I just started getting this output from whois today: # whois americanisp.net [whois.networksolutions.com] The Data in Network Solutions' WHOIS database is provided by Network Solutions for information purposes, and to assist persons in obtaining information about or related to a domain name registration record. Network Solutions does not guarantee its accuracy. By submitting a WHOIS query, you agree that you will use this Data only for lawful purposes and that, under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail (spam); or (2) enable high volume, automated, electronic processes that apply to Network Solutions (or its systems). Network Solutions reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy. [No name] (DA12328-OR) COM And on some domains: [No name] (ID?) is the output. I was able to do this from my shell and networksolutions.com's website. Is anyone having this problem as well? Thanks, Brad
I just started getting this output from whois today:
# whois americanisp.net
[whois.networksolutions.com] [No name] (DA12328-OR) COM
So far, my favorite has been: # whois -h whois.networksolutions.com microsoft.com The Data in Network Solutions' WHOIS database is provided by Network Solutions for information purposes, and to assist persons in obtaining information about or related to a domain name registration record. Network Solutions does not guarantee its accuracy. By submitting a WHOIS query, you agree that you will use this Data only for lawful purposes and that, under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail (spam); or (2) enable high volume, automated, electronic processes that apply to Network Solutions (or its systems). Network Solutions reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy. NO MATCH: This domain is available! Go to www.networksolutions.com to register it now! and doing a whois on arin.net, and it spewing about 100k of garbage followed by: Garbled updated date . To see this organization record with registered members, repeat the command with a star ('*') before the name; or, use '%' to show JUST the registered members. If I wasn't trying to actually use whois today, I'd find this rather funny. :) Kevin
Seems to be working again now: (as long as you don't really NEED to use it that is!) Registrant:AIC Corp (AMERICANISP-DOM) 3333 South Wadsworth Blvd. Lakewood, CO 80227 US Domain Name: AMERICANISP.COM Administrative Contact: Peters, Dave (DP1758) hostmaster@AMERICANISP.NET 303-984-5700 (FAX) 303-984-5800 Technical Contact, Zone Contact: Baker, Brad (BB12656) brad@AMERICANISP.COM 303-984-5700 (FAX) 303-984-5800 Billing Contact: Peters, Dave (DP1758) hostmaster@AMERICANISP.NET 303-984-5700 (FAX) 303-984-5800 Record last updated on 23-Dec-1998. Record created on 18-Dec-1997. Database last updated on 19-Feb-2000 20:34:38 EST. Domain servers in listed order: OXYGEN.AMERICANISP.NET 208.244.174.10 CARBON.AMERICANISP.NET 208.244.174.11 John Fraizer EnterZone, Inc
Whats amazing to me is that there is not one peep from NSI about this, no news service picked up on it, and it will go unnoticed, in general. Isn't it amazing that a company as significant on the 'net as NSI can have such repetitive, continual database problems, and no one cares? On Sat, 19 Feb 2000, NANOG Mailing List wrote:
Seems to be working again now: (as long as you don't really NEED to use it that is!)
Registrant:AIC Corp (AMERICANISP-DOM) 3333 South Wadsworth Blvd. Lakewood, CO 80227 US
Domain Name: AMERICANISP.COM
Administrative Contact: Peters, Dave (DP1758) hostmaster@AMERICANISP.NET 303-984-5700 (FAX) 303-984-5800
Technical Contact, Zone Contact: Baker, Brad (BB12656) brad@AMERICANISP.COM 303-984-5700 (FAX) 303-984-5800
Billing Contact: Peters, Dave (DP1758) hostmaster@AMERICANISP.NET 303-984-5700 (FAX) 303-984-5800
Record last updated on 23-Dec-1998. Record created on 18-Dec-1997. Database last updated on 19-Feb-2000 20:34:38 EST.
Domain servers in listed order:
OXYGEN.AMERICANISP.NET 208.244.174.10 CARBON.AMERICANISP.NET 208.244.174.11
John Fraizer EnterZone, Inc
Whats amazing to me is that there is not one peep from NSI about this, no news service picked up on it, and it will go unnoticed, in general.
Isn't it amazing that a company as significant on the 'net as NSI can have such repetitive, continual database problems, and no one cares?
Perhaps it's because no one bothers to report the problems to them instead people send mail to bitch-and-moan@merit.edu which just happens to forward to nanog? --jhawk
On Sun, 20 Feb 2000 00:47:41 EST, John Hawkinson said:
Whats amazing to me is that there is not one peep from NSI about this, no news service picked up on it, and it will go unnoticed, in general.
Isn't it amazing that a company as significant on the 'net as NSI can have such repetitive, continual database problems, and no one cares?
Perhaps it's because no one bothers to report the problems to them instead people send mail to bitch-and-moan@merit.edu which just happens to forward to nanog?
A) Do you happen to have proof that people *arent* reporting the problems to NSI as well as posting here? B) Considering how important NSI has been to keeping the net going, I'm surprised we haven't seen a CNN soundbite of Wolf Blitzer standing in front of NSI's corporate headquarters, talking about NSI executives preparing to explain to a Congressional subcommittee exactly why there are so many problems... A few days ago a total of 13 sites got DOS'ed, for an average of a few hours each, and that got MAJOR press coverage. It's surprising there wasn't a similar fuss the time that 30% of the .com's were dropped on the floor due to a undetected disk-full condition, and sites were having sporadic problems for several DAYS till all the DNS caches timed out, or the time a few days later there was ANOTHER problem, or the time..... Let's face it guys, taken on the "number of sites times outage time" basis, NSI operational issues have screwed a *LOT* more of the 4 million .COM's out there than trin00 has.... Valdis Kletnieks Operating Systems Analyst Virginia Tech
On Sun, 20 Feb 2000 Valdis.Kletnieks@vt.edu wrote:
A few days ago a total of 13 sites got DOS'ed, for an average of a few hours each, and that got MAJOR press coverage. It's surprising there wasn't a similar fuss the time that 30% of the .com's were dropped on the floor due to a undetected disk-full condition, and sites were having sporadic problems for several DAYS till all the DNS caches timed out, or the time a few days later there was ANOTHER problem, or the time.....
