Network Working Group P Faltstrom Internet-Draft Tele2 Expires: July 25, 2000 M Kosters Network Solutions January 25, 2000 Referal extension to the Whois protocol draft-faltstrom-whois-03.txt Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." To view the entire list of Internet-Draft Shadow Directories, see http://www.ietf.org/shadow.html. The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt This Internet-Draft will expire on July 25, 2000. Copyright Notice Copyright (C) The Internet Society (2000). All Rights Reserved. Abstract This document presents extensions to the Whois protocol output format which enables a possibility for the server to send referal information to the Whois client. This referal mechanism can be used for example in a situation with a registrar/registry model, where the registrars all have their own Whois databases, and together they serve a whole TLD. It can also be used when implementing a root-whois service on top of all whois servers in the world, and this way enable the possibility of creating advanced proxy services. For the latter, a registration procedure is also suggested, where Whois services can be registered. Discussion on this Internet-Draft is to be held on the mailing list ietf-whois-ext@imc.org, which is hosted by the Internet Mail Consortium. To subscribe, send an email to Faltstrom & Kosters Expires July 25, 2000 [Page 1] Internet-Draft Referal extension to the Whois protocol January 2000 ietf-whois-ext-request@imc.org, with the text "subscribe" as the only word in the body of the mail. There is an archive of the mailing list at . Faltstrom & Kosters Expires July 25, 2000 [Page 2] Internet-Draft Referal extension to the Whois protocol January 2000 1. Introduction The whois service[1] as it used today is a pure client-server protocol. There is no means for a client to know what server to query, and no way a server can give back information to a client about other matches at other Whois servers. I.e. there is no way one can with the Whois protocol build distributed Whois services. Several attempts have been made, like Whois++ and RWhois, but the most successful ones have been Whois services which in turn act as proxies, so the client uses the same old Whois protocol, and the server hide the fact that the query from the client is fan out to more than one server in turn. This document is a try to define extensions to the Whois protocol which makes it easier to develop such proxy services. Faltstrom & Kosters Expires July 25, 2000 [Page 3] Internet-Draft Referal extension to the Whois protocol January 2000 2. Background There is an operational need on the Internet to get to know the technical contact for a certain domainname or IP-address. Today, this information is stored in Whois servers, and the clients used are using the Whois protocol to get the data. The whois servers are run by entities responsible for a domain, a block of IP addresses or such. To be able to get information, the client need to know which Whois service do have information about the record queried for. Faltstrom & Kosters Expires July 25, 2000 [Page 4] Internet-Draft Referal extension to the Whois protocol January 2000 3. IANA IANA is responsible for handling out IP-addresses and domainnames in the world. This responsibility is delegated to, regarding domainnames, registries for TLDs, and for IP-addresses the regional registres that exists in the world. Each one of these registries can in turn have delegated the responsibility for delegation, and in some cases this has also implied delegation of responsibility of running a Whois service for that delegated part of the address space, and in some cases not. Especially when a registry in turn have registrars doing registrations and delegations on behalf of the registry, the issue with Whois service for the information becomes complicated. Because of these increased complicated structures of the Whois services in the world, this document suggests some structure to the Whois protocol which makes it possible for IANA and others to implement proxy services on top of all the Whois servers that exist, and will exist in the future. It is extremely important that backward compatibility is kept for whois clients, i.e. we talk in this paper about the protocol between the server holding the information and the proxy, not between the proxy and the Whois client. Faltstrom & Kosters Expires July 25, 2000 [Page 5] Internet-Draft Referal extension to the Whois protocol January 2000 4. Format 4.1 Version Any server using any of these extensions MUST have a line which is the first in the Whois output which reads: % VERSION RFCXXXX The version text is expected to specify what formatting specification this whois server follows. Examples include: RIPE-181, RFC2280, RFC2167 or RFCXXXX. Note to RFC-editor: The text RFCXXXX is supposed to be replaced with the correct RFC number of this document. 4.2 Character set The basic protocol is US-ASCII only. We suggest that a whois service can announce the character set used by using the specific line in the Whois output: % CHARSET UTF-8 (UTF-8 in the example above is just an example) Any character set registered by IANA can be used. Software which is compliant with this extension MUST be able to handle the character set UTF-8. It should be noted that this is an extension to the Whois protocol, which is 7-bit only. The CHARSET statement MUST be present in the whois output before any use of the charset itself. A CHARSET statement MUST NOT be used more than once in each whois response. 4.3 Referral A Whois service can announce a referral by using the specific line in the Whois output: % REFERRAL WHOIS://WHOIS.EXAMPLE.NET/FOO The string after "REFERRAL" is an example of a WHOIS URI. A Whois URI is defined by: Faltstrom & Kosters Expires July 25, 2000 [Page 6] Internet-Draft Referal extension to the Whois protocol January 2000 whoisurl = "whois://" hostport [ "/" whoissrch ] where whoissrch = *uchar 4.4 Copyright A Whois service can provide copyright information regarding the data provided with the Whois service itself through the following message: % COPYRIGHT HTTP://WHOIS.EXAMPLE.NET/COPYRIGHT/ It is recommended that the text in the copyright string should include a URL, and not the copyright statement itself, as in the example above. Faltstrom & Kosters Expires July 25, 2000 [Page 7] Internet-Draft Referal extension to the Whois protocol January 2000 5. Usage of these extensions 5.1 Proxy deployment It is expected that any organization can produce a Whois proxy which understands these extensions. The proxy can using this information both convert character sets and