About the Work
This page presents an exploratory approach to understanding and modeling complex digital domains—particularly in RDAP, identity, and strategic IT roles. While not based on scientific publications, it draws on practical experience and systems thinking to surface real organizational challenges and opportunities.
These insights support informed decision-making by clarifying how technical, organizational, and legal factors interact within digital infrastructure.
They form a foundation for strategic planning, governance, and accountability across government IT domains.
## understanding people and roles in IT
IT thrives on the interaction between skilled specialists and effective managers. Specialists respond best when issues are framed in a real-world context — not just technically, but situationally. They are activated by complex technical ambiguity and challenged by autonomy, technical career paths, and meaningful recognition.
Managers add value beyond the technical peak, especially as IT challenges outpace traditional education. They are activated by organizational complexity and challenged by strategic influence, ownership, and outcome-based incentives. Face-to-face communication with skilled employees is the only practical way for a manager to work through demanding issues, translate technical challenges into business impact, and perform the necessary post-mortem analysis. Many managers reach their role after struggling with the work themselves, making guidance, collaboration, and effective platforms essential for real progress.
This balance of expertise and guidance transforms IT’s technical challenges into expected results.
## moving beyond isolated IT
Progress slows when input remains in a support sandbox. Complex issues require strategic accountability, guiding collaboration before technical and legal execution — without unnecessary steering.
## standards and global positioning
IT standards become clear through targeted, accessible training materials.
A Dutch expert group can play a pivotal role in aligning global IT developments.
## identity and digital infrastructure
WebIDs are still evolving — a name such as ‘Peter Jansen’, ‘P. Jansen,’ or ‘P Jansen’ cannot serve as a unique identifier.
## strategic guidance and domain awareness – for discussion
Centralized digital governance is increasingly recognized as critical for successful transformation. Klöpping and Blom (2023), among others, highlight that fragmented responsibilities slow down progress and reduce effectiveness.One option often raised is the creation of a separate Ministry for Digital Affairs. Yet such a ministry may lack the weight of long-established portfolios like Finance, and risks becoming another silo. An alternative worth considering is to position Central Digital Affairs within the Ministry of General Affairs. This would place digital governance at the core of cabinet coordination, ensuring strategic direction at the highest level, while leveraging existing financial and administrative expertise.
If chosen, this approach allows for:
– A coherent national digital strategy, with standards and priorities set centrally;
– Clear accountability, while individual ministries remain responsible for domain-specific execution (e.g. healthcare, housing, justice).
## strategic key topics
1. Governance & Transparency
- International-first design: government digital solutions should be designed for interoperability across borders. Systems should not be restricted to local contexts, ensuring resilience and adaptability to international standards.
- User-level English: for user-level flexibility, US English should be allowed — for example, in services such as rdap.org.
- Transparent tariffs and charges: monopoly tariffs, charges, and discounts should be explicitly assessed, centrally validated, and published in the public interest. This ensures justified pricing and prevents hidden costs.
- Early legal frameworks: establish clear legal structures to guide and support maturing projects from the outset. Governance should evolve alongside technical maturity, providing stability without stifling innovation.
- Cross-ministerial governance: governance is effective only when it transcends ministerial boundaries, backed by binding standards that empower tactical efficiency rather than strategy in name only.
2. Infrastructure & Domain Management
- Registrar Rijksoverheid: government domains should be registered under a clearly designated registrant name with an accountable contact person. Anonymous or unclear ownership undermines trust and accountability.
- Direct registrar relationships: government domains should be managed exclusively through direct registrar relationships. Use of domain resellers introduces unacceptable risks of mismanagement, fragmentation, and lack of accountability.
- .gov.nl second-level domain readiness: registrant and contact information should always identify the legally responsible government entity. Clear accountability ensures both technical reliability and legal compliance.
- SOA RNAME mailbox compliance: authoritative name servers should comply with RFC 2142 and RFC 1035 by ensuring a functioning and monitored RNAME mailbox. This guarantees reliable contactability in case of incidents.
- Name server ownership transparency: each name server domain should have a visible and transparent business owner. Public clarity on responsibility strengthens both operational resilience and trust.