Let's face it guys, taken on the "number of sites times outage time" basis, NSI operational issues have screwed a *LOT* more of the 4 million .COM's out there than trin00 has....
OK. So NSI gets the award for the first "real" dDOS years ago. And all they needed were the root servers. John Fraizer
There has been plenty of complaints lodged. NameSecure happens to finally have port 43 whois service running, for the first time. I don't mean to sound like an apologist for NSI, but they've been having plenty of trouble with SRS. I leave it as a value judgement as to the appropriateness of rolling out code that doesn't pass the most basic of QA muster, and whose design and architecture is protected by the most stringent and arcane NDA that I've ever seen. Also, many of you have users that have been entering bogus info in the whois database for years, and never said anything then. The point; there's plenty of mud to go around. It's about time that you guys got involved enough to fix it, instead of piss-and-moan. ICANN is supposed to inherit the root-servers.net and damned few have ever even seen a *nix shell. In the past two years, the big 8 have been conspicuous, by total absence from the IFWP/ICANN/etc scene. The NTIA/DOC has already cut IANA funding and ICANN has already accepted responsibility. Parts of ICANN ain't looking good. I'm not at all sure that it shouldn't die. Now you bitch about things not working right? ... duh! What the hell did you expect?!
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of John Hawkinson Sent: Saturday, February 19, 2000 9:48 PM To: Alex Rubenstein Cc: nanog@merit.edu Subject: Re: whois broke again?
Whats amazing to me is that there is not one peep from NSI about this, no news service picked up on it, and it will go unnoticed, in general.
Isn't it amazing that a company as significant on the 'net as NSI can have such repetitive, continual database problems, and no one cares?
Perhaps it's because no one bothers to report the problems to them instead people send mail to bitch-and-moan@merit.edu which just happens to forward to nanog?
--jhawk
"Roeland M.J. Meyer" wrote:
There has been plenty of complaints lodged. NameSecure happens to finally have port 43 whois service running, for the first time. I don't mean to sound like an apologist for NSI, but they've been having plenty of trouble with SRS. I leave it as a value judgement as to the appropriateness of rolling out code that doesn't pass the most basic of QA muster, and whose design and architecture is protected by the most stringent and arcane NDA that I've ever seen.
That's odd, it's supposed to be an internet-draft. Not that I've actually read it, but ....
The point; there's plenty of mud to go around. It's about time that you guys got involved enough to fix it, instead of piss-and-moan.
That's right. We have redundant DNS root servers, why do we have a single point of failure in the whois? So, we need 5 volunteers to step up and be our chosen whois mirrors. WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of William Allen Simpson Sent: Sunday, February 20, 2000 6:02 AM
"Roeland M.J. Meyer" wrote:
and whose
design and architecture is protected by the most stringent and arcane NDA that I've ever seen.
That's odd, it's supposed to be an internet-draft. Not that I've actually read it, but ....
Then I suggest that you do. I wouldn't sign the NDA, but you might.
The point; there's plenty of mud to go around. It's about time that you guys got involved enough to fix it, instead of piss-and-moan.
That's right. We have redundant DNS root servers, why do we have a single point of failure in the whois? So, we need 5 volunteers to step up and be our chosen whois mirrors.
With SRS, this is no longer possible as the whois data is already distributed among NSI's channel market, the Registrars. Each are independent entities. The only real target you have to fire at is the ICANN. GFL ... they're broke.
"Roeland M.J. Meyer" wrote:
Then I suggest that you do. I wouldn't sign the NDA, but you might.
What NDA? It's draft-hollenbeck-rrp-01.txt. But this is irrelevant to the whois discussion.
With SRS, this is no longer possible as the whois data is already distributed among NSI's channel market, the Registrars. Each are independent entities. The only real target you have to fire at is the ICANN. GFL ... they're broke.
I think we must be talking at cross purposes. The domain whois data is located in whois servers, maintained by the NSI registry. It is updated by registrars. The NSI registry whois seems to be falling down and cannot get up. We need a good system of distributed whois servers, just as we have a robust system of distributed DNS servers. We've talked about this before. Rather than complaining about NSI, folk need to get off their duffs and make it happen. I don't have the kind of bandwidth that we should have at the whois servers, so I cannnot offer space. All I can do is chearlead (and write code). Are we lacking an incremental distribution protocol for whois? What about rwhois? (RFC-2167 Informational) What about whois++? (RFC-1913 & 1914 Proposed Standards) WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
William Allen Simpson wrote:
The NSI registry whois seems to be falling down and cannot get up. We need a good system of distributed whois servers, just as we have a robust system of distributed DNS servers.
