1. No category

gTLD Registrar Manual - Part II General - v1.0

gTLD Registrar Manual Part II: General
10 n o v e mb e r 2011
Budgetontwerp
gTLD
Registrar Manual
2012
Part II : General
Version 1.0
Copyright  2016 DNS Belgium vzw/asbl
1
gTLD Registrar Manual Part II: General
Table of contents
Table of contents .............................................................................................................................................. 2
1 Introduction ................................................................................................................................................... 3
1.1. Purpose ............................................................................................................................................................................... 3
1.2. Quickstart .......................................................................................................................................................................... 3
1.3 Web interface .................................................................................................................................................................... 3
1.4 EPP interface ..................................................................................................................................................................... 3
1.5 Delta ...................................................................................................................................................................................... 3
2 General ............................................................................................................................................................. 4
2.1 Password policy and 2-step verification ............................................................................................................... 4
2.2 Sandbox................................................................................................................................................................................ 4
2.3 Maintenance ...................................................................................................................................................................... 4
2.4 Pollution/abuse of registration system ................................................................................................................ 4
3 Contacts............................................................................................................................................................ 5
4 Domain names ............................................................................................................................................... 5
4.1 Allowed names .................................................................................................................................................................. 5
4.2 Status values ...................................................................................................................................................................... 5
4.3 IDN ......................................................................................................................................................................................... 6
4.4 DNSSEC ................................................................................................................................................................................ 6
4.5 Domain Guard................................................................................................................................................................... 6
5 Domain lifecycle............................................................................................................................................ 7
5.1 Pending periods................................................................................................................................................................ 7
5.2 Grace periods..................................................................................................................................................................... 7
5.3 Renewals.............................................................................................................................................................................. 7
6 Transfer procedure ..................................................................................................................................... 8
6.1 Transfer lifecycle ............................................................................................................................................................. 8
7 Protected transactions ............................................................................................................................... 8
8 Invoicing .......................................................................................................................................................... 9
9 WHOIS ............................................................................................................................................................... 9
10 Zone file generation ............................................................................................................................... 10
11 Abuse tool .................................................................................................................................................. 10
12 Bug reports................................................................................................................................................ 10
Annex: Allowed IDN characters ............................................................................................................... 11
Copyright  2016 DNS Belgium vzw/asbl
2
gTLD Registrar Manual Part II: General
1 Introduction
1.1. Purpose
This document gives a an overview of all policies and procedures of DNS Belgium for the gTLDs
.vlaanderen and .brussels.
As a registrar, you will be responsible for the data you bring into the DNS Belgium system. DNS
Belgium provides the infrastructure but does not act upon the registration data, except for domain
names. All domain names (including the domain name in e-mail addresses and name servers), will be
normalized according to IDN2008. DNS Belgium will not be responsible for the consequences of the
instructions the registrar enters into the automatic system. The system will only execute the given
instructions.
A registrar has full control over its own data (registrar information) and over the data of the domain
names it has registered. There will of course be no access to the data registered by another registrar.
This document is part of the manuals of DNS Belgium for the registration system. The other
documents are explained below.
1.2. Quickstart
The Quickstart document contains the information to get access to the registration system and the
steps the registrar needs to execute to start registering domain names. Together with the most
important technical information, the registrar should be able to start with this document.
1.3 Web interface
The web interface provides all necessary actions for the registrar that can’t be managed via the EPP
system. This includes setting up your account, viewing your billing lines and searching your portfolio.
The web interface is explained in detail in the corresponding document.
1.4 EPP interface
The EPP interface is an XML-based request/response interface that is suited for automation. The
registrar will use this interface for all its domain-related transactions. The EPP interface for DNS
Belgium is RFC compliant and ICANN compliant for the gTLD registries.
The EPP interface document contains clarifications to the relevant RFCs and more information on
optional elements or choices made based on the RFC.
1.5 Delta
The Delta document contains the differences between the previous gTLD provider and the registration
system developed by DNS Belgium. With this document, the registrar should be able to adapt its
system to the new environment with minimal effort.
Copyright  2016 DNS Belgium vzw/asbl
3
gTLD Registrar Manual Part II: General
2 General
2.1 Password policy and 2-step verification
We have the same password policy throughout the system:




At least one uppercase character [A-Z].
At least one lowercase character [a-z].
At least one numerical character [0-9].
