Have Your Technician Communicate

About the Work

This page presents an exploratory approach to understanding and modeling complex digital domains—particularly in RDAP, identity, and strategic IT roles. While not based on scientific publications, it draws on practical experience and systems thinking to surface real organizational challenges and opportunities.

These insights support informed decision-making by clarifying how technical, organizational, and legal factors interact within digital infrastructure.
They form a foundation for strategic planning, governance, and accountability across government IT domains.

## understanding people and roles in IT
IT thrives on the interaction between skilled specialists and effective managers. Specialists respond best when issues are framed in a real-world context — not just technically, but situationally. They are activated by complex technical ambiguity and challenged by autonomy, technical career paths, and meaningful recognition.

Managers add value beyond the technical peak, especially as IT challenges outpace traditional education. They are activated by organizational complexity and challenged by strategic influence, ownership, and outcome-based incentives. Face-to-face communication with skilled employees is the only practical way for a manager to work through demanding issues, translate technical challenges into business impact, and perform the necessary post-mortem analysis. Many managers reach their role after struggling with the work themselves, making guidance, collaboration, and effective platforms essential for real progress.

This balance of expertise and guidance transforms IT’s technical challenges into expected results.

## moving beyond isolated IT
Really effective resolution of complex issues requires moving beyond the support sandbox, with full organizational accountability. IT must start strategically, overseeing collaboration before technical implementation and legal finalization.
A notary immediately asks where a legislative change is codified, highlighting the need for early IT–legal alignment. Initial legal grounding builds on current expert insights, with finalization adapting as understanding evolves, allowing projects to progress despite objections.
Dutch central IT operates above ministerial boundaries, freeing other roles to focus on tactical efficiency.

## standards and global positioning
IT standards become clear through targeted, accessible training materials.
A Dutch expert group can play a pivotal role in aligning global IT developments.

## identity and digital infrastructure
WebIDs are still evolving — a name such as ‘Peter Jansen,’ ‘P. Jansen,’ or ‘P Jansen’ cannot serve as a unique identifier.

## strategic guidance and domain awareness
As Klöpping and Blom (2023) emphasize, centralized digital governance is vital for effective transformation. A ministry dedicated to digital affairs, however, may lack the authority of established portfolios such as Finance. Positioning Central Digital Affairs under the Ministry of General Affairs ensures strategic guidance while drawing on established financial expertise.

This approach delivers a coherent, expertise-driven digital strategy, while preserving ministerial responsibility for coordinated execution. By addressing complex domains such as healthcare and housing separately, IT progress can continue despite their inherent complexity.

Strategic key topics:
1. International-first design — solutions should not be restricted to local contexts.
2. Dutch governance mandatory — governance in Dutch, but allow US English (e.g. rdap.org).
3. Justified and transparent — monopoly tariffs, charges, and discounts assessed explicitly, centrally, and in the public interest.
4. Early frameworks — legal structures to support and guide maturing projects.
5. Ticket-based workflow — ad-hoc management of third-party screenshots.
6. RDAP tooling — implementation is the responsibility of government; Registry SIDN is not responsible.
7. Audit tools — enable the Data Officer to confirm or revoke a registrant’s validation.
8. ICANN/IANA — maturing TLD support with more relevant machine-readable data.
9. ICANN design test — assessing ccTLD-proof tables and access structures against proposed models.
10. Country-level security test — automated detection of security action points from a domain/URL list.
11. National data centers — clear administrative roles are necessary for capable civil servants to perform effectively.
12. EU cloud — progress requires governance and direction on a small scale before considering massive investments.
13. Registrar Rijksoverheid — government domains must be registered with a clearly designated registrant name and an accountable administrative contact. Responsibility must be explicit, transparent, and enforceable — unlike the current practice at kvk.nl.
14. Domain reseller — the involvement of resellers in government domain registrations creates risks by obstructing direct communication and restricting access to essential knowledge. To ensure accountability, continuity, and security, government domains must be managed exclusively through direct registrar relationships.
15. SOA RNAME mailbox — netwerkadmin@kadaster.nl rejects mail (550 5.1.0), violating RFC contactability conventions (RFC 2142 and RFC 1035).
16. Second-level domain .gov.nl — Registrant and contact information will identify the legally responsible government entity.

