domorder

Description

Adds a Delegation Signer (DS) Record for a Domain Registration Order.

Parameters

HTTP Method

POST

Example Test URL Request


https://test.httpapi.com/api/domains/add-dnssec.xml?auth-userid=0&api-key=key&order-id=0&attr-name1=keytag&attr-value1=123&attr-name2=algorithm&attr-value2=3&attr-name3=digesttype&attr-value3=1&attr-name4=digest&attr-value4=49FD46E6C4B45C55D4AC49FD46E6C4B45C55D111


Response

Returns a hash map containing the below details:

• Domain Name (description)

• Order ID of the Domain Registration Order (entityid)

• Action Type (actiontype)

• Description of the Add DS Record Action (actiontypedesc)

• Action ID of the Add DS Record Action (eaqid)

• Add DS Record Action Status (actionstatus)

• Description of the Add DS Record Action Status (actionstatusdesc)

In case of any errors, a status key with value as ERROR along with an error message will be returned.

A Delegation Signer (DS) Record contains the digital signature information for your domain name's DNS and is used to identify the DNSSEC signing key of a delegated zone. DS Record(s) for your domain name can be managed from its Order Details view, within your Control Panel.

Adding a DS Record

1. Login to your Control Panel, search for the domain name and proceed to the Order Information
   view. See details

2. Click the DNSSEC link.

3. This will display the Manage DNSSEC view.

   Note

   The Manage DNSSEC view will display a list of DS Records, if already added. Here, click the Add Records button to proceed.

   

   Provide information for the following fields and then click the Save button:

   

   • Key Tag: Contains the tag value of the DNSKEY Resource Record that validates this signature. An integer value in the range 0 to 65536.

   • Algorithm: The cryptographic algorithm that is used to generate the signature

   • Digest Type: The algorithm type used to construct the Digest. Applicable values are 1, 2 & 3 for .COM / .NET and 1 & 2 for other domain name extensions.

   • Digest: An alpha-numeric string generated by applying the Digest Type algorithm to a message. It needs to be a 40-character string for Digest Type value 1 and a 64-character string for Digest Type values 2 and 3.

Deleting a DS Record

1. Login to your Control Panel, search for the domain name and proceed to the Order Information
   view. See details

2. Click the DNSSEC link.

   

3. Click the Delete link under the Action column, corresponding to the DS Record you wish to delete.

4. Confirm the deletion by clicking the OK button.

Domain Name System (DNS)

The Domain Name System (DNS) is a distributed database, arranged hierarchically, containing records for domain names. The DNS system's main aim is to match a domain name
to an IP Address. When a user types a domain name in a browser, the DNS translates the domain name to an IP Address.

Vulnerabilities were discovered in the DNS that allow a hacker to hijack this process of looking a site up on the Internet using the domain name. The purpose of such an attack is to take control of the user session to, for example, send the user to the hijacker's own deceptive web site for sensitive data collection. This lead to the introduction of Domain Name System Security Extensions (DNSSEC).

Domain Name System Security Extensions (DNSSEC)

Domain Name System Security Extensions (DNSSEC) is a technology developed to protect against malicious activities like cache poisoning, pharming, and man-in-the-middle attacks. It adds digital signatures to a domain name's DNS to determine the authenticity of the source domain name. DNSSEC is a set of extensions to DNS that provides to DNS clients (resolvers):

• Origin authentication of DNS data,

• Authenticated denial of existence,

  and

• Data integrity.

DNSSEC uses a digital signature to create a chain of authority. Then, it uses the chain to verify that the source domain name, which the DNS resolver returns, matches the DNS record stored at the authoritative DNS. If it cannot validate the source, it discards the response. This ensures that the user is connecting to the actual address for a domain name.

