Scott Hollenbeck

Senior Director, Verisign Registry Services Lab.

As Senior Director of Verisign’s Registry Services Lab, Scott Hollenbeck manages a team of engineers and researchers focused on exploring innovation opportunities. He has developed expertise in the Domain Name System, applications programming, systems architecture, network engineering, information security, financial analysis and personnel management. He is a former member of the ICANN CEO Expert Working Group on gTLD Directory Services and a document author in the IETF WEIRDS and EPPEXT working groups.

Scott has more than 17 years of experience in the industry, and prior to his employment at Verisign, he held management and engineering positions with Xerox Corporation. He is a former chairman of the Xerox desktop software interoperability test working group, a cross-corporate group of engineers and managers responsible for interoperability testing of all Xerox network and desktop software products. Scott is a former officer of the United States Air Force.

He is the author of the Extensible Provisioning Protocol (EPP), a standard protocol for the registration and management of internet infrastructure data including domain names. Also, he is a co-author of the VeriSign Registry-Registrar Protocol (RRP), a pre-cursor of EPP developed for use in the VeriSign Shared Registration System. More recently, he was a co-author of the Registration Data Access Protocol (RDAP), a standard protocol that was designed to replace the aged WHOIS protocol. He has been a contributor to several industry efforts related to domain names and internet security, including internationalized domain names, ENUM, public key cryptography, S/MIME, the Extensible Markup Language (XML), and the Transport Layer Security (TLS) protocol. He has served as a member of the Internet Engineering Steering Group of the Internet Engineering Task Force, where he was the responsible area director for several working groups developing application protocol standards.

Scott holds a Bachelor of Science in computer science from the Pennsylvania State University and a Master of Science in computer science complemented by a graduate certificate in software engineering from George Mason University.


Recent posts by Scott Hollenbeck:

We Need You: Industry Collaboration to Improve Registration Data Services

For more than 30 years, the industry has used a service and protocol named WHOIS to access the data associated with domain name and internet address registration activities.

Do you need to find out who has registered a particular domain name? Use WHOIS.
Do you want to see who an Internet Protocol (IP) address has been allocated to? Use WHOIS.

(more…)

As WHOIS Transitions to RDAP, How Do We Avoid the Same Mistakes?

In 1905, philosopher George Santayana famously noted, “Those who cannot remember the past are condemned to repeat it.” When past attempts to resolve a challenge have failed, it makes sense to consider different approaches even if they seem controversial or otherwise at odds with maintaining the status quo. Such is the case with the opportunity to make real progress in addressing the many functional issues associated with WHOIS. We need to think differently.

(more…)

How Will Your Registration Data Be Managed in the Future?

Benjamin Franklin once said, “By failing to prepare, you are preparing to fail.” As we consider how Internet domain and address registration data is managed and accessed in a post-WHOIS era, and given the long history of failure in addressing the shortcomings of WHOIS, it is extremely important to start preparing now for the eventual replacement of WHOIS. This is the fundamental purpose of the next Registration Operations Workshop (ROW) that is scheduled for Sunday, July 19, 2015, in Prague, Czech Republic.

ROW 2015-2 will take place at the Hilton Prague hotel, the same venue as the 93rd meeting of the Internet Engineering Task Force (IETF-93). The workshop will be dedicated to discussion and planning for development and testing deployments of the Registration Data Access Protocol (RDAP), a recent work product of the IETF that is documented in Request For Comments (RFC) documents 7480, 7481, 7482, 7483, and 7484. RDAP was designed from the beginning to address the many shortcomings of WHOIS, but we have very little experience with early-stage implementations that can be used to inform the policy decisions that need to be made. Additional information about WHOIS and RDAP can be found in my “Where Do Old Protocols Go To Die?” blog post published earlier this year. (more…)

Registration Operations is More Than Just Registering Domain Names

Perceptions can be difficult to change. People see the world through the lens of their own experiences and desires, and new ideas can be difficult to assimilate. Such is the case with the registration ecosystem. Today’s operational models exist because of decisions made over time, but the assumptions that were used to support those decisions can (and should) be continuously challenged to ensure that they are addressing today’s realities. Are we ready to challenge assumptions? Can the operators of registration services do things differently?

(more…)

Call for Participation: Registration Operations Workshop at IETF-92

The next Registration Operations Workshop will take place at the start of IETF-92 on Sunday, March 22, 2015, at The Fairmont Dallas Hotel. The workshop will start at 12:30 p.m. CDT and will finish at 4:30 p.m. CDT. We are seeking proposals for Extensible Provisioning Protocol (EPP) extensions to be featured as part of the workshop, including existing extensions that people wish to register with the Internet Assigned Numbers Authority (IANA) and new extensions that people wish to consider for further development.

