Message from Steve Cocker, Chair of Security and Stabiity Committee, to ICANN Board
To the ICANN Board:
The ICANN Security and Stability Committee has developed a recommendation regarding the Whois protocol and I wanted to take this opportunity to call your attention to it.
Whois has traditionally been used by the Internet community to identify and provide information for contacting the person or organization responsible for administering an Internet resource (identified by an IP address or domain name). This has been successfully used in a cooperative manner for situations such as informing the person or organization of inappropriate use of the resource (security), or misconfiguration of the resource (stability). Whois information is thus important for the security and stability of the Internet, as the administration and control of Internet resources is widely distributed and Whois is used to contact the administrators of Internet resources of security and stability issues.
Whois is also used for other purposes, including
- by registrars to authenticate transfers
- by the intellectual property community
- by individual Internet users to complain to an administrator of a resource upon receipt of SPAM mail
- by business users for marketing
The Whois task force within the GNSO is reviewing Whois issues from the perspective of all its uses. The Security and Stability Committee has reviewed WHOIS purely for its use to contact the administrators of Internet resources with regard to security and stability issues.
I have attached below the Executive Summary of the recommendation for your convenience. You will find the complete text here:
In HTML: http://www.icann.org/committees/security/whois-recommendation-01dec02.htm.
In PDF: http://www.icann.org/committees/security/whois-recommendation-01dec02.pdf.
We welcome any comments or questions you may have.
Steve Crocker <steve@stevecrocker.com>
Chair, Security and Stability Committee <dnssac-comment@icann.org>
EXECUTIVE SUMMARY
of the Whois Recommendation
The port 43 Whois protocol has traditionally been used by the Internet community to identify and provide contact information for the person or organization responsible for many Internet resources, for example, a domain name or an IP address. It has been successfully used in a cooperative manner for situations such as informing a person or organization of inappropriate use of their resource (security), or incorrect configuration of their resource (stability). Whois data is thus important for the security and stability of the Internet as the administration and control of Internet resources is widely distributed.
It is essential that Whois data used to provide contact information for the party responsible for an Internet resource is validated at the time of a registrant's initial registration and on a regular basis thereafter. When records can not be validated they must be frozen or held until they are updated or removed.
In order for Whois data to be readily available it must be both accessible and usable by automatic tools. To be accessible the Whois protocol must be updated to support the recent shift in the architecture to separate the functions of the registry and the registrar. This shift has made it impractical to support searching and frequently makes it difficult to find Whois services. To be usable the data returned by Whois services must in be a common format.
However, being accessible and usable must also protect a registrant's privacy. Many countries require that personal information is protected but in addition registrants may wish to discourage the unintended, undesirable, and otherwise unwanted uses of their Whois data. In particular, it is widely believed that Whois data is a source of email addresses for the distribution of spam. Methods must be developed to discourage the harvesting or mining of Whois information.