Skype seeking a "Manager, Skype Developer Community"
Slight blog redesign underway...

Is the new ".tel" domain more than just a pretty face on top of DNS?

dottellogo.jpgIs the new ".tel" domain launching today more than just a pretty web interface to DNS? Is it something really unique? Is it a new service that couldn't be easily replicated elsewhere?

In case you haven't been following the subject, a company called Telnic has launched a new top-level DNS domain ".tel" today. Today, December 3rd, is the launch of the "Sunrise" period where companies can (for a high price) obtain the ".tel" domain associated with their trademark.

The point of ".tel", though, is to not just be "yet-another-top-level-domain" but rather to be a global directory of information - with users/companies having control of their own information.

With the first part of the launch happening today there has been predictably been a good bit of coverage in the blogosphere. Danielle Belopotosky had a great piece up on the NY Times Bits blog, Techmeme has a flow of links to stories and I am sure more will be appearing.

I would, though, suggest people wanting to understand the goals of the service go back and listen to our Squawk Box conversation on September 9th with Telnic's Justin Hayward ( The part about .tel starts at about the 17:50 minute mark of the podcast and literally did go on for about forty minutes. We put poor Justin through a bit of a wringer as he may not have realized he was walking into a conference call that included a bunch of DNS geeks. He presented his vision of how .tel would work and answered the many questions we threw at him. You can also watch the video of Telnic's DEMO Presentation where Justin is obviously pitching the .tel domain to the DEMO audience. (And yes, the Justin in the video is the same one who was on Squawk Box.)

While my friend Jonathan Jensen is quite enthusiastic about the .tel domain, I remain a bit troubled by a few aspects of it. First, though, let's talk about how it works...


One of the admittedly cool aspects of the ".tel" domain is it uses the Domain Name System (DNS) to store all of your contact information. I've been working with DNS for probably 15+ years now and have always viewed it as a rather remarkable creation. Ultimately, DNS is simply a massively distributed database system that allows for the easy querying of information on a global scale. I could go on at length about it and always enjoyed the DNS sections of the TCP/IP classes I used to teach because there is so much that you can do with tools like "dig" (or the previous "nslookup" tool) that are interesting (and fun).

But anyway... the reality is that today in general we pretty much only use DNS as a storage mechanism for mapping hostnames to IP addresses. When you entered "" in your browser window or clicked on a link to a URL that had that hostname in it, your local DNS resolver went off and queried DNS servers to find out the IP address for the web server hosting this site. Your browser then sent a HTTP request to that IP address asking for the appropriate page. That's what we primarily use DNS for.

But why not stick other information in the DNS database?

That's the central premise of ".tel". Why not put contact information, favorite URLs, etc. in there? you have always been able to do this (a point I made in the Squawk Box call). There are "TXT" records that you can insert related to your domain. There are "NAPTR" records that are used in ENUM systems to do lookups on phone numbers (they have other uses as well). On one level, there is nothing the Telnic folks are doing that you cannot do already for your own domain (as long as you can edit the DNS records).

Except that Telnic has put up a pretty web interface that lets you easily edit all of these records. No special knowledge required.

I joined Telnic's "beta" program and you can see in the image to the right what my page looks like from the public point-of-view. You can see that I have a telephone number, email addresses, Skype address, and other pieces of information. There's really no limit to the type of information I can put in here. All just various types of numbers, URLs, keywords and other pointers.

Now let's take a look at how this looks in DNS. Here is part of the output of the 'dig' command run against '':

