draft inventory of whois service requirements
play

Draft Inventory of WHOIS Service Requirements Margie Milam, Steve - PowerPoint PPT Presentation

Oct 03, 2022 •38 likes •348 views

Draft Inventory of WHOIS Service Requirements Margie Milam, Steve Sheng ICANN Background The GNSO Council requests that Policy Staff, with the assistance of technical staff and GNSO Council members as required, collect and organize a

  1. Draft Inventory of WHOIS Service Requirements Margie Milam, Steve Sheng ICANN

  2. Background The GNSO Council requests that Policy Staff, with the assistance of technical • staff and GNSO Council members as required, collect and organize a comprehensive set of requirements for the WHOIS service policy tools . These requirements should reflect not only the known deficiencies in the current service but should include any possible requirements that may be needed to support various policy initiatives that have been suggested in the past. The synthesis of requirements should be done in consultation with the SSAC, • ALAC, GAC, the ccNSO and the GNSO and a strawman proposal should be prepared for these consultations. The Staff is asked to come back with an estimate of when this would be possible. 2

  3. Goals • To collect and organize a set of requirements for community consideration including – Current features identified as needing improvement – features to support various, past policy proposals – features recommended by ICANN SOs, ACs, community 3

  4. Goals • “Requirements” means technical requirements – NOT gathering policy requirements NOT recommending policy • Take “tiered-access” as an example – Policy requirement: Law enforcement should have to access to XYZ data in WHOIS – Operational requirement: Who is law enforcement? How to certify law enforcement entities? – Technical requirement: What technology needs to be implemented to ensure tiered access? 4

  5. Terminology WHOIS service: - WHOIS clients (port 43, Web-based, legitimate automation clients) - WHOIS servers - WHOIS data 5

  6. Preliminary Compilation includes: • Mechanism to find authoritative Whois servers • Structured queries • Standardized set of query capabilities • Well-defined schema for replies • Standardized errors 6

  7. Preliminary Compilation cont’d • Quality of domain registration data • Internationalization • Security • Thick vs. Thin WHOIS • Registrar abuse point of contact 7

  8. Mechanism to find authoritative WHOIS servers Not easy to find out an updated list of domain names and IP addresses of authoritative WHOIS servers Clients use a combination of heuristics, hardwired tables, DNS SRV records, etc Problematic for new gTLDs, and legitimate automation clients 8

  9. Mechanism to find authoritative WHOIS servers • R1: Provide a publicly accessible and machine parseable list of domain names or IP locations of WHOIS servers operated by ICANN accredited registrars, gTLD registry operators, ccTLDs operators, and regional internet registries (RIRs) 9

  10. Structured queries • Server applications vary with respect to format of query data e.g. To query AS number – ARIN: whois -h whois.arin.net a 6 – RIPE: whois -h whois.ripe.net -Taut-num as7 e.g. To control IDN responses: – .DK: --charset=latin-1 – .JP : /e – .DE: -c UTF-8 10

  11. Structured queries • R2: Define a standard query structure that clients can implement and that all gTLD registries and ICANN accredited registrars will support 11

  12. Standardized Set of query capabilities • Past GNSO and SSAC reports have called for expanded query capacities beyond domain names • Some registries have expanded search capabilities • R5: Permit users to submit not only domain names as arguments to search functions but other registration data elements as well 12

  13. Structured responses No standardized format for data that registrars and registries return in responses to WHOIS queries 13

  14. Structured responses • R3: Define a standard data structure for WHOIS responses • R3: Contain and uniquely identify the data elements that must be returned in a manner that assures there is no ambiguity across elements, correct syntax, and correct semantics 14

  15. Standardized errors No standard set of error messages is defined for Whois servers, and Whois servers may handle errors differently Lack of standard error introduces ambiguity and confusion 15

  16. Standardized errors • R4: Define a set of standardized error messages and standard handling of error conditions • Examples – queries exceeding the limit – no records found – unable to process query 16

  17. Quality of domain registration data Is the data accurate? Is the data useful or relevant? Are the collected data current? 17

  18. Barriers to WHOIS accuracy • Privacy Considerations • Stealth, intentional deception • Little or no corroboration of submitted data • User error 18

  19. Relevant of WHOIS data Certain registration data are not as useful today as they were 20 years ago A future Whois data model should accommodate extensibility and changeability 19

