Recently Identity Digital announced that they're now managing the .ai TLD for the Government of Anguilla but what management does a TLD require and what are the threats and challenges involved in running a top level domain? To get an answer to these questions I spoke with Ram Mohan at Identity Digital to find out more.
What goes into managing the sustainability and resilience of a TLD?
When a hurricane slams into your country and takes power down for hours, if not days, will the websites, emails and domain names that are behind hospitals, banks and utilities keep working? What would happen if some of the most iconic services like ChatGPT, whose parent runs on a .AI name, goes down? The world expects critical global infrastructure like domain name registries to simply work 100% of the time, no excuses.
When a state actor tries to blow up access to a TLD by throwing tens of millions of hits per second to the domain’s global systems, can it keep up? Can it deflect and deflate such attacks? These are not hypothetical situations; they happen with sickening regularity. Identity Digital sees thousands of denial of service (DDOS) attacks on its infrastructure and works with global partners to keep crucial services that ensure websites and emails work, backed by a global company with 24/7 service and a 100% availability guarantee.
The Identity Digital solution promotes resilience without sacrificing sustainability with its diverse and global infrastructure. Our platform is designed to leverage Amazon Web Services’ (AWS) secure systems, with rapid protection and recovery from zero day vulnerabilities and quotidian administrative errors. Additionally, our systems reduce the workload carbon footprint by more than 40%, which is more energy efficient than conventional data centres. Our operations within AWS also uses recycled water for cooling, and reuse discharged water.
We take pride in our role as a leading domain name administrator, registrar, and registry operator. Identity Digital believes that environmental, social, and governance factors shape our business practices, industry, and the communities we serve. And we have taken care to shape our technology, platform and business practices around them.
Can you expand on the technicalities that go into sustaining a domain?
It’s important to remember that top level domains (TLDs) are only a puzzle piece in the internet’s large infrastructure. In short, TLDs and the Domain Name System (DNS) act as the ‘gateway’ to the modern internet. This is because the DNS turns domain names into IP addresses, which allow browsers to get to websites and other internet resources. Identity Digital is responsible for maintaining these TLDs through its broad network and seasoned expertise. Think of us like a library and our TLDs the books housed within the library.
We manage the stability and resilience of a TLD through stable scalability, multi-layered security, cloud resilience and cloud expert consultation. We are the first major operator to offer our services from a modern, cloud platform. This means that TLDs can quickly scale as domain names grow. Cloud infrastructure not only ensures greater operational stability, but also helps us mitigate the impact of a TLD’s increased demand.
We also develop resilience to prevent and mitigate the impact of regional outages, thus preventing drops in service while withstanding any attempts to overwhelm a domain’s capacity. This is sustained through an extensive, automated, and configurable cloud infrastructure that ensures critical systems are highly redundant.
A multi-layered security system is then designed to protect the operation of the registry and its resources. This way, attackers who penetrate one layer of defence will be stopped by a subsequent layer.
How does a domain/TLD attack work compared to a website attack?
Attacks between domains and websites have differing intentions. When a bad actor targets a domain or TLD, they’re attempting to confuse an individual user and redirect traffic so that they can trick them into providing sensitive information. This is often seen through attack vectors like phishing and spoofing.
When websites are attacked, bad actors are typically intent on shutting the website down or gaining access to a database of sensitive information powering the website. This is when information like usernames, passwords and financial details can become compromised and used for malicious purposes.
What are the advantages of using Identity Digital to do these things?
TLDs such as .AI are a part of critical global infrastructure. Businesses, organisations, and individuals worldwide depend upon companies powered by .AI to solve problems, cure diseases and streamline economies. Identity Digital is the pre-eminent registry services provider in the world, serving more countries than any other service provider in the world, in more geographies and of diverse sizes and needs. Our services ensure business continuity, enhance risk management and future-proof infrastructure solutions with sophisticated AI and ML capabilities.
No other provider has the same breadth and depth of services into the domain industry, the key way to provision and sell websites to companies and individuals worldwide. Identity Digital has a 20+ year history of being a responsible steward for some of the world’s fastest growing TLDs, including Australia (.AU) and India (.IN), and expects to nurture and grow .AI into one of the most reliable, respected and best managed TLDs in the world