SiteHost
Back to Blog

The domain name industry: a complex matter

/ Domains
The domain name industry can seem pretty complicated so let's have a look at how it actually works.

At SiteHost we know the domain name industry can seem pretty complicated and confusing, so when I read an article on the NZ Herald about a New Zealand domain name registrant who got his domain name suspended, I thought it would be a good idea to try to explain to our customers how the domain name industry actually works.

So what happened? The domain name registrant received an email with the request to verify his contact details within a certain time frame. Something that doesn’t seem very unusual, but what made this instance a bit odd, was that the email wasn’t sent by the company he had registered his domain name with. Instead, the email came from a company he had never even heard of. So the domain name registrant labelled it as spam, ignored it and went on with his business...

Well, that was the idea until he found out his customers couldn’t visit his website, or get in touch with him through email because he hadn’t verified his contact details, and as a result his domain name got suspended. It took him five very frustrating days of calling and emailing (using Gmail because his business email wasn’t working) back and forth, to get his contact details verified and his website back online.

What was the actual problem?

The reason why this domain name registrant ignored the verification request, is not that he was reckless or irresponsible. He did what most other people would have done when receiving an email asking for sensitive information from a sender they have never heard of. But the problem is, this email was sent by an organisation the domain name registrant did have a relationship with. He just wasn’t aware of it.

A deeper look into the domain name industry

To be able to understand what actually happened and why this problem occurred, we need to have a closer look at the domain name industry, at who’s involved and how it works. So let’s start with a little history first.

In the early days of the internet, the network was primarily used for easier communication between researchers and academics, and there were only a few computers that made up the internet. The way to communicate between those computers was through IP addresses. This worked fine in those early days, but when the network grew, it soon became impractical.

To make communication easier, Paul Mockapetris invented the Domain Name System (DNS) in 1983, which was implemented a few years later. The DNS created easy to identify names for IP addresses and made the internet a lot easier to use. His idea was to divide responsibilities and make DNS a collaboration between different organisations, with each of them having specific roles and authorizations.

The Domain Name System was invented to make communication easier.

A who’s who of the domain name industry

The different organisations involved in the DNS all play a different role in the provision, support, and registration of domain names and related services. When you register a domain name, you automatically get a relationship with many of these organisations. So it is important to know who those organisations are.

To give you an idea who plays a role in the domain name industry and what that role is, we have summed up the most relevant ones for you:

  • Registrars are authorized organisations responsible for the registration of a domain name. So when you want to register a domain name, you’ll have to do this with a registrar. A registrar is responsible for keeping a domain-name’s details up to date and if you want to make any changes, those changes are registered and stored by the registrar in their records.

  • Resellers are a bit similar to registrars as they register domain names on behalf of a registrar. They just don’t have a relationship with a registry.

  • Registries are (according to ICANN): “organizations that are responsible for maintaining the records of domain names registered under each top-level domain (TLD). They also set the rules for registration under their TLDs. The responsibilities of the registries include accepting domain name registration requests from registrars, maintaining a database of the necessary registration data associated with domain names, and providing name servers to publish the zone file data (e.g., the list of all the domain names and their associated IP addresses) throughout the Internet. “ InternetNZ is the New Zealand registry and serves as the designated manager of the .nz ccTLD (country code top-level domain).

  • DNS Hosts are companies that manage your domain’s configuration that point your domain name to your website and dedicated email address.

  • Web hosting companies provide server storage space and an IP address for your website. With an IP address, your website can then be accessed from a web browser.

  • Privacy and proxy service providers ensure your contact information is not displayed within the Registration Data Directory Service, so that your data stays protected.

  • ICANN (Internet Corporation for Assigned Names and Numbers) helps to ensure a stable, secure and unified global Internet. ICANN was formed in 1998 as a nonprofit organisation with a community of global participants. ICANN plays a very important (but limited) role in the industry. To reach another person (or device) on the Internet, you’ll need to type an address into your device. That address must be unique, so devices will know where to find each other. ICANN helps coordinate and support these unique identifiers across the world.

  • And finally there is of course the Registrant, the end user who holds the registration.

That’s a lot! And to make things extra complicated, some companies can be both a registrar, reseller, a web hosting company, and a DNS Host. But even though it might seem complicated, it is important to be aware of the relationship you will have with some of them because they could at some stage contact you with a request for information.

The domain name industry

Domain Name Industry diagram, centred on registrant.

Why you might be contacted with a request for information?

Why they would contact you depends on the situation, but there are multiple reasons for registrars (or resellers) to contact domain name registrants. For example:

  • To investigate and correct inaccurate Whois data.

