CZ.NIC

Last updated
CZ.NIC CZ domain registry
Type association
Industry Domain registration
Founded1998
Headquarters Prague, Czech Republic
Key people
Mgr. Ondřej Filip, MBA, CEO
Productsregistration in .cz, registration in .0.2.4.e164.arpa
Website www.nic.cz/en

CZ.NIC is a Czech interest association of legal persons established by leading Internet service providers in 1998. The main activity of the association is administration of domain names .cz and 0.2.4.e164.arpa (ENUM), administration of .cz top-level domains and education in the area of domain names. Currently[ when? ], the employees of the association are intensively working on expanding the DNSSEC technology[ citation needed ], developing the domain administration system and mojeID service and promoting new technologies and projects beneficial to the Internet infrastructure in the Czech Republic.

Contents

Authorized by the Ministry of the Interior, the CZ.NIC association coordinates the national security team CSIRT.CZ that has been participating in resolving incidents related to cyber security in networks operated in the Czech Republic since 2011.

The association operates a specialized learning center called CZ.NIC Academy and founded its own research organization, the purpose of which is, among others, to solve problems related to Internet security and the development of original tools for the development of the Internet infrastructure.

CZ.NIC is a member of EURid, the organization administering the European .eu domain as well as of other international companies with similar specialization (CENTR, ccNSO, etc.).

Projects

Turris Omnia

Turris Omnia is a powerful and extensible open-source router. It features an open Linux based operating system with automatic updates and extra security measures. Besides being a router, Turris Omnia is powerful enough to serve as small home server. Turris Omnia was crowdfunded through a campaign on Indiegogo. [1]

Project: Turris

The Turris project is a service that helps users to protect their home networks by using a special router. In addition to normal home router functions, it is also able to analyze traffic between the Internet and a home network and identify suspicious data streams. If such data stream is detected, the router alerts the Turris central of a possible attack like a watchtower (that is what Turris means in Latin). The system central is capable to compare data from many connected Turris routers and evaluate the detected threat. If an attack is detected, updates are created and distributed throughout the Turris network to help protect all other users.

DNSSEC

In early 2008, CZ.NIC started trial operation of the DNSSEC security technology; it was definitely launched in the .cz domain area in the fall of 2008. Czech Republic was the fifth country to introduce this security technology. At present, the Czech national domain with 35% of its domains being secured is among the gTLDs with the highest use of DNSSEC.

Háčkyčárky.cz

Since 2004, the association pays attention to IDN, the system of domain names with diacritics. In connection with this, CZ.NIC operates the project “Háčkyčárky.cz” (“acutes carons”), where Internet users can test whether their browsers and systems are compatible with the internationalized domains.

FRED

FRED (Free Registry for ENUM and Domain) is a registration system for domain administration, developed by employees of CZ.NIC as open source. It was first implemented in 2006 for the Czech ENUM domain administration; the following year, FRED started to be used for .cz domains. More information, including installation packages can be found at http://fred.nic.cz. The software can be freely used, modified and redistributed under the conditions laid down by the appropriate licenses. Since September 2008, the FRED registration system has been used by Angola; in 2009 it was followed by Tanzania and a year later by the Faroe Islands, Costa Rica and Estonia. At the beginning of 2014, they were joined by Albania and Macedonia. It is running in a test mode in several other countries.

BIRD

An open source routing daemon BIRD was developed at the Faculty of Mathematics and Physics, Charles University, Prague, as a school project of three students (including Ondřej Filip, the current CEO of CZ.NIC). Important development of the project came about in 2009, when BIRD became one of the first object of activities of the CZ.NIC Laboratories. The routing daemon is one of the most used solutions for peering centers around the world; its abilities are utilized by the American PAIX, the Moscow MSK-IX, the Frankfurt DE-CIX, or the London LINX. The representatives of the latter routing node honored BIRD with LINX Award 2010.

mojeID

mojeid Logo Logo mojeid.jpg
mojeid Logo

MojeID is a service that allows users of the Czech Internet to use single login data (username and password) for logging into different websites and web services. It eliminates the need for repetitive registration. MojeID can be used for all services that support specifically the mojeID service or at least the OpenID technology. MojeID also allows storing the user data in one secure place while keeping it up to date.

Compared to OpenID, mojeID has a major advantage, which is different stages of identity verification. The first stage verifies that the user actually has access to the email box and mobile phone entered during registration. In the second stage, the user can request a further verification code to be sent to their postal address. The highest degree of verification is called validation, at which the user authentication is based on a personal visit to a CZ.NIC office, a valid electronic signature, or an officially certified written request.

Within the .cz domain zone, mojeID is used by a large number of e-shops, news sites and even some municipalities that use the authentication system, for example, during quick surveys or polls among residents.

Knot DNS

Knot DNS is a powerful authoritative DNS server supporting all major DNS protocol functions including zone transfers, dynamic updates and DNSSEC extension. Main advantages of this open source solution are performance, scalability, speed and the ability to add or remove zones on the fly without server downtime. Knot DNS was presented to the Czech and international public in November 2011. Four months later, CZ.NIC released its first final version.