3. Tools & Operational Capability
- First-contact accountability with ticket-based escalation: frontline civil servants should take ownership of incoming issues at the first point of contact. A structured, integrated ticketing system supports this process by enabling knowledge sharing, ensuring legal traceability of third-party submissions (e.g., screenshots, evidence), and providing a formal channel for enhancement requests toward delivering organizations. Accountability stays with the first contact, preventing unnecessary burden on citizens, while continuous improvement is embedded in the workflow.
- Integrated RDAP tooling: assign responsibility for RDAP implementation to the government itself. The registry (SIDN) is not accountable for service delivery; instead, government-owned RDAP services ensure alignment with governance, transparency, and international obligations.
- Automated audit tools: equip the Data Officer with advanced automated mechanisms to verify or revoke registrant validations. This reduces dependency on impractical manual workloads while maintaining compliance, oversight, and the ability to act decisively in the public interest.
- Trade register naming standards: normalize abbreviations by default — for example, treating “B.V.” and “N.V.” as “BV” and “NV” as additional trade names in the trade register. Case sensitivity should also be enforced, requiring the Trade Register to recognize uppercase and lowercase letters in trade names as distinct legal identifiers.
4. International & Security Alignment
- EU cloud direction: governance and direction should be tested at a small scale before committing to large-scale investments. Early experimentation reduces lock-in and ensures better alignment with European frameworks.
- ICANN/IANA maturity: strengthen TLD support with more relevant machine-readable data and structures, ensuring Dutch domains remain interoperable and aligned with international standards.
- ICANN design test: continuously assess ccTLD-proof tables and access structures to validate robustness against international technical and governance requirements.
- Automated country-level security test: implement automated detection of risks based on validated domain and URL lists, saving time and enabling faster, more reliable security responses at scale.
- National data centers: assign clear administrative roles and responsibilities for national data centers to ensure capable civil service performance and sustainable, sovereign infrastructure.
Regarding Web Domain and Hosting Control:
The Dutch website en.internet.nl provides essential action points for responsible parties, based on the outcome of automated tests.
It is worth noting the following points:
- Due to the broad range of test topics, a critical issue may result in only a minor deduction from an otherwise near-perfect score;
- A closed server can still achieve a score of 61% for web and 70% for email, based solely on DNS configuration—despite being inaccessible;
- Time-outs deserve recognition as a fundamental quality issue. While often dismissed as temporary, they indicate a service that is effectively unreachable. This makes them just as serious as missing encryption or misconfigured redirects. Tools and scoring models should treat time-outs as a critical error rather than a minor observation;
- Domain holder name challenges often require country-specific solutions. While the necessary technical tools nearly exist, political awareness is key. This issue could be effectively addressed under the remit of the Ministry of General Affairs, as technical experts alone are unlikely to resolve it;
- The current “Hall of Fame” model may need to evolve toward more future-proof methods, including testing with email-based user identification;
- As in my tools, I recommend adopting a four-column format that presents IPv4 and IPv6 results separately, rather than combining them;
- Email functionality—both sending and receiving—depends on many factors. Unfortunately, a score of 100% misleads.
From Actionable Screenshots to Resolution and Management-Ready Post-Mortem Reviews
- Free Domain Lookup, including DNSSEC and Whois (PHP/Python/JSON, since August 15, 2021) — rdap.hostingtool.nl/modeling_domain
- Free Server Header Lookup, to phase out (PHP/XML, since January 14, 2022) — www.hostingtool.nl/server_headers
- Testing receipt of email with a false sender (PHP/SMTP, since June 25, 2022) — not a public tool
- Free Domain Control Register ® (PHP/JSON, since November 30, 2024) — www.domaincontrolregister.org
- Free Homepage Route Overview (PHP/Python, since February 26, 2025) — www.workingornot.org
- Free Security Header Overview (PHP/Python, since March 18, 2025) — securityheaders.hostingtool.org
- Free Hosting Lookup (PHP/Python/JSON, since May 6, 2025) — lookup.hostingtool.org
- Registry Table Definition Design (SQL, since May 16, 2025) — github.com
- Free Top-level Domain Lookup (PHP/JSON, since June 21, 2025) — rdap.hostingtool.nl/modeling_tld
Towards a Tri-Partite and Parallel Structure for IT in the Netherlands
Principle of Functional Separation
Clear separation between policy/advisory mandates and operational service delivery is essential. Advisory bodies should not assume execution tasks. Operational responsibilities — such as DigiD and MijnOverheid under the Logius Agency — remain with their designated service organizations.
