workshop on the technical evoluon of the whois service · 2016. 12. 6. · whois protocol • also...
TRANSCRIPT
WorkshopontheTechnicalEvolu4onoftheWhoisService
ICANNMee(ng,Cartagena,Colombia
EliseGerich
11:00–12:00pm9December2010,Barahona3Room
Agenda
• Introduc4on(KurtPritz)• Background(EliseGerich)• TechnicaldeficienciesofWHOIS(HaraldAlvestrand)
• Staffanalysis(FranciscoArias&SteveSheng)
• CommunityDiscussion
2
KurtPritzSeniorVicePresident
ofStakeholderRela(ons
ICANN
3
EliseGerichVicePresident
IANA
4
5
Whois(orWHOIS)inICANNDebateCouldMean:
TermsUsedInThisPresenta@on
TheWHOISprotocol‐RFC3912 WHOISprotocol
TheWhois"service"‐boththeWHOISprotocolandWeb‐basedWhois
WhoisService
Thedatacollectedatregistra4onandmadeavailabletousers
DomainRegistra4onData
Terminology
WHOIS protocol • Alsoknownasport‐43Whois• SpecifiedinRFC3912• Clientsendsarequestinoneline
(newlineendstherequest)• Serversendstheresponse
(mul4line)andclosesconnec4on• Forhistoricreasons,WHOISlacks
manyoftheprotocoldesignaYributesthatwouldbeexpectedfromanymodernprotocol
6
Web-based Whois Service
• Offeredbyregistries,registrarsandRIRs
• Usuallyinsimilar‐lookingoutputtoWHOISbutinHTML;moreuser‐friendly
• SomeR*sofferaricherfunc4onality,takingadvantageofWebcapabili4es
7
Domain registration Data
• gTLDRegistryAgreements,RAAspecifywhatshouldbeincludedandpublished
• EachccTLDandRIRhasitsownsetofdatatopublish
• Typicallycovers:thecontactsassociatedwiththeresource(domain,IPblock,etc.)andDNSservers,ifapplicable
8
HaraldAlvestrandGoogle,
BoardofDirectorsatICANN,Unicode,andNorid(.no)
9
Whois Service requirements
• InMay2009theGNSOcouncilrequestedaninventoryofWhoisServiceRequirements
• FinalreportincludesinputfromALAC,GNSO,SSAC,andcommunityinput
10
Problems with WHOIS protocol • Lackofstandardiza4onin
query,outputanderrormessages
• Lackofsupportforinterna4onalizedregistra4ondata(IRD)anddomains(IDN)
• Lackofauthen4ca4onandaccesscontrolmechanismstoDomainRegistra4onData
Lack of Standardization • TheWHOISprotocol(RFC3912)does
notdefinequeryformatsorencoding,hasnostructureforrepliesanderrormessages
• Suchdecisionsareleftotheregistrars,registriesandRIRs.Thisresultsindifferentquerysyntaxes,outputformats,characterencodings,anderrormessages
• Nega4veimpactonuserexperienceandlegi4mateuseofautoma4on
• Nodefenseagainstillegi4mateharves4ng
Lack of Support for IRD and IDN
WHOISwasdefinedforASCIIonly
Exis4ngdeploymentisinconsistentwithregardtocharactersets
Interna4onaliza4onandIDNsmakethisdifficultyimportant
Lack of Authentication and Access Control
• WHOIShasnoplacetoputanusername,andnoauthen4ca4onmechanism
• Thelackofauthen4ca4onmechanismsmakesadop4onofaccesscontrols,audi4ng,orprivacymeasuresimpossible
SteveSheng&FranciscoAriasICANNTechnicalStaff
15
Outline
• PossibleSolu4ons• ComparisonofOp4ons
• Nextsteps
16
Possible Solutions
A. ExtendtheWHOISprotocolC. MigratetoInternetRegistry
Informa4onService(IRIS)
D. MigratetoRESTfulWHOISService(RWS)
E. Other?
Extending WHOIS • ArevisedandextendedWHOIS
specifica4oncouldbedeveloped.• Specifica4onwouldincludeversion
selec4on,queryandresponseformats,errormessages,mechanismforsignalingcharacterencoding,etc.
• Authen4ca4onandaccesscontrolmechanismscanalsobeaddedasextensionstoWHOIS,butprobablywithconsiderableeffort.