At least one non-alphanumerical character [!"#$%&'()*+,-./:;<=>?@[]^_` {|}]
For the EPP password, the length of the password is according to the RFC: 8-16 characters.
For web passwords and authInfo associated with domains, we allow 8-32 characters.
For the registrar web interface, we also use 2-step verification. Setting this up is explained in the Web
document.
2.2 Sandbox
DNS Belgium provides a sandbox system where registrars can test all facets of the registration
system. All registrars can have 2 test accounts. We recommend using the sandbox system for
testing/self-assessment before connecting to the live system.
When a next release is pending, the sandbox system may contain new features not (yet) available on
the live system.
Connection strings for the sandbox are available in the Quickstart document.
2.3 Maintenance
DNS Belgium has a maintenance window between Tuesday 17.00 PM and Wednesday 08.00 AM.
Although we aim to announce changes to the registration system and hardware configuration with
sufficient notice, it is possible under certain circumstances that this may occur without warning or after
a brief message. Please take this into account for your own planning.
2.4 Pollution/abuse of registration system
DNS Belgium monitors its registration system constantly. If we notice any behaviour which would
cause pollution of the database or hinder the services provided by DNS Belgium, we will take
measures to mitigate this behaviour. At first, we will contact the registrar for an explanation when
there's no evidence the behaviour is intentional. If we don't receive a reply within an appropriate time,
DNS Belgium reserves the right to temporarily block the registrar until the situation is resolved.
Examples of pollution and/or abuse are, but are not limited to:
 Unnecessary creation of contacts.
 Unnecessary updates of domain names.
 Unusual repetitive transactions.
Copyright  2016 DNS Belgium vzw/asbl
4
gTLD Registrar Manual Part II: General
3 Contacts
As a registrar, you can create contacts in the system. Contacts don’t have a predetermined role, they
are given a role from their association to the domain object. One contact can fulfill each role.
A domain object should have at least one contact of type registrant, at least one contact of type admin,
and at least one contact of type technical. In total, a domain object may have a maximum of 10
contacts. The contact of type billing is not supported.
The use of external contacts is not allowed, i.e. it is not allowed to use contacts created by another
registrar. This means that contacts will be cloned automatically after a successful transfer. See also
the section on transfers. Cloned contacts are given a new contact ID starting with ‘clone’, therefore it’s
not allowed to create contacts with contact IDs starting with ‘clone’.
It is possible to see the info of an external contact via EPP by doing an <info-contact> transaction with
the authInfo of one of its associated domains.
4 Domain names
4.1 Allowed names
Before registering domain names, please make sure your clients accept our ‘Terms & Conditions’
before they can proceed with the registration of a domain name. This is also the case for a transfer.
Domain names must meet several technical requirements:
 Valid non-IDN names are:
o minimum 2 characters among the letters 'a to z', the numbers '0 to 9' and the hyphen
'-';
o maximum 63 characters;
o must not begin or end with a hyphen;
o must not contain a hyphen '-' on the 3rd AND 4th position.
 Valid IDN names are:
o The U-label is minimum 2 characters and the A-label and/or U-label is maximum 63
characters.
o The U-label can't begin or end with a hyphen.
o The U-label must not contain a hyphen on the 3rd AND 4th position.
o The U-label may only contain characters for the list of allowed characters.
4.2 Status values
The domain object supports the following status values (as described in Section 2.3 of RFC 5731):









ok
inactive
clientHold/serverHold
clientUpdateProhibited/serverUpdateProhibited
clientTransferProhibited/serverTransferProhibited
clientDeleteProhibited/serverDeleteProhibited
clientRenewProhibited/serverRenewProhibited
pendingTransfer
pendingDelete
Copyright  2016 DNS Belgium vzw/asbl
5
gTLD Registrar Manual Part II: General
Please note that DNS Belgium (the Registry) may always override status values set by the Registrar.
Following states are not supported:
 pendingCreate
 pendingRenew
 pendingUpdate
4.3 IDN
The implementation of IDN at DNS Belgium is based on the IDNA 2008 standard and the relevant
RFCs.
 There is no variant handling.
 On the EPP-Interface, we will always return the A-Label of the domain name in the response
as this is used to communicate between automated systems, for flexibility, we will accept
both U-label and A-label in the request.
The list of allowed IDN characters is a subset of the Latin script and can be found in the annex of this
document.
We also accept IDN for name servers. In the name server name, all characters are allowed.
