I am looking for a domain name registrant. Where can I look it up?
The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.
On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.
I would like to transfer my domain name to another registrar. What is the procedure?
To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.
The details registered about me/my company are incorrect or out of date. How can I get them updated?
To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.
Why is my domain name in quarantine?
When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.
One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.
Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?
Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.
What conditions do I have to meet as a registrar?
Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.
This is the first in a new series of periodic blog posts explaining key .nl statistics, as published on stats.sidnlabs.nl. This time, we look at the accelerating adoption of algorithm 13 – an elliptic curve-based cryptographic algorithm used with the domain name security protocol DNSSEC.
DNSSEC is a system that lets registrants add digital signatures to their domain names. Resolvers can then verify the reliability of incoming information about the signed domain names. The system depends on cryptographic signing of the information about domain names recorded in the DNS. Since 2016, it's been possible to sign .nl domain names using modern, elliptic curve-based algorithms. Such algorithms are also widely supported by resolvers: scanning shows that nearly as many DNSSEC-validating resolvers support the algorithms as older and currently more widely used algorithms. On rootcanary.org, you can see for yourself which algorithms your resolver supports. Against that background, we thought it would be interesting to review the state of play three years on from the new algorithms being enabled.
Why elliptic curve?
The algorithms introduced in 2016 are ECDSAP256SHA256 (known for short as 'number 13') and ECDSAP384SHA384 (number 14). They have major advantages over older algorithms: signatures created using the modern algorithms are just as secure as, for example, signatures based on the RSA algorithms, but much shorter. That reduces the scope for abuse in the context of DDoS attacks and prevents DNSSEC information becoming too bulky for certain parts of the internet to handle. The RFC 8624 standard was therefore recently updated to say that DNSSEC software developers should support algorithm 13. More information about ECDSA is given in a previous blog post.
From the chart above, you can see that nearly 7 per cent of signed .nl domain names make use of algorithm 13. In other words, their key signing key (KSK) is based on algorithm 13. A year ago, the figure was just 3.5 per cent.
Popular domain names signed using algorithm 13 include surfnet.nl, kpn.nl and rijksmuseum.nl. Algorithm 14 is currently used in less than 1 per cent of cases. That's not a matter of concern, since algorithm 13 is secure enough to be used for a long time to come.
Of the domain names now signed with algorithm 13, 32 per cent were previously signed using an older algorithm. Switching from an older algorithm to algorithm 13 involves the operator performing an 'algorithm rollover'. The other 68 per cent of the algorithm-13 domain names were not previously signed using DNSSEC.
TLD support for elliptic curve
So, ECDSA use is increasing for .nl domain names, but what's the situation with .nl itself? The .nl domain isn't yet signed using algorithm 13 or 14; RSA/SHA-256 (number 8) is still used. That algorithm still provides adequate security, but we're investigating what kind of rollover we should perform in due course and which algorithms we should use. Various other TLDs, including .br, .ch, and .cz, have already successfully made the switch.
Summary
Use of ECDSA is rising, and that is helping to make the internet more secure.
The data in the chart above is taken from our registration database. It's updated weekly and the aggregated data is available on stats.sidnlabs.nl. Follow this blog for more interesting facts and figures about .nl.
