NOTE: This article is no longer updated, you can get a more complete overview of features in the new documentation.
The most important feature of FRED is its database structured according to the Registry–Registrar–Registrant model. Registrars communicate with a Registry on behalf of Registrants (domain owners). Strong ownership model ensures that each registrable object in the database is owned by one Registrar and no other Registrar can modify it. A Registrant is allowed to change their Registrar by means of a transfer process.
The registrable objects are the following:
- Contact (in roles of domain owners, administrative contacts or technical contacts),
- NSSet (a group of name servers), and
- KeySet (a group of DNSSEC keys).
All registration requests are resolved immediately if the requested object is free. The history of all changes regarding any object is accessible through an administration interface.
Zone file generation
FRED can be used to automate the zone-file generation process. It is possible to manage multiple different (even overlapping) zones. For each zone, the generator will create zone files with SOA, NS, A, AAAA, and DS records as specified in the Registry database. The zone-file generation process is protected by configurable change counters – if the number of changes is too high, the process is blocked until manual resolution.
Registrars communicate with the Registry using EPP protocol (RFC 5730) with extensions for individual objects. Extensions are slightly modified versions of the standard specifications for domains (RFC 5731) and contacts (RFC 5733). FRED contains unique extensions for NSSets and KeySets. EPP communication is secured by the standard login-and-password authentication together with the verification of client SSL certificate. To ease EPP communication, FRED distribution contains a Python client library and a command-line client application.
There are two versions of the WHOIS service. The first version is a classical Unix WHOIS service as specified in RFC 1834. This service features recursive results for all associated objects and inverse queries. The second version is a web WHOIS application. The web version supports hyperlinked and more detailed results. There is even a possibility to enable CAPTCHA protection against robots. Both versions contain the security feature of hiding personal data of contacts.
Registrars and Registrants are notified about important situations in the Registry. Registrars are notified using the EPP mechanism of poll messages. Registrants are notified using emails. Emails are constructed from predefined configurable templates. All outgoing emails are stored in a searchable archive. Notification conditions include domain expiration, domain disabling, domain unregistration or any object modification using EPP. All time periods for domain disabling and unregistration are configurable.
There are several technical checks that are performed on registered name servers to diagnose potential domain delegation problems. Those checks are completely informational and they don't block the registration process. Technical checks are invoked regularly in a configurable interval and their results are sent using email to contacts associated with name servers. They can also be invoked on demand by Registrars using the EPP interface. In this case, results are sent back to the Registrar using the EPP poll mechanism. The checks include existence and reachability of name servers, presence of delegated domains on name servers or the authoritative flag of DNS answers for such domains.
Invoicing and banking
FRED implements the prepaid-invoicing model. Bank accounts are queried for incoming payments using out-of-the-box scripts and these payments are matched to Registrars using pairing symbols. If a payment matches, an advance invoice is issued and credit is extended to the matching Registrar by a corresponding amount. The credit is then decreased upon each domain registration or renewal. The price of registration and renewal is configurable per zone. At some point in time, it's possible to create an accounting invoice for a particular Registrar containing a list of all its registrations and renewals and the total amount of money subtracted from the credit.
FRED is UTF8-aware within all its subsystems. Supported languages are very easily extensible by means of a standard process of language catalogues manipulation. Internationalized Domain Names (IDN) are supported in the system core although they are not used by any Registry operating FRED at the moment.
DNSSEC is supported by FRED out-of-the-box. The software supports creating, storing and manipulating DNSSEC records in the Registry while letting the zone-signing process to external tools. It gives the Registry operator the flexibility to choose any suitable DNSSEC tools to meet the desired security and performance.