Extra Feeds & Services »

Home / Blogs

Domain Registry Models: Thin or Thick?

  • Aug 12, 2004 7:51 AM PST
  • Comments: 3
  • Views: 21,056
Print Comment
By Thomas Roessler
Thomas Roessler

The domain registrars discussion—despite the occasional bizarrity—mostly demonstrates that there is no unanimity among registrars on this issue. So, what arguments can be made in favor of either model, from a registrant's point of view?

The thick domain registry model—under the assumption that registries are more diligent with registrant data than some registrars may be—helps take care of escrow concerns: When a registrar goes out of business or experiences some other kind of desaster that removes its data store, the data kept at the registry can help transfer registrations to a different registrar, and help registrants keep their domain names. Besides that, keeping registrant information at the registry helps registry operators enforce the new transfers policy, and may generally contribute to making the transfers process run more smoothly.

On the other hand, the thick model often involves transfer of registrant data (both the identifying information, and the sensitive information that is constituted by the link between a domain name and the registrant's identifying information) across jurisdictional boundaries that may separate very different privacy regimes. This concern should weigh even heavier when the registry is not just keeping the thick data set, but actually uses these data for making its own WHOIS service available to the public at large. As Jens Wagner's comment shows, thick registries can be used to design systems which make it hard for registrars to comply with applicable privacy legislation.

The thin model, on the other hand, keeps ultimate control over the publication, transfer and use of data with registrars, and with law enforcement authorities and courts that have jurisdiction over them. Registrants in many jurisdictions get the chance to chose a registrar in the same jurisdiction, and have assurance that their data don't leave that jurisdiction as part of the registration process. The thin model also makes it easier to implement alternative WHOIS models like ALAC's proposal, in which registrants are notified when their data are accessed.

Maybe it's best to start thinking about thick registry designs that quack like thin WHOIS systems. Either by keeping the thin WHOIS paradigm despite thick registry design, or by actually giving the registrar fine-grained control over what data elements are actually displayed in thick registries' WHOIS services. EPP [Extensible Provisioning Protocol] certainly looks like it is prepared for this approach.

Written by Thomas Roessler, Mathematician. Visit the blog maintained by Thomas Roessler here.

Related topics: DNS, Domain Names, Domain Registries, ICANN, Privacy, Whois

Get a weekly summary of postings to CircleID:

 Master Feed (more feeds)      Twitter      Mobile
Bookmark / Email This Post
Print Comment

Comments

Re: Domain Registry Models: Thin or Thick? Ram Mohan  –  Sep 20, 2004 1:07 PM PST

The logic flaw in the thin Whois model discussion above is that registrants will register names at a local registrar.

In a rapidly commoditizing domain name market, where price drives a great deal of demand, such an assumption is invalid.

The thin model shares the same jurisdictional problem as the thick model.

Registries have more work and data to store in a thick model; however, given that many registrars do not implement any escrow or data backup systems, from a registrant data safety point of view, the thick model provides a safety net that does not exist in the thin model.

-Ram

Note: I run the .info, .org registry operational teams.  We chose to go "thick" versus "thin" in .info for uniformity of data and consistency of policy implementation reasons (among others).

# 1 Reply  |  Link  |  Report Problems
Re: Domain Registry Models: Thin or Thick? Thomas Roessler  –  Sep 21, 2004 5:47 AM PST

The point here is not so much that registrants automatically chose registrars in their local jurisdictions: The point is rather that they have the choice to pick a registrar "somewhere out there"—or to pick one in a jurisdiction where they know the rules.

# 2 Reply  |  Link  |  Report Problems
Re: Domain Registry Models: Thin or Thick? Ram Mohan  –  Sep 21, 2004 6:36 AM PST

The new EPP RFC *requires* a <privacy> element for the registry and a <disclose> tag for each contact object.  This <disclose> tag is configurable by registrants - who can instruct their registrars whether or not their contact information should be disclosed.

We're in good shape on the technology front - as usual, what it takes is good policy to make the technology do what it was designed to do.

# 3 Reply  |  Link  |  Report Problems

To post comments, please login or create an account.

Related Blogs

Tips to Protect Your Brand in the New Domain Name Marketplace

  • Feb 04, 2010
  • Comments: 1

Swiss Among World Leaders in Enabling DNSSEC

  • Feb 03, 2010
  • Comments: 0

Domain Name Security Gains Prominence in German-Speaking World

  • Feb 02, 2010
  • Comments: 0

Domain Name Registry and Registrar Separation Now Probably Going to Be a Policy Debate

  • Feb 02, 2010
  • Comments: 0

DNSSEC: Will Microsoft Have Enough Time?

  • Jan 29, 2010
  • Comments: 0
View More

Related News

Google, NSA Join Forces in the Effort to Build Better Cyberattack Defense System

  • Feb 04, 2010
  • Comments: 0

Las Vegas City Council to Debate the Support of .vegas Domain

  • Feb 03, 2010
  • Comments: 10

VeriSign to Recognize Innovators, Leaders That Have Shaped the First 25 Years of .Com

  • Feb 03, 2010
  • Comments: 0

Jan 28: International Data Privacy Day

  • Jan 28, 2010
  • Comments: 0

AFNIC Invites Network Managers to Prepare for the Signing of the DNS Root in May 2010

  • Jan 28, 2010
  • Comments: 0
View More

Other Topics

Access Providers Broadband Censorship Cloud Computing Cyberattack Cybercrime Cybersquatting Data Center DNS DNSSEC Domain Names Domain Registries Email Enum ICANN Internet Governance Internet Protocol IP Addressing IPTV IPv6 Law Malware Mobile Multilinguism Net Neutrality P2P Policy & Regulation Privacy Regional Registries Security Spam Telecom Top-Level Domains VoIP Web White Space Whois Wireless
View More



Industry Updates – Sponsored Posts

ICANN and Cybersecurity: Hot Topics at The First Ever .ORG Forum

  • By PIR
  • Views: 483

Using .ORG Directory to Find Haiti Relief Organizations

  • By PIR
  • Views: 686

Neustar Releases UltraDNS Report Center

Afilias Releases .INFO Domain 2009 Annual Report

Expressions of Interest a Requirement for New gTLDs?

Neustar Implements DNS Security Extensions in the .US Registry

Neustar Launches Initiative to Enhance DNS With Faster, More Secure Updates

Registry Stakeholder Group Comments on Latest ICANN Policies

  • By PIR
  • Views: 1,397

Open Phishing Season

dotMobi Is Now a Member of The LACTLD

Nominum Announces "DNSSEC Made Easy" Solutions

Afilias Announces Winners of the 2009 .INFO Awards

Vote for the Best .INFO Web Site Of 2009

.ORG Highlighted for Success in Fighting Phishing

  • By PIR
  • Views: 1,776

Afilias' Matt Pounsett Elected Director-at-Large for DNS-OARC

.ORG Wins WebAward for Website Redesign and Selected as a Finalist for the NonProfit PR Awards

  • By PIR
  • Views: 1,649

Afilias Announces 2009 .INFO Award Judges Panel

.ORG Meets the SedoPro Partner Forum

  • By PIR
  • Views: 1,619

dotMobi Announces Unique Mobile Domain and Keyword Bundle for Chinese Brands and Businesses

Vertical Integration: A View from the Bottom Up

  • By PIR
  • Views: 1,965
View More