C17.8. Publicly accessible look up/Whois service. Address software and hardware, connection speed, search capabilities, coordination with other Whois systems, etc.

The UIA Team proposes to provide a robust and reliable Whois service that initially meets the current .org registry service levels but grows far beyond that with the rollout of the ATLAS platform.

Initially, the Whois service currently serving the .org domain would continue. This service is fully compliant with RFC 954 and is currently being provided via servers located in two separate facilities. The uptime rate currently exceeds that of the .org registry database because not all database outages also require a Whois outage. The current five servers are capable of processing 30,000 transactions per minute. The current Whois software can be migrated to any Unix platform. For performance reasons, the servers were upgraded last year from Sun 450s to IBM M80s. The current architecture, being load-balanced between multiple servers at each site as well as balanced between multiple sites, provides not only maximum reliability, but also is highly extensible by simply adding more servers behind the load balancers. The presence of multiple servers, multiple facilities and multiple network providers means that the current service is well protected, not only in the event of an issue within the control of the registry provider, but also for many events outside the control of the registry provider (e.g., an outage of a major Internet bandwidth provider). The current servers are connected to the Internet by multiple OC3 connections (450mb of network bandwidth) at each facility.

The current Whois service has rate-limiting characteristics within the software (e.g., the ability to throttle a specific requestor if the query rate exceeds a configurable threshold). In addition, quality of service (QoS) technology enables rate limiting of queries before they reach the actual servers, which provides protection against DOS and DDOS attacks. The current software also permits restrictions on search capabilities. For example, wild card searches can be disabled. The UIA Team is generally not in favor of restricting searches unless it is clear that the results of the search are being used in ways not beneficial to the .org registrants. It is possible to restrict and/or block individual requestors (i.e., requests coming from specific IP addresses).

With the advent of the ATLAS platform, the UIA Team proposes to introduce a real-time updated Whois service to complement the real-time updated DNS service. The ATLAS platform is discussed in Sections C17.4 and C17.5. With ATLAS in place, both the Whois and the global DNS will be updated within minutes of an RRP transaction being received and processed within the SRS.

According to the Nicname/Whois protocol defined in RFC 954, there is no defined mechanism or method to instruct RFC 954 client software to follow referrals. The current state of referrals using RFC 954 is non-standardized, with many different forms of Whois referrals in use today. This Whois service will use the dominant means of specifying referrals from the Whois server of a domain registry to the Whois server of a domain registrar. To refer client software to domain entries in registrar systems, a single line tagged with the string "Whois Server:" followed by the host name of the respective registrar Whois server. In addition, client software will be provided with a website referral using a line tagged with the string "Referral URL:" followed by an HTTP url to the website of the appropriate registrar.

The UIA Team proposes to migrate existing .org Whois services into the Universal Whois system being carried forward by VeriSign in accordance with Appendix W of VeriSign's .com agreement with ICANN. UIA will also adjust access and transition to both RFC 954 Whois services and Appendix W Universal Whois services as specified by ICANN policy, both future and present. Appendix W. Universal Whois services will offer standardized mechanisms for structured queries and responses, search continuations and entity references, DNS label server location, access controls to address privacy concerns while allowing flexible policies in accordance with law enforcement and property-rights enforcement and a framework for offering network operators a similar mechanism when dealing with the administrative services of routing and address registries.


Back to Table of Contents