Unity Registry Logo               Time to re-organise
The Proposal

C17.8. Publicly accessible look up/Whois service. Address software and hardware, connection speed, search capabilities, coordination with other Whois systems, etc.

WHOIS is the tool that is used to query records contained in the .org Database. Initially whilst still operating as a “thin” registry, the Unity Registry WHOIS will only be supplying information equivalent to VeriSign’s current WHOIS service, which is Name Server Registrant and short Domain information. As the transferral to a “thick” registry takes place the amount of data available in the WHOIS will increase (refer to section 18 for more information). WHOIS provides a means for any Internet connected user to send in a restricted set of remote queries on the information contained within our database.

WHOIS clients make a TCP/IP connection to the WHOIS daemon/s that is running on the secondary site application machines. The WHOIS Daemon accepts the connection and collects the query string from the client; it then parses, validates and executes the query on the database, returns the result to the client and then closes the connection. Valid queries that the service can process include requests for information about domain names and their contacts, name servers and registrars.

Certain limits are implemented, there is only one request allowed per connection, one request may produce singular or multiple results. In the case if a singular result (only one matching database object) the entire allowable details (see below) will be returned. However, because partial searches are allowed, one request may result in multiple objects matching, hence the Unity Registry WHOIS service will present a ‘capped’ list of the objects that match requiring the client to restrict their search space and try again, only once the client has narrowed down their search to one object will the full results be returned. The size of this “capped” list is expected to be at 2S records but is subject to alteration according to ICANN policy.

The WHOIS Daemon being used is one that has been developed by AusRegistry to be compliant with RFC 1834 and works concurrently with the AusRegistry EPP Services. It will make use of secondary database as it executes “read only” requests against the replicated database, because this database is a replicated version of the original, updates to domains will be available in the WHOIS almost instantly.

The AusRegistry WHOIS daemon only allows clients to send a certain number of requests in a certain time frame before being temporarily banned from the server, once a client is banned they will be unable to send any queries for a 24 hour period. Public access is limited to 20 requests per hour. Authorized ICANN Registrars will be provided with a hourly query limit of 500. These values are adjustable and dependent upon ICANN policy.


A valid request has the following format:

WHOIS <keyword> <modifier> <search_type> <search_string> <meta_char> \r\n





  FULL, =, SUM, $ or SUMMARY




 Is the string we are searching for


 % or _


Where ‘% matches one or more characters, ‘_’ matches one character only

Unity Registry will use the WHOIS daemon developed by AusRegistry.  This is  a dynamic, high performance, robust, extensible and maintainable WHOIS Daemon.

The WHOIS daemon listens to TCP port 43 (The IANA Assigned who is port refer to RFC954) and listens for requests. It makes use of the protocol handler’s functionality including systems of high and low watermarks to dynamically adjust to the incoming transaction load as described in Section 17.2 on the implementation of EPP.

As with the EPP daemon the WHOIS Daemon is highly tuneable by changing any of the parameters without the need to restart the server. It also makes use of the logger to log all type of information ranging from the IP address connections are coming from to debugging information.

Once the WHOIS handler is invoked it, simply reads the data from the connected socket it is provided until it receives either an EOF, or ‘\r\n’ combination. At this point no more reading is done. It then tokenizes and parses the input it read and attempts to validate it as a valid who is query through the use of a state machine, assuming validation is passed; a database query object is built and sent to the database.

If the query is not validated the WHOIS Daemon will return a response indicating this and then close the socket. The black listing system is maintained via a trigger in the database, with each query received the IP address is stored in the database, and a counter kept. Every hour the black listing table is flushed of entries more then 24 hours old.

When someone’s black list count reaches the maximum the trigger is fired, and this sends an RPC request to the WHOIS machines to instruct the IP tables running on the machine to add the IP address to the drop chain, hence stopping that person from being able to connect again for 24-25 hours. When the database detects IP address to be removed from the black list, it sends another request to the WHOIS servers to remove the IP address from the drop chain hence once again allowing access. Facilities are in place for adding IP address/ranges which will be exempt, or allowed higher limits for WHOIS queries.

Response Format:

The Unity Registry WHOIS daemon will conform to the ICANN standard WHOIS formats, the initial format as currently used by VeriSign for records operating in the “thin” registry, for records which contain “thick” information during the transition process and from then on after will be returned using the format outlined below:


Domain Name

Sponsoring Registrar

Domain Status

Registrant, Administrative, Technical and Billing Contact Information including

Contact ID

Contact Name

Contact Organization

Contact Address, City, State/Province, Country

Contact Postal Code

Contact Phone, Fax, E-mail

Name Servers associated with this domain

Domain Registration Date

Domain Expiration Date

Domain Last Updated Date


Name Server Host Name

Name Server IP Addresses if applicable

Sponsoring Registrar

Name Server Creation Date

Name Server Last Updated Date


Contact ID

Sponsoring registrar

Contact Name

Contact Organization

Contact Address, City, State/Province, Country

Contact Postal Code

Contact Phone, Fax, E-mail

Contact Registration Date

Contact Last Updated Date


Registrar ID (conforming to the IANA registrar-ids registry)

Registrar Name

Registrar Status

Registrar Address, City, State/Province, Country

Registrar Postal Code

Registrar Phone, Fax, E-mail

Registrar Administrative Contacts

Registrar Technical Contacts

Registrar Billing Contacts

Registrar URL (registration services)

Registrar WHOIS Address (WHOIS Services)

Registrar Creation Date

Registrar Last Updated Date


XML data transfer:

Unity Registry will conform to all the requirements of ICANN to provide the WHOIS data in the XML format specified, this data will be available for download by ICANN by the specified time. ICANN will be asked to provide Unity Registry with the IP address of the server they expect to be downloading the data from. No other machines we be allowed access to the data. The data dump will be preformed by defining an Oracle “view” of the WHOIS data, and then dumping that to disk, a fairly simple and relatively quick process.

WHOIS Web Interface

The WHOIS Web Interface provides the public with web based access to the WHOIS database its primary use is just a http wrapper around the WHOIS protocol, it is just an online ‘gateway’ to the port 43 version of WHOIS, no additional information will be available from the web based WHOIS that is not available from the port 43 version (WHOIS Daemon), however it will also include detailed instructions, information, and will present the out put from the WHOIS query in a much more pleasant looking format, it will also make querying the Contact information of a domain, for example, as easy as point and click by hyper linking query-able objects in a WHOIS response.