4.4 DNSSEC
DNS Belgium supports and promotes the use of DNSSEC trust chains as defined in the relevant RFCs
(listed in the EPP document).
The EPP interface accepts DS records only. A maximum of 6 DS records can be provisioned per
domain.
DS records will be published in the zone immediately. DNS Belgium won't perform any validation on
the DNSSEC information of your domain names. It is up to you, as the registrar, to ensure that the
chain of trust isn't broken.
DNS Belgium supports the following algorithms:









3: DSA/SHA1
5: RSA/SHA-1
6: DSA-NSEC3-SHA1
7: RSASHA1-NSEC3-SHA1
8: RSA/SHA-256
10: RSA/SHA-512
12: GOST R 34.10-2001
13: ECDSA Curve P-256 with SHA-256
14: ECDSA Curve P-384 with SHA-384
4.5 Domain Guard
Coming soon.
Copyright  2016 DNS Belgium vzw/asbl
6
gTLD Registrar Manual Part II: General
5 Domain lifecycle
5.1 Pending periods
In pending periods certain operations are not allowed.
 Redemption Grace Period: consists of
o Redemption Period: valid for 30 days after a delete, during this period, the domain
can be restored. Restore request is the only transaction allowed.
o Pending Restore: in order to successfully restore a domain in the redemption period,
a restore report is required. This report must be submitted during the 7 days of the
pending restore period. In case no restore report is submitted, a new 30 day
redemption period begins. Restore report is the only transaction allowed.
o Pending Delete: If a domain is deleted and not restored, it is placed in the pending
delete period at the end of the redemption period. This period lasts 5 days, after which
the domain is available for registration. No transactions are allowed.
 Pending Transfer Period: see the section on Transfer.
5.2 Grace periods
DNS Belgium doesn’t support grace periods as described in RFC 3915.
5.3 Renewals
The registration system has auto-renew set per registrar as default. This feature can't be turned off.
The renew transaction is also implemented in line with ICANN requirements.
The EPP status clientRenewProhibited can be used by the registrar to disable the auto-renew feature
on a per-domain basis. Auto-renews are prevented by this status. Renews are also prevented by this
status (as per definition).
Copyright  2016 DNS Belgium vzw/asbl
7
gTLD Registrar Manual Part II: General
6 Transfer procedure
6.1 Transfer lifecycle
The above diagram illustrates the lifecycle of a domain transfer. Transfer requests require valid
authInfo. Note that only one transfer request can be pending at a time. Transfer requests on a domain
name that is already in “transferPending” status are rejected.
The losing registrar has 5 days to approve or reject the request. In case there is no answer from the
losing registrar after 5 days and the transfer is not cancelled by the gaining registrar, the registry autoapproves the transfer.
Domain transfer transactions are implemented according to ICANN requirements for gTLDs and the
appropriate RFCs. The following choices have been made by DNS Belgium:
 During pendingTransfer status, only transactions related to the current transfer are allowed.
 After the transfer is (auto)-approved:
o The authInfo is automatically updated.
o All linked contacts are cloned.
o If the maximum registration period of 10 years is not exceeded, the domain name is
renewed with 1 year.
 If the transfer is rejected or cancelled, and the registration period is exceeded:
o If the clientRenewProhibited or serverRenewProhibited flag is set, the domain goes
into redemption.
o Otherwise, the domain name is auto-renewed for the losing registrar.
 If the transfer is rejected or cancelled, and the registration period isn’t exceeded:
o The domain name reverts to its original state (before the transfer request).
The gaining registrar can find out the new authInfo and the new contact handles by doing an infodomain transaction on the domain name.
7 Protected transactions
DNS Belgium wants to protect the registry system from possible errors made on the registrar’s side.
We also want to protect the registrar from scripts running astray or hackers abusing his account and
causing him to ramp up very high costs. For these reasons, we have implemented a protected
transactions threshold. The transactions counted for the threshold are either billable transactions or
have a direct effect on the portfolio of the registrar. Only successful transactions are counted.
Copyright  2016 DNS Belgium vzw/asbl
8
gTLD Registrar Manual Part II: General
The following transactions are counted for the protected transactions threshold:





Create domain
Renew domain
Delete domain
Domain transfer request
Domain restore request
The threshold is set to 100 for each registrar. When the threshold is reached, it’s no longer possible to
do any of the above transactions until midnight UTC. The EPP server will return a 2308 error with
reason “No protected transactions allowed until [datetime].” Other transactions are still possible. The
threshold can be reset by DNS Belgium after contact with the registrar to verify that no ill use was in
progress.