DNSSEC is currently supported for the following TLDs (domain name extensions):

• By the Registry Operator:

  • .COM

  • .DE

  • .EU

  • .IN

  • .ME

  • .NET

  • .NL

  • .NZ

  • .ORG

  • .UK

  • .US

  • CentralNIC

• By :

  • .COM

  • .IN

  • .ME

  • .NET

  • .ORG

will be performing a security upgrade on the KnowledgeBase during the below mentioned window:

Affected Systems: KnowledgeBase

The KnowledgeBase will not be accessible during the above mentioned interval. Please feel free to get in touch with our Support Team at , in case of any queries/doubts.

Apart from enabling / disabling Theft Protection for domain names individually, you may use the Bulk Theft Protection tool to enable / disable Theft Protection for multiple domain names belonging to your Customers and / or Sub-Resellers. You may need to enable Theft Protection for domain names in order to ensure that your domain names remain safe from illegal domain name Transfers.

Features of Domain Name Theft Protection

• A Transfer [Away] Request for this domain name to another Registrar will fail at the Registry itself and will not be
  allowed.

• Theft Protection can be enabled/disabled by anyone in the entire Reseller chain.

  Examples:

  • A Customer under your Sub-Reseller registers a domain name and the Theft Protection gets enabled by default. This service can be disabled by you, your Sub-Reseller as well as
    the Customer.

  • Irrespective of who disabled the service, it can be enabled by you, your Sub-Reseller as well as the Customer.

  • Irrespective of who enabled the service, it can be disabled by you, your Sub-Reseller as well as the Customer.

• Theft Protection, for a domain name Locked by you, may be enabled/disabled only by you.

• Theft Protection, for a domain name Locked by your Sub-Reseller, may be enabled/disabled by you as well as your Sub-Reseller.

• Theft Protection cannot be enabled / disabled at any level for a Suspended domain name.

Exceptions 

Instructions for Customers

1. Login to your Customer Control Panel. See details

2. Here, you have two options:

   • Select domain names from a list:

     • In the Menu, point to Manage Orders and then click List/Search Orders. This would list all Orders under your Customer Account.

       Searching domain names 

       Note

       You may choose to search for specific domain names to enable / disable Theft Protection, by selecting one or more of the following parameters and clicking the Search button:

       • Name / Order ID: You may choose to view Orders associated with a domain name. Mention the domain name / Order ID here.

       • For Product: Select Domain Registration from the drop-down menu.

       • With Status: Select the status as Active or Suspended.

       • Expiry: You may choose to list domain names based on their Expiry status. Select Any, Expired or Expiring in certain number of days.

       • Set to Auto-Renew: You may choose to list domain names for which Auto-Renewal is enabled.

         Additional Information

         Auto-Renewal

       • Purchased between: You may choose to list domain names based on their purchase date. Select the Start Date and End Date to search within this date range.

       Note

       You may quickly list Orders by selecting any of the below mentioned Auto Filters:

       • List all Orders: This will list all Orders.

       • Orders Expiring in next 30 days: This will list all Orders expiring in the next 30 days.

       • Expired Orders: This will list all expired Orders.

       • Orders set to Auto-Renew: This will list all Orders for which Auto-Renewal is enabled.

     • Select the domain names you wish to enable / disable Theft Protection for and then click the / button.

     Note

     • You may also provide a list of domain names / Order IDs in the Bulk Actions page, which can be reached by clicking the icon in the List of Orders page.

     • In order to enable / disable Theft Protection for more than 50 domain names, you need to increase the number of domain names listed per page from the Results/Page drop-down menu.

   • Enter a list of domain names:

     • In the Menu, point to Manage Orders -> Bulk Tools and then click Bulk Theft Protection.

     • Enter a list of Domain Names or Order IDs. You can mention upto 1000 Domain Names or Order IDs on separate lines.

     • Click the / button.

3. You would be displayed a Bulk Theft Protection Summary view, alongwith the total number of Orders in the Bulk Theft Protection Action.

   Note

   Invalid Orders or Orders not found under your Account will be segregated from your list. Such Orders can be viewed through the appropriate link(s) displayed on the Bulk Theft Protection Summary page.

