You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

What is WHOIS?

WHOIS – not an acronym – is both a protocol and a service.  In internet terms, WHOIS is fairly old having been developed in the mid-1980s. The use of WHOIS today is at a scale and for purposes which were never envisioned by the people who developed it.

When the internet was an academic, technical and military experiment, and the domain name system was in its infancy, WHOIS provided a way for members of that small community  - many of whom knew one another personally - to publish and access details about who was responsible for a particular domain name.  The envisioned use was primarily to enable technical operators to make rapid contact with one another to resolve technical issues.

In the gTLD environment (and the majority of ccTLDs), each and every registered domain name is required to have an accompanying WHOIS record which publishes contact details for the registered name holder (also known as registrant), and other technical data related to the domain.

There are two types of WHOIS record: thick and thin.  Thick WHOIS is mandated for all new gTLDs and for .org and most other legacy gTLDs.  In a thick WHOIS record, all the data is held by the TLD registry. 

Thin WHOIS applies to .com and .net, which together comprise approximately half of all gTLD registrations.  In a thin WHOIS environment, the registry only holds details of the domain name, the registrar, nameservers and certain technical information; the registrar holds the contact information for the registrant, administrative, technical and billing contacts.

For more information about how WHOIS developed:

https://www.icann.org/en/system/files/files/final-report-11may12-en.pdf (p4 ff)

The anatomy of a WHOIS record

Here is a thick WHOIS record, annotated to show the different elements:

Here is an example of a thin WHOIS record.  To obtain contact details for the registrant and other contacts, it is necessary to perform an initial WHOIS search to identify the registrar, followed by a second WHOIS search with that registrar.

Who uses WHOIS, and for what purpose?

  • Registries and registrars are contractually obliged to maintain, update and publish WHOIS data.  Registrars and registries also rely on WHOIS data when transferring domain names between registrants and registrars.
  • Law enforcement and others enforcing private law rights (such as intellectual property rights) rely on WHOIS data to identify and/or serve legal process on those who have registered a domain name
  • Domain name registrants rely on WHOIS to check that their details are up to date and correct, to buy or sell domains, and as a public record of their registration.
  • Internet users rely on WHOIS look ups to identify the person or entity responsible for a domain name.

This is a non-exhaustive list.  For a more detailed analysis see Expert Working Group report, chapter III

Policy issues arising from WHOIS

WHOIS has been a contentious issue ever since ICANN was established in 1998.  It has proved highly challenging to achieve consensus on WHOIS issues within the ICANN community.  This is because there are competing, legitimate interests on several sides.  Discussions relating to WHOIS focus around the following issues:

  • Inaccuracy: given that WHOIS is an authoritative record of domain name registrations, and the reliance placed on it by some stakeholders, it is important that the records can be relied upon. However, the data is inputted by many actors, over whom there is limited control by the industry – so, ensuring accuracy is a challenge.
  • Security vs privacy:  WHOIS surfaces classic policy tensions around privacy and security.  Law enforcement and others have a legitimate reason to expect immediate access to accurate WHOIS data, particularly in serious crime or threat-to-life situations. Meanwhile, for private individuals, the publication of their name, address, phone, fax and email published has an impact on fundamental rights of respect for privacy and family life.
  • Availability and transparency: a significant portion of domain registrants hide their contact details behind proxy or privacy registrations. The existing WHOIS format does not provide a consistent mechanism for recording privacy/proxy registrations, nor is there a consistent process for revealing underlying registrant details in response to legitimate requests. Privacy/proxy registrations add delay to those seeking contact data.  There has been substantial work within the community to identify minimum standards for privacy/proxy registrations.
  • Fitness for purpose: WHOIS is an old protocol and service. It is being used on a scale and in ways that were not envisioned by its original creators.  The ICANN community has been engaged in developing successor directory services that would meet the needs of today’s and tomorrow’s internet users.

The legitimate positions of different stakeholders

ICANN community members who have experience in engaging in policy discussions relating to WHOIS will confirm that it can be a frustrating process.  In part, this is because there are legitimate but competing interests from different sections of the community, and the stakes are high.  This section summarises the positions taken by different stakeholders and gives a little detail on why those positions are taken:

 

Stakeholder

Position

Why?

Law enforcement

Intellectual property rights holders

Immediate access

Free of charge

Accurate data

Predictable and consistent reveal mechanisms for privacy/proxy

Minimisation of privacy/proxy

Reliance on data for investigation of criminal activity and/or infringement of rights

Lack of alternative data sources

Immediate response required in emergencies

Individual registrants

Respect to privacy and family life – intrusion is not necessary or proportionate

Minimise spam and direct marketing

 

 

Most domains cause no problems at all with law enforcement or IP rights. 

Publication of full contact details creates problems with spam, phishing and scams.

For a minority, there are potential risks to life in having published contact details

Registries and registrars

Avoid major system changes

Ensure interoperability of systems

Ensure key data remains available to enable transfers

Changes to technical systems are costly and time consuming. 

WHOIS is a low-level service  and protocol which is called upon by many systems, therefore small changes can have unintended impacts.

Margins in registrar industry are tight and the costs of compliance are high

The future of WHOIS – registration directory services

While it is difficult to obtain consensus on many of the details relating to WHOIS, there does seem to be a prevailing view that WHOIS as a service is no longer fit for purpose and should be replaced.  Here are some links to ongoing work.

-        RDAP

-        Privacy/proxy

-        Reviews, studies and proposals

However, starting again from scratch is going to be a challenge.  WHOIS records affect more than 150 million gTLD domain names, and WHOIS lookups are programmed into numerous workflows (such as domain name registration).  Whatever the outcome of a replacement service, there will remain a substantial legacy problem to resolve.  Any system which performs the same function – ie publishing authoritative data relating to domain name registraitons – is likely to raise similar policy issues as are covered in this note.

 

  • No labels