The threshold can be changed per-registrar by DNS Belgium on demand of the registrar (e.g. for the
period of a campaign).
The registrar can see the threshold and its current counter on the Registrar web. See the web
interface manual for more information.
8 Invoicing
The registry system uses a post-pay billing system. The registrar can use the registry system without
limitations (within the bounds of the protected transactions threshold) and will receive an invoice for
the billable transactions of the current month at the beginning of the next month.
The following transactions will be invoiced:





Create domain
Renew domain
Auto-renew domain
Renew after transfer
Domain restore request
DNS Belgium aims to send out the invoices as soon as possible, but they cannot be sent before the
end of the month to be billed.
The registrar will need to provide a billing contact at the start of his contract with DNS Belgium. If the
billing contact changes, this should be communicated to our support staff. The registrar may also
create a user with the finance role for the billing contact, so they can review the billing lines on the
registrar web.
Invoices are only sent electronically.
9 WHOIS
The WHOIS service provides the necessary information for people seeking to contact the registrant of
a domain (or registrar contact) for problem solving etc. As WHOIS is a public service, DNS Belgium
has put some limits on the number of queries in each time frame.
 Rate limit: 100 queries per second with a leaky bucket system.
 Quota: 10.000 queries per IP/day.
DNS Belgium reserves the right to change the limits for WHOIS if we feel that the service is being
abused/attacked.
Copyright  2016 DNS Belgium vzw/asbl
9
gTLD Registrar Manual Part II: General
For registrars, we recommend they use EPP for querying domain names/contacts.
Connection strings for the WHOIS service are available in the Quickstart document.
10 Zone file generation
The main objective of DNS Belgium is to manage the zone file. The zone file is hosted on our primary
name server. We use dynamic zone file generation, this means that every update will be processed
immediately and the zone file will be updated accordingly.
When domain names are created without references to hosts, such domains are not included in the
zone. This can be interesting if you want to keep the registration of a new domain name confidential.
Keep in mind that the zones for .vlaanderen and .brussels are subject to CZDS.
You can use IPv6 addresses as glue for your name servers. DNS Belgium does not validate IPv6
addresses. DNS Belgium also won't perform any validation on the DNSSEC information of your
domain names.
11 Abuse tool
DNS Belgium monitors several abuse lists/sites and sends notifications if a domain name is affected.
The notifications are sent to the registrant and technical contact of the affected domain name.
Notifications are sent for our 3 products: .be, .vlaanderen and .brussels.
An incident will trigger an e-mail with a link to our website safebrowsing.be. On this website, you will
find all incidents for the domain name. Every day an incident occurs, a new e-mail will be sent. The
page concerning the website will also be updated for each new incident occurring for the next 21 days.
If an incident is still present after five days, the e-mail will be resent.
It is the responsibility of the registrant to follow up on these notifications. If you also provide hosting for
your registrants, it is possible you will be contacted by them and we ask you to take all possible
measures to remedy the issue.
12 Bug reports
DNS Belgium is very interested to improve its system as much as possible. If you think there is a bug
in the system or you have a suggestion for an improvement, please let our support staff know.
To be able to reproduce your issue, please provide the following information in your report:
 Reproduction path: which steps did you take to get the result.
 Data used: which data (registrar id, domain name, contact id, …) did you use. Please include
timestamp and screenshot if possible.
 Actual result: what was the result you got.
 Expected result: what is the result you would like to get in this situation.