  • To validate and verify certain Whois data fields. Website owners could be contacted by phone, email or post. Registrars must suspend or delete domain names that are not timely verified (like we saw in our example).

  • To formally remind their customers once a year to review and update the contact information for their domain name.

  • To verify, identity or contact information as needed to process payments.

  • Domain transfer matters, but only when there is a reasonable dispute regarding the identity of the registered name holder (or the Administrative Contact).

So let us get back to our New Zealand domain name registrant and have another look at who was involved:

He (as a registrant) registered his domain name with Domains4Less (a reseller), but received an email to validate his contact details (reason 2 from our list) from SRS Plus (an ICANN accredited registrar). SRS Plus is actually part of Network Solutions (the 4th largest .com domain name registrar), which is a subsidiary of Web.com (a web hosting and web development services company but also a registrar), which is in turn owned by private equity group Siris Capital. You might have heard of Siris Capital as they recently acquired the parent company of Crazy Domains via Web.com.

That’s a pretty impressive list of inter-connected companies to be associated with for just one customer and according to the article, the domain name registrant seemed to be only aware of his relationship with his reseller Domains4Less.

How to make sure these situations won’t happen again?

So the question is, how do we make sure the domain name registrants are properly informed about how the domain name industry works and are also aware of who they have relationships with?

What the domain name registrant can do?

I think there are three different ways to look at this question. The first one is the role of the domain name registrant. It is his responsibility to educate and inform himself. A properly running website and being able to communicate with (potential) customers through email, is critical and ignoring the available information is just too risky from a business perspective.

What the sender of the request for information can do?

Secondly there is the role of the sender. I think it is important when organisations send messages to domain name registrants, that they properly identify themselves, explain who they are, why they are sending this message, and what their relationship is with both the recipient and the registrar. And last, but not least, how and where the recipient can verify that the message is legitimate?

What the registrar (or reseller) can do?

Finally there is the need (or obligation) for registrars and resellers to be as transparent as possible, to provide their customers with all available information and educate them about agreements and other relationships with third party companies.

The registrant needs to know how the domain name industry works and who they have a relationship with.

The situation at SiteHost

SiteHost is both a registrar and reseller and we do our best to be as transparent as possible and provide essential information to our customers, many of whom are resellers themselves. We train our staff for situations like this, so they are aware of their obligations and able to help.

We also advise our customers to take the time to educate themselves and to read more about the verification of contact information on the ICANN website. And yes, we know those tiny letters can be pretty annoying and you would rather read or do something else, but they contain really important information. So take the time to read it.

If you have registered a domain name with SiteHost, and are not sure that the email you received is spam or not, just get in touch and we will be able to tell you if an email is legitimate or not.

SiteHost and Upstream Registrars

SiteHost also uses SRS Plus for some domain name registration services, but our customers will most probably receive an email from a company called PDR Solutions - some of our customers will have received one recently - or from our in-house registrar of record SiteName. Any .nz domain name notifications should come from SiteName for example.

It is possible though that you will receive a message from SRS Plus and that this email could look like spam, but it is very important not to ignore it because it could contain the confirmation message of your contact details.

SiteHost also supports some new TLD’s (top level domains) which may have other registrars and registries involved so if you have a ccTLD - such as a .com.au domain - you may receive an email from those registries as well. So be cautious and seek advice if you are in doubt about the source of the email.

ICANN and spam

These verification emails have been around for a while now, and there are plenty of stories about (mostly .com) domain names being taken down, like this colourful article about the website nomadlist.com.

It seems that ICANN is in a bit of a difficult situation with on one hand the responsibility to ensure that registry content is valid and up-to-date, while on the other hand having to deal with phishing emails from criminals who try to impersonate trusted senders so they can obtain access to sensitive data. Fortunately ICANN provides help for people who have received emails that appear to be spam and you can forward those suspicious emails to ICANN to have them checked.

As a disclaimer, we haven’t tested sending one of these emails to ICANN ourselves.

Still not sure that email is spam?

We understand that for an outsider the industry might seem unnecessary complicated and that the process of verification of contact information even seems a bit dodgy. Especially when you receive emails from organisations or companies you have never dealt with before. But we hope we have been able to provide a bit more clarity on the domain name industry. We also want to make clear we sympathise with anyone who finds himself in a situation where his domain name gets suspended because the email asking for information, looked like spam. So yes, if we could design a system ourselves, it would definitely be different, but it’s designed by ICANN and we are not in a position to change it.

We will always assist and inform our customers in the best possible way though. So when you still have questions about your domain name or are not sure the email you received is spam or not, feel free to contact SiteHost support, and we will get it all sorted!