- + Preface
- + Chapter1 Resource Management and Registry
- + Chapter2 Resource management before JNIC and JPNIC
- + Chapter3 Restructuring toward fully-fledged resource management by JPNIC
Chapter4 Transition of resource management policy for domain names
- Coping with expansion of the Internet through policy development
- Deployment of Geographic Type JP and its reconstruction into Prefecture Type JP
- Introduction of ED.JP for elementary and secondary education institutions
- Separation of NE.JP and GR.JP from OR.JP
- Establishment of JP domain name registration rule
- + Chapter5 IP address policy in the fully-fledged Internet age
- + Chapter6 Building the global IP address management structure
Chapter7 Framework for global domain name management led by ICANN
- Finding a domain name management framework for new era
- Column: Green Paper and White Paper
- Decision-making process and organizational structure adopted in ICANN
- Involvement from Japan
- ICANN's gTLD policy reforms
- Column: Registry-registrar model and JP Registrar model ? “thick” registry and “thin” registry
- New gTLDs
- Relationship between IP address and ICANN
- Epicenter of Internet governance
- + Chapter8 General-use JP Domain Name and establishment of JPRS
Chapter9 “Publication” and “disclosure” of registration information
- Registry mechanism to register and publish registration data
- Spread of the Internet and registration information
- Discussion on the handling of registration information
- Organization/group information
- Responding to Personal Information Protection Act
- Reference: Documents on handling registration information
Chapter10 IPv4 address pool exhaustion and IPv6
- IPv6 emerging on the Internet
- Efforts of Japan towards IPv6 promotion
- Expansion of the Internet through IPv4
- Accelerated IPv4 address consumption through penetration of continuous connections
- IPv4 address pool exhaustion becomes more of a reality
- IPv4 address pool exhaustion and IPv6 educational activity
- IPv4 address policy in the face of exhaustion
- Internet over IPv6 after IPv4 exhaustion
- + Appendix1: IP address and domain name
- + Appendix2: Transition of Internet resource management
- + About History Compilation Team
- + Revision history
Chapter1 Resource Management and Registry
The Internet has developed rapidly as a global-scale network of networks, connecting millions of computers and growing numbers of mobile terminals, including smartphones and tablets. The reason behind this rapid development is that one of the Internet’s defining qualities is that it is a system based on “autonomous distributed management”, in which the Internet as a whole is managed in a decentralized manner.
However, the exception to this is the management of the “numbers” and “names” used to identify each network or computer connected to the Internet. Instead, this is performed in a uniform and centralized fashion throughout the Internet.
IP addresses, AS numbers and domain names are the identifiers that distinguish a destination network or computer on the Internet. Ensuring uniqueness requires uniform and centralized management.
But being uniform and centralized does not mean that everything is managed in one place. As the Internet expanded, a hierarchical management structure formed through a mechanism called “delegation,” to secure scalability and allow the operation of local policies. Delegation is a mechanism to entrust a part of domain name and IP address management to another administrator.
An organization that takes charge of assigning and registering the numbers and names on the Internet is called “registry.” The first Internet registry, which later evolved into the current Internet management structure, was the Stanford Research Institute Network Information Center (SRI-NIC). Following a similar convention, many other registries adopted “NIC (Network Information Center)” as part of their organization name.
JPNIC is the Internet registry that manages IP addresses and AS numbers in Japan. It also served as the registry of the .JP top-level domain, the Country Code Top Level Domain (ccTLD) of Japan, but transferred the management authority to Japan Registry Services (JPRS) in April 2002. Since then, JPRS has been the registry for .JP.
JPNIC and JPRS carry out their respective management responsibilities within the framework overseen by the Internet Corporation for Assigned Names and Numbers (ICANN), the organization that manages IP addresses and domain names globally. This chapter outlines the difference between IP addresses and domain names and describes the role of the registries.
Difference between management of IP addresses and domain names
Before looking back at the history of resource management for IP addresses and domain names, we need to explain the difference between an IP address and a domain name from the perspective of resource management. What we wish to illustrate here is that the differences in character between IP addresses and domain names require different approaches and operations.
An IP address is a numeric value expressed by a fixed length string of 32 bits in the case of IPv4 and 128 bits in the case of IPv6. Different hosts on the Internet are identified by assigning each of them a different value. An IP address is divided into two parts: a “network part” identifying the network and a “host part” identifying the host on the network.
In IP communication, a packet is sent from a sender to a receiver through multiple routers. Each router determines the destination of the packet (next router) referring to the network part of the IP address of the packet receiver. Each IP address – being a simple bit string – can be processed efficiently at high speed by computers.