act as a proxy (query more than one server) without the Whois client knowing that the service didn't have the data locally. The proxy service is expected to get initial referral information (i.e. a list of Whois servers to query) from a central repository, IANA. 5.2 Initial feed of referral information IANA is presumed to in the contract with TLD and IP-address registries include enough information so that the registry inform IANA on where the Whois service is located (hostname/portnumber). IANA should publish a list of available Whois servers on it's ftp-site, so any whois proxy service can fetch the latest information at it's will. The format of this list is a number of specifications, one per whois URL construction available. Each one of the specifications create a block. The name of the block is a Whois URI (see below) where constructions "backslash" + "integer" is replaced by parenthesis expressions in the regular expressions existing inside the options of the block, like replacements possible in the Unix command "sed". The options describes the server, or the data residing on it. Examples: whois "whois://whois.example.se/\1" { domain {"(.*\.se)";}; charset "iso-8859-1"; }; whois "whois://whois.example.jp/\1%20charset=us-ascii" { domain {"(.*\.jp)";}; charset "iso-8859-1"; }; whois "whois://whois.example.jp/\1%20charset=iso-3166-jp" { domain {"(.*\.jp)";}; charset "iso-3166-jp"; }; whois "whois://whois.ripe.net/\1" { domain {"(.*ripe.net)";}; Faltstrom & Kosters Expires July 25, 2000 [Page 8] Internet-Draft Referal extension to the Whois protocol January 2000 ip4net {(192.71.0.0/16); (192.72.0.0/16);}; handle {"(RIPE-.*)";}; charset "US-ASCII"; }; More attributes can be added in the future by adding new options. A client MUST accept any options, while only parsing the ones which it is interested in. More than one block might match a query, and other options (such as character set) inside the block might give hints on what server might be interesting to query. 5.3 domain - Domain name information A list of domainnames which this whois server is authoritative for. 5.4 ip4net - IPv4 information A list of IP-address version 4 blocks in CIDR format (IP-address + netmask) which this whois server is authoritative for. 5.5 handle - Whois handles A list of handles which this whois server is authoritative for. 5.6 charset - Character set Specification on what character set this whois server will give output in, also specified via the "% CHARSET" statement in the Whois output. 5.7 Output from proxy service to whois client A proxy service SHOULD give information on the hostname (for example via a URI to the original object) to the Whois service where the record originated from. This so a human parsing the output from the Whois client can reissue the query to this originating Whois service to get more information if he so wishes. 5.8 Registry A Registry Whois service holds from the proxy perspective information about names which is delegated from IANA. The Whois server can be implemented either as a Whois Proxy service, a Whois server or a Whois referral server as described in this paper. Changes on the whois server, for example move of the service from one IP-address to another, have to be reported by the registry to Faltstrom & Kosters Expires July 25, 2000 [Page 9] Internet-Draft Referal extension to the Whois protocol January 2000 IANA, which updates the list of Whois servers. 5.9 Registrar, second level Whois service The second level service can in turn either be a Whois service, a referral server too, or a whois proxy service. It can also be the case that the Registry run the whois service for the whole from IANA delegated block of addresses, and the Registrar reporting changes to the Registry. Faltstrom & Kosters Expires July 25, 2000 [Page 10] Internet-Draft Referal extension to the Whois protocol January 2000 6. IANA Considerations IANA is to keep track of all registered Whois servers, in the format described above. The complete list of registered servers should be possible to access routinely via for example HTTP and FTP so an automatic update of whois proxies can be done on a regular basis. Registrations of these whois servers is assumed to be taken care of at the same time as a registry for a TLD is allocated, so the procedures for registering and update information about Whois servers should be migrated into the process of registering and updating registries for TLDs. Faltstrom & Kosters Expires July 25, 2000 [Page 11] Internet-Draft Referal extension to the Whois protocol January 2000 7. Security Considerations The Whois protocol doesn't include any security functions at all, and this paper doesn't add any such security features. Because of this, information given back with these extensions, such as the referal information, is not to be treated as accurate by any means. The referal information can be, aswell as the rest of the output in a Whois query, easilly forged by a third party. Because the output is in pure text, it is possible to wrap some signing operation around the output, such as via PGP. Specification of how this is done is not discussed in this memo, but left for future studies. One question might be whether the Whois server or the originating authoritative source should be the one signing the data. It is recommended that the transfer of information from the Whois server operator to IANA (as stated in the IANA considerations section) should be secured for example by the use of signed email, to minimize the risk of IANA publishing information that is not from an authoritative source. This is though a general issue for IANA, so securing this listing service should be done in parallell with securing all other listing services at IANA. Faltstrom & Kosters Expires July 25, 2000 [Page 12] Internet-Draft Referal extension to the Whois protocol January 2000 References [1] Harrenstien, K, Stahl, M and E Feinler, "NICNAME/WHOIS", RFC 954, October 1998. Authors' Addresses Patrik Faltstrom Tele2 Borgarfjordsgatan 16 127 61 Kista Sweden EMail: paf@swip.net URI: http://www.tele2.se Mark Kosters Network Solutions Herndon USA EMail: markk@internic.net URI: http://www.networksolutions.com Faltstrom & Kosters Expires July 25, 2000 [Page 13] Internet-Draft Referal extension to the Whois protocol January 2000 Full Copyright Statement Copyright (C) The Internet Society (2000). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implmentation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Acknowledgement Funding for the RFC editor function is currently provided by the Internet Society. Faltstrom & Kosters Expires July 25, 2000 [Page 14]