Domain Registry Lock for .ZA being explored No ratings yet.

Staff Contributor

Staff Contributor


ZA Central Registry (ZACR), the organisation which administers top-level domains such as .ZA, .joburg, and .Africa, has said that it is looking into implementing registry locking for the .ZA namespace.

MyBroadband recently reported on the lack of registry and registrar locking for .ZA domains, and the importance of having registry locking in light of the large-scale domain hijacking attacks earlier this year.

In response to the article, the ZACR has revealed that it is exploring the possibility of implementing Registry Lock functionality. It explained that this would require a change in registry policy, following the development of supplemental policies in consultation with the ZA Domain Name Authority (ZADNA).

DNS-ZA, the technical service provider to the ZACR and ZADNA, has also responded to the article in a blog post.

“We are also in advanced discussions with the ZACR to determine ways of implementing and promoting Domain Lock and Multi-Factor Authentication for all their second level and generic domains. Watch this space,” DNS-ZA said.

Registry vs. Registrar lock

While it may appear at first blush as though the ZACR and DNS-ZA are referring to the same thing, there is a big difference between registry and registrar locking.

When DNS-ZA referred to “Domain Lock” in its post, it linked to the Wikipedia page on Registrar Locking.

The ZACR used the definition from Wikipedia to differentiate between the two security measures, explaining that a Registrar Lock is a status code set on a domain name by its sponsoring registrar.

A registrar is the service provider you use to register and administer a domain, such as a web hosting company.

“The ZACR recognises the benefits that registrar lock provides to domain names under its administration and calls on its registrar community to consider offering this as a value added service to its end users without detracting from the rights that domain name holders have to manage their own domain names,” the registry said.

While registrar locks would be great to have on .ZA domains, Verisign has warned that this would not necessarily prevent the kind of domain hijacking attacks executed against North African and Middle Eastern top-level domains.

Locking a domain at the registry level would mitigate against such attacks, though.

Essentially, any modification to a domain would have to be authenticated by the registry itself. Verisign said it contacts the requester by phone, who must provide a security phrase for the name to be unlocked.

It is this kind of Registry Lock that the ZACR said it is busy looking at implementing.

Now read: South Africa’s .ZA domain is a security disaster waiting to happen

Please rate this

Join the conversation

Notify me of follow-up comments by email.
Notify me of new posts by email.


Industry News
Staff Contributor

MyBroadband: ATIO to close its doors

South African ICT service provider ATIO is under business rescue and is in the process of applying to be liquidated. ATIO was founded in 1986 and is a privately-held provider of information and communications technology services i
Read More »
Industry News
Staff Contributor

How The Cloud Changed Everything

Just a few years ago, cloud based communications were great for early adopters, those who are prepared for a few hiccups – but lots of jitter, shock, and dropped calls made it really difficult to talk everyday people and businesses i
Read More »
Apex Business Intelligence

Share this page


Telecoms Channel





Subscribe to get latest update.
Your Information will never be shared with any third party.