<start of rant> I think you misunderstand and inadvertently misrepresent the issue. NSI's position (and indeed the major driver of it's financial and market position) has been that the data provided to NSI during the process of registering a domain is proprietary, confidential, and "copyrightable" by them. Looked at one way, they're right. There is no reason that they should make available to *anyone*, not the least their competitors, who their customers are, and how to contact them. In the days of the total monopoly (the old days) this was arguable. Now it isn't. That is *not* to say that the roots of whois are not noble, and appropriately in the public domain. Or that the data should not be available today. I am merely pointing out that absent some kind of larger "in the public interest" issue, they should not have to make available their customer data. On the other hand, I believe that there *is* an overwhelming public interest issue as far as typical whois type data is concerned. The ability to reach responsible parties during network events like DOS attacks, bogus announcements, domain failures, spam runs, etc. are necessary. Of course, the urgent need for a sales droid to inform one that the/she can get better service elsewhere is *not* one of these events :-) I believe that the value of whois data is on a downward spiral, accelerated by the registrars who themselves create contact data that is of no value (have you noticed the increasing presence of technical and admin contacts in domain registrations with "no-valid-email@" as the address portion)? There was a time when SOA data served a purpose. Unfortunately that data is generally outdated, and useless as well (I use it to contact enablers of spam, so I know how bad it is). So, a fundamental decision has to be made: Is it important for parties that control DNS data (domain names and address space) that are connected to "the network" to be identifiable to the community at large, and reachable? If so, a replacement rfc needs to be developed. While it can be argued that due to the fact that there are so few networks that are default free, it should only be necessary to identify the provider at the top of the tree, and that contacting them should start a cascading process that ultimately gets the problem solved, frequent events experienced by us all prove this wrong. I believe that without the traditional good sense championed during Jon Postel's time (the enlightened days) the entity that today could, should, and won't solve this is ICANN. They have neither the balls, nor apparently the clue. Shame on them. And on us for letting it happen. <end of rant> I believe this discussion is operational, and valid for this list. Failure to solve this issue in some way will cause further network problems. -- Rodney Joffe CenterGate Research Group, LLC. http://www.centergate.com "Technology so advanced, even we don't understand it!"
Rodney Joffe wrote:
On the other hand, I believe that there *is* an overwhelming public interest issue as far as typical whois type data is concerned. The ability to reach responsible parties during network events like DOS attacks, bogus announcements, domain failures, spam runs, etc. are necessary. ... So, a fundamental decision has to be made:
Is it important for parties that control DNS data (domain names and address space) that are connected to "the network" to be identifiable to the community at large, and reachable?
It is important.
If so, a replacement rfc needs to be developed.
A replacement for what? Don't we already have plenty of documents describing the protocols? Are you referring to a BCP? WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Is it important for parties that control DNS data (domain names and address space) that are connected to "the network" to be identifiable to the community at large, and reachable?
It is important.
Two different takes on the matter: Try %dig <your-asn>.rdi.int. txt for one of mine: %dig 4555.rdi.int txt ;; QUERY SECTION: ;; 4555.rdi.int, type = TXT, class = IN ;; ANSWER SECTION: 4555.rdi.int. 1D IN TXT "RPS 0001 descr: LosAngelesPeering exchange" 4555.rdi.int. 1D IN TXT "RPS 0002 aut-num: AS4555" 4555.rdi.int. 1D IN TXT "RPS 0007 admin-c: WM110-NSI" 4555.rdi.int. 1D IN TXT "RPS 0008 tech-c: WM110-NSI" 4555.rdi.int. 1D IN TXT "RPS 0009 remarks: The first live example of this technique" 4555.rdi.int. 1D IN TXT "RPS 0010 remarks: Check the SOA for mnt-by, changed data" 4555.rdi.int. 1D IN TXT "RPS 0011 source: DNS" 4555.rdi.int. 1D IN TXT "RPS 0012 route: 198.32.2.0/24" 4555.rdi.int. 1D IN TXT "RPS 0013 route: 3ffe:08/24" 4555.rdi.int. 1D IN TXT "RPS 0000 person:Bill Manning" .... and from 2.32.198.in-addr.arpa...... %dig 2.32.198.in-addr.arpa. any ; <<>> DiG 8.2 <<>> 2.32.198.in-addr.arpa. any ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 2 ;; QUERY SECTION: ;; 2.32.198.in-addr.arpa, type = ANY, class = IN ;; ANSWER SECTION: 2.32.198.in-addr.arpa. 1D IN TXT "announced by AS 4555" 2.32.198.in-addr.arpa. 1D IN TXT "RPS 0000 person: Bill Manning" ... Allows people at each delegation point to publish their policy and any other pertinent data. working on something similar w/ rwhois. Yuji is doing a pretty good job of fixing up some longstanding weaknesses with that stack, esp. with referals and forwarding.
Bill, I've got to hand it to you, this is an excellent idea! The RPS #### are from where? Is this format written up yet? bmanning@vacation.karoshi.com wrote:
Is it important for parties that control DNS data (domain names and address space) that are connected to "the network" to be identifiable to the community at large, and reachable?
It is important.
Two different takes on the matter:
Try %dig <your-asn>.rdi.int. txt
Allows people at each delegation point to publish their policy and any other pertinent data.
working on something similar w/ rwhois. Yuji is doing a pretty good job of fixing up some longstanding weaknesses with that stack, esp. with referals and forwarding.
With this system, do we need rwhois? WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Bill, I've got to hand it to you, this is an excellent idea!
The RPS #### are from where?
Is this format written up yet?
The RPS "keys" are the functional equivalants of the Routing Policy System statements that are used in the IRR. The structure used allows a PERL script to reorder them in the desired sequence after an axfr "shuffles" them. This was discussed in the RIDE wg of the IETF.
With this system, do we need rwhois?
Nope. Of course everyone is then responsible for publishing their own data and making sure it is current.
WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
William Allen Simpson wrote:
Rodney Joffe wrote:
A replacement for what?
Don't we already have plenty of documents describing the protocols?
What protocols? Whois? Yes, but whois is broken in this context because both the data, and the systems controlling the data, are corrupted, and corrupt. Are you referring to RFC1913 and RFC1914? Maybe they can be adapted.
Are you referring to a BCP?