  20. Quality of domain registration data • R6: Adopt a structured data model for WHOIS data that provides extensibility and changeability properties 20

  21. Internationalization • No standard exists today for handling the submission and display of registration data from local languages and scripts • Some Whois applications or services – May not support domain names in U-labels, – Cannot accept or display when characters from sets other than US-ASCII7 are used, and – Display in local encodings rather than Unicode, so terminals must be set to correct encodings beforehand 21

  22. Internationalization • Deferring to the IRD-WG on their recommendations 22

  23. Security Current WHOIS requiring no identity assertion, credentialing, or authentication 23

  24. Need for security • Provide mechanisms to protect the privacy of registrants • Discourage harvesting and mining • Providing differentiated access 24

  25. Security frameworks Authentication Access Control Auditing 25

  26. Security • Define an authentication framework for WHOIS that is able to accommodate anonymous access as well as verification of identities using a range of authentication methods and credential services • Whois services should support an authorization framework that is capable of implementing granular (per registration data object) permissions (access controls) • Define a framework and baseline set of metrics that can accommodate future policy development for auditing of Whois access 26

  27. Registrar abuse point of contact Registrars and registries should provide and publish abuse point of contact information as an element of a domain registration record 27

  28. Next steps • Released draft WHOIS Requirements Report in March 2010 • Conducting overview Webinars (April, May 2010) • Are now consulting with SOs and ACs on the draft report, will incorporate their input (April and May 2010) • Release final report by June 2010 28

  29. We value your feedback Have we adequately identified the origins of each requirement? Did we miss any important requirements of or improvements to WHOIS that have been discussed to-date? 29

  30. Thank you

  31. Questions 31

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Technical Evolution of the Whois Service Preliminary Draft, 15 November 2010 Executive Summary

Technical Evolution of the Whois Service Preliminary Draft, 15 November 2010 Executive Summary

Technical Evolution of the Whois Service Preliminary Draft, 15 November 2010 Executive Summary This preliminary discussion paper, prepared by ICANN staff, analyzes the technical shortcomings of the current Whois service 1 and identifies three

252 views • 8 slides
A RESTful Web Service for Whois Andy Newton Chief Engineer, ARIN My Background on Whois

A RESTful Web Service for Whois Andy Newton Chief Engineer, ARIN My Background on Whois

A RESTful Web Service for Whois Andy Newton Chief Engineer, ARIN My Background on Whois Prototyped an LDAP alternative to Whois (RFC 3663) Principal author of CRISP (IRIS) documents RFC 3707, RFC 3981, RFC 3983, RFC 4698, RFC 4991,

558 views • 34 slides
Managing Service Inventory NKFUST Reasons to Hold Inventory Inventory Models ABC

Managing Service Inventory NKFUST Reasons to Hold Inventory Inventory Models ABC

Shin Ming Guo Managing Service Inventory NKFUST Reasons to Hold Inventory Inventory Models ABC Classification News Vendor Problem Hospitals and Inventory Management Control Barcodes and computers keep track of every

424 views • 15 slides
Service Requirements for Optical VPNs <draft-ouldbrahim-ovpn-requirements-00.txt>

Service Requirements for Optical VPNs <draft-ouldbrahim-ovpn-requirements-00.txt>

Service Requirements for Optical VPNs <draft-ouldbrahim-ovpn-requirements-00.txt> Hamid Ould-Brahim (Nortel Networks) Yakov Rekhter (Juniper Networks) Luyuan Fang (AT&T) Yong Xue (UUNET/WorldCom) Ananth Nagarajan (Sprint)

247 views • 7 slides
Development of Open Source RESTful WHOIS Linlin Zhou Why We Need a New WHOIS Protocol WHOIS

Development of Open Source RESTful WHOIS Linlin Zhou Why We Need a New WHOIS Protocol WHOIS

Development of Open Source RESTful WHOIS Linlin Zhou Why We Need a New WHOIS Protocol WHOIS Protocol (RFC 3912) has problems WHOIS has never been internationalized WHOIS was defined for ASCII only WHOIS also has no data model The

316 views • 15 slides
Managing Service Inventory NKFUST Reasons to Hold Inventory Inventory Models News

Managing Service Inventory NKFUST Reasons to Hold Inventory Inventory Models News