Regarding Web Domain and Hosting Control:

The Dutch website en.internet.nl/ provides essential action points for responsible parties, based on the outcome of automated tests.
It is worth noting the following points.

  1. Due to the broad range of test topics, a critical issue may result in only a minor deduction from an otherwise near-perfect score;
  2. A closed server can still achieve a score of 61% for web and 70% for email, based solely on DNS configuration—despite being inaccessible;
  3. Time-outs deserve recognition as a fundamental quality issue. While often dismissed as temporary, they indicate a service that is effectively unreachable. This makes them just as serious as missing encryption or misconfigured redirects. Tools and scoring models should treat time-outs as a critical error rather than a minor observation;
  4. Domain holder name challenges often require country-specific solutions. While the necessary technical tools nearly exist, political awareness is key. This issue could be effectively addressed under the remit of the Ministry of General Affairs, as technical experts alone are unlikely to resolve it;
  5. The current “Hall of Fame” model may need to evolve toward more future-proof methods, including testing with email-based user identification;
  6. As in my tools, I recommend adopting a four-column format that presents IPv4 and IPv6 results separately, rather than combining them;
  7. Email functionality—both sending and receiving—depends on many factors. Unfortunately, a score of 100% misleads.

From Actionable Screenshots to Resolution and Management-Ready Post-Mortem Reviews

  1. Free Domain Lookup, including DNSSEC and Whois (PHP/Python/JSON, since August 15, 2021) — rdap.hostingtool.nl/modeling_domain/
  2. Free Server Header Lookup, to phase out (PHP/XML, since January 14, 2022) — www.hostingtool.nl/server_headers/
  3. Testing receipt of email with a false sender (PHP/SMTP, since June 25, 2022) — not a public tool
  4. Free Domain Control Register ® (PHP/JSON, since November 30, 2024) — www.domaincontrolregister.org/
  5. Free Homepage Route Overview (PHP/Python, since February 26, 2025) — www.workingornot.org/
  6. Free Security Header Overview (PHP/Python, since March 18, 2025) — securityheaders.hostingtool.org/
  7. Free Hosting Lookup (PHP/Python/JSON, since May 6, 2025) — lookup.hostingtool.org/
  8. Registry Table Definition Design (SQL, since May 16, 2025) — github.com/
  9. Free Top-level Domain Lookup (PHP/JSON, since June 21, 2025) — rdap.hostingtool.nl/modeling_tld
  10. From insider abbreviations to role-specific and self-explanatory domain names such as:
    Centrale Digitale Zakenwww.centraledigitalezaken.nl
    English name: NL Central Digital Affairs
    Target group: former politicians, strategic thinkers
    Role: Bringing forward issues at the strategic level
    Raad Digitale Expertisewww.raaddigitaleexpertise.nl
    English name: NL Digital Expertise Council
    Target group: management-level experts
    Role: Steering and oversight at the tactical level
    Team Digitale Kenniswww.teamdigitalekennis.nl
    English name: NL Digital Knowledge Team
    Target group: working groups, knowledge networks
    Role: Practical execution and knowledge sharing at the operational level