dyork$ dig any
;; ANSWER SECTION:        86400   IN      A        60      IN      TXT     ".tkw" "1" "pa" "" "a1" "52 Probate Street" "tc" "Keene" "sp" "NH" "pc" "03431" "c" "USA"        60      IN      TXT     ".tsm" "1" "pddx" "1"        60      IN      TXT     "Dan York,  "        60      IN      TXT     ".tkw" "1" "bi" "" "o" "Voxeo" "d" "Office of the CTO" "jt" "Director of Emerging Communication Technology"        60      IN      LOC     51 31 12.000 N 0 7 48.000 W 0.00m 10m 2m 2m        60      IN      NAPTR   100 103 "u" "E2U+x-voice:skype" "!^.*$!skype:danyork!" .        60      IN      NAPTR   100 104 "u" "E2U+web:http+x-lbl:Blog" "!^.*$!!" .        60      IN      NAPTR   100 105 "u" "E2U+web:http+x-lbl:Employer" "!^.*$!!" .        60      IN      NAPTR   100 106 "u" "E2U+web:http+x-lbl:Blogs" "!^.*$!!" .        60      IN      NAPTR   100 100 "u" "E2U+voice:tel+x-lbl:Mobile" "!^.*$!tel:+1-407-967-8424!" .        60      IN      NAPTR   100 101 "u" "E2U+email:mailto" "!^.*$!mailto:[email protected]!" .        60      IN      NAPTR   100 102 "u" "E2U+email:mailto" "!^.*$!mailto:[email protected]!" .        3600    IN      NS        3600    IN      NS        3600    IN      NS        3600    IN      NS        3600    IN      NS        3600    IN      NS        3600    IN      NS        3600    IN      NS        3600    IN      SOA 14 10800 3600 2592000 600

You can see in here various TXT records corresponding to information I entered, a LOC record corresponding to where I was listed as being and NAPTR records pointing to various URLs, email addresses and phone numbers.

Now here's a key point - I entered all this information and in theory I control who sees all that information.

All of this information is publicly available because I chose that it would be publicly available. As Justin stated in our Squawk Box episode, users will have the ability to make some information private and available only to "friends" in some sort of social networking way. I say "in theory" only because in the administrative interface they made available to beta participants, I see no way of actually restricting the visibility of the data. Perhaps I missed something, but I'll take them on their word that they will deliver this functionality.

[UPDATE: Telnic has a page on their developer site about privacy and their friending mechanism.] admin interface itself is pretty straightforward. You simply add different records for contact information. You can re-order the pieces of information if you want them to appear in a different order. You can enable/disable pieces of information... delete them, etc.

You can also create "folders", which are effectively DNS subdomains. This, to me, is perhaps one of the more intriguing aspects because now I can create domains like "" and "" that show a subset of my overall contact data. I did have to enter it twice if I wanted it to appear in both places, but still... it's a nice feature to have.

All done very simply and easily through Telnic's web interface.

I would note, too, that because .tel is a "sponsored top-level-domain" (see Telnic's contract with ICANN), Telnic has more control over it than there is over a typical TLD. For instance, even though you purchase a .tel domain, you are NOT able to change the "A" record which points a domain to an IP address. What this means is that a ".tel" domain can never point to a website directly. It will always point to Telnic's web interface (where you could, if you wished, simply have one entry that pointed to your web interface). This type of restriction is not true of general TLDs.


The beautiful thing about using DNS is that it is fast and that it can be queried from basically any kind of client in any kind of programming language. DNS libraries exist out there for every language ever used in network-connected applications. In the video I referenced earlier, Justin shows an iPhone app that is able to get information from the DNS system far quicker than it probably ever would from standard web queries. This is what DNS was created for.

To help in that, the Telnic folks have created a Developer area and provided some sample applications (including the iPhone one).


In a word...


There is absolutely nothing stopping me, you, or anyone else from creating a service based on one of our domains that provided a pretty web interface that allowed users to populate DNS with such contact information. I could set up "", build a web UI, write some code to update DNS and start selling subdomains off of that domain. Justin could have ""... he could control it, update it, etc.

In fact, there are very few of the arguments I've heard from the Telnic folks that couldn't be equally addressed by someone else on their own domain. However, the Telnic folks do have a couple of advantages going for them:

SIMPLICITY - It's hard to argue with the simplicity of "". Easy to give out. Easy to type in. Easy to use. Beats by a mile the subdomain system I mentioned above.

