Jump to content

Whois: Difference between revisions

From ICANNWiki
mNo edit summary
Jessica (talk | contribs)
No edit summary
 
(54 intermediate revisions by 11 users not shown)
Line 1: Line 1:
'''WHOIS''' is a TCP-based query/response protocol which is widely used for querying a database in order to determine the owner of a domain name, an IP address, or an autonomous system number on the Internet. <ref>[http://www.techterms.com/definition/whois Whois definition]</ref>
'''Whois''' is a [[TCP]]-based query/response protocol which is widely used for querying a database in order to determine the owner of a [[Domain Name|domain name]], an [[IP Address|IP address]], or an [[ASN|autonomous system number]] on the Internet.<ref>[http://www.techterms.com/definition/whois Whois definition]</ref>


==Short overview==
==Overview==
'''Whois''' (pronounced as the phrase Who is) represents a protocol which is mainly used to used to find details and information about domain names, networks and hosts. The Whois records contain data referring to various organizations and contacts related to the networds and domain names. The Whois protocols operate by means of a server where anyone is allowed to connect and create a query. The Whois server will then respond to this query and end the connection. A Whois server can exist in any type of company and provide information related to its activity.  
'''Whois''' (pronounced as the phrase Who is) represents a protocol that is mainly used to find details and information about domain names, networks, and hosts. The Whois records contain data referring to various organizations and contacts related to the domain names. The Whois protocols operate by means of a server where anyone is allowed to connect and create a query; the Whois server will then respond to this query and end the connection.<ref>[http://www.domainpunch.com/articles/whois/whois.php Whois]</ref>
However, Whois is usually used in order to find information related to domain names by creating queries on the appropriate server. <ref>[http://www.domainpunch.com/articles/whois/whois.php Whois]</ref>
 
==Whois History==
During the foundational period of the Internet the only organization that was responsible for the administration of domain name registrations was [[DARPA]]. As the Internet grew in the 1980s, the Whois system appeared with the purpose of administering and looking up domain names, registrants, and other resources related to domain name registration. Still, at that time there was only one organization registering domains, so the system acted as a centralized query-based server. Over time the number of [[gTLD]]s significantly increased, which led to complex networks of registrars and related associations; in response, the Whois servers became stronger and less permissive.<ref>[http://en.wikipedia.org/wiki/Whois Whois History]</ref>
 
How to maintain both a privacy-secure and safe Whois system, and an accurate database for contacts for any domain registrant has been one of the most intractable issues at [[ICANN]]. Whois is one of 4 issues areas subject to Independent Review under ICANN's Affirmation of Commitments with the U.S. Government.<ref name="Deja Whois">[http://news.dot-nxt.com/2013/01/16/deja-whois Deja Whois, News.Dot-Nxt]Published & Retrieved 17 Jan 2013]</ref> At [[ICANN 45]] in Toronto, the first opening ceremony address by new ICANN CEO, [[Fadi Chehadé]], he memorably said that the Whois problem should not have been drawn out for 12 years and should not be a difficult problem to solve.<ref>[http://domainincite.com/10941-chehade-sets-out-12-point-plan-for-next-six-months Chehade Sets out 12 Point Plan for Next 6 months, DomainIncite.com]Retrieved 17 Jan 2013</ref><ref>[http://www.icann.org/en/news/press/kits/toronto45/video-chehade-15oct12-en.htm Video Chehade, ICANN.org]Retrieved 17 Jan 2013</ref>
 
In late 2012, a senior executive at ICANN was brought in to focus exclusively on Whois.<ref name ="Deja Whois"></ref>


== Whois Purpose==
== Whois Purpose==
The Internet has changed as compared to its early days of technical experimentation, thus evolving. In this way, the Internet has become an essential key for commerce activities and a wide source of information for worldwide users. Having this in mind, the Whois represents a database where essential contact information is found and updated.<ref>[http://gnso.icann.org/issues/whois-privacy/tf-report-15mar06.htm Whois ICANNPrivacy]</ref>   
The Internet has become an essential key for commerce activities and a wide source of information for worldwide users, and the Whois represents a database where essential contact information is found and updated.<ref>[http://gnso.icann.org/issues/whois-privacy/tf-report-15mar06.htm Whois ICANNPrivacy]</ref>   
Apart from finding information about the domain name or executing the queries created on the server, the Whois has plenty of other uses as listed below:
Apart from finding information about the domain name or executing the queries created on the server, the Whois also:
*Ensuring support for security and stability over the Internet
 