On September 24, 2025, the NDS (Netherlands’ Digitalisation Strategy in UK English) has been evaluated. The current strategy shows fundamental shortcomings and requires reconsideration. To strengthen digital governance, I suggest a tri-partite advisory structure, distinguishing strategic, tactical, and operational mandates.
Operational (Digitale Kenniswisseling) → Tactical (Digitale Expertiseraad) → Strategic (Centrale Digitale Zaken / Forum Standaardisatie) → Cabinet
Mandates under General Affairs
Centrale Digitale Zaken — centraledigitalezaken.nl — NL Central Digital Affairs
Composed of former politicians and strategic thinkers. The body is mandated to:
- validate expert authority in digital affairs;
- identify and assess strategic issues of national importance;
- establish an escalation path to the Cabinet for unresolved or high-impact issues;
- draw on academic foresight, including scenario studies and long-term research, to strengthen national digital strategy.
Forum Standaardisatie — forumstandaardisatie.nl — NL Standardization Forum
Composed of civil servants. The body is mandated to:
- govern and maintain national standards in digitalization;
- initiate and coordinate strategic design of governance resources;
- provide input to Centrale Digitale Zaken where standardization issues require escalation.
Mandates under Internal Affairs
Digitale Expertiseraad — digitaleexpertiseraad.nl — NL Digital Expertise Council
Composed of management-level experts. The body is mandated to:
- provide tactical steering and oversight across public administration on a national scale;
- advise on the alignment of digital initiatives across ministries and agencies;
- escalate unresolved or cross-departmental issues upward to the strategic level;
- draw on academic experts, including university professors, for independent insights and research-based advice that strengthen tactical decision-making.
Digitale Kenniswisseling — digitalekenniswisseling.nl — NL Digital Knowledge Exchange
Composed of civil servants. The body is mandated to:
- organize platforms differentiated by education type;
- serve as the operational point of contact for digital knowledge within public administration and in cooperation with private companies;
- support the Digitale Expertiseraad in its advisory tasks;
- explicitly not assume responsibility for service delivery, which remains with designated operational agencies (e.g. DigiD under the Logius Agency).
Parallel Body
Stichting ECP | Platform voor de InformatieSamenleving — ecp.nl — NL Platform for the Information Society
Composed of representatives from private companies, sector organizations, and societal stakeholders. This parallel body is mandated to:
- provide structured input on technological developments, market trends, and innovation relevant to national digital affairs;
- advise on the practical feasibility and societal impact of proposed standards, governance resources, and policies;
- communicate broadly with stakeholders to ensure societal understanding of digital issues;
- participate in consultation rounds with Digitale Kenniswisseling, Digitale Expertiseraad, and Forum Standaardisatie to align public and private expertise;
- explicitly not exercise steering, oversight, or service delivery functions, which remain the responsibility of public authorities and designated agencies.
Note: These tri-partite and parallel mandates are advisory in nature and do not limit or replace the authority of Parliament in decision-making.
Fragmented ccTLD Systems: The Modeling Barrier ICANN Should Address
- ICANN’s limited visibility into the diverse software environments powering ccTLD operations has led to systemic fragmentation — a critical obstacle to achieving unified and resilient global registry modeling.
- PostgreSQL’s support for
JSON
andJSONB
field types enables flexible storage of semi-structured, TLD-specific identifier properties. These capabilities are essential for integrating heterogeneous data from multiple sources. However, the current RDAPvCard
array format for postal addresses lacks structural consistency. For example, inconsistent use of country names versus ISO codes in RDAP responses undermines both machine readability and data reliability. - Operationally, some ccTLDs — such as the Netherlands — have implemented optimized practices, including indexed fields for postal code search. Yet the broader RDAP model, especially its nesting of entities within other entities, introduces unnecessary complexity. This impedes both automated parsing and user-friendly presentation. RDAP’s physical data structure should instead enforce role-specific visibility to reduce ambiguity and improve security.