\ No. A BCP document would be useful, but more like putting the cart before the horse. A functional equivalent of whois, but *not* controlled by the registry, is required. Bill Manning describes something that really is delegated to the edge. In his usage, DNS itself is used. Assuming that DNS administrators could be convinced to all update their data, IP issues can be resolved well. And ditto for domain names. But Bill uses TXT records. TXT records are not defined, or formatted. They are just that: Text records. So Bill can enter whatever data *he* thinks would be appropriate. Perhaps in this solution, BCP would work, with the hope that the unwashed masses would follow them. My limited experience indicates that you have to provide step-by-step paint-by-numbers help to users. Like: Email address of Technical Contact Phone Number Pager Number etc. Whatever it is, an rfc is necessary first. And the current location (domain registration) for whois data is not appropriate. Of course if ICANN could be convinced to do the "right thing(tm)" none of this would matter. Have you noticed the data in RIPE records? I'm yet to find bad data, or unreachable contacts. I feel most hopeful about the ARIN side of the house. It's still run be white hats, is governed by a board of really clueful people, and is guided by an advisory board that represents the citizens. Unfortunately, they may also be turned to the dark side if they are taken over by ICANN. -- Rodney Joffe CenterGate Research Group, LLC. http://www.centergate.com "Technology so advanced, even we don't understand it!"
Rodney said what I was going to, but I'll add this http://www.opensrs.org/ If you can stomache that, then I have more of the same. For the record, I've tried to get you guy's attention with this stuff over two years ago. Y'all strongly told me it was non-operational. But, when systems start failing, and it becomes an operational issue, it's way too late.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of William Allen Simpson Sent: Sunday, February 20, 2000 12:51 PM To: Roeland M.J. Meyer Cc: nanog@merit.edu Subject: Re: whois broke again?
"Roeland M.J. Meyer" wrote:
Then I suggest that you do. I wouldn't sign the NDA, but you might.
What NDA? It's draft-hollenbeck-rrp-01.txt.
But this is irrelevant to the whois discussion.
With SRS, this is no longer possible as the whois data is already distributed among NSI's channel market, the Registrars. Each are independent entities. The only real target you have to fire at is the ICANN. GFL ... they're broke.
I think we must be talking at cross purposes. The domain whois data is located in whois servers, maintained by the NSI registry. It is updated by registrars.
The NSI registry whois seems to be falling down and cannot get up. We need a good system of distributed whois servers, just as we have a robust system of distributed DNS servers.
We've talked about this before. Rather than complaining about NSI, folk need to get off their duffs and make it happen.
I don't have the kind of bandwidth that we should have at the whois servers, so I cannnot offer space. All I can do is chearlead (and write code).
Are we lacking an incremental distribution protocol for whois?
What about rwhois? (RFC-2167 Informational)
What about whois++? (RFC-1913 & 1914 Proposed Standards)
WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
On Sun, 20 Feb 2000, Roeland M.J. Meyer wrote:
Rodney said what I was going to, but I'll add this
http://www.opensrs.org/ Yuk ! , I sure hope there is something -alot- better than this out there ? Like a previous post , I'd like to know where the other *whois* facilities have gone ? There never seems to have been a -real- Rwhois . No one allowed the recursive part to function . The idea is still good , But ... JimL
If you can stomache that, then I have more of the same. For the record, I've tried to get you guy's attention with this stuff over two years ago. Y'all strongly told me it was non-operational. But, when systems start failing, and it becomes an operational issue, it's way too late. +----------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network Engineer | 25416 22nd So | Give me Linux | | babydr@baby-dragons.com | DesMoines WA 98198 | only on AXP | +----------------------------------------------------------------+
On Sun, 20 Feb 2000, Mr. James W. Laferriere wrote:
On Sun, 20 Feb 2000, Roeland M.J. Meyer wrote:
Rodney said what I was going to, but I'll add this
http://www.opensrs.org/ Yuk ! , I sure hope there is something -alot- better than this out there ? Like a previous post , I'd like to know where the other *whois* facilities have gone ? There never seems to have been a -real- Rwhois . No one allowed the recursive part to function . The idea is still good , But ... JimL
NSI was responsible for the development of Rwhois. Enuf said. /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ Patrick Greenwell Earth is a single point of failure. \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
On Mon, 21 Feb 2000, Patrick Greenwell wrote:
Yuk ! , I sure hope there is something -alot- better than this out there ? Like a previous post , I'd like to know where the other *whois* facilities have gone ? There never seems to have been a -real- Rwhois . No one allowed the recursive part to function . The idea is still good , But ... JimL
NSI was responsible for the development of Rwhois. Enuf said.
Ugh... Hit the send button too quickly.... NSI was responsible for *furthering* the development of Rwhois as part of their contract... /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ Patrick Greenwell Earth is a single point of failure. \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
From: Patrick Greenwell [mailto:patrick@cybernothing.org] Sent: Monday, February 21, 2000 9:21 AM
On Mon, 21 Feb 2000, Patrick Greenwell wrote:
been a -real- Rwhois . No one allowed the recursive part to function . The idea is still good , But ... JimL
NSI was responsible for the development of Rwhois. Enuf said.
Ugh... Hit the send button too quickly.... NSI was responsible for *furthering* the development of Rwhois as part of their contract...
Which died due to lack of effort. Can we say "failure to perform"? Yet, they've never been penalized for it. NSI has a "not so very good" track record in developing software systems, or even hiring/supervising competent contractors.
"Roeland M.J. Meyer" wrote:
For the record, I've tried to get you guy's attention with this stuff over two years ago. Y'all strongly told me it was non-operational. But, when systems start failing, and it becomes an operational issue, it's way too late.