*Determining the name domain and its registration status
*Ensures support for security and stability over the Internet
*Determines a domain name's registration status
*Ensures restrictive use of information communication technology
*Ensures restrictive use of information communication technology
*Enforcing laws at national and international level under the guidance of authorities during investigations
*Enforces laws at the national and international level under the guidance of authorities during investigations
*Protects intellectual property and trademarks
*Protects intellectual property and trademarks
*Ensures the right support for organizations in combat against fraud while complying with relevant laws  
*Ensures the right support for organizations in combat against fraud while complying with relevant laws


==Whois and ICANN==
==Whois and ICANN==
WHOIS services allow access for the public to data and information related to registered domain names, which currently includes contact information for Registered Name Holders. Within the agreements of ICANN fot domain names registered in generic top-level domains (gTLDs) there are specified the following: the extent of registration data collected in the moment of domain name registration and the ways through which such data can be accessed. For instance, ICANN requires accredited registrars to collect and provide free public access to the name of the registered domain name and its nameservers and registrar, the date the domain was created and when its registration expires, and the contact information for the Registered Name Holder, the technical contact, and the administrative contact. <ref>[http://www.icann.org/en/topics/whois-services/ ICANN Whois Services]</ref>
[[ICANN]]'s requirements for registered domain names state that the extent of registration data collected at the moment of domain name registration can be accessed. That is, ICANN requires accredited registrars to collect and provide free public access, such as a Whois service, to information regarding the registered domain name and its nameservers and registrar, the date the domain was created and when its registration expires, and the contact information for the registered name holder, the technical contact, and the administrative contact.<ref>[http://www.icann.org/en/topics/whois-services/ ICANN Whois Services]</ref>


==Whois protocol==
==Whois Protocol==
The origin of Whois protocol is in the ARPANET NICNAME protocol which was developed based on NAME/FINGER Protocol (rpersented in [[RFC742]] from 1977). In 1982 within [[RFC812]] the NICNAME/WHOIS protocol was for the first time presented by  Ken Harrenstien and Vic White from SRI International - Network Information Center. Even if at first the Whois was used on NCP (Network Control Program) his main use was set along with the standardization of TCO/IP across the ARPNET and Internet.  
The origin of the Whois Protocol is in the ARPANET NICNAME protocol, which was developed based on NAME/FINGER Protocol (discussed in [[RFC742]] from 1977). In 1982, in [[RFC812]], the NICNAME/WHOIS protocol was presented for the first time by  [[Ken Harrenstien]] and [[Vic White]] from SRI International - Network Information Center. While Whois was first used on the Network Control Program, its main use was eventually determined by the standardization of TCP/IP across the ARPNET and Internet.
 
==Whois Replacements/Alternatives==
Due to shortcomings of the protocol, various proposals exist to augment or replace it. Examples are [http://tools.ietf.org/html/rfc3981 Internet Registry Information Service (IRIS)], the newer proposed IETF working group called [http://www.ietf.org/mail-archive/web/weirds/current/msg00231.html WHOIS-based Extensible Internet Registration Data Service (WEIRDS)], which developed a REST-based protocol, [[RDAP]].
 
On September 24, 2020, the [[GNSO]] voted to accept the recommendations in the [[EPDP]] [[WHOIS final report]] over objections from the [[Intellectual Property Constituency]] and [[Business Constituency]], the [[Governmental Advisory Committee]], the [[At-Large Advisory Committee]], and the [[Security and Stability Advisory Committee]]. In the past, once the GNSO has accepted a report, it was forwarded to the [[ICANN Board]] for consideration. However, during [[ICANN 69]], ICANN CEO [[Goran Marby]] announced the [[ODP]], which will provide facts and figures to the ICANN Board on implementation costs. This new layer of review is expected to slow down the WHOIS replacement process.<ref>[https://www.inta.org/icann-accepts-whois-proposal-over-stakeholder-objections/ ICANN accepts WHOIS proposal]</ref>
 
==Thick Whois==
A Thick Whois Server stores complete and accurate information from all registrars regarding registered domain names and their registrants. This information is available to the registry operator and it can facilitate bulk transfers of all domain names to another registrar in the event of a registrar failure. Thick Whois also enables faster queries.<ref>[http://www.circleid.com/posts/com_net_thick_or_thin/ .COM and .NET: Thick Or Thin?]</ref>
 
