WorkshopontheTechnicalEvolu4onoftheWhoisService

ICANNMee(ng,Cartagena,Colombia

EliseGerich

11:00–12:00pm9December2010,Barahona3Room

Agenda

•  Introduc4on(KurtPritz)•  Background(EliseGerich)•  TechnicaldeficienciesofWHOIS(HaraldAlvestrand)

•  Staffanalysis(FranciscoArias&SteveSheng)

•  CommunityDiscussion

2

KurtPritzSeniorVicePresident

ofStakeholderRela(ons

ICANN

3

EliseGerichVicePresident

IANA

4

5

Whois(orWHOIS)inICANNDebateCouldMean:

TermsUsedInThisPresenta@on

TheWHOISprotocol‐RFC3912 WHOISprotocol

TheWhois"service"‐boththeWHOISprotocolandWeb‐basedWhois

WhoisService

Thedatacollectedatregistra4onandmadeavailabletousers

DomainRegistra4onData

Terminology

WHOIS protocol •  Alsoknownasport‐43Whois•  SpecifiedinRFC3912•  Clientsendsarequestinoneline

(newlineendstherequest)•  Serversendstheresponse

(mul4line)andclosesconnec4on•  Forhistoricreasons,WHOISlacks

manyoftheprotocoldesignaYributesthatwouldbeexpectedfromanymodernprotocol

6

Web-based Whois Service

•  Offeredbyregistries,registrarsandRIRs

•  Usuallyinsimilar‐lookingoutputtoWHOISbutinHTML;moreuser‐friendly

•  SomeR*sofferaricherfunc4onality,takingadvantageofWebcapabili4es

7

Domain registration Data

•  gTLDRegistryAgreements,RAAspecifywhatshouldbeincludedandpublished

•  EachccTLDandRIRhasitsownsetofdatatopublish

•  Typicallycovers:thecontactsassociatedwiththeresource(domain,IPblock,etc.)andDNSservers,ifapplicable

8

HaraldAlvestrandGoogle,

BoardofDirectorsatICANN,Unicode,andNorid(.no)

9

Whois Service requirements

•  InMay2009theGNSOcouncilrequestedaninventoryofWhoisServiceRequirements

•  FinalreportincludesinputfromALAC,GNSO,SSAC,andcommunityinput

10

Problems with WHOIS protocol •  Lackofstandardiza4onin

query,outputanderrormessages

•  Lackofsupportforinterna4onalizedregistra4ondata(IRD)anddomains(IDN)

•  Lackofauthen4ca4onandaccesscontrolmechanismstoDomainRegistra4onData

Lack of Standardization •  TheWHOISprotocol(RFC3912)does

notdefinequeryformatsorencoding,hasnostructureforrepliesanderrormessages

•  Suchdecisionsareleftotheregistrars,registriesandRIRs.Thisresultsindifferentquerysyntaxes,outputformats,characterencodings,anderrormessages

•  Nega4veimpactonuserexperienceandlegi4mateuseofautoma4on

•  Nodefenseagainstillegi4mateharves4ng

Lack of Support for IRD and IDN

  WHOISwasdefinedforASCIIonly

  Exis4ngdeploymentisinconsistentwithregardtocharactersets

  Interna4onaliza4onandIDNsmakethisdifficultyimportant

Lack of Authentication and Access Control

•  WHOIShasnoplacetoputanusername,andnoauthen4ca4onmechanism

•  Thelackofauthen4ca4onmechanismsmakesadop4onofaccesscontrols,audi4ng,orprivacymeasuresimpossible

SteveSheng&FranciscoAriasICANNTechnicalStaff

15

Outline

•  PossibleSolu4ons•  ComparisonofOp4ons

•  Nextsteps

16

Possible Solutions

A.  ExtendtheWHOISprotocolC.  MigratetoInternetRegistry

Informa4onService(IRIS)

D.  MigratetoRESTfulWHOISService(RWS)

E.  Other?

Extending WHOIS •  ArevisedandextendedWHOIS

specifica4oncouldbedeveloped.•  Specifica4onwouldincludeversion

selec4on,queryandresponseformats,errormessages,mechanismforsignalingcharacterencoding,etc.

•  Authen4ca4onandaccesscontrolmechanismscanalsobeaddedasextensionstoWHOIS,butprobablywithconsiderableeffort.

IRIS protocol

•  Atthe4me,developedasasuccessortoWHOIS

•  Requiresspecializedclientandserver

•  UsesXMLencodingforqueriesandresults

19

Migrating to IRIS

AddressesthedeficienciesofWHOISby

•  UsingXMLencodingforbothqueryandresponsetosupportmul4plelanguages;

•  Specifyingawell‐definedstructureforqueryandresultsets;

•  Suppor4ngauthen4ca4onandaccesscontrolinitsapplica4on‐transportlayerprotocol

RESTful Whois (RWS)

•  Web‐basedWhois(usesHTTP)andconformstotheRESTarchitecturalapproach

•  CanbequeriedusingWebbrowsersorcommand‐linetools

•  QueriesexpressedasanURI/URL,e.g.,hYp://whois.tld/dom/icann.tld

•  ResponsesinXMLandHTML

21

Migrating to RWS

AddressesthedeficienciesofWHOISby:

•  UsingXML/HTMLforresponsessupportsmul4plelanguages(characterencodings)

•  Specifyingawell‐definedstructureforresultsets

•  HTTP,thetransportforRWSalreadysupportsauthen4ca4onandaccesscontrol

Summary of Analysis •  ExtendingWHOIScanaddressthetechnical

deficiencies,butrequiressignificantchangetotheprotocol,whichwouldleavetheclientbaseobsolete.