EXISTING TLD INFRASTRUCTURE - Because they are a top-level-domain, they can make use of all the existing registrar infrastructure that exists to sell domain names. GoDaddy, DomainDirect, DomainPeople and every other domain registrar under the planet can sell these domain names. There's an existing and at this point very well understood process for registering names, paying for them, etc. If I were to set up my own directory system, I'd have to get people to sell the domains for me or sell them myself. I don't have an entire layer of domain sales companies ready to get out there and sell my domains.

THE SPONSORED-TLD RESTRICTIONS - As I mentioned earlier, by virtue of being a "sponsored TLD" the .tel domain has some additional restrictions set up by Telnic specifically around the inability of a domain owner to change the A record and redirect the .tel domain to a website. If you want a ".tel" domain, you have to agree to the terms of use - it's that simple. Proponents of any other TLD could enter into this directory game and aim to compete with Telnic, but they would have to deal with the fact that their TLDs are not locked into pointing to one location for the website.

So the answer is ultimately - anyone could really do this, but the Telnic folks have set themselves up nicely with some advantages.


So what are my problems with the .tel domain? Well, I guess I have two more technical issues and then some more fundamental issues. First, the technical issues:

BEAUTIFUL TARGET FOR SPAMMERS - The wonderful advantage of DNS is that it is simple and easy for anyone to query. That includes, of course, spammers. So if .tel is successful and people load up the .tel DNS servers with tons of public contact information, what in the world will stop spammers from harvesting all that public information out of the DNS trees? You can see above that it was trivial for me to get all the information associated with "" out of DNS. It's equally trivial for me to write a little script that iterates through potential .tel DNS names, grabs all the info, finds all records that include "mailto" and then emails those people. Or searches on "voice" and calls them....

Unfortunately there's nothing Telnic can really do about this.

Sure, they can throttle requests from certain sources when those sources launch a zillion requests... and then the spammers will just move to using distributed botnets. There's an inherent challenge in putting contact information out in publicly available systems like DNS - anyone can get it.

This is a large part of what has effectively killed any kind of public ENUM systems. ENUM had the same basic idea. Store phone numbers in DNS so that they and their corresponding SIP addresses could be retrieved. Wonderful way to map phone numbers to SIP addresses so that you can bypass the PSTN. However, spammers can do the same thing. One of the tools on the VOIPSA VoIP Security tools list (I forget which one) will do exactly this - issue ENUM queries into DNS and then make SIP calls to any SIP addresses found. Public ENUM is probably irrevocably dead because of this. (ENUM, however, is thriving inside of service provider/carrier networks, though.)

I've seen responses from folks at Telnic about the spam question (such as this one) focusing on the fact that you can choose who sees what and that the private information is protected by encryption. Which is great... but misses the point. The largest reason I can see to use a .tel domain is to get your information out publicly... so why would I then want to hide it?

SINGLE POINT OF FAILURE - The same strength that Telnic has in not being able to modify the DNS A record is also a weakness. Everything goes back to Telnic. I am sure they have spent a huge amount of time on making their system scalable, reliable, etc. But still... if someone out there mounts a large Distributed Denial-of-Service (DDoS) attack from some botnet... the site and service could be taken offline. Now this is true of most all other emerging services today, so Telnic is not alone in this. But it does cause me some concern. (I guess the one counter argument to this is that presumably local registrars would be able to provide authoritative DNS servers for a given .tel domain. In that case it is not all dependent upon Telnic's servers - although you still would be for authority for the root of the .tel domain.)

Those are my technical concerns.

On a more fundamental level, I have some other concerns:

DIRECTORY INFO IN THE HANDS OF A SINGLE COMPANY - It does admittedly bother me to have a single company behind this .tel domain. Yes, I know, everyone enters their own information and it's all stored in the distributed DNS database. I also realize that for someone to build out their website and infrastructure, etc., it takes money... and the expectation that there will be money coming in at the end... that there will be a return on investment.

Don't get me wrong... the folks at Telnic seem to be great and decent folks. They may be. But I just have fundamental issues when a service that would like to be part of our core Internet infrastructure (as our global directory) is owned by a single company.

