Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions

Radiocommunications Agency audits SIDN

How supervision of an essential service provider works in practice

Check completed tasks on a list
  • Tuesday 24 November 2020

On 9 November 2018, the Network and Information Systems Security Act came into force in the Netherlands. Under the Act, SIDN was designated an 'operator of essential services'. As such, we became subject to supervision by the Radiocommunications Agency (nowadays 'Dutch Authority for Digital Infrastructure'). We have since had our first audit by the Agency. The findings will help us further enhance the security of the .nl domain.

Vital importance

SIDN under supervision of Radiocommunications Agency

If hackers were ever able to bring down the Netherlands' power grid, the implications for the entire country would be very serious. Energy companies are therefore designated 'operators of essential services' (OESs). Companies in other sectors can be classed as OESs too, if their activities are vitally important to the nation. In other words, if operational disruption would have a serious impact on society as a whole. As operator of the Netherlands' country-code internet domain, one of the biggest top-level domains in the world, we are an OES within the digital infrastructure sector.

Radiocommunications Agency

OESs in the energy sector and the digital infrastructure sector are under the supervision of the Radiocommunications Agency, which is part of the Ministry of Economic Affairs and Climate Policy. The Agency has extensive responsibilities. It's tasked with overseeing excavation work for underground cables and pipelines, for example. The reason being that excavation-related problems – accidental severing of fibre-optic cables, say – could have negative implications for digital infrastructure service continuity. Another of the Agency's jobs is checking that service station fuel pumps are correctly calibrated, so that drivers actually get the amount of fuel they pay for. It's also the Radiocommunications Agency that auctions off radio and mobile phone frequencies. The Agency's role involves both policy definition and supervision. One aspect of its supervisory work is checking that we are doing all that we reasonably can to assure the availability and integrity of our .nl services, as required under the Network and Information Systems Security Act (Wbni).

Stan van Bommel, Specialist Inspector at the Dutch Authority for Digital Infrastructure

Two-year cycle

Stan van Bommel and Rob Augustinus are the Radiocommunications Agency's specialist inspectors responsible for supervision of SIDN. Both have backgrounds in information security and were recruited specifically to provide the Agency with the expertise needed to supervise OESs. "We started last year by familiarising ourselves with the landscape and setting up a supervisory mechanism," explains Van Bommel. "We've put an annual inspection cycle in place. The plan is to alternate between general inspections and focused in-depth inspections. We started with an in-depth inspection this year."

Bespoke inspection

Inspecting an OES requires a customised approach, according to Inspector Augustinus. "With an internet exchange, the focus is mainly on the availability of the network infrastructure. But where SIDN is concerned, we're interested in both availability and integrity. In other words, not only are domains reachable, but also can users be confident that they're going to arrive at the site they want?"

Rob Augustinus, Specialist Inspector at the Dutch Authority for Digital Infrastructure

Pragmatic

Van Bommel and Augustinus favour a pragmatic approach to auditing. "We don't want to duplicate anything that others are already doing, or add to the regulatory burden unnecessarily. SIDN is already ISO27001-certified. So we've opted to take that standard as a framework for our audit," says Augustinus. "We'll be reporting our findings to SIDN at the end of the year. It'll then be up to SIDN to follow them up."

Looking ahead

For this year's audit, the Agency's focus has been largely retrospective. Ultimately, it will be necessary to widen the scope, according to Van Bommel. "We want to look more closely at future threats and developments and provide publications on a proactive basis to help OESs improve their security. For example, we're currently investigating chain responsibility in the digital infrastructure. We think the findings are going to be useful to the entire sector."

Constructive and to-the-point

Bert ten Brinke
Bert ten Brinke, security officer at SIDN

Our Security Officer Bert ten Brinke is positive about the Agency's work. "Sometimes external audits can be a little woolly at the outset, with the auditors taking a general look at the organisation, for example. Or they can be very time-consuming – I know that some other European registries have been asked to complete 250-point questionnaires for their local regulators. By contrast, the Agency's audit was to-the-point and constructive. And the auditors clearly know what they're about. There's a real sense that we're all after the same thing: a secure and reliable .nl domain." Ten Brinke is looking forward to getting the results. "Sometimes when you're directly involved on a day-to-day basis you're too close to see what's in front of you. An outsider brings a fresh perspective, which can yield insights that we can use to make the .nl domain even more secure."