Access to zonefiles for .se and .nu

As of May 16, 2016, IIS will be providing information about .se and .nu domain names that are visible to the internet public. This means that the technically designated domains in the Domain Name System (DNS) will be visible when the zone files for these two top-level domains are released to the public and made available for download for the first time.

The zonefiles can be downloaded at zonedata.iis.se.

The Internet Foundation in Sweden, IIS, is responsible for the internet’s Swedish top-level domain, .se, including the registration of domain names, and the administration and technical operation of the national domain name registry. As of September 2013, IIS has also been managing the operation and administration of the .nu top-level domain.

Zone files accessible for .se and .nu

In our endeavor to be transparent, IIS is making the zone files for .se and .nu available as of May 16, 2016. By its nature, the DNS constitutes a public infrastructure. Information about domain names under .se and .nu will be published in their respective zone files to make them accessible to the general public. Previously, the DNS could only be utilized for looking up the domain names administered by IIS, but providing accessibility to the zone files will make all the delegated domain names visible.

What is a zone file?

An authoritative name server on the internet holds DNS information about a particular domain. For example, IIS name servers hold information about the .se and .nu top-level domains. Every authoritative name server provides information about all the delegations and complete DNS information (including IP addresses) about the section of the domain that is not delegated, which is called a zone. The DNS information provided by an authoritative name server on the internet is contained in a text file, called a zone file.

There is no confidential information in zone files – the information we publish in such files is necessary for the domain name to function on a technical level. In addition to the information provided by the DNS, we publish accessible information about a domain name through our WHOIS service.

Format for zone files

Zone files are made accessible in the format closest to that of the DNS, namely as a zone file. In addition to the domain names that we administer, a zone file contains its associated name servers and all the DNSSEC information. We publish zone files in the format defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1). There is an abundance of tools for parsing this format, in addition to the software that provides the DNS infrastructure.

Domain name registrant’s responsibilities for delegation

The responsibility for domain names that are registered under .se and .nu is delegated to the domain name registrant. This entails the domain owner personally indicating the authoritative internet name servers that contain information about specific IP addresses connected to the domain name. The domain owner may either personally manage the operation of the name servers or delegate the responsibility to another party, such as an internet service provider or a web-hosting provider.

Research and quality on the internet

By unveiling our zone files, our hope is that this will indirectly benefit the Swedish section of the internet by allowing more people to perform analyses and conduct broader research on the services available in Sweden. IIS has previously performed various forms of quality measurements through its efforts on the Health Status in Sweden.

Questions and answers

 

Why don’t you just publish the list of domains?

The zone files contain all the domains that are accessible from IIS through the DNS. The DNSSEC information in a zone file provides verification that the zone file originates from us and no other source. It is easy to extract a domain list from the zone file by using various tools that are available.

Are there tools for interpreting the zone file?

In addition to the standard software used for operating name servers, there are numerous standard tools for inspecting zone files. The idns distribution provides numerous tools for parsing zone files in different ways, and the software can be adapted to perform customized tasks. For example, a list of domains can be extracted from a zone file through clean-zone.sh.

Won’t an accessible zone file increase the volume of spam?

Numerous methods have long been available for accessing the contents of a zone file. Lists of domains and e-mail addresses are circulated between spammers and we are convinced that our publication will not make any difference.

What must I consider if I wish to register a secret domain name?

There are many reasons not to publish a domain name prior to its launch. It might not always be expedient to reveal brands and temporary campaigns beforehand. To keep anyone from becoming aware of a domain name registration, you should defer delegation of the domain name which will prevent it from being written to the zone file. Refer to your registrar if you have questions about how to proceed. They can help.

Are any other top-level domains publishing their zone files?

All the gTLDs (generic top-level domain names) and new gTLDs are making their zone files accessible. However, this accessibility is somewhat limited for essentially all of the top-level domains. The new gTLDs are accessible through ICANN’s system, CZDS.

Do IP addresses constitute personal data?

The IP addresses in zone files do not identify any individuals. The IP addresses that are used to contact DNS servers to obtain further information about a domain name and the IP addresses that belong to a domain point to their respective DNS operators. These IP addresses are accessed at any time by internet users and do not constitute information that can be considered confidential, or which may be used to identify a behavior on the internet. The IP addresses contained in zone files are considered public IP addresses, or in internet terminology, infrastructure addresses (which also include web servers, routers and other equipment belonging to components of the internet infrastructure).

Can I personally opt not to have my domain name included in the distributed zone file?

All domains that are intended for use to reach resources such as a website must be published in the zone file. As soon as the domain is published in the file, additional information about the domain is forwarded to DNS resolvers and other DNS systems that query the information in the DNS. This information has never been considered confidential. The complete zone file has always been accessible to those with technical abilities, through various methods and data sources. Hence, we are publishing the zone file in its entirety.

For those who wish to maintain a secret domain name, we recommend never to delegate the domain. If your domain is registered but not delegated in the DNS, domain information can still be obtained through a Whois query. 

Do you provide an API for querying domains in the zone file? If not, why not?

The APIs (or protocols) offered by IIS for querying domain information are called the DNS and Whois. DNS provides information about where to find further information about the domain through zone-file delegations, while the Whois function provides further information about the domain owner.

How up-to-date is the information in the published zone file?

The zone file that we publish is identical to the one installed on our name servers. We update the zone file every other hour, so you always have access to the most recent zone file containing up-to-date information.

Where can I obtain the zone files?

The zonefiles can be downloaded at zonedata.iis.se.