Patent application number | Description | Published |
20100325723 | SHARED REGISTRATION SYSTEM MULTI-FACTOR AUTHENTICATION - A system and method for establishing a chain of trust from a registrant to a registry. A registrant request to a registrar to change a domain name record includes at least one registrant factor, such as a one time password. The registrar can formulate an extended EPP command that includes the factor to effectuate the change and send it to a registry. The registry can verify the at least one factor using at least one validation server. If the factor is successfully verified, the EPP can be processed by the registry. If the factor is not verified, the EPP command may not be processed and an error message may be generated and sent to the registrar. | 12-23-2010 |
20110047292 | METHOD AND SYSTEM FOR INTELLIGENT ROUTING OF REQUESTS OVER EPP - Method and system for routing EPP requests over a network are provided. The EPP request can include XML namespace information and optionally XML sub-product information. A gateway can receive the request and analyze the namespace and in some instances, sub-product information to determine the service to which the request is directed. Thereupon, the gateway can route the request to the appropriate service by consulting a routing table that can have status and connectivity information for all the available services. | 02-24-2011 |
20120173681 | Systems and Methods for Setting Registry Service Status - A system, method, and computer-readable medium enable a domain name or host name registry to effectively manage status codes associated with the domain or host. Status codes are organized into status sets that can be added, removed, activated, or deactivated in accordance with a suitable change request. The status codes corresponding to a removed status set that are also enabled according to other active status sets are not removed when the removal of the status set is processed. | 07-05-2012 |
20120173685 | Systems and Methods for Domain Name Exchange - A system, method, and computer-readable medium, is described that enables a domain name registrant the ability to exchange their existing domain in favor of a new domain without incurring additional domain registration fees and without affecting the other data fields of the existing domain. Once the domain exchange service is added to the domain registration, the registrant can exchange the domain name as often as it likes in accordance with the business rules of the registry until the domain exchange service expires. | 07-05-2012 |
20120174198 | Shared Registration Multi-Factor Authentication Tokens - A system and method for more efficiently establishing a chain of trust from a registrant to a registry. A registrant credential is associated with a Shared Registration command and is sent by a registrar to a registry. Upon successful validation, a token is generated and bound to a registrant identifier. The token is included along with the registrant identifier in subsequent discrete Shared Registration commands submitted to the registry on behalf of the registrant. The registrant thus needs to submit its credential only once for changes that require several discrete commands. Also, it is more efficient for the Shared Registration System to validate a token for a set of commands than to validate different registrant credential for each discrete command. | 07-05-2012 |
20120254386 | Transfer of DNSSEC Domains - Systems and methods of transferring a DNSSEC enabled domain from a losing hosting provider to a gaining hosting provider are described in which the transfer of the domain may be achieved without disruption to a DNSSEC validation of the domain. Systems and methods, such as those directed to registry and/or registrar servers, may include transferring a DNSKEY or Delegation Signer (DS) record from a gaining hosting provider to a losing hosting provider prior to transferring the domain from the losing hosting provider to the gaining hosting provider. A gaining hosting provider may sign DNS records of the domain with the gaining hosting provider DNSKEY prior to transferring the domain from the losing hosting provider to the gaining hosting provider. Additionally, a registry server, or similar device, may be configured to act as an intermediary between the losing hosting provider and the gaining hosting provider during the transfer process. | 10-04-2012 |
20120278626 | DNSSEC Inline Signing - Systems and methods of performing incremental DNSSEC signing at a registry are described in which digital signature operations may be performed as part of a single transaction including DNS add, update, and/or delete operations and the like. Exemplary methods may include receiving a domain command from a requester, the domain command including an identifier of a domain. The received domain command may be executed with respect to data stored by the registry for the domain. As part of an individual transaction including the execution of the domain command, the registry may also sign DNSSEC records for the domain using a private key of an authoritative server. After the DNSSEC records have been signed, the registry may incrementally publish the signed DNSSEC records to a separate server. Exemplary methods may also include “took-aside” operations in which, for example, add, update, and/or delete operations may be executed on data stored in a registry database and reported to a requester, prior to applying digital-signatures to the DNSSEC data. After reporting that the instructions have been executed, the registry may generate a digital signature based on the add, update, and/or delete changes, and commit the digital signature to a registry resolution database. | 11-01-2012 |