Fragmented ccTLD Systems: The Modeling Barrier ICANN Must Address

  1. ICANN’s limited visibility into the diverse software environments powering ccTLD operations has led to systemic fragmentation — a critical obstacle to achieving unified and resilient global registry modeling.
  2. PostgreSQL’s support for JSON and JSONB field types enables flexible storage of semi-structured, TLD-specific identifier properties. These capabilities are essential for integrating heterogeneous data from multiple sources. However, the current RDAP vCard array format for postal addresses lacks structural consistency. For example, inconsistent use of country names versus ISO codes in RDAP responses undermines both machine readability and data reliability.
  3. Operationally, some ccTLDs — such as the Netherlands — have implemented optimized practices, including indexed fields for postal code search. Yet the broader RDAP model, especially its nesting of entities within other entities, introduces unnecessary complexity. This impedes both automated parsing and user-friendly presentation. RDAP’s physical data structure should instead enforce role-specific visibility to reduce ambiguity and improve security.
  4. Data quality is further undermined by overreliance on registrar-supplied input. In many ccTLD ecosystems, registrars remain the primary data source, often without authoritative validation. This weakens data integrity and highlights the need for automated, standardized controls across the registry landscape.
  5. Domain lifecycle modeling also demands greater precision. For instance: a domain marked as pendingDelete MUST NOT simultaneously carry the redemptionPeriod status — and vice versa. These are mutually exclusive lifecycle states that must be modeled explicitly to prevent operational ambiguity.
  6. The current RDAP specifications include domain status codes such as transfer prohibited, update prohibited, and delete prohibited. However, unlike EPP, RDAP does not distinguish whether these restrictions are imposed by the registrar (client-side) or the registry (server-side). This lack of granularity and accountability having an unspecified actor may hinder operational clarity and complicate dispute resolution.
  7. Toward Clearer Status Semantics with snake_case. Traditional RDAP status labels such as inactive, locked, and excluded are often ambiguous, overloaded, or inconsistently applied across registries. These legacy labels hinder interoperability and complicate automated processing. Using structured, descriptive snake_case identifiers reduces ambiguity and enables more consistent integration across systems.
    Remap Common Lifecycle States:
    ok, active → dns_active
    redemption period → pending_redemption
    Apply Explicit Protection Flags When Enforcing Restrictions
    registry-controlled statuses:
    * server transfer prohibited
    * server update prohibited
    * server delete prohibited
    otherwise, registrar-controlled statuses:
    * client transfer prohibited
    * client update prohibited
    * client delete prohibited
    Note: Avoid generic or compound statuses (e.g., locked) when fine-grained flags are available.
    If legacy or ambiguous statuses are used, remap them to clear, structured alternatives:
    * Domain functioning without authoritative DNS configuration:
    inactive (ambiguous)dns_glue_tld_nameservers
    * Registry-enforced prohibitions (e.g. clear in EPP, serverTransferProhibited):
    locked (ambiguous)server_protected_state (no client-side and no two-sided act)
    * Domain reserved or otherwise restricted (e.g., not assignable):
    excluded (non-standard)server_registration_restricted
  8. Finally, aligning the domain deletion phase (pendingDelete) with search engine deindexing elevates it from a purely technical state to a GDPR-relevant lifecycle boundary. This alignment creates legal, operational, and policy incentives to support data minimization, authoritative lifecycle closure, and responsible information removal.

Up-to-Date PostgreSQL Registry Table Definition (Since May 31, 2025)

Developed to replace legacy registry systems and support deployment on global RDAP servers, this schema upgrade enhances data clarity, consistency, and maintainability, representing a critical step forward in modernizing the RDAP protocol.

Machine-Readable IANA Root Zone Data:
My IANA root zone data is in a renewed format, to be retrieved from a designated IANA server and relying on user activity logging—including from unidentified internet users—for issue resolution, the tool avoids unnecessary traffic, reduces system overhead, and supports traceable, efficient operations.

Allowed in the .nl Domain (Netherlands)

– The Dutch SIDN maintains the gTLD operational requirements for .amsterdam and .politie;
– The .frl root zone, for the Dutch Province of Friesland, is maintained in England and has been updated;
– If the Dutch SIDN switches to a pending redemption of 30 days plus a pending delete of 5 days, that could work out well;
– For final stage ccTLD domains: https://www.catchtiger.com/nl/domeinnaam-veilingen/
or for gTLD: https://www.expireddomains.net/expired-domains/

Allowed in the .fr Domain (France)

Allowed in the .de Domain (Germany)

Recommended Actions for Strengthening Digital Governance in the Netherlands

1. Avoid Appointing a Minister of Digital Affairs
While appointing a dedicated minister may suggest stronger centralization, it risks politicizing a domain that must remain technically driven and multi-stakeholder in nature. Effective digital governance requires continuity, independence, and agility — qualities often constrained within conventional ministerial portfolios.

2. Establish Centrale Digitale Zaken under the Ministry of General Affairs
Centralize the supervision of national digital activities, policies, and strategic direction that demand expertise beyond the scope of most stakeholders. Housing this function within the Ministry of General Affairs underscores its cross-governmental importance and ensures independence from sectoral interests.