   Invalid Orders include:

   • Orders of TLDs (extensions) for which Theft Protection is not supported

   • Orders of Product types other than Domain Registration

   • Inactive Orders

   • Suspended Orders

   • Locked Orders

   • Orders under Redemption Period

   • Theft Protection enabled Orders included in the Enable Theft Protection list or Theft Protection disabled Orders included in the Disable Theft Protection list

4. Click the Enable / Disable button to place a Bulk Theft Protection Action.

Instructions for Resellers

1. Login to your Reseller Control Panel. See details

2. Here, you have two options:

   • Select domain names from a list:

     • In the Menu, point to Products and then click List All Orders. This would list all Orders under your Reseller account.

       Searching domain names 

       Note

       You may choose to search for specific domain names to enable / disable Theft Protection, by selecting one or more of the following parameters and clicking the Search button:

       • Belonging to: You may choose to view Orders associated with a domain name or belonging to a Customer or a Sub-Reseller. Choose the appropriate option from the drop-down menu and mention either the domain name / Order ID or the Customer Username / ID or the Sub-Reseller Username / ID.

       • For Product: Select Domain Registration from the drop-down menu.

       • With Status: Select the status as Active or Suspended.

       • Expiry: You may choose to list domain names based on their Expiry status. Select Any, Expired or Expiring in certain number of days.

       • Set to Auto-Renew: You may choose to list domain names for which Auto-Renewal is enabled.

         Additional Information

         Auto-Renewal

       • Purchased between: You may choose to list domain names based on their purchase date. Select the Start Date and End Date to search within this date range.

       • Include Sub-Reseller's results: You may include in the list all domain names belonging to your Sub-Resellers, by selecting this check box.

       Note

       You may quickly list Orders by selecting any of the below mentioned Auto Filters:

       • List all Orders: This will list all Orders.

       • Orders Expiring in next 30 days: This will list all Orders expiring in the next 30 days.

       • Expired Orders: This will list all expired Orders.

       • Orders set to Auto-Renew: This will list all Orders for which Auto-Renewal is enabled.

     • Select the domain names you wish to enable / disable Theft Protection for and then click the / button.

     Note

     • You may also provide a list of domain names / Order IDs / Customer IDs / Reseller IDs in the Bulk Actions page, which can be reached by clicking the icon in the List of Orders page.

     • In order to enable / disable Theft Protection for more than 50 domain names, you need to increase the number of domain names listed per page from the Results/Page drop-down menu.

   • Enter a list of domain names:

     • In the Menu, point to Products -> Bulk Tools and then click Bulk Theft Protection.

     • Enter a list of Domain Names, Order IDs, Customer IDs or Reseller IDs. You can mention upto 1000 Domain Names, Order IDs, Customer IDs or Reseller IDs on separate lines.

       Selecting Customer IDs or Reseller IDs allows you to enable / disable Theft Protection for all domain names under the specified Customer(s) / Sub-Reseller(s).

     • Click the / button.

3. You would be displayed a Bulk Theft Protection Summary view, alongwith the total number of Orders in the Bulk Theft Protection Action.

   Note

   Invalid Orders or Orders not found under your Account will be segregated from your list. Such Orders can be viewed through the appropriate link(s) displayed on the Bulk Theft Protection Summary page.

   Invalid Orders include:

   • Orders of TLDs (extensions) for which Theft Protection is not supported

   • Orders of Product types other than Domain Registration

   • Inactive Orders

   • Suspended Orders

   • Locked Orders

   • Orders under Redemption Period

   • Theft Protection enabled Orders included in the Enable Theft Protection list or Theft Protection disabled Orders included in the Disable Theft Protection list

4. Click the Enable / Disable button to place a Bulk Theft Protection Action.

Tracking your Bulk Theft Protection Action

• You can track the status of your Bulk Theft Protection Action from the Running Bulk Actions page.

  Additional Information

  Listing all Bulk Actions that are currently running in your Account

• You will receive a detailed report of your Bulk Theft Protection action once the process completes.

Bulk Actions Limit