";"-%A&/%L'-('QB%&'%(+&'(#1&/'%&/4&/Q'
•! !,e&/&-0"#&*'"..&%%',+2(%%,$3&'
•! 5('+&"-%'#('4"3,*"#&'*"#"',-'"-%A&/%'
| 27
WhoIs Sessions @ICANN53
5&U#'6#&2%')(/'X1(E%'H..B/".7'D&2(/0-C'f!X&*-&%*"7L']^'gB-&'f!Zhi\\'j'Zaid\'f!HB*,#(/,('
:1,.F'X1(E%'G(3,.7'E+23&+&-#"0(-'j'I&&0-C'A,#1'#1&'ED:'f!X&*-&%*"7L']^'gB-&'f!Zhi\\'j'Zaid\'f! 'D&0/('b'
EPP Extensible Provisioning Protocol
| 29
What it EPP?
•! H'$B%,-&%%;#(;$B%,-&%%'2/(#(.(3'$&#A&&-'"'/&C,%#/"/'"-*'/&C,%#/7'
•! GB/2(%&',%'#('&*,#'#1&'/&C,%#/"0(-'*"#"'$"%&'–!H**L'*&3&#&'/&C,%#&/&*'-"+&%'–!H**L'*&3&#&L'+(*,)7'.(-#".#%'–!:/"-%)&/%'–!G3B%'%(+&'(#1&/'Q+",-#&-"-.&Q'
| 30
History of EPP
•! ]\\\;]\\d'*&4&3(2&*',-'EM:_'–!b"%&*'(-'&"/3,&/'2/(#(.(3%'A,#1'#1&'NRIY5M:'/&C,%#/7'
•! ]\\d;]\\['2/(C/&%%&*'#(')B33'%#"-*"/*'•! I"-*"#&*')(/'C:<!%'"-*'%:<!%'•! J",-&*'"..&2#"-.&'"+(-C'..:<!%'•! NB//&-#'EM:_'XJ'#('+"-"C&'&U#&-%,(-'*&%,C-"#&*'"%'%#"-*"/*'
| 31
EPP Exclusivity
•! MGG'-&&*'-(#'$&'&U.3B%,4&'–!H'/&C,%#/7',%'#&.1-,."337'"$3&'#('B%&'+B3023&'2/(#(.(3%')(/'#1,%'
–!G(3,.7'+,C1#'/&%#/,.#'8%B.1'"%'%#/,.#'_,/%#'N(+&'_,/%#'6&/4&*'4,"'/&C,%#/"/%9'
| 32
EPP Protocol Architecture
•! V%&%':<6'(/'%#/(-C37'%&.B/&*'#/"-%2(/#'3"7&/'•! MU.1"-C&',%'&-.(*&*',-'kI<'•! 6&/4&/',-%,*&'/&C,%#/7L'.3,&-#%'"#'/&C,%#/"/%'
617.5&$-$"DFF"C0.1/&"
MGG'
DFF"@1$A1$" 617.5&$="*-&->-51"
RDAP Registration Data Access Protocol
| 34
What is RDAP?
