Scott Hollenbeck


Scott Hollenbeck is a fellow in the Chief Technology Officer (CTO) organization, where he manages a team of engineers and researchers focused on exploring innovation opportunities. He has developed expertise in the Domain Name System, applications programming, systems architecture, network engineering, information security, financial analysis and personnel management. He is a former member of the ICANN CEO Expert Working Group on gTLD Directory Services and a document author in the IETF WEIRDS, REGEXT, EPPEXT, and TLS working groups.

Hollenbeck has more than 20 years of experience in the industry, and prior to his employment at Verisign, he held management and engineering positions with Xerox Corporation. He is a former chairman of the Xerox desktop software interoperability test working group, a cross-corporate group of engineers and managers responsible for interoperability testing of all Xerox network and desktop software products. Scott is a former officer of the United States Air Force.

He is the author of the Extensible Provisioning Protocol (EPP), a standard protocol for the registration and management of internet infrastructure data including domain names. Also, he is a co-author of the VeriSign Registry-Registrar Protocol (RRP), a pre-cursor of EPP developed for use in the VeriSign Shared Registration System. More recently, he was a co-author of the Registration Data Access Protocol (RDAP), a standard protocol that was designed to replace the aged WHOIS protocol. He has been a contributor to several industry efforts related to domain names and internet security, including internationalized domain names, ENUM, public key cryptography, S/MIME, the Extensible Markup Language (XML), and the Transport Layer Security (TLS) protocol. He has served as a member of the Internet Engineering Steering Group of the Internet Engineering Task Force, where he was the responsible area director for several working groups developing application protocol standards.

Scott holds a Bachelor of Science in computer science from the Pennsylvania State University and a Master of Science in computer science complemented by a graduate certificate in software engineering from George Mason University.

Recent posts by Scott Hollenbeck:

Is it Time for a Registration Operations Industry Association?

Since 2001 there have been occasional conversations on technical mailing lists exploring the concept of creating an independent industry association or consortium of domain registration operators. My recent experiences with the evolution of extensions to the Extensible Provisioning Protocol (EPP) have convinced me to look at these suggestions more closely, and I’m now convinced that this is an idea worth exploring.

“Registration Operations” refers to the technical tasks, such as the development, deployment, and ongoing systems administration of EPP, performed by registries and registrars to provide registration services. While EPP is used to provide domain name registration and management services, registration operations also include the tasks performed by Regional Internet Registries (RIRs) to provide address registration and systems administration services.


New Work in the Development and Management of EPP Extensions

On Dec. 12, 2013, the Internet Engineering Steering Group (IESG) announced the formation of a new working group, Extensible Provisioning Protocol Extensions (eppext). The working group was formed to create an internet Assigned Numbers Authority (IANA) registry of Extensible Provisioning Protocol (EPP) extensions and to review specifications of extensions for inclusion in the registry. EPP is the standard domain name provisioning protocol for generic top-level domain (gTLD) name registries that operate under the auspices of the Internet Corporation for Assigned Names and Numbers (ICANN). It is also used by a number of country code top-level domain (ccTLD) registries.

The “E” in EPP has been both a blessing and a curse. EPP uses features of the Extensible Markup Language (XML) that provide “hooks” for protocol extensions. These hooks make it easy to specify new functionality without having to modify EPP itself. That’s the blessing. The curse has been that easy extensibility has led to multiple independent specifications that describe similar functionality. In a 2010 presentation, Patrick Mevzek (developer of the Net::DRI Perl library that implements EPP) described XML namespaces used in 68 distinct extensions. He further described three different extensions created by different registry operators to provide domain “undelete” functionality. This duplicity of effort makes implementation much more complicated for anyone developing EPP clients.

Some background information will help explain how we got here.