IRIS protocol
• Atthe4me,developedasasuccessortoWHOIS
• Requiresspecializedclientandserver
• UsesXMLencodingforqueriesandresults
19
Migrating to IRIS
AddressesthedeficienciesofWHOISby
• UsingXMLencodingforbothqueryandresponsetosupportmul4plelanguages;
• Specifyingawell‐definedstructureforqueryandresultsets;
• Suppor4ngauthen4ca4onandaccesscontrolinitsapplica4on‐transportlayerprotocol
RESTful Whois (RWS)
• Web‐basedWhois(usesHTTP)andconformstotheRESTarchitecturalapproach
• CanbequeriedusingWebbrowsersorcommand‐linetools
• QueriesexpressedasanURI/URL,e.g.,hYp://whois.tld/dom/icann.tld
• ResponsesinXMLandHTML
21
Migrating to RWS
AddressesthedeficienciesofWHOISby:
• UsingXML/HTMLforresponsessupportsmul4plelanguages(characterencodings)
• Specifyingawell‐definedstructureforresultsets
• HTTP,thetransportforRWSalreadysupportsauthen4ca4onandaccesscontrol
Summary of Analysis • ExtendingWHOIScanaddressthetechnical
deficiencies,butrequiressignificantchangetotheprotocol,whichwouldleavetheclientbaseobsolete.
• IRIShasthemostfeaturesandiseasilyextensible,butitiscostlytoimplementandtherearenoreadilyavailableresources.
• RWShasanumberoffeaturesthataddressesthedeficienciesofWHOIS,isextensibletoaccommodatefutureimprovements,andcanbeachievedatareasonablylowcost.ItwouldintegratecurrentWHOISwithweb‐basedWhois.• Produc4onRWSfromARIN• Pilotimplementa4onsfromRIPEandICANN
Next steps
Staffisseekingfeedbackfrom:• Whoisusers,
• Registries(gTLDsandccTLDs),• Registrars,• RIRs,and
• Otherinterestedpar4es
Questions i. Havewecorrectlysummarizedthe
problemsofWHOISprotocol?Arethereanyothertechnicalproblemsoftheprotocolthatwemissed?
ii.Havewecorrectlyiden4fiedthepoten4alsolu4onspace?Arethereanyotherviablesolu4onsthatwehavenotiden4fied?
iii.Forthesolu4onsthatweiden4fied,isouranalysiscorrect?Arethereanyotherfactorswedidnotiden4fy?
iv.Whichofthethreeiden4fiedop4onsisthemostadequateandwhy?
Thank You and Questions
Backupslides
Extending WHOIS considerations • Uncertain4esinStandardiza4on:• TheproposedWHOISreplacement
(IRIS)protocolhasalreadygonethroughtheIETFprocess
• BackwardCompa4bility:• Extendingtheprotocolrequiresa
methodofsignaling“version”toensurebackwardcompa4bility
• Obsoleteclientbase:• Upda4ngtheprotocolwouldrequire
theuseofnewclientstoaccesstheWhoisdata
Migrating to IRIS considerations • Complexprotocol:• Threelayers:registry‐specific(domain
names,IPaddresses,etc.),commonregistry(IRIS),andapplica4on‐transport(BEEP,IRIS‐LWZ,XPC)
• Requiresnotwell‐knowntransportprotocol
• Lackofadop4on:• Noavailableclientimplementa4onsof
thefullIRISprotocol• NofullIRISserverimplementa4ons
availableforuse,fromeitheropen‐sourceorcommercialdevelopers
Migrating to RWS considerations
• RWSisnotstandardizedyetandvariousimplementa4onsmayhavedifferingspecifica4ons
• Unclearwhetherthereissufficientstakeholderinteresttopursuedevelopmentofatechnicalstandard
Comparison of Options
• AvailableFeatures• Cost• Extensibility• ReadilyAvailableResources
Available Features
• ExtendingWHOIScanaddressthedeficienciesiden4fied,butwouldrequiresignificantprotocolchange
• IRISoffersmostfeaturesavailable
• RWScanaddressallthedeficienciesinWHOISoncestandardized,andoffersagoodnumberofaddi4onalfeatures
Costs • ThecostofextendingWHOISincludes
standardiza4on,aswellasupda4ngclientsandservers
• Duetothelackofavailableclientandserverimplementa4onsforIRISandthecomplexityoftheprotocol,implemen4ngIRISislikelytobecostlyforregistrarsandregistries
• RWSislikelytobelesscostlythanIRISorextendingWHOIS,duetothewideavailabilityofclients,wellknownandwidelyadoptedarchitecturalstandard(web‐basedWhoisisalreadyoffered)
Extensibility
• ExtendingWHOISisdifficult• IRISisalayeredprotocoland
eachlayercanbeextended.SimilarcasecanbemadeforRWS
• BothIRISandRWSarebasedonXMLschemaandsupportversioning,sothedatamodelcanbeeasilyextended
Readily Available Resources • Theexis4ngWHOISclientislikelyto
bemadeobsoleteoncetheprotocolisupdated,thereforerequiringneworupdatedclient.
• TherearenoIRISclientsavailable,IRISusesnotwell‐knownprotocolsfortransport;thereforefewpeoplewouldknowhowtowriteaclient.
• RWScanusethewebbrowserandcommand‐linetools,suchascurlandwgetasclients,itcanalsobenefitfromexis4ngtechnologytoimplementload‐balanceservers,cacheanswerstominimizenetworktraffic,etc.