Project overview
For a shorter overview of the observatory, download the .auDO introduction brief. It summarises the project’s purpose, scope and evidence-first reporting posture.
A small, independent observatory capturing how visible trust signals behave across a fixed set of
.au domains over time.
How .auDO collects, preserves, classifies and publishes public domain-layer observations.
.auDO exists to preserve public evidence of visible domain-layer trust signals in the .au namespace and make cautious, method-led reporting easier to inspect.
The observatory is young and intentionally modest. It is designed to support disciplined accumulation first, then stronger interpretation only where repeated evidence supports it.
The method is deliberately simple: observe the same panel repeatedly, preserve state before interpretation, compare changes, classify observations, and publish stable reports.
Public DNS, RDAP, mail, registrar and infrastructure state is retained as evidence before report language is applied.
A single lookup can show a moment. Repeated collection gives changes and persistence enough context to be interpreted cautiously.
Publishing model
.auDO separates collection, derived summaries, dated reports and explanatory material so readers can move from evidence to context without confusing observations for conclusions.
Derived public summaries of current posture across DNSSEC, DMARC, registrar, provider and RDAP signal areas.
Dated report artefacts that preserve observed change and support later review.
Canonical definitions for observed fields and human-readable signal tiers.
Logical groupings within the curated panel used to describe aggregate signal context.
Plain-language context for readers who need to understand why a signal matters.
A public operational view of panel composition, signal mix and longitudinal context.
Data governance
.auDO keeps observation evidence, derived summaries, cohort context and external registry reference data separate. The namespace-panel context JSON is the reusable bridge used by public surfaces.
Shared namespace context is loaded when available. Static methodology notes remain valid without it.
| Data category | Role | Interpretation limit |
|---|---|---|
| .auDO observation data | Public DNS, RDAP, mail, DNSSEC, registrar and provider signals collected from the fixed panel over time. | Observation evidence for the panel only. It is not private system evidence or whole-namespace monitoring. |
| Derived State data | Generated summaries used by State pages to describe current visible posture across signal families. | Panel summaries, not registry-wide measurements, scores or assessments. |
| Cohort data | Curated groupings of panel domains used to make aggregate observations easier to read. | Cohorts are not complete sector coverage and do not support sector-wide findings. |
| External auDA registry reference data | Monthly registry statistics used to show wider .au namespace scale and suffix context. | External reference context only. It is not .auDO observation evidence. |
| Namespace-panel context data | Derived JSON that combines panel composition with the latest available auDA registry context for public rendering. | A presentation context layer. It avoids each page independently joining raw reference and panel data. |
Namespace-panel limitations load from the shared context JSON when available.
.auDO is a small observatory of the .au namespace. It observes how visible domain and DNS trust signals behave over time across a fixed panel of domains.
.auDO began as an R&D observatory in February 2026. The current retained reporting baseline begins on 26 March 2026.
It is not full-coverage monitoring, not a real-time console, not a vulnerability scanner, and not a representation of the full namespace.
The build remains intentionally lean: enough structure to observe, preserve, and publish without presenting the system as full-coverage monitoring.
Signal model
.auDO observes public DNS, RDAP, mail posture, DNSSEC, provider inference and provenance signals. These are visible technical signals, not private security findings.
Registrar, RDAP status, domain dates, redaction indicators and related registration metadata where visible.
Name servers, address records, MX records, TXT records, SPF and DMARC presence.
Visible DNSSEC evidence including DNSSEC state, DNSKEY presence and RDAP-derived DNSSEC indicators.
Visible DNS and email provider patterns inferred from public configuration.
Snapshot metadata, raw evidence, source fallback and collection context used to preserve traceability.
Hosting provider and ASN context may appear in specific report artefacts where evidence exists, but they are not currently first-class snapshot signal families.
Read the Signals library for canonical definitions and interpretation limits.
| Area | Current approach |
|---|---|
| Observation scope | A fixed panel of 100 .au domains selected for sector mix, operational relevance, and signal diversity rather than full namespace coverage. |
| Collection cadence | Scheduled recurring collection designed to support repeatable longitudinal observation rather than one-off lookup results. |
| State capture | Public state is captured as snapshots so observed posture can be preserved directly before interpretation is applied. |
| Change detection | Meaningful differences are derived across runs, allowing nameserver, registrar, DNSSEC, mail and related trust-layer changes to be reviewed over time. |
| Report artifacts | Reports are generated from stable exported artifacts so analysis remains inspectable, repeatable, and separate from live collection. |
| Publication model | A lightweight static site publishes method context, daily reports, charts and panel state without pretending to be a real-time monitoring console. |
Operating model
.auDO runs on a deliberately lean infrastructure model.
| Provider | .auDO use | Operating boundary |
|---|---|---|
| Supabase | .auDO uses Supabase as part of its data storage and analysis environment for retained observation data and derived reporting workflows. | Supabase does not supply, review, approve or endorse .auDO observations, classifications or reports. |
| GitHub | .auDO uses GitHub for source control, workflow automation, scheduled processing and management of generated artefacts. | GitHub does not supply, review, approve or endorse .auDO observations, classifications or reports. |
| Cloudflare | .auDO uses Cloudflare for public site delivery, report and asset delivery, and related storage and edge infrastructure. | Cloudflare does not supply, review, approve or endorse .auDO observations, classifications or reports. |
Classification
Signal tiers are interpretive metadata used to describe different kinds of observed change. The canonical human-readable definitions live in the Signals library.
High-signal trust posture change.
Meaningful infrastructure movement.
Routine or low-confidence churn.
Retained evidence not yet explicitly mapped.
Interpretation should be supported by repeated evidence, persistence, volume thresholds or clear context. Single observations are reported without over-claiming.
Counts summarise retained observations. They are not risk scores, ratings, compliance findings or statements about organisational fault.
.auDO observes public technical state. It does not inspect private systems or infer internal intent from public changes alone.
Observed changes are not evidence of compromise, breach, incident or non-compliance unless separate evidence explicitly supports that conclusion.
Use the Observation Guide for a practical walkthrough of how to move from public signal to cautious interpretation.
The observatory can already surface useful patterns in visible posture and repeated change, but it is still early.
The current priority is improving event quality, reducing classification ambiguity, and building enough longitudinal history to support stronger interpretation over time.
.auDO records public observations. It does not assess internal governance. The Domain Governance Baseline is a separate resource for organisations that want to examine internal ownership, accountability and review.