Notes on ccTLD zone file access

Background and Additional information about ccTLD zone file requests and operations.

This page is meant to provide supporting information on requests to access ccTLD zone files. Its content is based on the process and descriptions outlined in Section 2 of Specification 4 on the ICANN Registry Agreement from 2017, recognizing that this specific agreement is not binding for ccTLD Registry Operators.

This document is written so as to protect the personal information of the person that issued the zone file access request, while providing a durable reference to relevant aspects of the request for zone file access.

Basis for granting our zone file access request

The zone file access request that likely brought you to this page was made in support of research in the Security, Stability and Resiliency of the DNS. In particular, the research is currently focused in the security mechanisms that apply to electronic mail transmission and its adoption over time by registrants and registrars, across all regions of the globe. In order to fulfill this goal, zone file data is combined with other data sources to provide a window on the deployment of email security or authentication protocols across the board.

Various common concerns regarding granting of the zone file access requests include the following:

  • Credentialing or identification requirement

    The original zone file access request included complete, valid and accurate identifying information for the individual issuing the request. This includes full person name, email address, phone number and physical address along with a declaration that the request is being issued on the individual’s own personal capacity and not in affiliation with any company or other organizations.

  • Zone data protection

    Zone file data obtained as a result of this zone file access request is stored in general purpose computer hardware that has been secured according to best practices. Transit of the zone file data is minimized by design and restricted to the minimum amount of hardware required for its intended purpose. In addition, zone file data is not backed up to any external media. Access to the zone file data is restricted to the individual who issued to zone file data access request.

    Zone file data is physically stored and processed in California, United States of America. California enacted the California Consumer Privacy Act in 2018.

    Upon termination of the authorization to access zone file data, said zone file data will be purged from any and all computing devices involved in its downloading and processing.

  • Marketing and other unauthorized uses of zone file data

    The zone file data obtained as a result of this zone file access request is meant to be used solely for the purpose stated above, which does not involve any form of marketing to any third parties.

  • High volume, automated processes of querying

    The zone file data obtained as a result of this zone file access request will be used precisely to avoid the need to engage in the wasteful resource utilization. Indeed, access to the zone file data allows for an efficient operation of the data gathering component of the stated research objectives, and therefore reduces resource utilization for all parties involved.

  • Business operation interruption of Registries, Registrars or Registrants

    See point above.

If despite the above exposition you are still unable to approve the zone file access request, we would appreciate you getting in touch using the email address provided in the request to provide additional information. Both the request and this document have been prepared in good faith, with the goal of helping us all save time and obtain the desired data access with minimal interaction and in the shortest possible time.