Have you developed custom EPP extensions in your registry? Please submit a proposal to describe your extension. Facilities for remote participation will be provided.

(more…)

Where Do Old Protocols Go To Die?

In Ripley Scott’s classic 1982 science fiction film Blade Runner, replicant Roy Batty (portrayed by Rutger Hauer) delivers this soliloquy:

“I’ve…seen things you people wouldn’t believe…Attack ships on fire off the shoulder of Orion. I watched C-beams glitter in the dark near the Tannhäuser Gate. All those…moments…will be lost in time, like (cough) tears…in…rain. Time…to die.”

The WHOIS protocol was first published as RFC 812 in March 1982 – almost 33 years ago. It was designed for use in a simpler time when the community of Internet users was much smaller. WHOIS eventually became the default registration data directory for the Domain Name System (DNS). As interest in domain names and the DNS has grown over time, attempts have been made to add new features to WHOIS. None of these attempts have been successful, and to this day we struggle with trying to make WHOIS do things it was never designed to do.

(more…)

Summary of the Registration Operations Association Workshop

The first Registration Operations Association Workshop took place on Thursday, October 16, 2014, at the Los Angeles Hyatt Regency Century Plaza Hotel. I’d like to thank the 64 people that took the time to attend and participate in the discussion, both in-person and remote.

I started the workshop with an introduction to some of the technical challenges being faced by the domain registration industry. Additional challenges were described by Thomas Stocking of Gandi.net, Tobias Sattler of United Domains and Peter Larsen of Larsen Data ApS, and James Gould of Verisign. After discussing the challenges, we had an opportunity to consider proposals for organization presented by John Levine of Standcore LLC, Thomas Rickert of eco, and Adam Newman of IEEE-ISTO. The remainder of the morning was spent discussing those proposals and other options for creating a forum in which all interested members of our community could meet for face-to-face discussions. I’m very happy to report that we reached consensus on an approach.

(more…)

Registration Operations Association Workshop Update

In a series of recent blog posts I’ve described the technical challenges in registration operations, a proposal for an industry association, and announced an interactive workshop to explore association formation. This is an update on where things stand with the workshop.

The first Registration Operations Association Workshop is scheduled for Thursday, October 16, 2014 in the Pacific Palisades room at the Los Angeles Hyatt Regency Century Plaza hotel, the same venue being used for ICANN 51. The event is not affiliated with ICANN, but with ICANN’s support we’ve been able to secure a room that’s large enough to seat more than 100 people. Still, space is limited and seats are going fast. Please register quickly if you haven’t already done so. Registered attendees will receive updates via email as we get closer to the event date.

(more…)

Is it Time for a Registration Operations Industry Association? Part III

In Parts I and II of this series of blog posts I described the need for a registration operations industry association. At the end of Part II, I wrote that Part III will describe “an opportunity for everyone that’s interested in discussing this topic in a live environment.” The large number of people attending ICANN 51 in Los Angeles presents the best chance of discussion with many potential participants being in the same place at the same time. Let’s take advantage of that proximity.

Verisign will host a workshop for all interested people during the week of ICANN 51. The event will be held at the Hyatt Regency Century Plaza hotel (the same venue for ICANN 51, though this event is not affiliated with ICANN) on the morning of Thursday, October 16, 2014, to discuss the challenges of registration technical operations and to explore ways to address those challenges. We’ve set up a website at www.regiops.net to provide information, describe the event, and allow people to register. We’re asking people to register in advance so we can make sure that we have a large enough room reserved and that we provide enough food for breakfast and lunch.

(more…)

Is it Time for a Registration Operations Industry Association? Part II

In Part I of this series of blog posts I described the need for an industry association of operators to discuss the technical tasks, such as the development, deployment, and ongoing systems administration of the Extensible Provisioning Protocol (EPP), performed by registries and registrars to ensure interoperability and share best practices when providing registration services. In this blog post I’ll describe a way to make that happen.

I’ve spoken to a number of registrars who have described the challenges they face in implementing the many different EPP extensions being developed by registry operators. Here’s a concrete example: the Net::DRI Perl implementation of an EPP client includes contact extensions for 24 different registries. A registrar that wishes to manage contacts with those registries needs to implement a contact extension for each one!  With the addition of new gTLDs and many new registry operators with new business models the number of extensions can only increase. How would an industry association address these challenges and reduce confusion for everyone? How could an association be structured?

(more…)