In November 2011, ICANN Staff issued a Preliminary Issue Report on 'Thick' Whois to determine if the [[GNSO]] Council needs to conduct a [[PDP|Policy Development Process]] (PDP) regarding the Whois requirements made of existing [[gTLD]]s.<ref>[http://www.icann.org/en/news/public-comment/thick-whois-preliminary-report-21nov11-en.htm Preliminary Issue Report on 'Thick' Whois]</ref> The ICANN community was divided on the issue. In a statement, [[Verisign]] said that it would "neither advocate for nor against the initiation of a PDP." The company also argued that its Whois model for [[.com]], [[.net]], [[.name]] and [[.jobs]] is effective but if the internet community and its customers believed that thick Whois is better, it will respect and implement the policy. The [[Intellectual Property Constituency]] supported Whois implementation. The constituency believed that it would help prevent abuses on intellectual property rights and consumer fraud. <ref>[http://domainincite.com/fight-brewing-over-thick-com-whois/ Fight brewing over thick .com Whois]</ref> On the other hand, [[Wendy Seltzer]] of the [[NCUC|Non-Commercial Users Constituency]] (NCUC) expressed her concern over the impact of further Whois expansion on privacy rights. She pointed out that ''"Moving all data to the registry could facilitate invasion of privacy and decrease the jurisdictional control registrants have through their choice of registrar."''<ref>[http://forum.icann.org/lists/thick-whois-preliminary-report/msg00006.html NCUC Comments on Thick Whois]</ref>
 
In February 2012, the GNSO Council postponed its decision to determine if it was necessary for Verisign to implement the thick Whois database on .com and all the other gTLDs under its management. The Policy Development Process regarding the issue was also delayed due to the request of the NCUC. All registry operators except Verisign were required to implement Thick Whois.<ref> [http://domainincite.com/thick-com-whois-policy-delayed/ Thick .com Whois policy delayed]</ref> In August 2012, the GNSO Council, along with two other ICANN constituencies, sent a letter to ICANN chastising it for its decision to not require Verisign to implement Thick Whois for the [[.com]] TLD.<ref>[http://domainnamewire.com/2012/08/21/constituencies-blast-icanns-closed-door-verisign-com-contract-renewal/ Constituencies Blast ICANN's Closed-Door Verisign Com Contract Renewal, DomainNameWire.com]</ref>
 
On February 7, 2014, the ICANN Board adopted [[Consensus Policy]] recommendations from the GNSO Thick WHOIS Working Group which led to the [https://www.icann.org/resources/pages/thick-whois-transition-policy-2017-02-01-enThick WHOIS Transition Policy] for all gTLD registries. This policy required that registries begin accepting Thick registration data from registrars for .com, .net, and .jobs names on November 30, 2019; that all new domain name registrations be Thick by May 31, 2020; and that all relevant registration data for existing domain names be migrated from Thin to Thick by November 30, 2020. Then [[Verisign]] and the [[Registrar Stakeholder Group]] reached an impasse over the European Union's [[GDPR|General Data Protection Regulation]]'s impact on data processing and the new requirements and obligations imposed on registrars. Verisign asked for an extension, and after months of conversation between the GNSO and the ICANN Board, the contractual compliance enforcement of the transition to thick RDDS was deferred (for the fifth time).<ref>[https://www.icann.org/resources/board-material/resolutions-2019-11-07-en#1.i Resolutions (Nov 7,19), ICANN Board Materials]</ref>


==References==
==References==
{{Reflist}}
{{Reflist}}
[[Category: Glossary]]
==External links==
* [http://whois.icann.org/sites/default/files/files/improvements-annual-report-12dec14-en.pdf/ ICANN review of improvements to Whois in 2014 PDF]

Latest revision as of 17:14, 12 May 2021

Whois is a TCP-based query/response protocol which is widely used for querying a database in order to determine the owner of a domain name, an IP address, or an autonomous system number on the Internet.[1]

Overview[edit | edit source]

Whois (pronounced as the phrase Who is) represents a protocol that is mainly used to find details and information about domain names, networks, and hosts. The Whois records contain data referring to various organizations and contacts related to the domain names. The Whois protocols operate by means of a server where anyone is allowed to connect and create a query; the Whois server will then respond to this query and end the connection.[2]

Whois History[edit | edit source]

During the foundational period of the Internet the only organization that was responsible for the administration of domain name registrations was DARPA. As the Internet grew in the 1980s, the Whois system appeared with the purpose of administering and looking up domain names, registrants, and other resources related to domain name registration. Still, at that time there was only one organization registering domains, so the system acted as a centralized query-based server. Over time the number of gTLDs significantly increased, which led to complex networks of registrars and related associations; in response, the Whois servers became stronger and less permissive.[3]

How to maintain both a privacy-secure and safe Whois system, and an accurate database for contacts for any domain registrant has been one of the most intractable issues at ICANN. Whois is one of 4 issues areas subject to Independent Review under ICANN's Affirmation of Commitments with the U.S. Government.[4] At ICANN 45 in Toronto, the first opening ceremony address by new ICANN CEO, Fadi Chehadé, he memorably said that the Whois problem should not have been drawn out for 12 years and should not be a difficult problem to solve.[5][6]

In late 2012, a senior executive at ICANN was brought in to focus exclusively on Whois.[4]

Whois Purpose[edit | edit source]