Well, I was listening; we just didn't have rough consensus. But, maybe it's not _that_ late. Some private messages have said that NSI claims the whois contact information is now their "property". Here's an alternative: fight fire with fire. The collection of contact information interesting to network operators would be separately copyrightable under the new "digital millenium" act. After all, we never use most of the relatively useless information maintained by NSI. Would it be OK with the rest of us for Rodney Joffe to create a database of all the requests and answers made thru geektools? Users could add reliability notes about whether the contacts are valid. The resulting "compilation" would be what we distribute to our mirrors. This requires that we all use geektools to seed the database. We would change the Open/Net/Free/*BSD/*nix whois distributions to point at geektools. (Especially as default whois is pretty useless right now.) And that we trust Rodney (or some more formal entity) to administer the copyright in a way that is pleasing to us. In our naming tradition, we could call this new database "OpenWhois" or "NetWhois" or even "FreeWhois". ;-) Any consensus? WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
William Allen Simpson wrote:
Some private messages have said that NSI claims the whois contact information is now their "property".
Not only. NSI has said publicly that this is the case. As does the data they return with each whois result :-)
Would it be OK with the rest of us for Rodney Joffe to create a database of all the requests and answers made thru geektools?
Not sure what you mean here. GeekTools SuperWhois is merely a proxy. When answers are returned, they are still subject to the copyright under which GeekTools retrieves them. We don't cache or store them. We just go get the answers, and display them, copyright and all (NOTE: we have received permission to do so). But we do not have permission to store or capture the data. And, as we've already discussed, the data is wrong sometimes :-) A totally new from scratch database needs to be created. And it should *not* be me, GeekTools, or CenterGate. Or any individual. It needs to be controlled by a body trusted by all. What ICANN should have and could have been. CenterGate can provide the repository infrastructure through UltraDNS. UltraDNS already has a whois component that allows a dns user to specify which fields may be seen by the public, and which may not. Some thought has to go in to how the 'net decides who should be able to read something, and who should not. The major cause of complaints, and bogus data (555-1212 phone numbers and no-valid-email@ addresses) is the spam issue. In fact, I believe that this is where the major effort has to be spent assuming that this community really gives a damn about the subject. So, while this discussion is interesting to some, unless the majority of lurkers here care enough to open their mouths and comment, we're just creating noise. So sad.
We would change the Open/Net/Free/*BSD/*nix whois distributions to point at geektools. (Especially as default whois is pretty useless right now.)
whois-servers.net may be more appropriate, and it is already in at least 2 of the BSD distributions for whois :-) -- Rodney Joffe CenterGate Research Group, LLC. http://www.centergate.com "Technology so advanced, even we don't understand it!"
Thus spake Rodney Joffe
Some private messages have said that NSI claims the whois contact information is now their "property".
Not only. NSI has said publicly that this is the case. As does the data they return with each whois result :-)
Of course...I think this is a crock...as, I suspect, most of the people on this list thing...but that's not terribly relevant to my overall response...just wanted to throw my $.02 in ehre.
...
A totally new from scratch database needs to be created. And it should *not* be me, GeekTools, or CenterGate. Or any individual. It needs to be controlled by a body trusted by all. What ICANN should have and could have been.
...
So, while this discussion is interesting to some, unless the majority of lurkers here care enough to open their mouths and comment, we're just creating noise. So sad.
I agree that a whole new database should ultimately be created. As a sorta-lurker, I give my $.02 here. Whois sucks. As a protocol...its just pathetic IMO. Although its serviceable in its current incarnation...its *so* simplistic as to be a joke for the most part. I figure protocols exist to enable stuff (technical term). The whois protocol...being so simplistic doesn't really enable anything.... All of the current enabling is done in the back-end databasing and display engines. Let's face it...what we're trying to do here is directory services writ large. Something like NDS, or AD (shudder), or LDAP on a grand scale. Maybe these specific implementations wouldn't scale to what we need...I would guess LDAP would be the closest. I'd say we probably need to start from there...from a decent, enabling protocol...and build the service on that. Or perhaps, if the current protocols don't hack it, we need to build a new protocol and build the service on that. I really just think the whois protocol...as an access protocol to the database backend, just doesn't hack it. The addition of structure on the protocol will help do the referral, and delegation stuff that whois lacks and *DESPERATELY* needs. The lack of referral capability is what really prevents that setup from being distributed. The other suggestion I saw here...distributing stuff via DNS...seems like a hack (no offense to anyone...its a rather elegant hack...but still a hack). I tend to be of the opinion that overloading DNS with more and more functionality is causing more problems than it solves. Again...I think its being implemented fairly well...but the core solution to the problem is not optimal IMHO. Well...its early and my coffee hasn't made it into my bloodstream yet, so I'm not following through and explaining my ideas very well...I do think this discussion is a good one and will continue...hopefully I'll be able to flesh out my ideas and present them better later on. :) -- Jeff McAdams Email: jeffm@iglou.com Head Network Administrator Voice: (502) 966-3848 IgLou Internet Services (800) 436-4456
Rodney Joffe wrote:
A totally new from scratch database needs to be created. And it should *not* be me, GeekTools, or CenterGate. Or any individual. It needs to be controlled by a body trusted by all. What ICANN should have and could have been.
Trust has to start somewhere. If you, GeekTools, or CenterGate, are not willing to be trustworthy, then I guess we need to find somewhere else. I never expected ICANN to be a trusted entity. It's a stalking horse -- by design. How about Bill Manning at ISI?
whois-servers.net may be more appropriate, and it is already in at least 2 of the BSD distributions for whois :-)
I use OpenBSD, which has the modifications. I had had high hopes for whois-servers.net, but it has not solved any problems. Perhaps I don't understand how it works? It seems to require a domain to register itself in whois-servers.net (for example, nasa.gov.whois-servers.net) and maintain its own whois server. This is pretty much a non-starter for most domains. And it doesn't aggregate information to eliminate single points of failure. What I am suggesting is a set of redundant servers, A.whois-servers.net, B.whois-servers.net, etc., that mirror each other's data, eliminating single points of failure. While I think that Bill Manning's DNS TXT suggestion is clever, and nicely distributed, it requires a lot of effort. I'm suggesting a low effort technique to collect the information that exists. That is, to use the actual whois searches that are done, collecting the results in a new database, accessible by existing tools, or minor modifications of tools. Let's discuss the alternatives, and get busy. WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
> How about Bill Manning at ISI? How about Bill Manning _not_ at ISI? -Bill
On 02/21/00, bmanning@vacation.karoshi.com wrote:
> How about Bill Manning at ISI?