National security team CSIRT.CZ

Based on the agreement between the Czech Ministry of the Interior and CZ.NIC, from January 2011 the .cz domain administrator coordinates the national security team CSIRT.CZ. It participates in resolving incidents related to cyber security in networks operating in the Czech Republic.

Academy

Specialized Learning Centre offers professional training in the field of Internet and web technologies. The lecturers of the CZ.NIC Academy are employees of the association, university professors and practitioners. CZ.NIC Academy operates two training centers - in Prague and Brno.

Laboratories

CZ.NIC Laboratories is a development and research institute of the CZ.NIC association that is engaged in research on the Internet, Internet protocols, network operation analysis, passive and active monitoring and design of prototypes for further development within CZ.NIC. The work of CZ.NIC Laboratories is focused on the benefit of the local Internet community; however, the scope of its work is international.

Domain history

Domains have been registered in the Czech Republic since 1991. Back then, those were the now non-existent .cs domains for the former Czechoslovakia. The computing center at Institute of Chemical Technology in Prague was in charge of the registration. Today's .cz Czech domain appeared with the disintegration of Czechoslovakia in 1993. The original rules for allocation of domains were relatively strict, as was usual at these times. The domain administrator also covered the costs of operation of the registration system and the registration, and the use of second-level domain names was free of charge.

The importance of the Internet in the Czech Republic has been gradually growing, together with the number of applications for registration of new domain names. This development logically brought along the pressure to relax the allocation rules. The first major breakthrough in this respect occurred in 1997 — since then, registering domain names has been possible for natural person as well. Furthermore, the relationship of the applicant to the registered domain name has stopped to be questioned.

Origin

With the increasing number of domain names, stronger position of the Internet in the commercial sector and the increasing costs of operating the system, it was necessary to institutionalize the registration process. Therefore, in 1998, the major ISPs represented in the NIX.CZ association founded an association of legal persons CZ.NIC. In September 1999, CZ.NIC officially took over the administration of the .cz domain. At the same time, the registration of second-level domain names became chargeable. In the period from September 1999 to 2003, there were further modifications and relaxation of the rules of domain registration. For example, a system of so-called special requests was established as a defense against speculators and in 2002, registration of domains without working name servers was allowed. The domain names identical to the endings of other top-level domains that had been blocked until then were released.

Commercial Registrars

At first, CZ.NIC had fulfilled the role of both registry administrator and the registrar. A fundamental change in this respect occurred in 2002, when there was a transition to more efficient decentralized domain administration. Thanks to this transition, other entities could enter the domain registration process. The aim of this measure was to separate the technical aspects of the operation of the registration system from the operation by domain names’ end holders and to introduce competitive environment, which would bring better services and lower prices, into the registration process. The decentralized domain administration system started its operation in autumn of 2003 and was immediately entered by first commercial registrars. Apart from commercial environment and price decrease, the decentralized system has brought other intriguing changes. The users have been enabled to register domains for a period longer than one year (up to 10 years), and the system have been further secured, in particular with respect to domain holder's rights. Due to the decentralization and making domains accessible to public, domain disputes have become a frequent occurrence. That is why the association introduced an arbitration clause into the Registration Rules in 2004. This clause allows for resolving disputes through Arbitration Court attached to the Chamber of Commerce and the Agricultural Chamber of the Czech Republic. The registration now includes accepting the commitment to respect the decisions of the Arbitration Court, which has simplified and accelerated the dispute resolution.

A new generation Decentralized System of Domains

In 2005, the CZ.NIC association decided that it would operate system of registration and domain administration on its own. Until then the system administration had been outsourced. The aim of this change was to ensure greater flexibility in changes in the system and to reduce the cost of its operation. A new generation Decentralized System of Domains (DSDng) was launched on October 1, 2007. It brought an abrupt drop in wholesale prices, simplification of rules for .CZ domain registration and a significant increase in the number of registered domains. After half a year, there were 400,000 domains on the Czech Internet and the growth rate doubled compared to the previous year. DSDng runs on the basis of the FRED software, developed by employees of CZ.NIC as open source. In September 2008, the system was implemented by Angola, in 2009 it was followed by Tanzania and a year later by the Faroe Islands, Costa Rica and Estonia.

Related Research Articles

The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985.

The DNS root zone is the top-level DNS zone in the hierarchical namespace of the Domain Name System (DNS) of the Internet.

<span class="mw-page-title-main">.org</span> Generic top-level domain

The domain name .org is a generic top-level domain (gTLD) of the Domain Name System (DNS) used on the Internet. The name is truncated from 'organization'. It was one of the original domains established in 1985, and has been operated by the Public Interest Registry since 2003. The domain was originally "intended as the miscellaneous TLD for organizations that didn't fit anywhere else." It is commonly used by non-profit organizations, open-source projects, and communities, but is an open domain that can be used by anyone. The number of registered domains in .org has increased from fewer than one million in the 1990s, to ten million in 2012, and held steady between ten and eleven million since then.