- Data quality is further undermined by overreliance on registrar-supplied input. In many ccTLD ecosystems, registrars remain the primary data source, often without authoritative validation. This weakens data integrity and highlights the need for automated, standardized controls across the registry landscape.
- Domain lifecycle modeling also demands greater precision. For instance: a domain marked as
pendingDelete
should not simultaneously carry theredemptionPeriod
status — and vice versa. These are mutually exclusive lifecycle states that should be modeled explicitly to prevent operational ambiguity. - The current RDAP specifications include domain status codes such as transfer prohibited, update prohibited, and delete prohibited. However, unlike EPP, RDAP does not distinguish whether these restrictions are imposed by the registrar (client-side) or the registry (server-side). This lack of granularity and accountability having an unspecified actor may hinder operational clarity and complicate dispute resolution.
- Toward Clearer Status Semantics with snake_case. Traditional RDAP status labels such as
inactive
,locked
, andexcluded
are often ambiguous, overloaded, or inconsistently applied across registries. These legacy labels hinder interoperability and complicate automated processing. Using structured, descriptivesnake_case
identifiers reduces ambiguity and enables more consistent integration across systems.
Remap Common Lifecycle States:
ok, active → dns_active
redemption period → pending_redemption
Apply Explicit Protection Flags When Enforcing Restrictions
registry-controlled statuses:
* server transfer prohibited
* server update prohibited
* server delete prohibited
otherwise, registrar-controlled statuses:
* client transfer prohibited
* client update prohibited
* client delete prohibited
Note 1: Avoid using indeterminate statuses (e.g., locked) when more fine-grained flags are available.
Note 2: If a domain has no DNS, it cannot use SPF to defend against unauthorized email. - Finally, aligning the domain deletion phase (
pendingDelete
) with search engine deindexing elevates it from a purely technical state to a GDPR-relevant lifecycle boundary. This alignment creates legal, operational, and policy incentives to support data minimization, authoritative lifecycle closure, and responsible information removal.
Up-to-Date PostgreSQL Registry Table Definition (Since May, 2025)
Developed to replace legacy registry systems and support deployment on global RDAP servers, this schema upgrade enhances data clarity, consistency, and maintainability, representing a critical step forward in modernizing the RDAP protocol.
Machine-Readable IANA Root Zone Data:
My IANA root zone data is in a renewed format, to be retrieved from a designated IANA server and relying on user activity logging—including from unidentified internet users—for issue resolution, the tool avoids unnecessary traffic, reduces system overhead, and supports traceable, efficient operations.
Allowed in the .nl Domain (Netherlands)

– Dutch SIDN maintains gTLD operational requirements for .amsterdam
and .politie
.
– The .frl
root zone (Province of Friesland) is maintained in England and has been updated.
– If SIDN adopts 30-day pending redemption plus 5-day pending delete, it could work well.
– Final-stage domains for ccTLD: https://www.catchtiger.com/nl/domeinnaam-veilingen/
or for gTLD: https://www.expireddomains.net/expired-domains/.
– The .nl
nameserver domain dns.nl
has no mail-related DNS, leaving it unprotected against sender spoofing.
– On ccTLD migration (e.g., SIDN), each registry domain should include a registrant, contact objects, DNS settings, and determinate EPP status codes (e.g., serverTransferProhibited
) to ensure transparent registrar responsibility.
- .nl root zone – Clearer Whois (15 open and 3 realized suggestions)
- Steps for Domain Registration (35 suggestions)
- NL country – List Whois (5 suggestions)
Allowed in the .fr Domain (France)

Allowed in the .de Domain (Germany)

Description of Strengthening Digital Governance in the Netherlands
1. Minister of Digital Affairs
A dedicated minister could signal stronger centralization, but also risks politicizing a domain that benefits from being technically driven and multi-stakeholder. Continuity, independence, and agility are often more difficult to secure within conventional ministerial portfolios.
2. Centrale Digitale Zaken under the Ministry of General Affairs
Supervision of national digital activities, policies, and strategic direction could be anchored within Algemene Zaken. This would emphasize cross-governmental importance and provide independence from sectoral interests, while situating digital governance at the core of cabinet coordination.
