Domain Name Basics - WHOIS

of 8/8
Domain Name Basics WHOIS a short introduction for newcomers
  • date post

  • Category


  • view

  • download


Embed Size (px)

Transcript of Domain Name Basics - WHOIS

Domain Name Basics

Domain Name Basics

WHOISa short introduction for newcomers

What is WHOIS? 2 | Tobias Sattler, CIO www.united-domains.deWHOIS is a protocol to query databases, such as domain names, IP addresses or autonomous system (AS) and is documented in Request for Comment (RFC) 3912.WHOIS has its roots in 1982, when Internet Engineering Task Force (IETF) published a protocol for a directory service for ARPANET users.The Internet Assigned Numbers Authority (IANA) runs a WHOIS service as a starting point and references to Regional Internet Registries (RIR) and Domain Name Registries.All gTLD and most of ccTLD Registries are running a WHOIS service for their Top-Level-Domains (TLD).


Two WHOIS Models 3 | Tobias Sattler, CIO www.united-domains.deThe two common models to run a WHOIS are often characterized as thin or/and thick.A thin registry only includes technical data sufficient to identify the sponsoring registrar, status of the registration, and creation and expiration dates for each registration (e.g. .com, .net).Thick registries maintain the registrants contact information and designated administrative and technical contact information, in addition to the sponsoring registrar and registration status information (e.g. .club, .org).ICANN accredited Registrars are maintaining a WHOIS service for their sponsoring gTLD domains, if the operating Registry is thin.Almost all gTLDs have a thick WHOIS.


How is WHOIS working? 4 | Tobias Sattler, CIO

Source: - Effective 03/2016


Law and PolicyWHOIS has always been in the spotlight, because it can create privacy issues which are tied to free speech and anonymity. According to law enforcement it is an important tool to investigate spam and phishing and to track down the domain name holder.Many ccTLD Registries are restricting the access to their WHOIS database and/or protecting the data by disclosing only the bare minimum of information.gTLD Registries and Registrars are bound by ICANN contracts and policies to provide complete and validated contact information of the domain name registrant, administrative and technical contact.Therefore many Registrants are willing to use WHOIS Privacy and Proxy Services to hide there data from the public. 5 | Tobias Sattler, CIO


Accuracy of InformationBesides the fact that a law enforcement is relying on an accurate WHOIS information, it is very important to do it to keep a domain name.ICANN is enforcing Registrars to provide complete, validated and verified WHOIS data for gTLD domains. This includes the presence of data for all fields in a proper format and to verify either the email address or the telephone number of the domain name holder.Many ccTLDs Registries are also imposing Registrars to do the same that they are doing for gTLDs, however some ccTLDs are preforming their own checks, such as local address databases.If WHOIS information found to be inaccurate, registrant are compelled to update their data. If this fails because the registrant is not reachable then this could lead to a suspension. 6 | Tobias Sattler, CIO


Future of WHOISThere were and there are a lot of Internet Corporation for Assigned Names and Numbers (ICANN) Working Groups ongoing regarding WHOIS.The Expert Working Group (EWG) of ICANN recommended 2013 that WHOIS should be scrapped and proposed a system that keeps information secret from most Internet users, and only discloses information for permissible purposes.In 2015 the Internet Engineering Task Force (IETF) standardized the Registration Data Access Protocol (RDAP) and it should become a successor to WHOIS.It is yet to be determined if RDAP will succeed to fully replace WHOIS, because there are still open security and privacy questions, a lot of services are built on WHOIS and it will probably take a long time to adapt. 7 | Tobias Sattler, CIO


Thank you!

Please get in touch if you have any further questions:


8 | Tobias Sattler, CIO