Who's who?
Whois searches enable users to establish who owns, or controls, what on the Internet. Susan Prosser of DomainTools brings TB&I up to date on how it works.
What is whois and why does it exist?
Whois is a protocol for recording a domain registrant and its contact information. In the Internet’s early days contact records existed for purely technical reasons, enabling you to track down someone if a domain was having technical issues.
As the Internet was so new, users needed an easy way to contact each other and understand who was running what. Now, in 2012, it’s important to note that we are trying to adapt a very old and narrowly conceived standard to much broader uses.
Why does DomainTools see value in whois data?
In the so-called ‘thin’ whois data model—used by .com and .net—registrant data is stored locally at the registrar. Th ere are more than 1,000 Internet Corporation for Assigned Names and Numbers (ICANN)-accredited registrars worldwide. Under the thin model, a whois search gives only the registrar, name servers and registration dates.
‘Thick’ data models, which are used by most generic top-level domains (gTLDs) and some country-code top-level domains, store whois data at the registry level. A search under a thick model will supply all the necessary information on who owns the domain, where it is registered, what name servers it uses, when it was registered and when it may expire.
DomainTools saw real value in searching across all of these disparately-stored whois records in one place, and set upon that challenge more than 10 years ago. Whois data inform people in industries such as online security and trademark enforcement.
How does the difference between the ‘thin’ and ‘thick’ whois models affect your work?
The ‘thick’ model is more regulated than the ‘thin’ model—the data is centralised, with the registry having to store it. The data formatting is very standardised in the ‘thick’ model. With the ‘thin’ model, registrars have a lot of leewayin how they format the data in response to a whois query. Normalising data across the great breadth of ‘thin’-model output formats is one of the harder challenges in our business.
How do your services benefit intellectual property (IP) owners?
IP owners value our experience in collecting data. Going back 10 years, IP owners can track the use of various domains, particularly those that have been cybersquatted, using our whois history tool. Another big benefit is the historical research that you can do with reverse whois, which pulls together associated domains with the same data element.
Brands use our services to support their research in defending a cybersquatting case or trying to track down the owner of a domain name.
What is whois privacy?
Whois privacy is an arrangement between a domain owner and either the holding registrar or a related proxy service. To avoid givingpersonal contact information, a domain owner will use a middleman, normally a proxy service, instructing the latter to submit its own whois contact information.
Why do whois privacy services exist?
Whois data show who owns what on the Internet. Th is has obvious advantages, from being able to contact people to enforcing rights. But one of the overarching memes in today’s Internet regards who controls an individual’s data. It can be argued that making a person’s contact information publicly available is tantamount to an invasion of privacy. Enter whois privacy.
Many people associate whois privacy with scammers and spammers. Are there legitimate uses of these services?
Many organisations do not want their contact details posted for the world to see, especially if there is any history of aggressive or violent behaviour against that institution. Also, any mention of a database or email addresses andphone numbers will be seen as an opportunity by spammers. By opting for whois privacy, a domain owner removes the ability for anyone to randomly email it asking to acquire the domain, or spam it with junk email.
"A domain owner will use a middleman, normally a proxy service, instructing the latter to submit its own whois contact information."
Additionally, a company that wants to register domain names for future product releases but doesn’t want to tip off competitors or researchers about those plans, might opt for a privacy service. Certainly it seems that every time Apple or Amazon registers a new domain name there is someone writing about it within hours and speculating about what it means.
Can whois privacy be defeated, if someone is motivated to do so?
Whois history is the easiest way of defeating whois privacy, assuming that the domain has not always been privacy protected. DomainTools has more than 10 years of historical whois records, and often the data in the ‘real’ records that existed before the advent of the privacy servicecan be essential for fi nding out who the current owner is and how to track him or her down.
Even when a domain has never had an available public whois record, you can oft en work out its ownership by other means, such as reversing the IP address to give you other domains hosted on the same resource and triangulating from there.
How many domains are registered under whois privacy?
DomainTools completed a study of whois privacy in November 2012, and found nearly 15 percent of all domain whois records to be under privacy protection. It was also interesting to note how concentrated the whois privacy presence is at certain registrars.
The numbers are muddied a bit owing to some registrars off ering whois privacy service for free as a default option in registration. But at 15 percent of almost 250 million domains, whois privacy is clearly an important service to a very large number of domain owners.
What are the latest whois protocol discussions at ICANN?
Whois has always been a hot topic at ICANN owing to the sensitivity of the material. Some want complete, unaltered verified data and some want total anonymity.
The recent ICANN board resolution (November 2012) for assessing whois clearly supports the need to address whois policy—what is required, why it is required and who can have access. These resolutions are an important fi rst step in creating policy. More specifically, there is currently a policy discussion focused on technical requirements of whois and its supporting architecture.
There is also a separate working group focused on whether thick whois is required for all existing (including .com and .net) and new gTLDs. The new ICANN board resolution will encourage increased focus and debate on these and other whois policy initiatives.