•  IRIShasthemostfeaturesandiseasilyextensible,butitiscostlytoimplementandtherearenoreadilyavailableresources.

•  RWShasanumberoffeaturesthataddressesthedeficienciesofWHOIS,isextensibletoaccommodatefutureimprovements,andcanbeachievedatareasonablylowcost.ItwouldintegratecurrentWHOISwithweb‐basedWhois.• Produc4onRWSfromARIN• Pilotimplementa4onsfromRIPEandICANN

Next steps

Staffisseekingfeedbackfrom:•  Whoisusers,

•  Registries(gTLDsandccTLDs),•  Registrars,•  RIRs,and

•  Otherinterestedpar4es

Questions i.  Havewecorrectlysummarizedthe

problemsofWHOISprotocol?Arethereanyothertechnicalproblemsoftheprotocolthatwemissed?

ii.Havewecorrectlyiden4fiedthepoten4alsolu4onspace?Arethereanyotherviablesolu4onsthatwehavenotiden4fied?

iii.Forthesolu4onsthatweiden4fied,isouranalysiscorrect?Arethereanyotherfactorswedidnotiden4fy?

iv.Whichofthethreeiden4fiedop4onsisthemostadequateandwhy?

Please submit your feedback to

•  SteveShengsteve.sheng@icann.org

•  FranciscoAriasfrancisco.arias@icann.org

26

Thank You and Questions

Backupslides

Extending WHOIS considerations •  Uncertain4esinStandardiza4on:•  TheproposedWHOISreplacement

(IRIS)protocolhasalreadygonethroughtheIETFprocess

•  BackwardCompa4bility:•  Extendingtheprotocolrequiresa

methodofsignaling“version”toensurebackwardcompa4bility

•  Obsoleteclientbase:•  Upda4ngtheprotocolwouldrequire

theuseofnewclientstoaccesstheWhoisdata

Migrating to IRIS considerations •  Complexprotocol:•  Threelayers:registry‐specific(domain

names,IPaddresses,etc.),commonregistry(IRIS),andapplica4on‐transport(BEEP,IRIS‐LWZ,XPC)

•  Requiresnotwell‐knowntransportprotocol

•  Lackofadop4on:•  Noavailableclientimplementa4onsof

thefullIRISprotocol•  NofullIRISserverimplementa4ons

availableforuse,fromeitheropen‐sourceorcommercialdevelopers

Migrating to RWS considerations

•  RWSisnotstandardizedyetandvariousimplementa4onsmayhavedifferingspecifica4ons

•  Unclearwhetherthereissufficientstakeholderinteresttopursuedevelopmentofatechnicalstandard

Comparison of Options

•  AvailableFeatures•  Cost•  Extensibility•  ReadilyAvailableResources

Available Features

•  ExtendingWHOIScanaddressthedeficienciesiden4fied,butwouldrequiresignificantprotocolchange

•  IRISoffersmostfeaturesavailable

•  RWScanaddressallthedeficienciesinWHOISoncestandardized,andoffersagoodnumberofaddi4onalfeatures

Costs •  ThecostofextendingWHOISincludes

standardiza4on,aswellasupda4ngclientsandservers

•  Duetothelackofavailableclientandserverimplementa4onsforIRISandthecomplexityoftheprotocol,implemen4ngIRISislikelytobecostlyforregistrarsandregistries

•  RWSislikelytobelesscostlythanIRISorextendingWHOIS,duetothewideavailabilityofclients,wellknownandwidelyadoptedarchitecturalstandard(web‐basedWhoisisalreadyoffered)

Extensibility

•  ExtendingWHOISisdifficult•  IRISisalayeredprotocoland

eachlayercanbeextended.SimilarcasecanbemadeforRWS

•  BothIRISandRWSarebasedonXMLschemaandsupportversioning,sothedatamodelcanbeeasilyextended

Readily Available Resources •  Theexis4ngWHOISclientislikelyto

bemadeobsoleteoncetheprotocolisupdated,thereforerequiringneworupdatedclient.

•  TherearenoIRISclientsavailable,IRISusesnotwell‐knownprotocolsfortransport;thereforefewpeoplewouldknowhowtowriteaclient.

•  RWScanusethewebbrowserandcommand‐linetools,suchascurlandwgetasclients,itcanalsobenefitfromexis4ngtechnologytoimplementload‐balanceservers,cacheanswerstominimizenetworktraffic,etc.