How about Bill Manning _not_ at ISI?
-Bill
Bill Manning under the MLK overpass at I580 with my shopping cart loaded down with all my worldly posessions?
Damn, I almost ran you over this afternoon.... ---------========== J.D. Falk <jdfalk@cybernothing.org> =========--------- | "Around here, if someone uses an old keyboard to prop a door open, | | they'll call tech support when the room gets too cold." | | -- Bob Church <church@art.ohiou.edu> | ----========== http://www.cybernothing.org/jdfalk/home.html ==========----
How about Bill Manning at ISI?
I'm not so sure you want that.
While I think that Bill Manning's DNS TXT suggestion is clever, and nicely distributed, it requires a lot of effort.
actually, I think both efforts have about the same level of effort. In one case, its concentrated in a single place, in the other, its all over the place. --bill
bmanning@vacation.karoshi.com Sent: Monday, February 21, 2000 5:11 PM
While I think that Bill Manning's DNS TXT suggestion is clever, and nicely distributed, it requires a lot of effort.
actually, I think both efforts have about the same level of effort. In one case, its concentrated in a single place, in the other, its all over the place.
The nice thing about central is that things will get done, or not done, consistantly. You tend to strike a closure point at some time. In the distributed "all over the place" model, things may never be consistent, nor will they ever be complete. It is also difficult to enforce quality standards.
bmanning@vacation.karoshi.com Sent: Monday, February 21, 2000 5:11 PM
While I think that Bill Manning's DNS TXT suggestion is clever, and nicely distributed, it requires a lot of effort.
actually, I think both efforts have about the same level of effort. In one case, its concentrated in a single place, in the other, its all over the place.
The nice thing about central is that things will get done, or not done, consistantly. You tend to strike a closure point at some time. In the distributed "all over the place" model, things may never be consistent, nor will they ever be complete. It is also difficult to enforce quality standards.
Hum, is this an argument for reconsituting "Ma Bell"? One of the strengths of the Internet is its distributed nature. And the trend is in this direction with the addition of new IP aware products (cell phones, networked "gadgets", et.al.) Trying to retain a centralized structure is (IMHO) doomed to failure. Its better to have broadly available standards that can be enforced at the provider/subscriber boundary and then let the market "bloom" rather than have a single forcing function that everything must run through before proper operations can occur. We might as well argue for the reconstitution of the InterNIC and the abolishment of RIPE, APNIC, ARIN. You'll get "things ... done, or not done consistantly." and will "strike a closure point at some time". Striking the balance is hard but I expect that the trend is away from centralized services. again, YMMV. --bill (going offline for a while)
From: bmanning@vacation.karoshi.com [mailto:bmanning@vacation.karoshi.com] Sent: Tuesday, February 22, 2000 6:47 AM
bmanning@vacation.karoshi.com Sent: Monday, February 21, 2000 5:11 PM
While I think that Bill Manning's DNS TXT suggestion is clever, and nicely distributed, it requires a lot of effort.
actually, I think both efforts have about the same level of effort. In one case, its concentrated in a single place, in the other, its all over the place.
The nice thing about central is that things will get done, or not done, consistantly. You tend to strike a closure point at some time. In the distributed "all over the place" model, things may never be
consistent, nor
will they ever be complete. It is also difficult to enforce quality standards.
Hum, is this an argument for reconsituting "Ma Bell"?
No it isn't, you mistake my intentions. I was just weighing out each end of the spectrum.
One of the strengths of the Internet is its distributed nature.
Tell that to DOC/NTIA/ICANN. I'm with Stef and the ORSC in this, aka; the opposition (see: www.dnso.net).
And the trend is in this direction with the addition of new IP aware products (cell phones, networked "gadgets", et.al.) Trying to retain a centralized structure is (IMHO) doomed to failure. Its better to have broadly available standards that can be enforced at the provider/subscriber boundary and then let the market "bloom" rather than have a single forcing function that everything must run through before proper operations can occur.
Finding that sweet-spot has been elusive.
We might as well argue for the reconstitution of the InterNIC and the abolishment of RIPE, APNIC, ARIN. You'll get "things ... done, or not done consistantly." and will "strike a closure point at some time".
Actually, RIPE/APINIC/ARIN is too centralized for my taste. <grin>
Striking the balance is hard but I expect that the trend is away from centralized services.
Not according to DOC/NTIA/ICANN <sigh>.
bmanning@vacation.karoshi.com wrote:
actually, I think both efforts have about the same level of effort. In one case, its concentrated in a single place, in the other, its all over the place.
I disagree. The point of my proposal was that the collection was automated using current tools, just collecting our query results into our own database. The database would require some effort, but only by the few (2**4) folks coordinating the databases. The other nice thing about my proposal is that we could clean up the data in its central location. Enforcement would be the users (us) adding notations that the data is bad, or entries to fix the data, after beating our heads against the wall trying to find the parties. Your proposal requires every domain/address to add data to their servers. That's millions of locations. There's no enforcement, and therefore, it won't happen anytime soon. As an example of how fast that might be, look at how well in-addr is currently maintained. WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
William Allen Simpson wrote:
Trust has to start somewhere. If you, GeekTools, or CenterGate, are not willing to be trustworthy, then I guess we need to find somewhere else.
