New DNS Root Zone Management System

ICANN, VeriSign and the Department of Commerce have worked collaboratively to automate certain aspects of DNS root zone management. The new automated system, simplifies and expedites the process top-level domain name administrators must engage in to modify the information they maintain with ICANN.

What does the system do?

The new automated system moves processing of DNS root zone change requests from a predominantly manual system into a system that will shepherd top-level domain change requests through its various processing stages. The new automated system will improve the workflow for processing root zone changes by automating some aspects of the process that are currently handled manually, and can be reliably automated. Automating the DNS root zone process will improve overall processing time and accuracy of the root zone management function. The new automation system provides key benefits such as greater transparency on the status of requests to their requestors, plus optimization of some tasks that are currently labor intensive.

In addition to automating this workflow, ICANN's systems will provide improvements that will be visible to top-level domain managers. As well as preserving existing methods of lodging change requests (e.g. via email), the system will allow users to log in with a username and password and lodge change requests via a web interface. This web interface will provide immediate feedback during the submission of a request, and help identify common errors straight away. The system will also give greater visibility to the status of a request. A TLD manager will be able to use the system to track the status of their request in real time.

Once a request is lodged, many of the steps will be automated in the system. For example, the process of obtain confirmation from the administrative and technical contacts will be performed automatically by the system, rather than manually by ICANN staff.

What types of changes are handled by the system?

The current version of the system handles regular maintenance changes to existing top-level domains. All top-level domain operators will be issued with credentials to use the system. The current version of the system does not accommodate requests from non-credentialed parties: for example, redelegation requests from third parties, or requests to delegate new top-level domains. For the moment, these will continue to be performed by ICANN staff through normal processes.

Will there be any downtime?

The root zone will remain functional for the entire period of the transition. There is no public impact of the migration to this new system. However, in order to reconcile data between the legacy, and the new system, there will be a one day period on 21 July 2011 in which root zone change requests by top-level domain operators will be not be processed by ICANN staff. Any pending requests will be resumed on Friday, 22 July 2011. Top-level domain managers have been emailed directly regarding this change, and presentations have been given at several TLD management conferences in advance of this change.

How are credentials being issued?

We are performing a phased roll-out of credentials to top-level domain operators. We have randomly ordered TLDs and will be issuing the login details in batches. We expect to complete issuing all credentials by October 2011.

What is the future of this project?

The main focus of this system has been to ensure that it operates correctly with the current set of requirements for DNS root zone management. We are very aware of the critical requirements for root stability, and have taken an extended period evaluating the system from this perspective. Future work on the system will be guided by feedback from top-level domain managers.

I still have a question — who can I ask?

All questions about the system and the transition can be sent to root-mgmt@iana.org, we’d be happy to assist.