Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions

Internet security standards: targets aren't being met

Forum for Standardisation puts pressure on government organisations and vendors

  • Tuesday 17 December 2019

Vendors need to provide better support for modern internet standards, and implementation should be made easier. So says Bart Knubben of the Forum for Standardisation following publication of the Information Security Standards Survey. "The growth has continued, but the agreed targets aren't yet being met. In fact, the use of DNSSEC security for mail delivery by municipal and provincial authorities has declined. That's due to several authorities switching to Office 365 Exchange online, a service that doesn't support DNSSEC or DANE. We're talking to Microsoft to get that changed."

The Forum for Standardisation advises the public sector on the use of open standards. It also maintains the 'use-or-explain' list, which details the open standards that Dutch government bodies are expected to include in their procurement specifications for ICT products and services. On the list are standards such as DNSSEC, DKIM/SPF/DMARC, HTTPS, HSTS, STARTTLS/DANE and IPv6. A Joint Ambition Statement that includes implementation deadlines for those modern (security) standards has additionally been agreed with the Pan-governmental Digital Government Policy Forum (OBDO).

Web standards

The current adoption picture is illustrated by the following diagrams. As you can see, support for web standards is gradually creeping up towards 100 per cent. The Forum for Standardisation believes that further progress will depend on approaching non-compliant organisations individually.

Mail standards

Where mail standards are concerned, a similar slowdown in growth is apparent, but at a significantly lower adoption level. The figures for DANE and DMARC (with the 'reject' policy configuration) are particularly disappointing, at 45 and 49 per cent respectively. As the Forum for Standardisation observes, half of Dutch government mail domains are not adequately protected against spoofing. Although in principle the Joint Ambition Statement allows organisations until the end of the year to implement the standards, it looks fairly certain that many will miss the deadline.

DMARC reject

According to Knubben, implementing DMARC with the 'reject' policy configuration is difficult for many organisations. "Larger organisations that use numerous external mail distributors find it particularly hard to specify all legitimate mail flows. That may say something about how much control government organisations have over their IT infrastructures. It's important that such organisations bring in third-party expertise or ensure that their own staff are properly trained. Plenty of governmental bodies have now shown that the challenges can be overcome." "DKIM, SPF and DMARC are complex standards. Authorising additional mail server addresses to send mail for a domain isn't straightforward. Mail service providers and software vendors therefore need to make it easier to adopt the standards."

Letter to Microsoft

Knubben says that the fall in the percentage of MX portals (mail delivery portals) that are DNSSEC-enabled is mainly due to several municipalities and provinces switching to Microsoft's Office 365 Exchange online, which doesn't support DNSSEC (or therefore DANE). It is not yet clear how the authorities in question reconcile the switch with their obligation to make DNSSEC support a requirement when sourcing new infrastructure and services. "It's certainly disappointing. Any organisation that's using Office 365 Exchange online isn't adhering to the mandatory standards." In the summer, the government's dedicated Strategic Vendor Management team (SLM) wrote to Microsoft Nederland formally requesting the urgent implementation of DNSSEC and DANE on their Office 365 mail servers. The accompanying memorandum setting out the Dutch government's position on DNSSEC and DANE for mail says that Office 365 users are currently unable to comply with applicable regulations and standards. From the memorandum, it's also apparent that Office 365's negative impact on DANE support is roughly ten percentage points.

Official pressure

As well as being required to follow the 'use-or-explain' list and the Joint Ambition Statement, government bodies need to secure their mail traffic in order to comply with local laws implementing the EU's General Data Protection Regulation (GDPR), since some mail will inevitably include sensitive information. Directions on compliance are given in the National Cyber Security Centre's (NCSC's) factsheet Secure the connections of mail servers, which advises the use of STARTTLS/DANE. The National Information Security Baseline (BIO) also makes it clear that DANE for mail must be enabled. "It isn't easy to get major vendors such as Microsoft to act," says Knubben. "The only way is to bring user organisations together to exert concerted pressure." Significantly, the memorandum referred to above points users to the Azure Feedback Forums and the Office 365 UserVoice Forums, where DNSSEC is one of the most frequently requested features. The Forum for Standardisation's biannual surveys also help to put non-compliant government organisations and vendors in the spotlight. "Early next year, our findings will be reported to the OBDO and to the Dutch parliament. So official pressure can be ramped up by naming, faming and shaming." Nevertheless, Knubben isn't sure how Microsoft will respond. "The talks are still ongoing and they've been constructive. We don't believe that Microsoft will be able to ignore the fact that so many users are demanding support for modern e-mail security standards."

Other vendors

Meanwhile the Forum for Standardisation is additionally negotiating with other vendors about better support for security standards. "We've already managed to persuade Cisco," says Knubben. "Their mail appliances now carry out DANE validation before delivering mail. We're currently talking to Proofpoint, Fortinet and others about enabling DANE validation. The talks are going well: both have said that they'll implement DANE. However, it's still important that individual government bodies and other organisations keep telling their vendors that they want these security standards enabled."