On the other hand, a domain name is an identifier that distinguishes a host with a character string consisting of labels separated by dots, so that domain names are easy for people to recognize. From a string, it is possible to analogize organization, service, product or information, to a certain extent. Domain names are managed in a hierarchical manner by each label.
Generally speaking, a user specifies another party using a domain name, while in the actual exchange of packets between computers an IP address is used as an identifier. Therefore, the user’s computer needs to know the IP address that corresponds to the domain name to establish communication. In some cases, you may want to know a domain name from an IP address to research on the origin of access. The Domain Name System (DNS) manages such one-to-one associations between domain names and IP addresses: it finds out the IP address corresponding to a domain name and indicates the domain name from an IP address.
A “domain name registry” operates the forward DNS server used to convert the domain name to an IP address, and an “IP address registry” operates the reverse DNS server used to convert the IP address to a domain name. Each registry manages the information registered in its DNS and operates a DNS server. In addition, DNS is managed in a hierarchical way by labels.
Moreover, the difference between IP addresses and domain names is not just a question of one being a bit sequence and the other a character string. Another big difference is in the extent of their dependence on the network structure.
As described previously, an IP address consists of a “network part” and a “host part.” The network part of an address may be changed when an upstream network such as the connected ISP changes, which will result in the change of all the IP addresses assigned to each device (this is called renumbering).
On the other hand, domain names do not depend on the structure of the network. Domain names are portable in nature, which means that even if the connected network is changed (for example, due to a configuration update) or the ISP is changed, you can continue to use the same name just by changing the setting on the DNS.
On the global Internet, configuration changes are made frequently across connected networks, and renumbering is conducted in each case. In the case of domain names, however, users can continue to access a host associated with the same domain name as before without making any special change in settings, just by updating the IP address of the supporting host or the name server host to the new IP address in the DNS.
Operation of IP address registry
As described above, an IP address is a numerical value expressed in 32 bits (IPv4) and 128 bits (IPv6). A number itself normally does not have any meaning as a character, so (unlike domain names) IP addresses are distributed evenly with no difference in their meaning. In addition, numbers have no competitive nature (unlike character strings) that can compete or clash. However, the number of usable IP addresses is limited, so efficient or – in some cases – conservative usage is occasionally required. Therefore, a state of fairness where people use IP addresses only according to their needs is considered important. Further, both an IP address and a domain name identify a host on the Internet, so they must be bound together uniquely with no duplication. This coordination is the basic task of a registry.
We will describe the general role of a registry later, but for now we will focus on the operational aspects of IP address registries.
An IP address registry manages both undistributed and distributed IP addresses following the five principles of “uniqueness,” “registration,” “route aggregation,” “conservation” and “fairness.” When distributing IP addresses, a registry requires an applicant to provide a usage plan for the IP addresses and evaluates the plan to see if the network is operated consistently with the management principles. The registry will also assess whether the requested number of IP addresses is appropriate, before determining the necessary amount to be distributed. Then the distributed addresses are registered and managed in a database so that the uniqueness of each address is ensured.
IP addresses are distributed from a globally shared, undistributed space in a hierarchical manner by five Regional Internet Registries (RIRs). Although some regions also have national registries, all registries follow basically the same standard to distribute IP addresses. The relationship among registries is not competitive; rather, it is cooperative to ensure homogeneity. Distribution management policies are established and operated independently by each registry according to the consensus of each region or community, and taking into account each region’s particular circumstances. However, to ensure fair distribution on a global basis, technical rather than political aspects are emphasized in policy development, and coordination takes place to help keep the policies as consistent as possible.
In the actual distribution of IP addresses, registry staff must first conduct a manual review of all applications. When the registry receives an application, it closely evaluates the request and the usage plan attached to it. Distribution is made only when the registry confirms that the requested amount is appropriate according to the policies. The principle is that because available address space is finite, a registry should not distribute unnecessary addresses, but should limit the distribution amount to the requisite minimum.
It is a basic rule that distribution policies are only established after gaining consensus from the entire community with which a particular registry is associated. Policies should be developed through a community-based, bottom up approach in open fora where anyone can participate, and fairness and the other principles should be taken into account throughout the process. So, in addition to their essential distribution and registration role, IP address registries also provide the forum for developing and coordinating policy.
Value of domain name as character string
Before explaining the operation of domain name registries, we should first explore the “characteristics as a character string” of a domain name.