•! D&C,%#/"0(-'!"#"'H..&%%'G/(#(.(3'8D!HG9'
•! H'WB&/7Y/&%2(-%&'+&"-%'#(',-%2&.#'"'/&C,%#/"0(-'*"#"$"%&'–!D&C"/*3&%%'()'A1&/&',#',%'1(%#&*'–!b,"%&*'#(A"/*%'/&C,%#/"0(-'-(#'(-37'*(+",-'-"+&%'
•! H'3"7&/'(-'#(2'()'T::G6'–!D&B%&%'+B.1'()'A&$;*&4&3(2&*'#&.1-(3(C7'
| 35
Components of RDAP
•! 6&/4&/'–!6(=A"/&'#('2"/%&'WB&/,&%'–!6(=A"/&'#('"..&%%'#1&'*"#"$"%&'–!6(=A"/&'#('2/&2"/&'/&%2(-%&'
•! N3,&-#'–!X&$'$/(A%&/'HGE'A,#1'%2&.,c.'"$,3,0&%'–!N"-'2&/)(/+'"B#1&-0."0(-'%#&2%'
| 36
History of RDAP
•! !,%%"0%)".0(-'A,#1'X1(E%'3&*'#A('DED%'#('&U2&/,+&-#'A,#1'"'X&$;$"%&*'"22/(".1'–!l&/7'%B..&%%)B3'
•! _/(+'#1,%L'#1&'%#(/7'()'D!HG',%'4&/7'+B.1'0&*'#('–!D&23".&+&-#'()'#1&'X1(E%'2/(#(.(3'–!N(++(-"3,#7'()'-"+&%'"-*'-B+$&/%'–!:1&'T::G6'2/(#(.(3'
| 37
Basic Description of RDAP
•! PB&/7'(4&/'T::G6L'3((F%'3,F&'"'VD<'–!<,F&'X1(E%L'$B#')(/+"3,?&*'
•! D&%2(-%&'(4&/'T::G6'–!_(/+"S&*'*"#"'"-%A&/,-C'WB&/7L'B%,-C'Qg6R5Q'•! <,F&'X1(E%L'$B#')(/+"3,?&*'
–!_(/+"S&*'/&*,/&.0(-'+&%%"C&'•! 5(#',-'X1(E%'
•! :('*(i'(2&/"0(-"3'2/(c3&'
| 38
Features of RDAP
•! !&c-&*'*"#"'+(*&3'–!MU2"-%,(-;)/,&-*37'WB&/7'"-*'/&%2(-%&')(/+"#%'
•! MU2"-%,(-'$&7(-*'H6NEE'.1"/".#&/%'8EZa59'•! !,%#/,$B0(-'()'*"#"'%(B/.&%'•! !,e&/&-0"#&*'"..&%%'8"B#1(/,?"0(-'+(*&39'–!G/&%B+&%'"-'"B#1&-0."0(-'+(*&3'#(('
•! N(+2"0$,3,#7'A,#1']\Z\;&/"'%(=A"/&'&-C,-&&/,-C'
| 39
6*8F"C0.1/&"
D!HG'6*8F"G155-71"
H-/+01$" 617.5&$="*-&->-51"
| 40
RDAP Sessions @ICANN53
D&C,%#/"0(-'!"#"'H..&%%'G/(#(.(3i'X1"#m%'5&U#n'f!X&*-&%*"7L']^'gB-&'f! Z^iZo'j'Zoid\'f! D&0/('H'
Data Escrow
| 42
Purpose of Data Escrow
•! 6#(/&'#1&'/&C,%#/"0(-'*"#"$"%&'.(-#&-#%'A,#1'"'#1,/*'2"/#7')(/'%")&'F&&2,-C'
•! X17n'–!R2&/"#(/'Q$B%,-&%%Q')",3B/&'–!H33(A%')(/'/&%#"/#'()'/&C,%#/7'$7'"-(#1&/'(2&/"#(/'
•! 6#(/&*'$7'"'#1,/*'2"/#7'A,#1'%#/,.#'/B3&%')(/'"..&%%'$7'"-7(-&'&3%&'–! MKCKL'ENH55'."-'/&WB&%#'#1&'*&2(%,#%'B-*&/'"'%3,+'%&#'()'.,/.B+%#"-.&%''
| 43
History of Data Escrow
•! EM:_'b,/*%'()'_&"#1&/'%&%%,(-'–!!&&+&*'B-,-#&/&%0-C'#('#1&'EM:_'
•! :1,%'*(&%-O#'+&"-'*"#"'&%./(A',%'B-,+2(/#"-#'
•! :1&'/&"%(-',%'#1"#'*"#"'&%./(A',%'#&.1-,."337'4&/7'%,+23&L'$B#'4&/7'%2&.,c.'"-*'/&3"#&*'#('C(4&/-,-C'2(3,.7'
| 44
Data Escrow Deposits
•! !&c-&*',-'#A('23".&%'–!!"#"'Q)/"+&A(/FQ',-'"-'E-#&/-&#'!/"='–!:,+,-C'()'".0(-%',-'62&.,c."0(-']'()'/&C,%#/7'"C/&&+&-#%'
•! H'Q*B+2Q'()'#1&'/&C,%#/7'*"#"$"%&'–!kI<'4&/%,(-',-'(-&'(/'+(/&'c3&%'–!N(+2/&%%&*YM-./72#&*'–!!&2(%,#'+"*&'&4&/7'*"7'•! _B33'(-'6B-*"7p'E-./&+&-#"3'"33'(#1&/'*"7%'()'#1&'A&&F'
| 45
D&C,%#/7'R2&/"#(/'
M%./(A'HC&-#'
ENH55'
6B-*"7i'_B33'_,3&'!&2(%,#'R#1&/'!"7%i'E-./&+&-#"3'
GB$3,.'`&7%'
GB$3,.'`&7%'
5(0c."0(-'
5(0c."0(-'
TMCH Trademark Clearinghouse
| 47
What is TMCH?
