15 April 2018

This AUsome! blog addresses the technical portion of the .au Registry Transformation Project, and this post recaps Afilias’ focus on security for the .au registry platform.

Among the many upgrades scheduled for .au when it transitions in June are security related enhancements.  For a domain name registry, security is critical because the registry manages the directory that ensures that internet queries get to the proper destination.  This means emails go to the right inboxes and people can get to the correct websites.

Afilias has a long history of building, deploying and continually enhancing systems that provide secure, reliable service for the 200+ top level domains in our care.  For .au, a number of enhanced safeguards are being built into the registry to help ensure the overall security of the .au domain.

As background, the registry is essentially the master database of all the registered names and the addresses for each.  This important data must be stored at secure locations, and Afilias recently announced the selection of secure, world class data centers in Melbourne and Sydney which will house the registry system beginning in July.

All of the registration and addressing data comes into the registry via domain name registrars like VentraIP and GoDaddy.  Registrars work with the public to provide domain names and a host of other services designed to help people establish a successful online presence.

To gain access to the .au registry, each registrar must first become accredited by auDA, as only authorized registrars are allowed.  This means they must apply by filing certain documents and then illustrate their technical qualification and capability to handle .au names.  Only then are they granted access to the registry itself.

Access to the registry is carefully guarded in many ways.  First, registrar system requests must come in from pre-authorized IP addresses—the registry will not grant access to requests from just anywhere.  The requests must also be protected by a valid security certificate. Registrars can test their requests to the registry in a dedicated .au test environment.  Also, requests must be accompanied by a valid user name and password, credentials which are maintained in encrypted form at the registry. Additional safeguards are also deployed and, of course, registrars are never able to access the production database where the authoritative information is stored.

Maintaining a secure registry system is critical to supporting the trust people have in the .au domain.  With Afilias’ experience and expertise, the Australian internet community can have confidence that these resources will be in good hands.

Have a question or want to suggest a topic for us to cover? Email us at transformationblog@afilias.com.au.

More information on Afilias plc is located at www.afilias.info.