While the management of numeric IP addresses is strongly colored by their nature as a limited resource, the available combinations of characters for domain names are essentially almost infinite. On the other hand, because domain names may have meanings that users associate with things existing in the real world (unlike numeric IP addresses which have no particular semantic significance), specific consideration is required in handling domain names.
People associate unique nouns － including trademarks, trade names and personal names or names of usable services － with the character string of a domain name. Furthermore, some strings have a business value as they feature general nouns or geographic names. That is an attractive point in a domain name from the users' viewpoint.
As recognizable character strings, domain names have market and social value in the real world, which can lead to problems or disputes if a valuable string is contended for by multiple parties. Further, it is necessary to take account of some socially inappropriate words such as specific slogans, obscenities or discriminatory words. It is also necessary to establish registration rules from the aspect of linguistic meaning of a label, taking into account variants and similarities.
Basically, the first-come-first-served principle is applied to coordinate the handling of applicants who request the same string. Unlike IP address distribution, usage is not a prerequisite for domain names registration. It is permissible to register a name preemptively so that the name cannot be used by a third party, even when the applicant does not have a plan to use it.
This may cause problems such as piracy, trademark infringement, or other intellectual property disputes. There is also the possibility of spoofing or phishing which elicits an error from the Internet user with a domain name string similar to the original and can cause damage. So, in addition to registration rules, specific mechanisms (such as “sunrise period,” “DRP”, and others to be described later) need to be established to solve these problems before or after trouble occurs.
Operation of domain name registry
A domain name registry manages information for registered domain names and information on registrants. A user requiring a domain name selects the character string and applies for registration with a domain name registry. The registry receives the application, evaluates it to see if it complies with the registration rules and checks that the requested name is currently unregistered. After that, the registry accepts the application and adds the information for the registered domain into the registry database.
A domain name is composed of multiple labels delimited by dots, and domain name registries are configured in a hierarchical manner for each label. Therefore, each domain name registry can decide on registration rules independently in a manner that responds to user or social demands. Protection of intellectual property rights and avoidance of disputes or troubles are more important in the rules for domain names, compared with the rules for IP addresses.
However, because there is a wide variety of strings that can be registered, conservation does not apply in the way it does in IP address management. While domain names are often registered even if there is no plan for their immediate use – and in fact it is common to register domain names preemptively to protect trademarks or trade names – IP address distribution is specifically contingent on demonstrated plans for use.
In the case of IP addresses, preliminary evaluation generally decides whether or not an IP address should be assigned. However, in the case of domain names, the preliminary review is generally conducted to the minimum extent necessary extent to check if the requested string is unregistered and if the registrant is qualified for registration. In the registration process, it is difficult to judge everything including the possible infringement of a domain name upon third-party rights. So in general, usage of a domain name is examined after registration and when an objection is filed.
To deal with problems arising over contested use of trademarks, trade names, and other intellectual property issues, dispute resolution policies have been established. Further, when establishing a specific subdomain or attribute, a mechanism may be deployed to set a grace period before starting registration on a first-come-first-served manner. In such a mechanism, holders of trademarks or trade names have the first right to register related domain names in order to mitigate possible disputes. This period is called the “sunrise period.”
To deal with the other problems that a domain name registry cannot solve by itself, such as dealing with domain names used for spoofing or improper information transmission, it is necessary that the registry collaborate with associated organizations. For a domain name registry, important aspects of its operation include establishing rules for post-processing of various disputes and developing a cooperative framework for institutions and associated organizations.
Domain names are basically registered on a first-come-first-served basis, so instantaneous registration is expected. Also, unlike IP addresses which are requested by blocks, domain names are applied for individually. Hence the number of domain name applications becomes larger than that for IP addresses and domain name registries require sufficient processing capability.
Moreover, a domain name registry needs to operate the forward DNS server to make the domain name under management usable on the Internet, and that DNS server must have high level of stability, reliability and availability. Capital investment is unavoidable.
IP address distribution policy is essentially consistent and fair across the globe, so competition among IP address registries would not fit the model. But in the case of domain names, a “registry-registrar model” secures fair competition to improves overall service quality. This means that a user can choose a registry and a registrar when registering a domain name. The user’s choice can take various viewpoints, including availability of the intended name, image of the TLD, price and reliability. Thus, domain name registries provide services under the principles of market competition.
Due to the expansion of TLD space under ICANN’s new gTLD program (refer to Chapter 7), competition has recently intensified, putting more pressure on domain name registries to improve their quality and service.
Role of registry
This section summerizes the fundamental role of a registry.
Operating and managing registry database
A registry operates and manages a registry database that stores and manages assignment and registration information.
