The ZA Central Registry (ZACR) launched a registry lock on 15 September 2020 for .ZA, .AFRICA and the dotCities (.joburg, .capetown and .durban).
The launch details were a bit thin and the ZACR support staff seemed unsure of internal procedures based on questions we put to them. We then decided to test the registry lock process so we could evaluate its practicality and security for our clients.
We would lock our domain name lexsynergy.co.za monitoring response times and adherence to procedures and thereafter unlock the domain name. Support services are crucial when offering a registry lock service as updates may need to be made urgently and at odd times. Delays could result in downtime, interruption of services and potential losses for the business using the locked domain.
15 September 2020
Action | Result |
12:00 – Lock request made via the ZACR portal | Portal error |
12:02 – Contacted ZACR about the issue | - |
12:48 - ZACR responded | Portal issue was fixed |
14:17 – Lock submitted | Lock request recorded on the ZACR portal |
16 September 2020
Action | Result |
15:13 – ZACR Legal Department contacted Lexsynergy | ZACR apologized for not actioning the request due to an internal issue |
15:52 – Lock was confirmed with a passphrase setup |
|
19 September 2020
Action | Result |
23:48 – An unlock request submitted | No response from ZACR |
22 September 2020
Action | Result |
14:45 - Lexsynergy emails ZACR to follow up on unlock request | - |
15:45 - ZACR Legal Department calls Lexsynergy | Domain unlocked during the call |
THE ZACR DOES NOT LOG THE LOCKING/UNLOCKING ACTION.
ZACR is not ready to offer a registry lock service and domain name registrants should be wary before taking out a lock. It was concerning that the ZACR support staff were slow to respond and there seemed to be an apparent disconnect between the ZACR portal and their support staff. The registry confirmed telephonically that the service is NOT 24/7 with requests being handled “within 24 hours” and only on business days (Monday to Friday).
We are of the opinion that a registry lock is essential for safeguarding a domain name but the lock process should not pose a risk in itself, which it currently does under the current ZACR system and processes.
Domain names are core to a business and the organization managing a Top Level Domain such as ZACR should implement robust testing before launching a time-sensitive and mission critical service. Staff should also be well versed with the procedures as a lack of knowledge could result in breaches, unauthorized or delayed locks and unlocks.
We will review the locking/unlocking process in a few weeks to evaluate whether the issues we identified have been rectified.