Domains

Internationalised domain names

The registration of internationalised domain names (IDNs) with macronised vowels, which feature in the Māori language, an official language under New Zealand law, are allowed in the .nz domain space.

These IDNs are supported in the IRS portal and in the EPP API.

EPP uses the IDN 1.0 EPP extension. This extension must be used when registering IDN domain names. For full details of the extension see : idn-1.0 - RFC Draft: eppext-idnmap

The IRS registrar guide also contains details on using IDNs in the IRS portal and provides EPP examples.

Domain information

Authorisation code (Auth-Code)

  • Registrars must specify a new Auth-Code when creating a domain or on request from a domain name holder,

  • The Auth-Code must be 16 characters in length and consist only of alphanumeric characters, i.e. lowercase a to z, uppercase A to Z, numerals 0 to 9 or the hyphen (-),

  • Auth-Codes are stored with one-way cryptography/hashing. Therefore in EPP the domain:authinfo element is removed from the Domain Info response (registrars can no longer use a domain:info command to fetch the existing authInfo), and in the IRS portal the auth code is masked, and

  • There is no Auth-Code validation check available, a new one should be generated if a transfer fails with the provided Auth-Code.

  • The Auth-Code will expire after 30 days.

Reseller name

“Reseller Name” is a field associated with a domain. The reseller field is an optional string that registrars can use as they like. The intent is for registrars who have resellers to record the reseller name for the domain. The field will not be part of the WHOIS results. The field will be cleared when a domain is transferred between registrars.

The reseller name property is available in the IRS portal or, if using EPP, can be specified in a Domain Create or Domain Update request. EPP requests will require the fury-2.0.xsd extension, the reseller name property is defined using the fury:key RESELLER_NAME.

Domain privacy

In the IRS privacy is set at the domain level.

Please refer to the new .nz policy (section 6) for the policy and operational rules for setting domain privacy. Eligible domain name holders can elect the privacy option at the time of registering a domain name and can change their selection at any time afterwards.

Note

Note: Privacy applies to all contacts associated to a domain including secondary contacts that may be a mix of individuals and organisations.

Domain management

Deleting a domain

When a domain is deleted it goes into the redemptionPeriod lifecycle state and will stay there for ninety days unless it is restored by the registrar.

At the end of the redemptionPeriod, the domain goes into the pendingDelete state, and the domain is assigned a To-Be-Released (TBR) session where it will get released when that session is processed. Once the domain has moved to pendingDelete state there is no option to restore it. The period between the end of the redemptionPeriod and the TBR session is currently set to a minimum of 48 hours

There are two situations where a domain is deleted in the IRS and it does not go into TBR:

  • When a domain is deleted from addPeriod; it does not go into redemptionPeriod, but is immediately released; and

  • When a domain is deleted that has a Block tag on the Create event, it goes into redemptionPeriod as per normal, but when it reaches the end it does not go into a TBR session, as it is blocked from being re-created, it is immediately released. Note. the Block tag prevents it from being registered again.

For these two scenarios, the pendingDelete period is zero so effectively the domain is released immediately, the next housekeeper run sees that pendingDelete has expired and deletes the domain from the database. IRS housekeepers run roughly every 5 minutes. For these two scenarios, the pendingDelete period is zero so effectively the domain is released immediately, the next housekeeper run sees that pendingDelete has expired and deletes the domain from the database. IRS housekeepers run roughly every 5 minutes.

Transferring a domain

If a domain is explicitly renewed by the sponsoring registrar as part of the transfer request, there is no renewal grace period. This means that if the domain is deleted within 5 days after the transfer there will be no rebate for the renewal.

Registrars can transfer a domain that is in redemptionPeriod. A example scenario would be:

  • the domain holder requests the auth code from the current sponsoring registrar of the domain,

  • the current sponsoring registrar generates a new auth code,

  • the current sponsoring registrar provides the auth code to the domain name holder,

  • the current sponsoring registrar updates the domain with the new auth code value,

  • the domain name holder provides the auth code to the new sponsoring registrar,

  • the new sponsoring registrar will complete the transfer and,

  • the auth code on the domain will be initialised by the system if the transfer was successful.