Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions

SIDN under supervision of Radiocommunications Agency

How we became an 'operator of essential services'

On 9 November 2018, the Network and Information Systems Security Act (Wbni) came into force in the Netherlands. At the same time, SIDN was designated an operator of essential services (OES), as provided for under the act. As such, we are now subject to supervision by Radiocommunications Agency (nowadays 'Dutch Authority for Digital Infrastructure'). In this blog, I outline the background to that designation and its implications.

Background to the Act and OES status

The new Dutch law implements the European NIS Directive, which is intended to assure adequate digital security throughout Europe.

The Directive and the Wbni focus on 'operators of essential services' and 'digital service providers'. Cloud service providers, search engine operators and internet marketplace operators all come under the second heading, while SIDN is covered by the first.

Operator of essential services

Operators of essential services are organisations that provide services that are vitally important to the community. They include energy suppliers, telecom service suppliers, and air traffic control service providers. A list of examples is provided in an annex to the NIS Directive, which individual member states are expected to use as guidance for designating their own OESs.

The NIS annex includes two examples that are relevant to SIDN: 'DNS service providers' and 'TLD name registries'.

In the Network and Information Systems Security Decree (Bbni), the Dutch government accordingly states that the following are regarded as OESs:

  • The operator of a register of top-level domain names, which is recognised by the Internet Assigned Number Authority (IANA) and manages more than 1,000,000 registered domain names.

  • operator of a register of top-level domain names, which is recognised by IANA, manages more than 1,000,000 registered domain names and provides DNS services in respect of those names.

By virtue of its .nl services, SIDN qualifies as an OES under both of those definitions. In neighbouring European countries, the national TLD operators are also being designated as OESs.

What does the new law mean for SIDN?

First, as an operator of essential services, SIDN has a duty of care, as defined in Sections 7 and 8 of the Act. In brief, what that implies is that an OES has to take appropriate technical and organisational measures to ensure the following:

  • The management of the security risks to their network and information systems

  • The prevention of security incidents and the mitigation of any incidents that cannot be prevented, with a view to assuring service continuity

In addition to the duty of care, an OES is required to report any incident with significant or potentially significant consequences for service continuity (Section 10 of the Wbni). Incidents have to be reported to the National Cyber Security Centre (NCSC), so that the NCSC has the opportunity to assist with incident response and protect others, e.g. against the same cyber-attack. Each incident has to be reported to the supervisory authority as well. In SIDN's case, that is the Radiocommunications Agency, whose responsibilities include supervising all digital infrastructure OESs.

This is a new situation for SIDN: never before have some of our activities been under the formal supervision of a government agency. Since 2008, we have had a covenant with the Dutch government, in which mutual undertakings are made with a view to assuring the continuity of the .nl domain. However, that is a voluntary agreement, which creates no sense of mandatory supervision.

It's important to understand, however, that only the availability and integrity of our .nl DNS and registration services are now subject to supervision. We remain free to assign SIDN domain names as we see fit, and to decide for ourselves whether, when and how we respond to incidents involving domain names. We also retain control over what data is shared in the Whois. 

What difference will outsiders notice?

As far as the outside world is concerned, the fact that we are now a designated and supervised OES should make no difference. Even within SIDN, the impact is likely to be minor. After all, our information security has traditionally been of a very high standard. We've been ISO27001-certified since 2011, for example. Moreover, we've always worked closely with the NCSC (previously GovCert), and we already report significant incidents to the NCSC on a voluntary basis. Our constant emphasis on quality also means that the availability of our DNS service has been 100 per cent for as long as anyone can remember. The availability of the domain registration system is barely any lower, averaging 99.9 per cent in recent years.

We are currently holding talks with the Radiocommunications Agency about the form that supervision should take. The practical details will be worked out over the course of the year. Our priority will be to ensure a collaborative approach, and preliminary discussions with the Agency give every reason for optimism on that score. We are therefore very confident that a constructive working relationship will be established, which will contribute to the stability and availability of the .nl domain.

Article by:

Maarten Simon

Maarten Simon

Legal & Policy Advisor