ShinMing Guo Managing Service Inventory NKFUST Reasons to Hold Inventory Inventory Models News Vendor Problem ABC Classification Who Cares About a Surplus? In North America, the loss from overstocks in the region is estimated

404 views • 18 slides
Inventory System Ken Dawson The current inventory/orders database Requirements for a new

Inventory System Ken Dawson The current inventory/orders database Requirements for a new

School of Informatics University of Edinburgh Inventory System Ken Dawson The current inventory/orders database Requirements for a new inventory system Orders as structured data An XML document type for an order Some benefits

427 views • 17 slides
IAS 2: Inventory IAS 2: Inventory (Students names removed) IAS 2: Inventory Agenda Agenda

IAS 2: Inventory IAS 2: Inventory (Students names removed) IAS 2: Inventory Agenda Agenda

IAS 2: Inventory IAS 2: Inventory (Students names removed) IAS 2: Inventory Agenda Agenda Inventory basics I t b i Major requirements of IAS 2 Similarities and Differences to US GAAP Measurement example Comparison to

591 views • 34 slides
Service Requirements for Provider Provisioned Virtual Private Networks (PPVPN)

Service Requirements for Provider Provisioned Virtual Private Networks (PPVPN)

Service Requirements for Provider Provisioned Virtual Private Networks (PPVPN) draft-ietf-ppvpn-requirements-00.txt Presented by Dave McDysan March 23, 2001 Service Requirements for PPVPNs 1 Authors M. Carugi (Co-Editor) France Telecom D.

260 views • 14 slides
DRAFT 2019 Pennsylvania Greenhouse Gas Emission Inventory Climate Change Advisory Committee

DRAFT 2019 Pennsylvania Greenhouse Gas Emission Inventory Climate Change Advisory Committee

DRAFT 2019 Pennsylvania Greenhouse Gas Emission Inventory Climate Change Advisory Committee December 10, 2019 Tom Wolf, Governor Patrick McDonnell, Secretary GHG Emission Inventory State Inventory Tool: Made available on November 5,

455 views • 21 slides
WHOIS Taxonomy Jim Galvin, SSAC Vice Chair 1 Status WHOIS has been discussed for over 10

WHOIS Taxonomy Jim Galvin, SSAC Vice Chair 1 Status WHOIS has been discussed for over 10

WHOIS Taxonomy Jim Galvin, SSAC Vice Chair 1 Status WHOIS has been discussed for over 10 years. The SSAC has issued 5 advisories. From the AoC: ICANN commits to "enforcing its existing policy relating to WHOIS, subject to

270 views • 9 slides
Draft Shared Use Paths Inventory and Detailed Maintenance Plan Presented to the Revenue and

Draft Shared Use Paths Inventory and Detailed Maintenance Plan Presented to the Revenue and

Draft Shared Use Paths Inventory and Detailed Maintenance Plan Presented to the Revenue and Transportation Interim Committee 12/1/2015 Purpose House Bill 604, as passed, requires the following: compile an inventory of all multiuse

381 views • 14 slides
Next-Generation gTLD Registration Directory Service (RDS) to replace WHOIS ICANN57 F2F Meeting

Next-Generation gTLD Registration Directory Service (RDS) to replace WHOIS ICANN57 F2F Meeting

Next-Generation gTLD Registration Directory Service (RDS) to replace WHOIS ICANN57 F2F Meeting Slides RDP PDP WG | ICANN58 | 11 March 2017 Agenda 2 3 1 Introductions PDP Work Plan, PDP Working & SOI Updates Progress, &

785 views • 37 slides
U.S. Forest Service Forest Service U.S. Forest Inventory and Analysis Forest Service Research

U.S. Forest Service Forest Service U.S. Forest Inventory and Analysis Forest Service Research

U.S. Forest Service Forest Service U.S. Forest Inventory and Analysis Forest Service Research & Development This overview provides a summary of various activities of FIA that are of critical importance to National Forest Systems.