Those of us who remember the early days of the Internet remember how much we all chafed against Network Solutions' monopoly on domain name registrations (and their ability to charge more and more). We remember the walled gardens of CompuServe, AOL, GENIE, Prodigy, etc. I am still concerned about the new walled gardens of Facebook, MySpace and even Twitter. I am concerned about Skype's walled garden as it becomes increasingly central.

I'm a security guy. I understand the value in distributed systems and diverse environments (while understanding there are also corresponding risks) in ensuring reliability and availability.

The folks at Telnic may be great people... today. But if the service takes off and then they are acquired by someone else who isn't so friendly... what then?

I guess I'd be far more excited and enthusiastic if the global ".tel directory" was being promoted by some nonprofit consortium or academic-led group... (But then again, would they have been as incented to create it in the first place?)

telniclaunchinfo.jpgDID IT NEED TO BE SUCH A BLATANT MONEY-GRAB? - Maybe I am just a bit put off, too, by the rather blatant language the Telnic folks use around their launch information. Today is the "Sunrise" period (no real problem with that term) where trademark owners can apply for their name and pay a very high fee to do so. February 3 marks the "Landrush" period (yes, I don't like this one) when anyone can register a .tel domain for a "premium" price and then finally March 24, 2009, represents the general availability when anyone can register a domain at "regular" prices.

On the one hand, I applaud Telnic on their transparency - it undoubtedly will be a "landrush" on February 3 as everyone who doesn't have a trademark but wants in on a new TLD will rush to do so. And there will be X number of domain squatters who will be looking to register any and all domains that were not grabbed by their prominent owners in .com/.net/.org in an attempt to then try to get those folks to buy the domain names from the squatters. It probably will generate a good bit of revenue for the domain registrars... for Telnic... and for their investors. I just guess I wish it weren't so blatant - I guess the whole "landrush" thing bothers me most... just make the domain available at a price for all of us. Ah, well - I can see why they did it.

DO WE REALLY NEED ANOTHER DIRECTORY? - This is not so much of a problem as a general question... I think it's clear to me that we are still trying to sort out how people best find our contact information on the Internet. We've been trying this since we first started moving online and there have been any number of attempts before. (Recall that Yahoo got its start as a directory of web sites in the then very tiny World Wide Web.) We're still not there. Sites like Facebook would like to be that site for us. So would LinkedIn and Plaxo and a zillion others. Plus there's any number of other startups. Plus you can always take out your own domain name and set that up (as I have done). Will Telnic and the .tel folks succeed where others haven't? I don't know.


So at the end of the day, would I buy a ".tel" domain? I don't know. I think it's an interesting idea and the reality is that yes, I probably would buy "" if by some miracle it is actually available in March... mostly just because I own most of the other "danyork.*" domains already. There are, of course, many other "Dan York"s out there and so perhaps one of them will get this one. Or perhaps some domain squatter will buy that domain after reading of my interest here in the hopes that he/she could milk more money out of me. (Sorry, but NO!) I just don't see that the value shouts out to me enough that I might be willing to join into the "landrush" and pay a premium price.

But even if I bought it, would I use it? I don't know. The potential for spam still seems high to me. We'll have to see what they do to combat it.


In the end, the problem of locating contact information out on the Internet remains a challenging issue... where do you find the best contact info for someone? a Google search? Facebook? LinkedIn? the person's web site? Some other social networking site? Skype's directory?

Telnic's launch of .tel throws another hat into the ring... why not store all that info in DNS? Will .tel be used? Will people accept a new TLD? (Or are they getting fatigued of new TLDs?) Can the Telnic folks address the spam-harvesting issues that have basically killed public ENUM? Or are those inherent problems of using a public system like DNS? Will enough people use it to make it be a valuable database?

I commend the folks at Telnic for stepping into the ring and offering a solution - and I'll certainly be joining in watching what happens.

What do you think? Would you buy one? Or do you think there are other/better solutions?

If you enjoyed this post, please consider either subscribing via RSS or following me on Twitter or

Technorati Tags: , , , , , ,