The Internet has become an essential key for commerce activities and a wide source of information for worldwide users, and the Whois represents a database where essential contact information is found and updated.[7] Apart from finding information about the domain name or executing the queries created on the server, the Whois also:

  • Ensures support for security and stability over the Internet
  • Determines a domain name's registration status
  • Ensures restrictive use of information communication technology
  • Enforces laws at the national and international level under the guidance of authorities during investigations
  • Protects intellectual property and trademarks
  • Ensures the right support for organizations in combat against fraud while complying with relevant laws

Whois and ICANN[edit | edit source]

ICANN's requirements for registered domain names state that the extent of registration data collected at the moment of domain name registration can be accessed. That is, ICANN requires accredited registrars to collect and provide free public access, such as a Whois service, to information regarding the registered domain name and its nameservers and registrar, the date the domain was created and when its registration expires, and the contact information for the registered name holder, the technical contact, and the administrative contact.[8]

Whois Protocol[edit | edit source]

The origin of the Whois Protocol is in the ARPANET NICNAME protocol, which was developed based on NAME/FINGER Protocol (discussed in RFC742 from 1977). In 1982, in RFC812, the NICNAME/WHOIS protocol was presented for the first time by Ken Harrenstien and Vic White from SRI International - Network Information Center. While Whois was first used on the Network Control Program, its main use was eventually determined by the standardization of TCP/IP across the ARPNET and Internet.

Whois Replacements/Alternatives[edit | edit source]

Due to shortcomings of the protocol, various proposals exist to augment or replace it. Examples are Internet Registry Information Service (IRIS), the newer proposed IETF working group called WHOIS-based Extensible Internet Registration Data Service (WEIRDS), which developed a REST-based protocol, RDAP.

On September 24, 2020, the GNSO voted to accept the recommendations in the EPDP WHOIS final report over objections from the Intellectual Property Constituency and Business Constituency, the Governmental Advisory Committee, the At-Large Advisory Committee, and the Security and Stability Advisory Committee. In the past, once the GNSO has accepted a report, it was forwarded to the ICANN Board for consideration. However, during ICANN 69, ICANN CEO Goran Marby announced the ODP, which will provide facts and figures to the ICANN Board on implementation costs. This new layer of review is expected to slow down the WHOIS replacement process.[9]

Thick Whois[edit | edit source]

A Thick Whois Server stores complete and accurate information from all registrars regarding registered domain names and their registrants. This information is available to the registry operator and it can facilitate bulk transfers of all domain names to another registrar in the event of a registrar failure. Thick Whois also enables faster queries.[10]

In November 2011, ICANN Staff issued a Preliminary Issue Report on 'Thick' Whois to determine if the GNSO Council needs to conduct a Policy Development Process (PDP) regarding the Whois requirements made of existing gTLDs.[11] The ICANN community was divided on the issue. In a statement, Verisign said that it would "neither advocate for nor against the initiation of a PDP." The company also argued that its Whois model for .com, .net, .name and .jobs is effective but if the internet community and its customers believed that thick Whois is better, it will respect and implement the policy. The Intellectual Property Constituency supported Whois implementation. The constituency believed that it would help prevent abuses on intellectual property rights and consumer fraud. [12] On the other hand, Wendy Seltzer of the Non-Commercial Users Constituency (NCUC) expressed her concern over the impact of further Whois expansion on privacy rights. She pointed out that "Moving all data to the registry could facilitate invasion of privacy and decrease the jurisdictional control registrants have through their choice of registrar."[13]

In February 2012, the GNSO Council postponed its decision to determine if it was necessary for Verisign to implement the thick Whois database on .com and all the other gTLDs under its management. The Policy Development Process regarding the issue was also delayed due to the request of the NCUC. All registry operators except Verisign were required to implement Thick Whois.[14] In August 2012, the GNSO Council, along with two other ICANN constituencies, sent a letter to ICANN chastising it for its decision to not require Verisign to implement Thick Whois for the .com TLD.[15]

On February 7, 2014, the ICANN Board adopted Consensus Policy recommendations from the GNSO Thick WHOIS Working Group which led to the WHOIS Transition Policy for all gTLD registries. This policy required that registries begin accepting Thick registration data from registrars for .com, .net, and .jobs names on November 30, 2019; that all new domain name registrations be Thick by May 31, 2020; and that all relevant registration data for existing domain names be migrated from Thin to Thick by November 30, 2020. Then Verisign and the Registrar Stakeholder Group reached an impasse over the European Union's General Data Protection Regulation's impact on data processing and the new requirements and obligations imposed on registrars. Verisign asked for an extension, and after months of conversation between the GNSO and the ICANN Board, the contractual compliance enforcement of the transition to thick RDDS was deferred (for the fifth time).[16]

References[edit | edit source]


External links[edit | edit source]