Slashdot Mirror

← Back to Stories (view on slashdot.org)

ICANN Working Group Seeks To Kill WHOIS

Posted by Soulskill on from the your-computer-is-broadcasting-an-ip-address dept.

angry tapir writes "An Internet Corporation for Assigned Names and Numbers working group is seeking public input on a successor to the current WHOIS system used to retrieve domain name information. The Expert Working Group on gTLD Directory Services has issued a report that recommends a radical change from WHOIS, replacing the current system with a centralized data store maintained by a third party that would be responsible for authorizing 'requestors' who want to obtain domain information."

11 of 155 comments (clear)

  1. not having read TFA by Tastecicles · · Score: 5, Informative

    Is the submitter trying to tell us that this third party is potentially a commercial venture intended to collect fees on $whois$ queries, which would also be dependent on giving a damn good reason for wanting to know who owns $domain?

    BTW, I think the headline is a: alarmist and b: misleading. It would be better written as "ICANN Working Group seeks to replace WHOIS."

    --
    Operation Guillotine is in effect.
    1. Re:not having read TFA by Samantha+Wright · · Score: 5, Informative

      Here's your answer:

      "Requestors" – people who want to query the data maintained by ARDS – would have to apply for the right to access domain information.

      Basically, they'd be extracting a licensing fee from the current people you go to for WHOIS lookups. Arguably this could be called "killing" WHOIS since it means taking away its... free spirit.

      --
      Bio questions? Ask me to start a Q&A journal. Computer analogies available for most topics!
    2. Re:not having read TFA by black3d · · Score: 5, Informative

      No specific word from the article on charges per se, however I don't think "seeks to kill WHOIS" is alarmist. The plan is to basically remove the WHOIS system, and instead have all the data managed by a "third party", to whom you have to apply to if you want any information on a particular domains ownership, rather than they automated system we have now.

      FTA:
      Access to the 'live' domain records maintained by gTLD registries would also be possible via the ARDS "upon request and subject to controls to deter overuse or abuse of this option". "Requestors" – people who want to query the data maintained by ARDS – would have to apply for the right to access domain information.

      --
      "The true measure of a person is how they act when they know they won't get caught." - DSRilk
    3. Re:not having read TFA by Anonymous Coward · · Score: 4, Informative

      It would be better written as "ICANN Working Group seeks to replace WHOIS."

      "ICANN Working Group seeks to monetize WHOIS..." is probably more accurate.

  2. Horrible for network security... by marciot · · Score: 5, Informative

    As a system admin, I tend to use WHOIS to figure out who is hitting my firewall, or to investigate if traffic is flowing to suspicious domains. Would really suck if WHOIS became a pay service, making it easier for the bad guys to hide.

  3. Re:Did i just read... by gandhi_2 · · Score: 5, Informative

    Once upon a time the US Government was THE Consortion for assigned names and numbers. They were THE registrar.

    They gave it up.

    --
    THL phish sticks
  4. Re:I don't like the sound of this by Sean · · Score: 4, Informative

    Everyone go here and let them know we don't want this.

    https://www.icann.org/en/groups/other/gtld-directory-services/share-24jun13-en.htm

  5. Re:I don't like the sound of this by Sean · · Score: 4, Informative

    dig @a.gtld-servers.net example.com in soa

    If you don't get NXDOMAIN then it's registered.

  6. Having read TFA and the propsal by Frobnicator · · Score: 5, Informative

    They are not talking about blocking all access to the data.

    They propose keeping a good portion of the existing data available through anonymous public requests, exactly the way current WHOIS system works today. The big difference is that there will be a single source; you won't need to do the two-step process currently in place.

    They are also proposing adding additional contact fields that have been frequently requested for WHOIS data.

    They are also proposing limiting access to some data, in particular limiting the data traditionally used to scam people with fake DNS renewals. In particular it does not talk about refusing access, simply limiting the requests to authenticated users to prevent thinks like bulk-searches that scammers frequently use. The report recommends only limited fields require authenticated access, not those used commonly by individuals or by website administrators for abuse mitigation.

    Finally, they are proposing adding new advanced search capabilities that are useful for ISPs (and also private and government surveillance) that are not currently available, but will be very useful for domain abusers spanning many TLDs.

    --
    //TODO: Think of witty sig statement
  7. Re:Did i just read... by Anonymous Coward · · Score: 4, Informative

    Nope--it wasn't the Gummint that kept that data, it was Jon Postel. He may have been supported indirectly by the Feds, but he sure kept his honesty and integrity. Things have sure gone downhill since he died.

    It's a bit ironic, though, that his name wasn't on any of the RFC's relating to whois.

  8. Re:I don't like the sound of this by SAH · · Score: 3, Informative

    What we need is a standard format for WHOIS responses. What we don't need is some monopoly gatekeeper.

    There's IETF work under way to develop standard formats for whois-like queries and responses: http://datatracker.ietf.org/wg/weirds/charter/