Whois

Revision as of 17:14, 12 May 2021 by Jessica (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Whois is a TCP-based query/response protocol which is widely used for querying a database in order to determine the owner of a domain name, an IP address, or an autonomous system number on the Internet.[1]

Overview[edit | edit source]

Whois (pronounced as the phrase Who is) represents a protocol that is mainly used to find details and information about domain names, networks, and hosts. The Whois records contain data referring to various organizations and contacts related to the domain names. The Whois protocols operate by means of a server where anyone is allowed to connect and create a query; the Whois server will then respond to this query and end the connection.[2]

Whois History[edit | edit source]

During the foundational period of the Internet the only organization that was responsible for the administration of domain name registrations was DARPA. As the Internet grew in the 1980s, the Whois system appeared with the purpose of administering and looking up domain names, registrants, and other resources related to domain name registration. Still, at that time there was only one organization registering domains, so the system acted as a centralized query-based server. Over time the number of gTLDs significantly increased, which led to complex networks of registrars and related associations; in response, the Whois servers became stronger and less permissive.[3]

How to maintain both a privacy-secure and safe Whois system, and an accurate database for contacts for any domain registrant has been one of the most intractable issues at ICANN. Whois is one of 4 issues areas subject to Independent Review under ICANN's Affirmation of Commitments with the U.S. Government.[4] At ICANN 45 in Toronto, the first opening ceremony address by new ICANN CEO, Fadi Chehadé, he memorably said that the Whois problem should not have been drawn out for 12 years and should not be a difficult problem to solve.[5][6]

In late 2012, a senior executive at ICANN was brought in to focus exclusively on Whois.[4]

Whois Purpose[edit | edit source]

The Internet has become an essential key for commerce activities and a wide source of information for worldwide users, and the Whois represents a database where essential contact information is found and updated.[7] Apart from finding information about the domain name or executing the queries created on the server, the Whois also:

  • Ensures support for security and stability over the Internet
  • Determines a domain name's registration status
  • Ensures restrictive use of information communication technology
  • Enforces laws at the national and international level under the guidance of authorities during investigations
  • Protects intellectual property and trademarks
  • Ensures the right support for organizations in combat against fraud while complying with relevant laws

Whois and ICANN[edit | edit source]

ICANN's requirements for registered domain names state that the extent of registration data collected at the moment of domain name registration can be accessed. That is, ICANN requires accredited registrars to collect and provide free public access, such as a Whois service, to information regarding the registered domain name and its nameservers and registrar, the date the domain was created and when its registration expires, and the contact information for the registered name holder, the technical contact, and the administrative contact.[8]

Whois Protocol[edit | edit source]

The origin of the Whois Protocol is in the ARPANET NICNAME protocol, which was developed based on NAME/FINGER Protocol (discussed in RFC742 from 1977). In 1982, in RFC812, the NICNAME/WHOIS protocol was presented for the first time by Ken Harrenstien and Vic White from SRI International - Network Information Center. While Whois was first used on the Network Control Program, its main use was eventually determined by the standardization of TCP/IP across the ARPNET and Internet.

Whois Replacements/Alternatives[edit | edit source]

Due to shortcomings of the protocol, various proposals exist to augment or replace it. Examples are Internet Registry Information Service (IRIS), the newer proposed IETF working group called WHOIS-based Extensible Internet Registration Data Service (WEIRDS), which developed a REST-based protocol, RDAP.

On September 24, 2020, the GNSO voted to accept the recommendations in the EPDP WHOIS final report over objections from the Intellectual Property Constituency and Business Constituency, the Governmental Advisory Committee, the At-Large Advisory Committee, and the Security and Stability Advisory Committee. In the past, once the GNSO has accepted a report, it was forwarded to the ICANN Board for consideration. However, during ICANN 69, ICANN CEO Goran Marby announced the ODP, which will provide facts and figures to the ICANN Board on implementation costs. This new layer of review is expected to slow down the WHOIS replacement process.[9]

Thick Whois[edit | edit source]

A Thick Whois Server stores complete and accurate information from all registrars regarding registered domain names and their registrants. This information is available to the registry operator and it can facilitate bulk transfers of all domain names to another registrar in the event of a registrar failure. Thick Whois also enables faster queries.[10]

In November 2011, ICANN Staff issued a Preliminary Issue Report on 'Thick' Whois to determine if the GNSO Council needs to conduct a Policy Development Process (PDP) regarding the Whois requirements made of existing gTLDs.[11] The ICANN community was divided on the issue. In a statement, Verisign said that it would "neither advocate for nor against the initiation of a PDP." The company also argued that its Whois model for .com, .net, .name and .jobs is effective but if the internet community and its customers believed that thick Whois is better, it will respect and implement the policy. The Intellectual Property Constituency supported Whois implementation. The constituency believed that it would help prevent abuses on intellectual property rights and consumer fraud. [12] On the other hand, Wendy Seltzer of the Non-Commercial Users Constituency (NCUC) expressed her concern over the impact of further Whois expansion on privacy rights. She pointed out that "Moving all data to the registry could facilitate invasion of privacy and decrease the jurisdictional control registrants have through their choice of registrar."[13]

In February 2012, the GNSO Council postponed its decision to determine if it was necessary for Verisign to implement the thick Whois database on .com and all the other gTLDs under its management. The Policy Development Process regarding the issue was also delayed due to the request of the NCUC. All registry operators except Verisign were required to implement Thick Whois.[14] In August 2012, the GNSO Council, along with two other ICANN constituencies, sent a letter to ICANN chastising it for its decision to not require Verisign to implement Thick Whois for the .com TLD.[15]

On February 7, 2014, the ICANN Board adopted Consensus Policy recommendations from the GNSO Thick WHOIS Working Group which led to the WHOIS Transition Policy for all gTLD registries. This policy required that registries begin accepting Thick registration data from registrars for .com, .net, and .jobs names on November 30, 2019; that all new domain name registrations be Thick by May 31, 2020; and that all relevant registration data for existing domain names be migrated from Thin to Thick by November 30, 2020. Then Verisign and the Registrar Stakeholder Group reached an impasse over the European Union's General Data Protection Regulation's impact on data processing and the new requirements and obligations imposed on registrars. Verisign asked for an extension, and after months of conversation between the GNSO and the ICANN Board, the contractual compliance enforcement of the transition to thick RDDS was deferred (for the fifth time).[16]

References[edit | edit source]


External links[edit | edit source]