Errrr, I didn't mean it to come out that way :-) I think that we're inappropriate in that we are not independent.
How about Bill Manning at ISI?
What Bill Woodcock says :-)
I use OpenBSD, which has the modifications. I had had high hopes for whois-servers.net, but it has not solved any problems. Perhaps I don't understand how it works?
whois-servers.net contains pointers to the authoritative whois servers for all the tld's we know. So you would query, for example, using dig, to find out what today's answer is to the question: "What machine is authoritative for a port 43 question inquiring after the whois data for 'domain'" e.g., It does not contain any whois data itself.
What I am suggesting is a set of redundant servers, A.whois-servers.net, B.whois-servers.net, etc., that mirror each other's data, eliminating single points of failure.
But what data would they contain. whois data for the world? hardly likely to work. Who would run the organization to populate it?
While I think that Bill Manning's DNS TXT suggestion is clever, and nicely distributed, it requires a lot of effort.
Yes, although someone here condemned it as a hack, I believe that DNS is perfectly positioned to fill the role. Sean believes that we cannot rely on DNS to present the data because it is "in-band". Then let's identify a solution to mirror the data "out-of-band". Nonetheless, I suggest that the correct place to delegate responsibility *is* at the edge. What about SRV? A suggestion has been made that: _whois._tcp.centergate.com IN SRV ... _whois._tcp.5.5.192.in-addr.arpa IN SRV ... is the right way to go. Thoughts?
I'm suggesting a low effort technique to collect the information that exists. That is, to use the actual whois searches that are done, collecting the results in a new database, accessible by existing tools, or minor modifications of tools.
But the data is bad, out of date, useless, etc.
Let's discuss the alternatives, and get busy.
Hopefully that's what this is :-) -- Rodney Joffe CenterGate Research Group, LLC. http://www.centergate.com "Technology so advanced, even we don't understand it!"
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Rodney Joffe Sent: Monday, February 21, 2000 12:19 AM
William Allen Simpson wrote:
Would it be OK with the rest of us for Rodney Joffe to create a database of all the requests and answers made thru geektools?
Not sure what you mean here. GeekTools SuperWhois is merely a proxy. When answers are returned, they are still subject to the copyright under which GeekTools retrieves them. We don't cache or store them. We just go get the answers, and display them, copyright and all (NOTE: we have received permission to do so). But we do not have permission to store or capture the data. And, as we've already discussed, the data is wrong sometimes :-)
It is arguable whether or not we need the permission, for the data. Copyright covers implementations of works, not the data on which the implementation is founded. Reformatting the data into something like RIPE's format, or something wholly different, would be sufficient. The data itself is still paid for by US tax dollars. There have been other arguments put forth, that view it from a different direction entirely, that the data belongs to each registrant and not to NSI. Basically, you own all the data pertinent to you, as does each registrant. In either case, the purveyor of data is not automatically the owner of the data, only the form that they present that data in. There is substantial case history for this view, but BEWARE:IANAL.
A totally new from scratch database needs to be created. And it should *not* be me, GeekTools, or CenterGate. Or any individual. It needs to be controlled by a body trusted by all. What ICANN should have and could have been.
There are two points here; One, what to build and 2), whom shall build it. The first point begs an issue, database synchronization. It is the same issue that plagues SRS and is the prime reason that they are having problems in the first place, that is the prime inadequacy of the SRS architecture and design. Anyone whom has ever worked with Sybase Replication servers and Oracle Parallel Servers, knows first-hand what sort of nightmare synchronization can be, especially over high-latency links and high transaction rate end-nodes. That was my biggest concern with Crispin's original design, over three years ago(that was the process box which was labeled "a miracle occurs here" <grin>). Obviously, NSI couldn't/wouldn't fund the miracle. Most of the problems you see is data-dithering, a classic symptom of synchronization problems. Having yet another authoritative database only aggrivates the problem. I understand trying to loosen the coupling, but that's the wrong way to do it, IMNSHO. The second point is unrealistic, ICANN has no money, no technical competency, and no desire. All they want is control, as badly as the DOC/NTIA wants to relinquish it. ICANN was the ones that forced SRS down NSI's throat in the first-place (w/ USG twisting both arms), as a means for generating revenue for ICANN. They don't even know, or care, that SRS has problems. ICANN makes a healthy fee for accrediting registrars.
CenterGate can provide the repository infrastructure through UltraDNS. UltraDNS already has a whois component that allows a dns user to specify which fields may be seen by the public, and which may not. Some thought has to go in to how the 'net decides who should be able to read something, and who should not. The major cause of complaints, and bogus data (555-1212 phone numbers and no-valid-email@ addresses) is the spam issue. In fact, I believe that this is where the major effort has to be spent assuming that this community really gives a damn about the subject.
You are correct, there is a serious data integrity issue with the current whois. NSI is to be blamed for letting it get out of hand. That said, there are serious privacy issues in the way that whois works. It is certainly a violation of recent EU privacy standards and is the main reason that spammers were able to abuse the systems in the first place.
So, while this discussion is interesting to some, unless the majority of lurkers here care enough to open their mouths and comment, we're just creating noise. So sad.
Agreed, the time to ready a solution ... is BEFORE the problem shows up!
