<<< Date Index >>>     <<< Thread Index >>>

[council] Security and Stability Advisory Committee's Whois Recommendation



To the GNSO Council:

The Security and Stability Advisory Committee has released a
recommendation on Whois, which appears relevant to the GNSO's ongoing
work on this topic. The following note from Steve Crocker, chair of the
committee, introduces the paper.

Louis Touton

-----------------------------------------------------------------------
    Security and Stability Committee Releases Whois Recommendation

The ICANN Security and Stability Committee has developed a
recommendation regarding the Whois protocol and I wanted to take this
opportunity to call your attention to it.

Whois has traditionally been used by the Internet community to identify
and provide information for contacting the person or organization
responsible for administering an Internet resource (identified by an IP
address or domain name). This has been successfully used in a
cooperative manner for situations such as informing the person or
organization of inappropriate use of the resource (security), or
misconfiguration of the resource (stability). Whois information is thus
important for the security and stability of the Internet, as the
administration and control of Internet resources is widely distributed
and Whois is used to contact the administrators of Internet resources of
security and stability issues.

Whois is also used for other purposes, including

  * by registrars to authenticate transfers
  * by the intellectual property community
  * by individual Internet users to complain to an administrator of a
    resource upon receipt of SPAM mail
  * by business users for marketing

The Whois task force within the GNSO is reviewing Whois issues from the
perspective of all its uses. The Security and Stability Committee has
reviewed WHOIS purely for its use to contact the administrators of
Internet resources with regard to security and stability issues.

I have attached below the Executive Summary of the recommendation for
your convenience. You will find the complete text here:

In HTML:
http://www.icann.org/committees/security/whois-recommendation-01dec02.htm.

In PDF:
http://www.icann.org/committees/security/whois-recommendation-01dec02.pdf.

We welcome any comments or questions you may have.

Steve Crocker <steve@xxxxxxxxxxxxxxxx>
Chair, Security and Stability Committee <dnssac-comment@xxxxxxxxx>

========================================================================
                          EXECUTIVE SUMMARY
                    of the Whois Recommendation

The port 43 Whois protocol has traditionally been used by the Internet
community to identify and provide contact information for the person or
organization responsible for many Internet resources, for example, a
domain name or an IP address. It has been successfully used in a
cooperative manner for situations such as informing a person or
organization of inappropriate use of their resource (security), or
incorrect configuration of their resource (stability). Whois data is
thus important for the security and stability of the Internet as the
administration and control of Internet resources is widely distributed.

It is essential that Whois data used to provide contact information for
the party responsible for an Internet resource is validated at the time
of a registrant's initial registration and on a regular basis
thereafter. When records can not be validated they must be frozen or
held until they are updated or removed.

In order for Whois data to be readily available it must be both
accessible and usable by automatic tools. To be accessible the Whois
protocol must be updated to support the recent shift in the architecture
to separate the functions of the registry and the registrar. This shift
has made it impractical to support searching and frequently makes it
difficult to find Whois services. To be usable the data returned by
Whois services must in be a common format.

However, being accessible and usable must also protect a registrant's
privacy. Many countries require that personal information is protected
but in addition registrants may wish to discourage the unintended,
undesirable, and otherwise unwanted uses of their Whois data. In
particular, it is widely believed that Whois data is a source of email
addresses for the distribution of spam. Methods must be developed to
discourage the harvesting or mining of Whois information.