.tel Architecture
Innovative .tel technology allows using the DNS as a data store for key-value pairs, not just IP addresses
The primary use of .tel is to store contact information, such as phone numbers, IM IDs, addresses, and keywords, in the form of NAPTR and text records. For adequate storage, retrieval and display of this information, Telnic Ltd. have implemented a multi-level architecture consisting of the following levels, also in the graphics below. Click each box for more information.
- DNS – (purple) the .tel name servers hosting all .tel domain and data as TXT, NAPTR and LOC records; that data can be accessed on the command line, in a browser, or in custom .tel software
- Core Systems – (orange) a number of systems that enable management of .tel data (TelHosting Software),its privacy (TelFriends), and display in browsers (TelProxy)
- Software – (grey) software and services on mobile and desktop devices for easier access and management of data; using the open APIs to access TelHosting Software and TelFriends
- Ecosystem – (blank) a wide range of services based on .tel technology or creating for it, including search engines, bulk update tools, auto-population and customization services
The innovative .tel technology presented by Telnic Ltd. allows using the DNS as a data store for key-value pairs with contact information, such as phone numbers, IM IDs, addresses, and keywords, in the form of NAPTR and text records. The data can then be displayed to a user via the web or in a custom application.
The architecture of the .tel platform includes TelHosting Software for managing records in a .tel domain. The software also exports a number of open interfaces, which can be used by client software to edit a .tel directly from any device connected to the Internet.
The .tel domain can include private encrypted data. The owner of the .tel domain controls access to that information via the free TelFriends service.
The data in a .tel domain can be accessed through a custom application or on the web via the TelProxy service, which wraps the data into a simple web page. With TelProxy, all .tel domains are displayed in a uniform manner using one of the two templates: one for PC browsers, and the other minimized for mobiles.
To view private data in a .tel domain, you need to have a TelFriends account and be in the .tel owner’s friend list. When you are, you can log into your TelFriends account on the .tel proxy page and see all data available for you. Custom .tel applications may support privacy as well.
Compared to traditional top-level domains, the .tel DNS uses a different set of record types. User-specified Address and CNAME records are prohibited, and the following are allowed:
Type | Description |
---|---|
TXT | Text string of 255 characters that can contain plain text, a set of keyword value pairs like “tc” “London” (tc for Town/City), or a system message that is not displayed on a .tel web page
|
LOC | Location record for storing the geographical coordinates as latitude, longitude and altitude with the accuracy of 6 decimal places
|
NAPTR | Naming Authority Pointer Record with contact information as a URL and an Enumservice that indicates the type of URL information, such as email or phone number
All Enumservice types are supported, and ordering and labelling are available. |
Related Links | |
---|---|
RFC1035: Specification for domain names and TXT records | |
RFC1876: Specification for LOC records | |
RFC3403: Specification for NAPTR records | |
Quick Start: Highlights of .tel technology | |
Whitepaper: NAPTR Records in .tel | |
Wiki article: More in Wikipedia on NAPTR records |
The .tel platform includes a friending mechanism for controlling access to published contact information. In fact, any NAPTR data can be secured and made private to any friend. For example, if Alice owns alice.tel and she has friends Bob and Charlie, she could make her office telephone number public, restrict her email address to be shown only to Bob and Charlie, and make her home phone number viewable only by Bob.
Private data is encrypted and stored inside NAPTR records of type “x-crypto”. The X-Crypto NAPTR has been designed not to break IANA ENUM service type formats and abide by the IETF “ENUM Experiences” document.
The process to secure data consists of three procedures that are performed by the encryption routines:
- The plaintext is processed with PKCS#1.5 or OAEP padding to provide extra protection against attack and create a standard block size (in this case 128 bytes).
- The plaintext is 1024-bit encrypted with the reader’s public key to obtain 128 bytes of binary data.
- The binary data is Base 64 encoded so that the encrypted data can be stored in a NAPTR record without containing special characters.
Note: We do NOT recommend storing sensitive personal information such as credit card numbers inside a .tel domain. This is not the purpose of the .tel.
The public-private key pair technique can be used for secure data exchange bypassing the “official” .tel friending system. All you need to know is how to decrypt your friend’s encrypted data.
Related Links | |
---|---|
ENUM Experiences: IETF Document on ENUM issues and experiences | |
Whitepaper: Protecting .tel Contact Data |
TelHosting is the process of creating .tel DNS zones and their publication on designated servers. Only companies accredited by Telnic Ltd., TelHosting Providers, can perform these actions. The TelHosting Provider operates name servers to resolve .tel domains and TelHosting Software to create, maintain, and publish zones on these name servers. The software also handles privacy and security settings related to encryption and decryption of stored data.
Client applications that manipulate .tel domains interact with the TelHosting platform via a standardized SOAP API, which can be logically divided into the ‘read’ API responsible for looking up .tel domains in the database, and the ‘write’ API for editing data for a specific .tel domain. The TelHosting Software also allows managing contact data via a web interface.
For more information on TelHosting Software, please refer to itslanding page. For a description of the TelHosting Provider role, see Technical Requirements for TelHosting.
OpenID is an open standard that describes how users can be authenticated in a decentralized manner to consolidate their digital identities. The .tel architecture supports OpenID 2.0, so that the .tel domain becomes the one unique identifier of its owner, who can sign up to other services, by providing the domain name, and the CTH credentials to verify domain ownership.
No development is required to enable or support OpenID in .tel, all active .tel domains have built-in support for this technology.
Related Links | |
---|---|
Wikipedia: OpenID article | |
Blog: Telnic post “Developments in OAuth and OpenID” |
Open Authorization (OAuth or OpenAuth), is an emerging standard, that allows a user to grant a third-party service access to their information stored with another service provider, without sharing their access permissions or the full extent of their data. In 2010, OAuth 1.0 specification was published as RFC5849, with OAuth 2.0 being drafted to address some of the limitations, complexities and risks of the initial protocol.
The .tel architecture supports the OAuth Web Resource Authorization Profiles (WRAP) implementation to enable authorizing independent 3rd party services to securely manage .tel domains on behalf of their owners. A software developer wishing to implement OAuth for their .tel service, needs to follow instructions in the official Guide to OAuth in .tel. Once the service is operational and tested, .tel owners can start using it, and control the level of access via settings in their .tel control panel.
For more information about OAuth implementation, please visit our Wiki.
Related Links | |
---|---|
Wikipedia: Oauth article | |
Whitepaper: Guide to OAuth in .tel | |
Sample: Telnic OAuth tester front-end | |
RFC5849: OAuth 1.0 Protocol | |
Community: Hueniverse OAuth project | |
Work Group: Google work group for OAuth WRAP | |
RFC Draft: OAuth WRAP | |
Blog: Telnic post “Developments in OAuth and OpenID” | |
TelMasters: .tel tools supporting OAuth |
If you wish your resource to be listed, please write to us at [email protected].