[dns-operations] Monitoring for impending expiration of domains?

Steve Crocker steve at shinkuro.com
Sun Dec 13 15:32:30 UTC 2020 

I'm glad to see this dialog.  ICANN has some guidance intended to educate
domain owners re the various risks.  See
https://www.icann.org/resources/pages/domain-name-need-to-know-2020-05-01-en

My *impression* is the most serious risks a domain owner faces for losing
control of the domain are either because the registration lapses, as is
being discussed here, or because the domain is registered by someone else,
e.g. the tech or admin contact, who then either leaves the company or
refuses to give up control.  To be sure, there are other reasons some
domains are lost, e.g. phishing attacks, but my impression is these are
much rarer than the "ordinary" problems.  However, I don't have any
quantitative data to support this impression.

I believe the ICANN folks are open to advice on the advice they are
providing, and this is a good time to offer your advice.

One point I often make is domain names have a peculiar value.  They cost
very little to purchase, but the cost of losing a domain can be enormous.
The suggestion that an owner keep a list of their domain names and check it
regularly wouldn't need to be said if everyone valued a domain at, say,
$10,000 USD.  Almost everyone, from individuals to small businesses to
large businesses has some sort of system in place to keep track of assets
like that.  But domain names aren't usually thought of in the same category
as major capital assets.  Until they disappear.

Steve


On Sun, Dec 13, 2020 at 9:48 AM Marjorie <marjorie at id3.net> wrote:

> Seems to me that the answer is simple: as a domain owner you should keep
> an *inventory* of all your domain names along with anniversary dates,
> and set reminders if needed.
> The anniversary day normally will remain the same, only the year changes
> after renewal. TLDs such as .nl/.be/.de etc are somewhat different, but
> the registrar usually charges on a yearly basis, counting from the
> creation date. Is that's date that should be put in your calendar.
>
> Do not rely on the courtesy reminders from your registrar, you may not
> receive them for various reasons.
>
> As for monitoring: scraping whois en masse is difficult, but what can be
> done easily is checking for name servers changes. If the name expires
> the name servers will either change or there will be none at all and the
> name will stop resolving.
>
> Additional steps for critical domain names: renew ahead (up to 10 years
> for gTLDs), set autorenew and add a backup funding source if available.
>
> Marj
>
>
> On 12/13/20 5:26 AM, Viktor Dukhovni wrote:
> > Yesterday I happened to notice that the "flexfilter.nl" domain went into
> > "quarantine" under .NL, with NXDomain returned by the parent.  This
> > domain still had ~14.5k signed domains using its MX hosts, including
> > flexwebhosting.nl, who own/operate this "infrastructure" domain.
> >
> > While one might just write this off as "operator error", putting the
> > blame squarely on the domain owner, I wonder whether in part the problem
> > is a result of lack of transparency around impending domain expiration.
> >
> > Specifically, how should a responsible domain owner monitor their
> > domains for impending expiration?  Yes, ideally some sort of email is
> > sent from registrar to the domain owner reminding them of the need to
> > renew the domain, but such emails can get lost in spam filters, may be
> > sent to a stale contact address, ...
> >
> > And with increasing usability barriers around WHOIS[1], and some WHOIS
> > services not returning expiration dates in the first place.  How exactly
> > is an operator supposed to keep track of these dates, and not miss some
> > renewals?
> >
> > Unless I'm missing something, the "operator error" in question can be
> > reasonably described as falling into a well-disguised trap rather than
> > an instance of mere negligence.
> >
> > So my question to the list is, what can or should be done to help domain
> > owners avoid a similar fate?
> >
> > At least for my domain, the .ORG registry does return the relevant
> > dates:
> >
> >     Creation Date: 2001-05-13T02:29:30Z
> >     Updated Date: 2020-06-03T09:51:47Z
> >     Registry Expiry Date: 2029-05-13T02:29:30Z
> >
> > but, for example, is the .ORG WHOIS scalable enough to support a daily
> > query for each of the 10,000,000 registered domains?  And if a domain
> > owner has many domains to track, how soon would they run into WHOIS
> > query rate limits?
> >
> > Of course daily checks for a date that rarely changes may be too
> > frequent, perhaps one should only check once a week or once a month?
> > Are there tools that help one discover and keep track of the dates?
> >
> > And if not WHOIS, then where would one look?
> >
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20201213/52644162/attachment.html>

More information about the dns-operations mailing list