Escrow of JP Domain Name Registry Data; 3-Party Joint Operation Begins Japanese Page
The escrowing of JP domain name registry data under the ccTLD Sponsorship Agreement of February 27, 2002 between JPRS and ICANN and the JP Domain Name Management and Administration Transfer Agreement of January 31, 2002 between JPNIC and JPRS switched, on July 1, 2004, to a new system operated jointly by the three parties. This article explains data escrow, its background and the reason for the switch to the new system.
What is data escrow?
Formally, "data escrow" is referred to as "the escrowing of JP domain name registry data" and specifically denotes the practice of escrowing (depositing) JP domain name registry data, which are updated daily, with a third party, each day.
Data escrow is carried out under a ccTLD Sponsorship Agreement between Japan Registry Service (JPRS, a JP domain name registry operator), and ICANN (The Internet Corporation for Assigned Names and Numbers), concluded on February 27, 2002 (Pacific Standard Time). A ccTLD Sponsorship Agreement is an agreement between ICANN and an organization responsible for the administration of ccTLD (ccTLD sponsoring organization), which clearly specifies the rights and responsibilities of the two parties.
Article 4, Paragraph 3 of the ccTLD Sponsorship Agreement sets out provisions with regard to data escrow, specifying
- that the ccTLD sponsoring organization (JPRS in the case of .JP) should be responsible for escrowing ccTLD registry data
- that the escrow agent should be approved by JPNIC, the Government authorities and the sponsoring organization, and
- that if the ccTLD Sponsorship Agreement comes to an end, the registry data are to be handed over to the successor appointed to manage the ccTLD without delay.
The JP Domain Name Management and Administration Transfer Agreement concluded on January 31, 2002 between JPNIC and JPRS also includes provisions relating to data escrow.
The purpose of data escrow is to make preparations to ensure that, in the event of the ccTLD functions being transferred from JPRS, which currently undertakes the domain name registry work, to another organization, the new organization is able to resume the provision of registry functions, with a view to ensuring the continuity of JP domain name operation.
Data escrow makes it possible for the new registry operator to take over "as is" the domain name registration data, name server data and other data required for registry operation, and means that the new registry operator is able to begin its work sooner.
This is extremely important both for those who have registered JP domain names and for the stable operation of the Internet, because it ensures the continuity of data required for .JP registry work.
With regard to JP domain names, the parties have been working towards the establishment of a 3-party data escrow system for the JP domain name registry involving an "auditor", a "registry operator" and an "escrow agent" since the conclusion of the ccTLD Sponsorship Agreement between ICANN and JPRS and the transfer agreement between JPNIC and JPRS.
Background to the switch from a 2-party system to a 3-party system
Data escrow of JP domain names was initiated on April 1, 2002, simultaneously with the transfer of JP domain name registry management and administration work from JPNIC to JPRS.
In conjunction with the start of operations, because JP domain names were the first registry data to be escrowed within the ccTLD, it was assumed that a number of aspects requiring improvement would be identified after operations began, and the first 2 years were therefore positioned as a trial period. During this period, JPNIC served as both auditor and data escrow agent for the JP domain name registry.
The trial period being due to end this year, with a view to making the transition from the existing 2-party system to a 3-party system, and of making the improvements identified as necessary and reflecting the know-how accumulated during the trial period, on January 26, 2004 JPNIC and JPRS set out to jointly recruit an escrow agent.
Several organizations applied for the position of escrow agent and JPNIC and JPRS examined the content of the proposals they submitted. The decision was based on an overall evaluation, which took into account a range of factors including operational organization, security measures and cost, and, in early March 2004, after prolonged deliberation, one of the applicants was finally selected as a candidate for escrow agent.
Subsequently, on March 23, the Ministry of Internal Affairs and Communications issued a communication endorsing the organization as an escrow agent and the organization was officially appointed as escrow agent.
The current data escrow system
Following the selection of the escrow agent on March 23, 2004, the work of transferring the management and administration of data escrow to the new system began in April of the same year. Following 3 months of preparations, covering every aspect of the system, from design and implementation to trial operation, the new system is scheduled to enter service on July 1, 2004.
Following the switch to the new system, the current data escrow system involves three parties - an "auditor", a "registry operator" and an "escrow agent".
- "Auditor" (JPNIC)
- The auditor audits and controls the escrow process as a whole. In addition to carrying out daily checks on the basis of reports received from the registry operator and the escrow agent, to verify the validity of the data escrow, the auditor carries out regular checks on the escrow agent's facilities and on the escrow data. If any problem arises with regard to data escrow operations, the auditor supervises the recovery process and, if necessary, it is also the role of the auditor to decide whether or not to terminate data escrow for that day.
- "Registry operator" (JPRS)
- Once a day, the registry operator creates and transmits escrow data. The registry operator extracts the escrow data from the registry data, checks them for consistency, encrypts them, and transmits them to the escrow agent. Other than under special circumstances, such as days on which system maintenance is being carried out, escrow data are transmitted every day without exception.
- "Escrow agent"
- Once a day, the escrow agent takes delivery of escrow data. Having encoded the escrow data received, the agent checks them for consistency, and, if no anomalies are detected, the data are stored for a fixed period measured from that day. To guard against disasters, data are stored in a secure location. If a situation necessitating the transfer of the registry arises, the escrow agent is also responsible for handing over data on the instructions of the auditor.
A comparison of old and new systems
In conjunction with the switch from 2-party to 3-party operation, the respective roles of the three parties involved have been clarified, imparting greater balance and control to the system. On the technical side, improvements have been made in the following areas.
First, under the new system, escrow data now includes "management specified provider data" for each domain name. The original purpose of data escrow is to deposit the minimum volume of data required to allow the startup of a new registry, but the addition of these "management specified provider data" makes it easier to begin work when the registry is transferred to the new registry operator.
Functions that allow the extraction of "DNS zone data", "WHOIS data" and "management specified provider data" from the escrow data have also been added.
It was already possible for the new registry operator to generate these data from the escrow data by creating tools, but the addition of DNS zone data that can be entered directly into the DNS program and a WHOIS data extraction function that can be accessed directly using the WHOIS program, has reduced the burden on the new registry operator and the time required to effect the transfer, and it is possible to effect transfer with greater speed.
Finally...
The arrangements for data escrow will continue to be reviewed at regular intervals, and will be revised as necessary.
JPNIC will continue to cooperate with JPRS and the escrow agent in the escrow of JP domain name registry data, with a view to ensuring stability and continuity of JP domain name management and administration, in a manner that is in the public interest. We look forward to your continued understanding and cooperation.