Telephone number mapping is a system of unifying the international telephone number system of the public switched telephone network with the Internet addressing and identification name spaces. Internationally, telephone numbers are systematically organized by the E.164 standard, while the Internet uses the Domain Name System (DNS) for linking domain names to IP addresses and other resource information. Telephone number mapping systems provide facilities to determine applicable Internet communications servers responsible for servicing a given telephone number using DNS queries.

The Domain Name System Security Extensions (DNSSEC) are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protocol provides cryptographic authentication of data, authenticated denial of existence, and data integrity, but not availability or confidentiality.

The Internet uses the Domain Name System (DNS) to associate numeric computer IP addresses with human-readable names. The top level of the domain name hierarchy, the DNS root, contains the top-level domains that appear as the suffixes of all Internet domain names. The most widely used DNS root is administered by the Internet Corporation for Assigned Names and Numbers (ICANN). In addition, several organizations operate alternative DNS roots, often referred to as alt roots. These alternative domain name systems operate their own root name servers and commonly administer their own specific name spaces consisting of custom top-level domains.

<span class="mw-page-title-main">.fi</span> Internet country code top-level domain for Finland

.fi is the Internet country code top-level domain (ccTLD) for Finland. It is operated by TRAFICOM, the Finnish Transport and Communications Agency.

A country code top-level domain (ccTLD) is an Internet top-level domain generally used or reserved for a country, sovereign state, or dependent territory identified with a country code. All ASCII ccTLD identifiers are two letters long, and all two-letter top-level domains are ccTLDs.

The domain name arpa is a top-level domain (TLD) in the Domain Name System (DNS) of the Internet. It is used predominantly for the management of technical network infrastructure. Prominent among such functions are the subdomains in-addr.arpa and ip6.arpa, which provide namespaces for reverse DNS lookup of IPv4 and IPv6 addresses, respectively.

<span class="mw-page-title-main">Naukowa i Akademicka Sieć Komputerowa</span>

The Naukowa i Akademicka Sieć Komputerowa or NASK is a Polish research and development organization and data networks operator.

DNS spoofing, also referred to as DNS cache poisoning, is a form of computer security hacking in which corrupt Domain Name System data is introduced into the DNS resolver's cache, causing the name server to return an incorrect result record, e.g. an IP address. This results in traffic being diverted to any computer that the attacker chooses.

<span class="mw-page-title-main">.tel</span> Top-level domain

The domain name .tel is a top-level domain (TLD) in the Domain Name System (DNS) of the Internet. It was approved by ICANN as a sponsored top-level domain, and is operated by Telnic. Telnic announced in January 2011 that over 300,000 domains had been registered since the start of general availability on 24 March 2009. A substantial drop of mostly IDN .tels occurred at the beginning of 2014. The total number of registered websites under .tel as of 9 October 2023 is approximately 43,227.

This article presents a comparison of the features, platform support, and packaging of many independent implementations of Domain Name System (DNS) name server software.

Google Public DNS is a Domain Name System (DNS) service offered to Internet users worldwide by Google. It functions as a recursive name server. Google Public DNS was announced on December 3, 2009, in an effort described as "making the web faster and more secure." As of 2018, it is the largest public DNS service in the world, handling over a trillion queries per day. Google Public DNS is not related to Google Cloud DNS, which is a DNS hosting service.

<span class="mw-page-title-main">Knot DNS</span>

Knot DNS is an open-source authoritative-only server for the Domain Name System. It was created from scratch and is actively developed by CZ.NIC, the .CZ domain registry. The purpose of this project is to supply an alternative open-source implementation of an authoritative DNS server suitable for TLD operators to increase overall security, stability and resiliency of the Domain Name System. It is implemented as a multi-threaded daemon, using a number of programming techniques and data structures to make the server very fast, notably Read-copy-update or a special kind of a radix tree.

Namecoin is a cryptocurrency originally forked from bitcoin software. It uses proof-of-work algorithm. Like bitcoin, it is limited to 21 million.

<span class="mw-page-title-main">Turris Omnia</span>

Turris Omnia started as a crowdfunded open-source SOHO network router developed by the CZ.NIC association.

A public recursive name server is a name server service that networked computers may use to query the Domain Name System (DNS), the decentralized Internet naming system, in place of name servers operated by the local Internet service provider (ISP) to which the devices are connected. Reasons for using these services include:

<span class="mw-page-title-main">OpenNIC</span> Organization

OpenNIC is a user-owned and -controlled top-level Network Information Center that offers a non-national alternative to traditional top-level domain (TLD) registries such as ICANN. As of January 2017, OpenNIC recognizes and peers all existing ICANN TLDs, for compatibility reasons. However, OpenNIC has not yet evaluated and does not hold a formal position on future ICANN TLDs.

References

  1. "Turris Omnia: Hi-performance & open-source router".

50°04′22″N14°26′16″E / 50.0729°N 14.4377°E / 50.0729; 14.4377