Skip to main content
Resources

Message from Steve Cocker, Chair of Security and Stabiity Committee, to ICANN Board

To the ICANN Board:

The ICANN Security and Stability Committee has developed a recommendation regarding the Whois protocol and I wanted to take this opportunity to call your attention to it.

Whois has traditionally been used by the Internet community to identify and provide information for contacting the person or organization responsible for administering an Internet resource (identified by an IP address or domain name). This has been successfully used in a cooperative manner for situations such as informing the person or organization of inappropriate use of the resource (security), or misconfiguration of the resource (stability). Whois information is thus important for the security and stability of the Internet, as the administration and control of Internet resources is widely distributed and Whois is used to contact the administrators of Internet resources of security and stability issues.

Whois is also used for other purposes, including

  • by registrars to authenticate transfers
  • by the intellectual property community
  • by individual Internet users to complain to an administrator of a resource upon receipt of SPAM mail
  • by business users for marketing

The Whois task force within the GNSO is reviewing Whois issues from the perspective of all its uses. The Security and Stability Committee has reviewed WHOIS purely for its use to contact the administrators of Internet resources with regard to security and stability issues.

I have attached below the Executive Summary of the recommendation for your convenience. You will find the complete text here:

In HTML: http://www.icann.org/committees/security/whois-recommendation-01dec02.htm.

In PDF: http://www.icann.org/committees/security/whois-recommendation-01dec02.pdf.

We welcome any comments or questions you may have.

Steve Crocker <steve@stevecrocker.com>
Chair, Security and Stability Committee <dnssac-comment@icann.org>


EXECUTIVE SUMMARY
of the Whois Recommendation

The port 43 Whois protocol has traditionally been used by the Internet community to identify and provide contact information for the person or organization responsible for many Internet resources, for example, a domain name or an IP address. It has been successfully used in a cooperative manner for situations such as informing a person or organization of inappropriate use of their resource (security), or incorrect configuration of their resource (stability). Whois data is thus important for the security and stability of the Internet as the administration and control of Internet resources is widely distributed.

It is essential that Whois data used to provide contact information for the party responsible for an Internet resource is validated at the time of a registrant's initial registration and on a regular basis thereafter. When records can not be validated they must be frozen or held until they are updated or removed.

In order for Whois data to be readily available it must be both accessible and usable by automatic tools. To be accessible the Whois protocol must be updated to support the recent shift in the architecture to separate the functions of the registry and the registrar. This shift has made it impractical to support searching and frequently makes it difficult to find Whois services. To be usable the data returned by Whois services must in be a common format.

However, being accessible and usable must also protect a registrant's privacy. Many countries require that personal information is protected but in addition registrants may wish to discourage the unintended, undesirable, and otherwise unwanted uses of their Whois data. In particular, it is widely believed that Whois data is a source of email addresses for the distribution of spam. Methods must be developed to discourage the harvesting or mining of Whois information.

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."