3. Digitale Expertiseraad under the Ministry of the Interior
The council could act as the primary channel for expertise within government, ensuring that digital policy and practice are consistently aligned with the public interest. By consolidating ongoing NDS-related efforts, the council would provide coherence, legitimacy, and a trusted point of contact for both government and society.
(NL: integration of the current OBDO into this structure.)
4. Digitale Kenniswisseling under the Ministry of the Interior
A specialized task group could foster collaboration among professionals and embed adaptive expertise across all layers of government. At present, the Standardisation Forum often serves as a point of contact, but its scope is limited. Digitale Kenniswisseling could broaden this role into a cross-governmental knowledge function with structural capacity.
(NL: merger of the current PGDI and Bureau MIDO into this structure.)
5. Centrale Digitale Zaken as ccTLD Manager (Long-Term Vision)
Over time, CDZ could become the designated manager of the .nl country code top-level domain (ccTLD). This would require close cooperation with ICANN, as ccTLD management changes follow a global approval process. Treating .nl stewardship as a government responsibility would reinforce sovereignty over a critical national digital asset, while ensuring transparent, multi-stakeholder governance.
Detailed about Dutch ccTLD and geoTLD control:
- While the Ministry of Economic Affairs provides a legal framework until November 21, 2029, this control remains primarily a policy objective. In practice, operational responsibility for the
.nl
domain lies with SIDN and is expected to remain there for the foreseeable future. - The update to reflect SIDN B.V. as the Backend Operator—effective January 1, 2023—remains pending in the IANA database. Although still necessary, this is regarded as a technical matter and constitutes a procedural update within the IANA framework, not requiring the development of new ICANN policy.
- The
.frl
top-level domain is a sponsored TLD privately managed by FRLregistry B.V.
Detailed about the Ministry of General Affairs:
- Govern IT under a Cabinet Office. And dismiss unnecessary advisory bodies.
– UK’s Cabinet Office falls under the Ministry of General Affairs. If realized in NL: “Kabinetsbureau”.
– UK’s Government Digital Service (GDS) operates hierarchically under the Cabinet Office; - Generate training material for further education from the European Cloud, which is in preparation.
– The AWS GovCloud in the United States, is managed by Amazon.
– Organizations using GovCloud must verify that all individuals with access to the environment are U.S. citizens.
– GovCloud cannot be used by foreign nationals or organizations, even if they have legitimate access to other AWS services; - Work on a Dutch or EU Digital Service for generic application software related to DNS and registries.
– Well-considered proposals, RFC and non-RFC, could feed the IANA organization.
Detailed about the Ministry of Economic Affairs:
- Include automated task costs in just one annual web domain fee;
- Include a change in a registrar’s own data in its period costs;
- Eliminate all registry discounts. A volume discount causes unfair competition.
Detailed about the Ministry of the Interior and Ministry of Justice:
- List areas of expertise, engage specialists, ensure dynamic interaction and make decisions;
- Country-Based Web Domain Services (WDSs like “Webdomeindienst” in NL)
– WDS jurisdiction is based on the real domain user’s country, not the registrant of record.
– This avoids central storage of sensitive roles (e.g. “data officer”) at the Chamber of Commerce (KVK).
– Instead, national entities can provide the appropriate verification and governance.
– Data officer appointment is directly confirmed by the director of the relevant organisation in that country. - Maintain continuity of IT expertise by involving the permanent EU stakeholder group;
Detailed about NL / EU / US and including generic top-level domain zones:
- Discuss global design and programming of Registration Data Access Protocol software.
– Introduce an emergency entity in RDAP to formally organize backup to get access.
– Introduce a fallback entity in RDAP to respond when registrant information is missing; - Generate web IDs that start with the ISO2 country code, for business entities and natural persons;
- Plan verification of web domain users indexed by web ID, starting with modeling in RDAP like mine;
- Use the developed Domain Control Register ®, based on the real web domain user.
– Report regarding expired HTTPS, security.txt or DANE via email. Perhaps a DCR revenue model; - Get custom fields approved and listed for standardization in the dynamic RDAP protocol.
– A simple data structure has been designed for the registry details;
Our Sites
- facilitating/hosting events: hostfusion.nl/
- technical documentation: webhostingtech.nl/