•! :/"*&+"/F'N3&"/,-C'T(B%&'8:INT9',%'"-'(2&-'$B#'+(%#37'ENH55;%2&.,c.'+&.1"-,%+'#('"**/&%%'#/"*&+"/F%',-'*(+",-'-"+&%'
•! <,+,0-C'#1&'*,%.B%%,(-'#('/&C,%#/7;#(B.1,-C'2/(#(.(3%'–!:A('21"%&%L'6B-/,%&'"-*':/"*&+"/F'N3",+%'–!G/(#(.(3'$B,3#'(4&/'T::G6'8%&.B/&*'X&$9'
| 48
TMCH in Sunrise
•! 6B-/,%&'/&)&/%'#('(2&-,-C'()':<!'#('#/"*&+"/F'1(3*&/%'c/%#'
•! D&C,%#/7'%B223,&%'#('"':INT'–!<,%#'()'*(+",-'-"+&'/&C,%#&/&*'
•! D&C,%#/7'/&.&,4&%')/(+'"':INT'–!H'3,%#'()'+"/F%'-('3(-C&/'3,%#&*'8/&4(F&*')/(+'"'2/&4,(B%37'2B$3,%1&*'3,%#9'
| 49
TMCH in Trademark Claims
•! N3",+%'/&)&/%'#('&"/37'*"7%'()'"':<!'A1&-'/&C,%#/"0(-%'()'#/"*&+"/F'Q3((F'"3,F&%Q'/&%B3#',-'-(0.&%'
•! D&C,%#/7'%B223,&%'#('"':/"*&+"/F'N3&"/,-C'T(B%&'–! <,%#'()'*(+",-'-"+&%'/&C,%#&/&*'+"#.1,-C'#1&'2/&;/&C,%#&/&*'#/"*&+"/F%'
•! D&C,%#/7'/&.&,4&%')/(+'"':/"*&+"/F'N3&"/,-C'T(B%&'–!H'3,%#'()'3"$&3%'.(//&%2(-*,-C'#('2/&;/&C,%#&/&*'#/"*&+"/F%'
| 50
:/"*&+"/F'N3&"/,-C'T(B%&'D&C,%#/7'
86B-/,%&9'6I!''D&4(."0(-'<,%#'4,"'T::G6''
8N3",+%9'!5<'<,%#'4,"'T::G6''
5"+&%'&e&.04&37'"33(."#&*'KKK'
| 51
Protocols of a TLD Registry
| 52
Reach us at: Email: [email protected] [email protected]
Thank You and Questions
gplus.to/icann
weibo.com/ICANNorg
flickr.com/photos/icann
slideshare.net/icannpresentations
twitter.com/icann
facebook.com/icannorg
linkedin.com/company/icann
youtube.com/user/icannnews
Engage with ICANN – http://www.icann.org