Copyright  2016 DNS Belgium vzw/asbl
10
gTLD Registrar Manual Part II: General
Annex: Allowed IDN characters
nr
unicode
glyph
description
1
U+002D
-
HYPHEN-MINUS
2
U+0030
0
DIGIT ZERO
3
U+0031
1
DIGIT ONE
4
U+0032
2
DIGIT TWO
5
U+0033
3
DIGIT THREE
6
U+0034
4
DIGIT FOUR
7
U+0035
5
DIGIT FIVE
8
U+0036
6
DIGIT SIX
9
U+0037
7
DIGIT SEVEN
10
U+0038
8
DIGIT EIGHT
11
U+0039
9
DIGIT NINE
12
U+0061
a
LATIN SMALL LETTER A
13
U+0062
b
LATIN SMALL LETTER B
14
U+0063
c
LATIN SMALL LETTER C
15
U+0064
d
LATIN SMALL LETTER D
16
U+0065
e
LATIN SMALL LETTER E
17
U+0066
f
LATIN SMALL LETTER F
18
U+0067
g
LATIN SMALL LETTER G
19
U+0068
h
LATIN SMALL LETTER H
20
U+0069
i
LATIN SMALL LETTER I
21
U+006A
j
LATIN SMALL LETTER J
22
U+006B
k
LATIN SMALL LETTER K
23
U+006C
l
LATIN SMALL LETTER L
24
U+006D
m
LATIN SMALL LETTER M
25
U+006E
n
LATIN SMALL LETTER N
26
U+006F
o
LATIN SMALL LETTER O
27
U+0070
p
LATIN SMALL LETTER P
28
U+0071
q
LATIN SMALL LETTER Q
29
U+0072
r
LATIN SMALL LETTER R
30
U+0073
s
LATIN SMALL LETTER S
31
U+0074
t
LATIN SMALL LETTER T
32
U+0075
u
LATIN SMALL LETTER U
33
U+0076
v
LATIN SMALL LETTER V
34
U+0077
w
LATIN SMALL LETTER W
35
U+0078
x
LATIN SMALL LETTER X
36
U+0079
y
LATIN SMALL LETTER Y
37
U+007A
z
LATIN SMALL LETTER Z
Copyright  2016 DNS Belgium vzw/asbl
11
gTLD Registrar Manual Part II: General
nr
unicode
glyph
description
38
U+00DF
ß
LATIN SMALL LETTER SHARP S
39
U+00E0
à
LATIN SMALL LETTER A WITH GRAVE
40
U+00E1
á
LATIN SMALL LETTER A WITH ACUTE
41
U+00E2
â
LATIN SMALL LETTER A WITH CIRCUMFLEX
42
U+00E3
ã
LATIN SMALL LETTER A WITH TILDE
43
U+00E4
ä
LATIN SMALL LETTER A WITH DIAERESIS
44
U+00E5
å
LATIN SMALL LETTER A WITH RING ABOVE
45
U+00E6
æ
LATIN SMALL LETTER AE
46
U+00E7
ç
LATIN SMALL LETTER C WITH CEDILLA
47
U+00E8
è
LATIN SMALL LETTER E WITH GRAVE
48
U+00E9
é
LATIN SMALL LETTER E WITH ACUTE
49
U+00EA
ê
LATIN SMALL LETTER E WITH CIRCUMFLEX
50
U+00EB
ë
LATIN SMALL LETTER E WITH DIAERESIS
51
U+00EC
ì
LATIN SMALL LETTER I WITH GRAVE
52
U+00ED
í
LATIN SMALL LETTER I WITH ACUTE
53
U+00EE
î
LATIN SMALL LETTER I WITH CIRCUMFLEX
54
U+00EF
ï
LATIN SMALL LETTER I WITH DIAERESIS
55
U+00F0
ð
LATIN SMALL LETTER ETH
56
U+00F1
ñ
LATIN SMALL LETTER N WITH TILDE
57
U+00F2
ò
LATIN SMALL LETTER O WITH GRAVE
58
U+00F3
ó
LATIN SMALL LETTER O WITH ACUTE
59
U+00F4
ô
LATIN SMALL LETTER O WITH CIRCUMFLEX
60
U+00F5
õ
LATIN SMALL LETTER O WITH TILDE
61
U+00F6
ö
LATIN SMALL LETTER O WITH DIAERESIS
62
U+00F8
ø
LATIN SMALL LETTER O WITH STROKE
63
U+00F9
ù
LATIN SMALL LETTER U WITH GRAVE
64
U+00FA
ú
LATIN SMALL LETTER U WITH ACUTE
65
U+00FB
û
LATIN SMALL LETTER U WITH CIRCUMFLEX
66
U+00FC
ü
LATIN SMALL LETTER U WITH DIAERESIS
67
U+00FD
ý
LATIN SMALL LETTER Y WITH ACUTE
68
U+00FE
þ
LATIN SMALL LETTER THORN
69
U+00FF
ÿ
LATIN SMALL LETTER Y WITH DIAERESIS
70
U+0153
oe
LATIN SMALL LIGATURE OE
Copyright  2016 DNS Belgium vzw/asbl
12

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz