registry object locking in fred
play

Registry Object Locking In FRED Jaromir Talir - PowerPoint PPT Presentation

Jul 05, 2023 •223 likes •420 views

Registry Object Locking In FRED Jaromir Talir jaromir.talir@nic.cz 23.06.2014 Why to speak about registry locks again? Domain hijacking is still an issue Only 1/3 of European ccTLD registries has this feature according

  1. Registry Object Locking In FRED Jaromir Talir • jaromir.talir@nic.cz • 23.06.2014

  2. Why to speak about registry locks again? ● Domain hijacking is still an issue ● Only 1/3 of European ccTLD registries has this feature according survey in Oct 2013 ● Registry object locking is/should be a feature of registry software – in FRED since 2008 ● New registrant interface in .CZ - Sep 2013 ● Administrative locking GUI in FRED – Jan 2014

  3. What is registry lock ● Protection against EPP changes of objects in registry issued by Registrar ● Registrant (as the requester) must use different channel then EPP ● Protection is set by the Registry after proper authorization of request

  4. What is FRED ● Open source domain registry software – http://fred.nic.cz ● Developed and used by CZ.NIC since 2007 ● Used by other countries: Angola, Tanzania, Costa Rica, Faroe Islands, Estonia, Albania, Macedonia (since Jan 2014) ● Version 2.18 – July – Better contact validation ● Version 2.19 – August – RDAP protocol

  5. Registry object locking in FRED ● Entry point is the web form ● Can be integrated into registry website ● Template can be customized ● Requester must fill: ● What changes should be blocked ● Object handle and type ● Means of requester authentication

  6. Registry object locking in FRED

  7. Registry object locking in FRED ● Two levels of protection: ● Only transfer to other registrar ● All changes of object data ● Locking is possible for all registry objects ● Domain ● Contact – registrant, admin-c, tech-c ● NSSet – collection of NS information ● KeySet – collection of DNSKEY information

  8. Registry object locking in FRED ● Object “owner” can authorize request ● Domain -> registrant, admin-c ● Contact -> contact itself ● NSSet, KeySet -> tech-c ● Authentication means ● Letter with notarized signature ● Email with digital signature based on official CA certificate

  9. Registry object locking in FRED ● After submitting request, requester provides authentication to our client center operator ● Client center operator verifies authentication and confirms lock setting through web administration interface ● Despite manual procedure, service is free of charge ● Registrar will receive “Object status prohibits operation” EPP response ● Anyone can see ServerTransferProhibited and ServerUpdateProhibited status in WHOIS

  10. Registry object locking in FRED

  11. Domain browser ● New registrant interface into registry - https://domenovyprohlizec.cz ● Integration of registry and our identity service mojeID - https://mojeid.cz ● MojeID is the internal registrar only for contacts ● Data of those contacts are validated ● Providing those contacts web authentication (password, ssl certificates, two factor authentication)

  12. Domain browser ● Provided that we have validated registrant through mojeID service, we can offer him direct services of registry ● Cross-registar view of owned objects (domains, nsset, keysets) ● Direct access to auth info code necessary for transfer objects to other registrars ● Possibility to merge the same contacts into one ● Registry object locking and unlocking

  13. Domain browser

  14. Administrative locking ● Important part of the registry operations is cooperation with Law Enforcement Agencies ● New option in our registration rules is that anybody can ask for temporary lock with proper papers about ongoing dispute issued by appropriate court ● Used to be seldom activity done manually by CLI tools ● Increased occurrence demanded integration into web administration interface ● Implemented in FRED-2.16 (Jan 2013)

  15. Administrative locking ● Almost any EPP request can be blocked ● Transfer, Update, Delete, Renew ● Appropriate status Server*Prohibited is shown in WHOIS together with new status ServerBlocked ● Registrar will again receive “Object status prohibits operation” EPP response ● Domain can be deactivated as part of locking ● Locking can be bounded by time period

  16. Administrative locking

  17. Conclusion ● Even in Registry-Registrar-Registrant model there are use cases for enhanced Registry- Registrant communication like registry objects locking ● There is not only voluntary locking requested by registrant but also administrative locking requested by LEA – both are supported in FRED

  18. Thank You Jaromir Talir • jaromir.talir@nic.cz

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The Keepers Registry a brief overview Fred Guy, Project Manager, EDINA, University of

The Keepers Registry a brief overview Fred Guy, Project Manager, EDINA, University of

The Keepers Registry a brief overview Fred Guy, Project Manager, EDINA, University of Edinburgh March 2012 The Keepers The role of the Keepers The carrying out of archiving activities to ensure long term access to the materials Note

769 views • 10 slides
The Artory Registry Blockchain for the Art World The Registry is the industrys first

The Artory Registry Blockchain for the Art World The Registry is the industrys first

The Artory Registry Blockchain for the Art World The Registry is the industrys first object-oriented, public database. Leveraging Ethereum blockchain, it tracks provenance and title, and distinguishes trusted from non- trusted data for the

567 views • 7 slides
Roadmap for Section 12.2. Registry Fundamentals Registry Structure Registry Limits Monitoring

Roadmap for Section 12.2. Registry Fundamentals Registry Structure Registry Limits Monitoring

Unit OS12: Scripting 12.2. The Registry Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section 12.2. Registry Fundamentals Registry Structure Registry Limits Monitoring Registry

397 views • 19 slides
FRED update ICANN61 TechDay Puerto Rico Jaromir Talir jaromir.talir@nic.cz

FRED update ICANN61 TechDay Puerto Rico Jaromir Talir jaromir.talir@nic.cz

FRED update ICANN61 TechDay Puerto Rico Jaromir Talir jaromir.talir@nic.cz 12.03.2018 What is FRED? Open source domain registry solution EPP, DNSSEC, WHOIS, RDAP Developed (and used) by CZ.NIC since 2006 Just

649 views • 18 slides
What is a Honeymoon Registry A Honeymoon Registry is a wedding gift registry experience for

What is a Honeymoon Registry A Honeymoon Registry is a wedding gift registry experience for

What is a Honeymoon Registry A Honeymoon Registry is a wedding gift registry experience for honeymoons and destination weddings. Our online Honeymoon Registry allows brides and grooms to list anything they want to do on their

547 views • 19 slides
Registry Principles GMTA March 15, 2017 Key Elements of Registry Principles Definition

Registry Principles GMTA March 15, 2017 Key Elements of Registry Principles Definition

Registry Principles GMTA March 15, 2017 Key Elements of Registry Principles Definition Objectives for a registry Threshold questions Data Governance Committee Well-balanced registry design Registry data use

415 views • 9 slides
TLD Registry Data an unstructured wander through the zoo Joe Abley Public Interest Registry

TLD Registry Data an unstructured wander through the zoo Joe Abley Public Interest Registry

TLD Registry Data an unstructured wander through the zoo Joe Abley Public Interest Registry AIMS-CAIDA Workshop San Diego, February 2020 What is a TLD Registry DNS Answer We publish the ORG zone in the DNS Highly

550 views • 18 slides
SYSTEM WHAT IS A REGISTRY? A registry is an organized system for the timely collection , storage ,

SYSTEM WHAT IS A REGISTRY? A registry is an organized system for the timely collection , storage ,

THE TEXAS TB REGISTRY SYSTEM WHAT IS A REGISTRY? A registry is an organized system for the timely collection , storage , retrieval , analysis , and dissemination of information on individual persons who have a particular disease, or a risk factor

811 views • 34 slides
CS533 Concepts of Operating Systems Linux Kernel Locking Techniques Intro to kernel locking

CS533 Concepts of Operating Systems Linux Kernel Locking Techniques Intro to kernel locking

CS533 Concepts of Operating Systems Linux Kernel Locking Techniques Intro to kernel locking techniques (Linux) Why do we need locking in the kernel? o Which problems are we trying to solve? What implementation choices do we have? o Is

407 views • 30 slides
http://registry.sf.net http://registry.sf.net Before We Start . . . FORGET ABOUT THE NAME

http://registry.sf.net http://registry.sf.net Before We Start . . . FORGET ABOUT THE NAME

Linux Registry Turning Linux into a Trully Integrated Operating Environment Avi Alkalay <avi@unix.sh> Avi Alkalay <avi@unix.sh> Linux, Open Standards Consultant http://registry.sf.net http://registry.sf.net Before We Start . . .

640 views • 34 slides
LOCKING CS 2550 / Spring 2006 Principles of Database Systems 10 Locking Alexandros

LOCKING CS 2550 / Spring 2006 Principles of Database Systems 10 Locking Alexandros

LOCKING CS 2550 / Spring 2006 Principles of Database Systems 10 Locking Alexandros Labrinidis University of Pittsburgh 2 Alexandros Labrinidis, Univ. of Pittsburgh CS 2550 / Spring 2006 Centralized DBMS Locking T 1 T 2 T n

400 views • 10 slides
Registry for Performance Metrics draft-ietf-ippm-metric-registry-05 M. Bagnulo, B. Claise, P.

Registry for Performance Metrics draft-ietf-ippm-metric-registry-05 M. Bagnulo, B. Claise, P.

Registry for Performance Metrics draft-ietf-ippm-metric-registry-05 M. Bagnulo, B. Claise, P. Eardley, A. Morton, A. Akhter Registry Draft Updates 2 Goals and a recommendation: IANA creates and maintains according to process Define

367 views • 19 slides
Object Oriented Object 3 Programming Object 1 Object 2 Object 4 For : COP 3330. Object

Object Oriented Object 3 Programming Object 1 Object 2 Object 4 For : COP 3330. Object

4/13/2017 OOP Object Oriented Object 3 Programming Object 1 Object 2 Object 4 For : COP 3330. Object oriented Programming (Using C++) ht t p: / / www. com pgeom . com / ~pi yush/ t each/ 3330 Objects: State (fields), Behavior (member

632 views • 6 slides
Orthogonal key-value locking Goetz Graefe, Hideaki Kimura Hewlett-Packard Laboratories Palo Alto,

Orthogonal key-value locking Goetz Graefe, Hideaki Kimura Hewlett-Packard Laboratories Palo Alto,

Orthogonal key-value locking Goetz Graefe, Hideaki Kimura Hewlett-Packard Laboratories Palo Alto, Cal. Madison, Wis. ARIES/KVL What about non-key updates? February 27, 2015 Orthogonal key-value locking 8 ARIES/IM Data-only locking

337 views • 23 slides
and prospective registry study data in the EBMT registry Per Ljungman, MD, PhD For the

and prospective registry study data in the EBMT registry Per Ljungman, MD, PhD For the

The challenge of COVID-19 for HSCT; EBMT recommendations and prospective registry study data in the EBMT registry Per Ljungman, MD, PhD For the Infectious Diseases Working Party Disclosures None on this topic 2 What have been the EBMT

380 views • 23 slides
Fred Sam Joe Fred Sam Joe A BRIEF HISTORY OF COMMUNICATIONS SECURITY 6 COMPUTER SECURITY

Fred Sam Joe Fred Sam Joe A BRIEF HISTORY OF COMMUNICATIONS SECURITY 6 COMPUTER SECURITY

THERE AND BACK AGAIN BRIAN CHESS SEPTEMBER 2013 Fred Sam Joe Fred Sam Joe A BRIEF HISTORY OF COMMUNICATIONS SECURITY 6 COMPUTER SECURITY 7 THE PROGRAMMER "Programming is hard" Donald Knuth Programmers not historically

350 views • 21 slides
Executive Summary: Balking Design Patterns By Drew Goldberg Balking Patterns are used to prevent

