Domain Name Basics - WHOIS
-
Upload
tobias-sattler -
Category
Internet
-
view
267 -
download
0
Transcript of Domain Name Basics - WHOIS
Domain Name Basics
WHOISa short introduction for newcomers
What is WHOIS?
2 | Tobias Sattler, CIO www.united-domains.de
WHOIS is a protocol to query databases, such as domain names, IP addresses or
autonomous system (AS) and is documented in Request for Comment (RFC) 3912.
WHOIS has its roots in 1982, when Internet Engineering Task Force (IETF) published
a protocol for a directory service for ARPANET users.
The Internet Assigned Numbers Authority (IANA) runs a WHOIS service as a starting
point and references to Regional Internet Registries (RIR) and Domain Name
Registries.
All gTLD and most of ccTLD Registries are running a WHOIS service for their Top-
Level-Domains (TLD).
Two WHOIS Models
3 | Tobias Sattler, CIO www.united-domains.de
The two common models to run a WHOIS are often characterized as ‘thin’ or/and
‘thick’.
A thin registry only includes technical data sufficient to identify the sponsoring
registrar, status of the registration, and creation and expiration dates for each
registration (e.g. .com, .net).
Thick registries maintain the registrant’s contact information and designated
administrative and technical contact information, in addition to the sponsoring
registrar and registration status information (e.g. .club, .org).
ICANN accredited Registrars are maintaining a WHOIS service for their sponsoring
gTLD domains, if the operating Registry is ‘thin’.
Almost all gTLDs have a thick WHOIS.
How is WHOIS working?
4 | Tobias Sattler, CIO www.united-domains.de
Source: https://whois.icann.org/en/dns-and-whois-how-it-works - Effective 03/2016
Law and Policy WHOIS has always been in the spotlight, because it can create privacy issues which
are tied to free speech and anonymity. According to law enforcement it is an
important tool to investigate spam and phishing and to track down the domain
name holder.
Many ccTLD Registries are restricting the access to their WHOIS database and/or
protecting the data by disclosing only the bare minimum of information.
gTLD Registries and Registrars are bound by ICANN contracts and policies to provide
complete and validated contact information of the domain name registrant,
administrative and technical contact.
Therefore many Registrants are willing to use WHOIS Privacy and Proxy Services to
hide there data from the public.
5 | Tobias Sattler, CIO www.united-domains.de
Accuracy of Information Besides the fact that a law enforcement is relying on an accurate WHOIS
information, it is very important to do it to keep a domain name.
ICANN is enforcing Registrars to provide complete, validated and verified WHOIS
data for gTLD domains. This includes the presence of data for all fields in a proper
format and to verify either the email address or the telephone number of the
domain name holder.
Many ccTLDs Registries are also imposing Registrars to do the same that they are
doing for gTLDs, however some ccTLDs are preforming their own checks, such as
local address databases.
If WHOIS information found to be inaccurate, registrant are compelled to update
their data. If this fails because the registrant is not reachable then this could lead to
a suspension. 6 | Tobias Sattler, CIO
www.united-domains.de
Future of WHOIS There were and there are a lot of Internet Corporation for Assigned Names and
Numbers (ICANN) Working Groups ongoing regarding WHOIS.
The Expert Working Group (EWG) of ICANN recommended 2013 that WHOIS
should be scrapped and proposed a system that keeps information secret from
most Internet users, and only discloses information for ‘permissible purposes’.
In 2015 the Internet Engineering Task Force (IETF) standardized the Registration
Data Access Protocol (RDAP) and it should become a successor to WHOIS.
It is yet to be determined if RDAP will succeed to fully replace WHOIS, because
there are still open security and privacy questions, a lot of services are built on
WHOIS and it will probably take a long time to adapt.
7 | Tobias Sattler, CIO www.united-domains.de
Thank you!
Please get in touch if you have any further questions:
https://tobiassattler.com
tobiassattler
8 | Tobias Sattler, CIO www.united-domains.de