registries .is Discussion

[Jens P. Jensen]

Hello,

I have opened this thread for discussions about the ccTLD .is, which has recently got more attention from Domainers world wide. ISNIC is the Registry for .is and I am the CEO. I am happy to answer questions about the TLD .is, participate in discussions as well as place a comment on Ideas from the community.

Jens Pétur Jensen
CEO
ISNIC, the. is Registry
Reykjavik
Iceland.

 

[HotKey]

DNS servers that do not comply with the technical requirements will be rejected. .is not a special case, .de is also famous for being strict on DNS, and other ccTLDs too. Many parking DNS do not fulfill the requirements (at least two NS on separate subnets).

Using a third party DNS is usually a good idea, to depend less on the registrar, to avoid interruption of service while transferring the domain name to another registrar, and for added redundancy.
Some free services will do the job. Example: dns.he.net

Yes but the onus is on us, as users, to seek out and find this adherence. This makes it difficult to manage .is domains at Isnic, which is a turn-off to registering them. There could be usability improvments, and I think it's worth it for the registry to consider some. Dot-is is a great extension.

 

[HotKey]

Also, to give credit where it's due, the support was extremely responsive and responded to my queries in less than 24 hours (which is great given timezone differences).

This is true.

 

[Jens P. Jensen]

Thank you all so much everybody for very good comments and suggestions. I will discuss them at our next Friday-Afternoon staff-meeting (after having had some beer .

Please understand that ISNIC is a tiny Registry with only 60.000 domains and nine (9) employees. We are also different in the way that we allow direct registrations for everyone – something which confuses many of our customers–rightly–they think we are a Registrar, which we are not. But the "glass wall" between Registries and Registrars might be dissolving allowing Registries to provide more service with the domain in very near future.

I'll do my best to have the ISNIC's service and website upgraded. HotKey's comments on not being able to hide the address have been taken seriously. On the other hand all good hosting companies, e.g. Cloudflare.com, have no trouble following ISNIC's (secure and healthy) Tech. Req. for Name Servers.

ISNIC
/Jens.,

 

[Jens P. Jensen]

Hi Jen,

Welcome to Namepros. I have a .IS domain registered. However, I've found your interface to be extremely confusing and difficult to use. The documentation is not very clear with a lot of potential questions unanswered. Any chance your team could take a look at it?

At the minimum, having better documentation and/or common terms and references that are already used elsewhere being used on your system/interface would be of great help.

For example, even to use and/or change nameservers is not easy. I've tried and given up several times because I did it early during the registration of my domain and now I don't remember.

Also, to give credit where it's due, the support was extremely responsive and responded to my queries in less than 24 hours (which is great given timezone differences).

Thanks, did you know you and park or forward your .is domains at ISNIC? It's super simple and free!

 

[anantj]

Thanks, did you know you and park or forward your .is domains at ISNIC? It's super simple and free!

I'm not sure if I understood right I think you are saying I should park my domains at ISNIC. That's definitely a good option though I also prefer to consolidate and forward the domain to either a sales page or an inquiry form to enable inbound inquiries. I don't know if you provide forms or only standard parking with ads.

This is especially useful as whois is not visible which means most inbound inquiries have to be through a contact form.

Thanks again for taking time out to get feedback from us as well as engage in a very constructive discussion. Highly appreciated

 

[Jens P. Jensen]

Hi Jens, and welcome to NP- nice to see you on here.

I've held an account at ISNIC for a number of years now, and have found the enforcement of your domain name policies very very strict, in particular external nameserver delagtion. If there is any deviation whatsoever from your RFC5966 and RFC1912, there is danger of this:

ISNIC periodically checks domains in the .IS zone for compliance with these requirements, and informs the domain contacts should their domain fail. Domains that consistently fail to comply will be suspended (i.e. removed from the .IS zone file) until their technical setup is fixed. Please note that domains are deleted if they are left suspended for more than 60 days.