We would change the Open/Net/Free/*BSD/*nix whois distributions to point at geektools. (Especially as default whois is pretty useless right now.)
whois-servers.net may be more appropriate, and it is already in at least 2 of the BSD distributions for whois :-)
One of the other problems is finding the whois servers out there. However, I think that is another topic. cheers =========================================== R O E L A N D M. J. M E Y E R http://mhsc.com/~rmeyer/resume
NSI arguably has the rights to the existing whois database but by no means does that give them any control over any other listing of names and contact information. -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Rodney Joffe Sent: Monday, February 21, 2000 12:19 AM To: nanog@merit.edu Subject: Re: Alternatives (was Re: whois broke again?) William Allen Simpson wrote:
Some private messages have said that NSI claims the whois contact information is now their "property".
Not only. NSI has said publicly that this is the case. As does the data they return with each whois result :-)
people posting opinions of why has what legal rights in this area would help others understand those opinions if they told us if they are lawyers versed in the subject. randy
people posting opinions of why has what legal rights in this area would help others understand those opinions if they told us if they are lawyers versed in the subject.
IANAL but that wouldn't stop me from pointing out that in reality nobody has the faintest idea what the legal status of WHOIS data is since the precedents are murky (does Feist apply? I dunno) and there is as far as I know no case law yet. -- John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 387 6869 johnl@iecc.com, Village Trustee and Sewer Commissioner, http://iecc.com/johnl, Member, Provisional board, Coalition Against Unsolicited Commercial E-mail
From: Randy Bush <randy@psg.com> Subject: RE: Alternatives (was Re: whois broke again?) Date: Mon, 21 Feb 2000 18:02:59 -0800
people posting opinions of why has what legal rights in this area would help others understand those opinions if they told us if they are lawyers versed in the subject.
I am not a lawyer. I do, however, ocassionally send e-mail to NANOG on this topic. See, for the example, the following, which even has references to Federal regulations and statutes: http://www.cctec.com/maillists/nanog/historical/9809/msg00171.html -tjs
On Mon, 21 Feb 2000, Randy Bush wrote:
people posting opinions of why has what legal rights in this area would help others understand those opinions if they told us if they are lawyers versed in the subject.
You don't have to be a lawyer to espouse an opinion. Lawyers are who you hire to back that position. If there were only one true interpretation of the law, laywers would be unecessary. /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ Patrick Greenwell Earth is a single point of failure. \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
people posting opinions of why has what legal rights in this area would help others understand those opinions if they told us if they are lawyers versed in the subject.
You don't have to be a lawyer to espouse an opinion.
I believe Randy was being unusually polite and/or reticent ( :-) ) and what he actually meant was you have to be a lawyer or other form of attributed expert for some people to want to listen to the opinions you espouse if posted here. That would certainly be my take. This is why successful companies pay large amounts of $ to lawyers rather than take their legal advice from public mailing lists. -- Alex Bligh VP Core Network, Concentric Network Corporation (formerly GX Networks, Xara Networks)
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of William Allen Simpson Sent: Sunday, February 20, 2000 11:38 PM
"Roeland M.J. Meyer" wrote:
For the record, I've tried to get you guy's attention with this stuff over two years ago. Y'all strongly told me it was non-operational. But, when systems start failing, and it becomes an operational issue, it's way too late.
Well, I was listening; we just didn't have rough consensus. But, maybe it's not _that_ late.
We'll see.
Some private messages have said that NSI claims the whois contact information is now their "property".
NSI does claim this, it is also arguable, since they inherited the seed from SRI AND it was ALL done, to date, under government contract. However, that's an issue for other forums and has been pounded to where the horse is only a shadow of its former self.<grin> IOW, it's up to the courts now, if we can file someone fool enough to press a law suit <GRIN>... in th proper venue this time<sigh>.
Just want to point out that while apparently the Perl module I maintain, Net::Whois doesn't work with the new long domain names it does work for everything in the NSI database. It does not support the competing registrars because they have wildly different format. There is a WHOIS working group but it isn't very active :-( Dana ----- Original Message ----- From: "William Allen Simpson" <wsimpson@greendragon.com> To: <nanog@merit.edu> Sent: Monday, February 21, 2000 2:38 AM Subject: Alternatives (was Re: whois broke again?)
"Roeland M.J. Meyer" wrote:
For the record, I've tried to get you guy's attention with this stuff over two years ago. Y'all strongly told me it was non-operational. But, when systems start failing, and it becomes an operational issue, it's way too late.
Well, I was listening; we just didn't have rough consensus. But, maybe it's not _that_ late.
Some private messages have said that NSI claims the whois contact information is now their "property".
Here's an alternative: fight fire with fire.
The collection of contact information interesting to network operators would be separately copyrightable under the new "digital millenium" act. After all, we never use most of the relatively useless information maintained by NSI.
Would it be OK with the rest of us for Rodney Joffe to create a database of all the requests and answers made thru geektools?
Users could add reliability notes about whether the contacts are valid.
The resulting "compilation" would be what we distribute to our mirrors.
This requires that we all use geektools to seed the database. We would change the Open/Net/Free/*BSD/*nix whois distributions to point at geektools. (Especially as default whois is pretty useless right now.)
And that we trust Rodney (or some more formal entity) to administer the copyright in a way that is pleasing to us.
In our naming tradition, we could call this new database "OpenWhois" or "NetWhois" or even "FreeWhois". ;-)
Any consensus?
WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
participants (21)
-
Alex Bligh
-
Alex Rubenstein
-
Bill Woodcock
-
bmanning@vacation.karoshi.com
-
Brad
-
Dana Hudes
-
J.D. Falk
-
Jeff Mcadams
-
John Hawkinson
-
johnl@iecc.com
-
Kevin Day
-
Mr. James W. Laferriere
-
NANOG Mailing List
-
Patrick Greenwell
-
Rachel Luxemburg
-
Randy Bush
-
Rodney Joffe
-
Roeland M.J. Meyer
-
Tim Salo
-
Valdis.Kletnieks@vt.edu
-
William Allen Simpson