20120284505 | DNSSEC SIGNING SERVER - Systems and methods for performing DNSSEC signing are described in which digital signature operations may be performed by a network accessible signing server that is configured to interact with a separate client application. Exemplary methods may include receiving a signing request at the signing server from the client application to sign first data. The signing server may determine an active KSK and/or an active ZSK for the first data. The first data may then be transmitted by the signing server to a digital signature modules, which may include, for example, a hardware support module, or software signing applications. The signing server may receive a digitally signed version of the first data from the digital signature module, and provide the signed first data to the client application. | 11-08-2012 |
20120304004 | RECOVERY OF A FAILED REGISTRY - A system, method, and computer-readable medium, is described that enables a registry recovery service to retrieve zone files from a target registry, archive the zone files, publish the zone files to a managed DNS server, reconcile ownership of the zone files, and publish the zone files to a provisioning DNS server. The registry recovery service may also implement a WHOIS server for the zone and ownership information and may also implement zone specific features particular to the target registry's TLD. The registry recovery service may also enable DNSSEC extensions on the recovered registry DNS services. | 11-29-2012 |
20130080341 | PROTECT INTELLECTUAL PROPERTY (IP) RIGHTS ACROSS NAMESPACES - Systems, methods, and apparatuses consistent with the invention relate to protecting namespaces. In one exemplary implementation, the systems, methods, and apparatuses may validate whether or not there is consistency of sponsorship between a first namespace and a second namespace grouped with the first namespace, and perform an action related to the first namespace if there is consistency of sponsorship. | 03-28-2013 |
20130173497 | METHODS AND SYSTEMS FOR CREATING NEW DOMAINS - Systems and methods for creating a new domain, such as a top-level domain or a second-level domain, make use of a Domain Manager that enables a user to enter data that is necessary or optional to implement the creation of a new domain. Systems such as, for example, a Registry and one or more Registrars, may use the data defined by the Domain Manager to create a new domain. | 07-04-2013 |
20130174254 | METHOD FOR ADMINISTERING A TOP-LEVEL DOMAIN - A method for administering a top-level domain by analyzing domain name registrations for requests for suspicious or malicious domain names. A request to register a domain name is received. The requested domain name's information may be stored in a registry database. The requested domain name may also be conditionally stored in the domain name system (DNS) zone. The requested domain name is compared to a list of botnet domain names stored in a watch list database. If the requested domain name corresponds to one of the botnet domain names, the requested domain name is prevented from being added to the DNS zone or is removed from the DNS zone, if it has already been stored there. The information regarding the requested domain name is stored in the registry database, even if the domain name does not ultimately stay in the DNS zone. | 07-04-2013 |
20130198410 | METHOD AND SYSTEM FOR INTELLIGENT ROUTING OF REQUESTS OVER EPP - Method and system for routing EPP requests over a network are provided. The EPP request can include XML namespace information and optionally XML sub-product information. A gateway can receive the request and analyze the namespace and in some instances, sub-product information to determine the service to which the request is directed. Thereupon, the gateway can route the request to the appropriate service by consulting a routing table that can have status and connectivity information for all the available services. | 08-01-2013 |
20130204838 | METHOD AND SYSTEM FOR INTELLIGENT MANY-TO-MANY SERVICE ROUTING OVER EPP - Method and system for routing EPP requests over a network are provided. A routing system includes multiple frontend service interfaces, one or more gateways, a management server, and a backend service platform that provides multiple application services. The frontend service interfaces are addressable using virtual IP addresses (“VIP”) and can be provided by the gateways. The routing system defines a many-to-many mapping between the frontend service interfaces and a set of services provided by the backend service platform. A requestor can send a request over EPP to a targeted service interface to access one or more backend services, by sending the request to a target IP or domain name that corresponds to a VIP associated with the targeted service interface. Using the many-to-many mapping and the VIP of the targeted service interface, the routing system can identify backend services sought by the request and provide the requestor with access to the backend services. | 08-08-2013 |
20140143381 | RECOVERY OF A FAILED REGISTRY - A system, method, and computer-readable medium, is described that enables a registry recovery service to retrieve zone files from a target registry, archive the zone files, publish the zone files to a managed DNS server, reconcile ownership of the zone files, and publish the zone files to a provisioning DNS server. The registry recovery service may also implement a WHOIS server for the zone and ownership information and may also implement zone specific features particular to the target registry's TLD. The registry recovery service may also enable DNSSEC extensions on the recovered registry DNS services. | 05-22-2014 |
20150058477 | COMMAND PERFORMANCE MONITORING - Command performance may be monitored. In a monitoring transaction, a product may be selected from a plurality of products in one group of a plurality of groups of products. Execution performance of a command by the selected product may be monitored. The monitored execution performance may be provided for determining compliance with a service level agreement for the product based on the monitored executed performance. | 02-26-2015 |