This is a message I have received on a number of occasions, and had been forced to move nameservers from a popular DNS service such as Namecheap, to a more obscure one, for example, just so I don't risk losing my name. This does not instill confidence that registering a name through ISNIC is a safe thing. I remember having to test a number of DNS companies before finding one or two that saitisfied the ISNIC requirements.

This would not be an issue for your users if you considered more DNS options than basic forwarding from your site.



Yes but email address is also displayed. This wouldn't be a problem except for the fact that the displayed email address is ALSO the ISNIC account address. IMO this is a security concern. You should consider an option of allowing us to have a different contact email for our .is domains rather than the account login one.

Hi,
how much is the registration fee?

€29.90

 

[Jens P. Jensen]

ISNIC's Whois service is indeed visible and without ads. ISNIC's forwarding service is also free of charge. A forwarding to a given URL (or A record) and/or set mail server for domain (MX record).

 

[GoKaizen]

https://time.is/
https://archive.is/

 

[Jens P. Jensen]

https://time.is/
https://archive.is/

Thanks Adam27 I didn't know of https://time.is/. How cool is that!

 

[Jens P. Jensen]

On the other hand we gat a lot of complaints about https://archive.is (from angry people who regret having done something and placed it on the internet) which of course we can't do anything about.

 

[Jens P. Jensen]

Here are few very short .is domains that just got deleted:
fc.is
bd.is
zt.is
zm.is
zj.is
yk.is
yj.is
yh.is
xj.is
qy.is
74.is
qz.is
xf.is
xh.is
zd.is
zl.is
yg.is

 

[daved2424]

Hi Jens, and welcome to NP- nice to see you on here.

I've held an account at ISNIC for a number of years now, and have found the enforcement of your domain name policies very very strict, in particular external nameserver delagtion. If there is any deviation whatsoever from your RFC5966 and RFC1912, there is danger of this:

ISNIC periodically checks domains in the .IS zone for compliance with these requirements, and informs the domain contacts should their domain fail. Domains that consistently fail to comply will be suspended (i.e. removed from the .IS zone file) until their technical setup is fixed. Please note that domains are deleted if they are left suspended for more than 60 days.

This is a message I have received on a number of occasions, and had been forced to move nameservers from a popular DNS service such as Namecheap, to a more obscure one, for example, just so I don't risk losing my name. This does not instill confidence that registering a name through ISNIC is a safe thing. I remember having to test a number of DNS companies before finding one or two that saitisfied the ISNIC requirements.

I would like to echo these comments. I have had a .is domain for several years, but because of the difficulty in finding a suitable hosting provider that will work with ISNIC I have been unable to make use of it.


Please, please, please can you support more providers? Namecheap for one!

 

[Jens P. Jensen]

Hello Daved2424,
>Please, please, please can you support more providers? Namecheap for one!
Your question should be the other way around, i.e. you should ask Namecheap and other providers to provide name servers that comply with the very healthy, simple but secure tech. req. of .is: https://www.isnic.is/en/host/req. You should not ask ISNIC to lower its DNS security

More and more hosting companies and ISP providers understand the importance on DNS security. Here is a list of some very good hosting companies you can trust with your valuable .is domains. Order by the number of hosted .is domains today. We where told Namecheap is considering supporting (comply) the .is
1. cloudflare.com
2.
hyp.net
3.
101domain.com
4.
iwantmyname.net
5.
parkingcrew.net
6. dnsimple.com
7.
udag.org
8.
dreamhost.com
9.
co.uk
10.
eurodns.com
11.
cscdns.net
12.
instradns.com
13.
dnsmadeeasy.com
14.
markmonitor.com
15.
netnames.net
16.
trademarkarea.com

Kind regards, please support more DNS Security for better Internet.

ISNIC
/Jens.,

 

[anantj]

Kind regards, please support more DNS Security for better Internet.

