White paper on domain name registry lock models

CENTR has published a white paper separating registry lock services into two standardised models. This categorisation and the included recommendations can help top-level domain registries (re)design their registry lock services. The aim of the paper is to reduce fragmentation in implementation between registries to explain the value of registry lock to domain holders more easily.

At the yearly CENTR Jamboree meeting in 2019, several registries got together and discussed registry lock as a service, and why not more registrants choose to protect their domains with registry lock. Getting the right domain name has always been key but protecting and keeping the domain name is now maybe even more important. Yet, very few domains are protected by registry lock.

One of the potential reasons for this low adoption rate, that was identified during the meeting, was the lack of awareness amongst registrants, both of the existence of registry lock, but even more of the value of having one’s domain protected by registry lock. The main underlying cause that was pinpointed was the fragmentation in implementation between registries. This not only makes the technical integration hard for registrars and resellers. It also makes it hard for registrants to deal with on a day to day basis when they have multiple domain names, but even more importantly, it is hard to explain the value of registry lock when there are so many different types of registry lock out there. A clearer and more uniform approach would therefore benefit all parties, from registries to registrars to registrants.

A number of registries therefore got together after the meeting to look into ways to standardise registry lock services between registries. A survey later that year found that of the 27 participating ccTLD registries, 14 offer a registry lock feature and 8 are planning to. The group analysed current and planned registry lock services and grouped them into two different models, each with two variants. These models are designed to help registries align their registry lock offerings, thereby reducing the current fragmentation. The technical implementations of these models can be standardised to ease integration with registrars and resellers. This taxonomy will hopefully encourage gradual movement to a more streamlined approach, making the interaction between registry and registrar more predictable.

To highlight the main separation between the two identified models, the implementations reported in the survey were categorized based on the entity performing the authentication of the initiator of a request. The first model is deemed to be registry-focused as the registry authenticates the initiator of the unlock request. The second model is more registrar-focused as the authentication of the request is delegated to the registrar. The paper further identifies variants within the models. For example, within the registry-focussed model the service can be marketed and sold directly by the registry or through the registrar, depending on the way the registry operates. The paper further discusses different in-band and out-of-band methods of authentication and closes with a number of recommendations.

You can find the full white paper here.


About Konstantinos Zournas

I studied Computer Engineering and Computer Science in London, UK and I am now living in Athens, Greece. I went online in 1995, started coding in 1996 and began buying domain names and creating websites in 2000. I started the blog in 2012.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.