A registry establishes rules regarding assignment of IP addresses and AS numbers or registration of domain names (including policies and detailed rules).
In the case of IP addresses and AS numbers, since one number space is shared throughout the world, it is necessary to adopt policies that secure global consistency. To do so, a registry establishes policies by collaborating with the Local Internet Registries (LIRs, also known as IP Address Designated Agents in Japan), the upstream registry (Asia Pacific Information Centre, APNIC, in the case of JPNIC) and the community at large.
For domain names, the rules for Generic Top Level Domains (gTLDs) implemented all over the world are developed in ICANN. For Country Code Top Level Domains (ccTLDs) that are assigned to countries or territories, global portions of the rules are developed at ICANN, but individual services are delegated to each registry, and rules that meet the needs of each country and region are created domestically. In the case of .jp, JPRS establishes the rules based on the opinions of the community in Japan and the needs of the domain name market.
When an application for an IP address or domain name is filed, a registry assigns or registers the requested number or name based on the rules. Further, the registry updates the registry database to reflect the content of applications.
Providing WHOIS service
A registry publishes registrant information for IP addresses or domain names so that any Internet user can refer to it, using a service called WHOIS. Each registry operates the WHOIS service in such a way as to ensure consistency with the registry database it manages.
In 1982, the technical information, specifications and operational rules for WHOIS were defined in RFC 812 (NICNAME/WHOIS) (in 2004 it was updated to the present RFC 3912). With regard to JP domain names, JNIC (now JPNIC) started an experimental WHOIS service in 1992, and JPNIC started the formal service in 1993. At present, JPRS operates the WHOIS service for JP domain names and JPNIC operates that for IP addresses.
Publishing assignment and registration information to all Internet users is an important role for a registry. As described previously, the Internet is a system based on autonomous distributed management, so there is no one organization that controls the entire Internet. In the event of a connection problem, the associated network operators contact each other and coordinate to solve the problem. Therefore, it is necessary to secure communication among networks, organizations that administer and use a domain name, and users. Against this backdrop, WHOIS service operated by registries bears the important role of providing contact information for this purpose.
As just described, the WHOIS service has been used as a means to obtain contact information to communicate among relevant parties if a technical problem occurs. Today, WHOIS is also used for solving problems caused by security incidents or conflicts between a domain name and a trademark. Thus, the ways in which WHOIS is used are growing more diverse, along with the expansion of Internet usage.
DNS - Domain Name System
DNS is one of the fundamental services of the Internet, providing information correlating IP addresses and domain names.
JPNIC (in cooperation with APNIC) provides information on delegations to the reverse DNS server that manages each distributed IP address block. JPRS provides information on delegations to the forward DNS server that manages each registered domain name.
ARPANET (Advanced Research Projects Agency Network), the predecessor to the Internet, used to manage and provide a mapping between host names that specified connected devices and their corresponding IP addresses in the form of a file called HOSTS.TXT. However, due to the increase in the volume of registration information and frequency of updates, the scheme reached its limit in the early 1980s. To overcome the challenge, the first DNS specifications were documented as RFC 882 and RFC 883 in 1983, and in 1987 they were revised to form the present specification of RFC 1034 and RFC 1035.
In Japan, operation of the DNS service for JP domain names (the JP DNS server) was launched in 1989. Subsequently, JPRS took over the responsibility, which has grown with the Internet itself. As of 2014, the JP DNS server operated from 26 sites around the world, with cooperation from secondary server operator organizations.
A large number of functions have been added and improvements made to the DNS. One notable and important enhancement is the basic specification of DNSSEC, the Domain Name System Security Extensions, standardized in 2005 as RFC 4033, 4034 and 4035.
Information dissemination and educational activities
Many registries consider it one of their own roles to improve the general level of understanding and literacy about Internet infrastructure technology, governance, and the issues required for effective resource management. So they disseminate information and take initiative in educational activities focusing on these fields.
Along the same lines, JPNIC proactively dispatches information via media, such as newsletters, mailing lists, mail magazines and Web sites.
One particular example is the annual “Internet Week”, attended mainly by Internet engineers since 1997. Since 1999, Internet Week has been organized under the auspices of JPNIC. The origin of Internet Week was in the “IP Meeting” that enabled the participants to get a comprehensive view of the Internet in Japan at the time. The first IP Meeting (held under the name of “Japan Inter-network meeting”) was organized at the Shonan Fujisawa Campus (SFC) of Keio University in 1990.
|<< Preface||Ver.1.0-April 2015||Chapter2 >>|