This is not entirely in our control. Pretty much none of the big aftermarket/parking services DNS servers are accepted by you.
I tried with Afternic, Sedo, Uniregistry, Bodis etc. None of them worked. Not all users are technical enough to muck around with DNS, PTR records, TTL etc... You need to also have a product that average, non-tech users can use. This, currently, is not the case

 

[Kate]

The best is to always use a third-party DNS service, not your registrars'.
For example, dns.he.net will work fine with .is domains, it's free for up to 50 domains. Other similar services exist.

The parking companies are lacking when it comes to their own DNS:

ns1.bodis.com [199.59.243.21]
ns2.bodis.com [199.59.243.22]

ns2.sedoparking.com [209.200.165.74]
ns1.sedoparking.com [209.200.164.69]

2 NS on the same subnet = no redundancy
Quite frankly, it is not acceptable for a parking company or a web hosting company not to follow best practices in this area.

.is is not the only TLD that is rather strict about delegation requirements, .de is also famous for being as strict, and some other ccTLDs have similar rules too.

 

[Jens P. Jensen]

This is not entirely in our control. Pretty much none of the big aftermarket/parking services DNS servers are accepted by you.
I tried with Afternic, Sedo, Uniregistry, Bodis etc. None of them worked. Not all users are technical enough to muck around with DNS, PTR records, TTL etc... You need to also have a product that average, non-tech users can use. This, currently, is not the case

Thanks I understand your view. Especially parking, why ISNIC doesn't accept any parking is worth considering. More later..

 

[anantj]

The best is to always use a third-party DNS service, not your registrars'.
For example, dns.he.net will work fine with .is domains, it's free for up to 50 domains. Other similar services exist.

The parking companies are lacking when it comes to their own DNS:

ns1.bodis.com [199.59.243.21]
ns2.bodis.com [199.59.243.22]

ns2.sedoparking.com [209.200.165.74]
ns1.sedoparking.com [209.200.164.69]

2 NS on the same subnet = no redundancy
Quite frankly, it is not acceptable for a parking company or a web hosting company not to follow best practices in this area.

.is is not the only TLD that is rather strict about delegation requirements, .de is also famous for being as strict, and some other ccTLDs have similar rules too.

Sure. I understand the specifics of the issue that the .IS registry surfaces. But my point is, there should still be a way to work with these providers. If you eliminate most of the avenues for selling/parking domains, you lose out on the entire aftermarket demographic.

And getting these large providers to make changes? Good luck with that. I've not been able to get Afternic to fix a simple domain filtering bug, forget getting them to make major changes to their core infra. This is just an example. Again, as I said, not everyone is tech savvy and can do what you suggested or even understand the real cause of the issues. Now unless ISNIC is targeting only technically savvy users, this is actually a big problem.

Having strict delegation requirement is fine as long as there are alternatives. While I don't claim to fully understand the implications of a less strict requirement, my conjecture is that if the DNS fails, the site goes down. That's a risk that the users must be willing to take and this can be indicated via either a explicit warning or a opt-in check box to enable to make a concious decision. If the risk is different and can directly impact the registry, then that's a different issue and one that I don't have the knowldge to comment on

Please understand the larger implications of the issues and not the specific issues themselves.

 

[anantj]

Thanks I understand your view. Especially parking, why ISNIC doesn't accept any parking is worth considering. More later..

Not sure I understand. I'll await more details.

Thanks

 

[Alan Glennon]

Jens -- I haven't studied the isnic site recently. Is there documentation that explains how to configure .is settings for sites hosted on common service providers used by startups (e.g., Amazon Web Service, Google Cloud Platform, Microsoft Azure, IBM Bluemix, Heroku, and/or Digital Ocean)?

 

[anantj]

Tagging @Joe Styler, @Sedo , @Uniregistry - Can you help in this regard with Afternic? Your DNS servers are not compliant with the standards so they cannot be used with .IS domains.