3. Merge Raad Digitale Expertise under the Ministry of the Interior
Position this council as the primary channel for communicating expertise and aligning with the public interest.
(NL: integrate the current OBDO into this structure.)

4. Establish Team Digitale Kennis under the Ministry of the Interior
Evolve into a flexible team that unlocks collaboration among professionals and embeds adaptable expertise across government layers. Today, the Standardisation Forum often serves as the point of contact, but its scope is limited. Team Digitale Kennis should broaden this role into a cross-governmental knowledge team.
(NL: merge the current PGDI and Bureau MIDO into this structure.)

5. Designate Centrale Digitale Zaken as ccTLD Manager (Long-Term Vision)
Prepare a long-term transition in which Centrale Digitale Zaken becomes the designated manager of the .nl country code top-level domain (ccTLD). This would require close cooperation with ICANN, as any change in ccTLD management must follow ICANN’s global approval process. By considering .nl stewardship a government responsibility, the Netherlands would strengthen sovereignty over a critical national digital asset while ensuring transparent, multi-stakeholder governance.

About Dutch ccTLD and geoTLD Control:

  • While the Ministry of Economic Affairs provides a legal framework until November 21, 2029, this control remains primarily a policy objective. In practice, operational responsibility for the .nl domain lies with SIDN and is expected to remain there for the foreseeable future.
  • The update to reflect SIDN B.V. as the Backend Operator—effective January 1, 2023—remains pending in the IANA database. Although still necessary, this is regarded as a technical matter and constitutes a procedural update within the IANA framework, not requiring the development of new ICANN policy.
  • The .frl top-level domain is a sponsored TLD privately managed by FRLregistry B.V.

Ministry of General Affairs:

  • Govern IT under a Cabinet Office. And dismiss unnecessary advisory bodies.
    – UK’s Cabinet Office falls under the Ministry of General Affairs. If realized in NL: “Kabinetsbureau”.
    – UK’s Government Digital Service (GDS) operates hierarchically under the Cabinet Office;
  • Generate training material for further education from the European Cloud, which is in preparation.
    – The AWS GovCloud in the United States, is managed by Amazon.
    – Organizations using GovCloud must verify that all individuals with access to the environment are U.S. citizens.
    – GovCloud cannot be used by foreign nationals or organizations, even if they have legitimate access to other AWS services;
  • Work on a Dutch or EU Digital Service for generic application software related to DNS and registries.
    – Well-considered proposals, RFC and non-RFC, could feed the IANA organization.

Ministry of Economic Affairs:

  • Include automated task costs in just one annual web domain fee;
  • Include a change in a registrar’s own data in its period costs;
  • Eliminate all registry discounts. A volume discount causes unfair competition.

Ministry of the Interior and Ministry of Justice:

  • List areas of expertise, engage specialists, ensure dynamic interaction and make decisions;
  • Country-Based Web Domain Services (WDSs like “Webdomeindienst” in NL)
    – WDS jurisdiction is based on the real domain user’s country, not the registrant of record.
    – This avoids central storage of sensitive roles (e.g. “data officer”) at the Chamber of Commerce (KVK).
    – Instead, national entities can provide the appropriate verification and governance.
    – Data officer appointment is directly confirmed by the director of the relevant organisation in that country.
  • Maintain continuity of IT expertise by involving the permanent EU stakeholder group;

NL / EU / US and including generic top-level domain zones:

  • Discuss global design and programming of Registration Data Access Protocol software.
    – Introduce in RDAP an emergency entity in order to formally organize backup to get access.
    – Introduce in RDAP a fallback entity in order to respond when registrant information is missing;
  • Generate web IDs that start with the ISO2 country code, for business entities and natural persons;
  • Plan verification of web domain users indexed by web ID, starting with modeling in RDAP like mine;
  • Use the developed Domain Control Register ®, based on the real web domain user.
    – Report regarding expired HTTPS, security.txt or DANE via email. Perhaps a DCR revenue model;
  • Get custom fields approved and listed for standardization in the dynamic RDAP protocol.
    – A simple data structure has been designed for the registry details;