Executive Summary: Balking Design Patterns By Drew Goldberg Balking Patterns are used to prevent

Executive Summary: Balking Design Patterns By Drew Goldberg Balking Patterns are used to prevent an object from executing certain code if it is an incomplete or inappropriate state. These Design Patterns include: The Balking Pattern, The Guarded

354 views • 33 slides
West Albany High School Masterplan Story Board - Progress Print 09/18/2017 DLR Group Ar chitecture

West Albany High School Masterplan Story Board - Progress Print 09/18/2017 DLR Group Ar chitecture

-~-- - . .. - -- .--- - .. ..... -~-- ~ - --~ . ,. .. - ~- . .. . . . - . -. .. .,. - .,,.-,. ~ ~ Tr:" . I :.. .... - -_ - l I . ~- .--- West Albany High School

327 views • 10 slides
CRR Market Design in Nodal Markets CAISO Working Group Meeting Addressing DMM Proposal on CRR

CRR Market Design in Nodal Markets CAISO Working Group Meeting Addressing DMM Proposal on CRR

CRR Market Design in Nodal Markets CAISO Working Group Meeting Addressing DMM Proposal on CRR Auction Design Abram W Klein 18 April 2017 Appian Way Energy Partners Appian Way Energy Partners is a financial marketer trading CRRs,

215 views • 17 slides
Transparency & Measureable Metrics Canadian Energy Pipeline Association JIM DONIHEE, OMM, CD

Transparency & Measureable Metrics Canadian Energy Pipeline Association JIM DONIHEE, OMM, CD

Transparency & Measureable Metrics Canadian Energy Pipeline Association JIM DONIHEE, OMM, CD CHIEF OPERATING OFFICER, CEPA 19 NOVEMBER 2015 aboutpipelines.com Who is CEPA? The Canadian Energy Pipeline Association (CEPA) represents

619 views • 22 slides
Alpha Presentation Mobile Maestro The Capstone Experience Team Urban Science Dane Rosseter

Alpha Presentation Mobile Maestro The Capstone Experience Team Urban Science Dane Rosseter

Alpha Presentation Mobile Maestro The Capstone Experience Team Urban Science Dane Rosseter Alex Wuillaume Samantha Oldenburg Mustafa Jebara Shun Ran Department of Computer Science and Engineering Michigan State University From Students

309 views • 9 slides
Skandi Caledonia Dropped Object PSV 2019 John Cameron DOF Management Dropped Object (Near Miss)

Skandi Caledonia Dropped Object PSV 2019 John Cameron DOF Management Dropped Object (Near Miss)

Skandi Caledonia Dropped Object PSV 2019 John Cameron DOF Management Dropped Object (Near Miss) 10/09/2019 Statement from Skandi Caledonia: DocMap ID: 30004214 During cargo ops with an installation in the North Sea crane the pennant wire

566 views • 10 slides
TOP TIPS AND PRESENTATION LOG IN DETAILS TOP TIPS AS IDENTIFIED BY YOU DAY 1 Bidding, Value

TOP TIPS AND PRESENTATION LOG IN DETAILS TOP TIPS AS IDENTIFIED BY YOU DAY 1 Bidding, Value

TOP TIPS AND PRESENTATION LOG IN DETAILS TOP TIPS AS IDENTIFIED BY YOU DAY 1 Bidding, Value Chain, Markets (international association, incentives) Collaborate with all parties when bidding (CVB, PCO, supplier etc) Understand the

529 views • 6 slides
Submitting your Vendor Showdown Presentation January 2020 exhibitor-support@isc-events.com

Submitting your Vendor Showdown Presentation January 2020 exhibitor-support@isc-events.com

Submitting your Vendor Showdown Presentation January 2020 exhibitor-support@isc-events.com Please note: It is only possible to submit your Vendor Showdown presentation after you submitted your Vendor Showdown speaker information! STEP 1: Log

95 views • 7 slides

More recommend