871 views • 27 slides
Inventory Management . 1 OVERVIEW Inventory Management Introduction Objectives Opposing

Inventory Management . 1 OVERVIEW Inventory Management Introduction Objectives Opposing

Inventory Management . 1 OVERVIEW Inventory Management Introduction Objectives Opposing Views of Inventory Nature of Inventory Factors Affecting Inventory Costs in Inventory Inventory Categories - Special Considerations 2013 2

1.34k views • 117 slides
requested WHOIS studies Liz Gasster Senior Policy Counselor February 2011 Goals of WHOIS

requested WHOIS studies Liz Gasster Senior Policy Counselor February 2011 Goals of WHOIS

Update report on GNSO- requested WHOIS studies Liz Gasster Senior Policy Counselor February 2011 Goals of WHOIS studies WHOIS policy has been debated for many years Many competing interests with valid viewpoints GNSO Council

313 views • 7 slides
May 27, 2010 1.0 General Provisions 1.0 General Provisions 1.3 Effective Date 1.3 Effective

May 27, 2010 1.0 General Provisions 1.0 General Provisions 1.3 Effective Date 1.3 Effective

Update on Revisions to the Delaware Sediment & Stormwater Regulations: Overview of Second Draft Regulatory Advisory Committee Meeting May 27, 2010 1.0 General Provisions 1.0 General Provisions 1.3 Effective Date 1.3 Effective Date

861 views • 68 slides
FY19 Superintendents Recommended Budget Duxbury Public Schools November 15, 2017 The

FY19 Superintendents Recommended Budget Duxbury Public Schools November 15, 2017 The

FY19 Superintendents Recommended Budget Duxbury Public Schools November 15, 2017 The budget process and budget document New format for FY19 Organized into cost centers Executive Summary is a must-read Several exhibits and

463 views • 33 slides
NERC 2017 Business Plan and Budget Final Draft Finance and Audit Committee Meeting August 10,

NERC 2017 Business Plan and Budget Final Draft Finance and Audit Committee Meeting August 10,

NERC 2017 Business Plan and Budget Final Draft Finance and Audit Committee Meeting August 10, 2016 Major Areas of Focus Activities supporting Goals and objectives in the Strategic Plan RISC Priorities Standing Committees

167 views • 15 slides
AS MERKO EHITUS 6 months and Q2 2019 interim report 8 August 2019 Tallink office building in

AS MERKO EHITUS 6 months and Q2 2019 interim report 8 August 2019 Tallink office building in

AS MERKO EHITUS 6 months and Q2 2019 interim report 8 August 2019 Tallink office building in Tallinn Agenda 1. Key Highlights 4. Stock Exchange Overview 2. Business Review 5. Market Outlook 3. Financial Position 6. Strategic Directions 2

679 views • 15 slides
Standardization Kate Mueller, Director of Product Development What we talk about when we talk

Standardization Kate Mueller, Director of Product Development What we talk about when we talk

Standardization Kate Mueller, Director of Product Development What we talk about when we talk about standard- ization Dont try to 8ix a people/ process problem with a technical solution. Treat it like any other project.

559 views • 4 slides
COMMITTEES LEADERSHIP STANDARDIZATION COUNCIL RECRUITING COMMITTEES STAFF ORIENTATION &

COMMITTEES LEADERSHIP STANDARDIZATION COUNCIL RECRUITING COMMITTEES STAFF ORIENTATION &

COUNCIL-APPOINTED COMMITTEES LEADERSHIP STANDARDIZATION COUNCIL RECRUITING COMMITTEES STAFF ORIENTATION & TRAINING COUNCIL PRIORITIES PERIODIC REVIEW COMMUNITY SUPPORT PURPOSE OF THE COMMITTEES STAFF CAPACITY RELEVANCY

297 views • 8 slides
Promoting Student Success through Standardized College Level Math Courses Presented by Texas

Promoting Student Success through Standardized College Level Math Courses Presented by Texas

Promoting Student Success through Standardized College Level Math Courses Presented by Texas A&M University Commerce WENDY GRUVER, DARLA HEATH, JODI OELRICH, JOSHUA PATTERSON, AND PAMELA WEBSTER Reasons for Standardization (Fall 2013

350 views • 12 slides
Standardized Benefit Design Workgroup June 29, 2017 Welcome and Introductions Standing Agenda

Standardized Benefit Design Workgroup June 29, 2017 Welcome and Introductions Standing Agenda

Standardized Benefit Design Workgroup June 29, 2017 Welcome and Introductions Standing Agenda Roll Call Meeting Minutes Approval June 15 Workgroup Membership Updates & Application Period Opening: July 5 July 12 July would be

300 views • 11 slides

More recommend