ICANN/GNSO
DNSO and GNSO Mailling lists archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [ga] whois.txt, ala robots.txt, as a standard ?


Karl and all former DNSO GA members,

  Perhaps Karl, you might want to take a look at http://www.xml.com
for some insights on XML based apps for Whois.

  I also understand that recently, Jan. 23? that RFC2068 has some
security holes in it that would be particularly impacting upon
strictly web based Whois apps form a security point of view,
not to mention many other areas...
See: http://www.whitehatsec.com/press_releases/WH-PR-20030120.txt
and http://www.extremetech.com/article2/0%2C3973%2C841144%2C00.asp

Karl Auerbach wrote:

> There is a rough convention about putting a zone's contact information
> into the zone records itself.  This convention is not much used and the
> formats are not universally applied, and credit for the idea has been
> attributed to several different people.
>
> For example, in my cavebear.com zone, I have a set of TXT records that may
> be retrieved by doing a TXT record query to "whois.cavebear.com".
>
> The result you will get is
>
> ;; ANSWER SECTION:
> whois.cavebear.com.     172800  IN      TXT     "fax-number: +1.831.423.8357"
> whois.cavebear.com.     172800  IN      TXT     "phone-number: +1.831.423.8585"
> whois.cavebear.com.     172800  IN      TXT     "address-1: 218 Carbonera Drive"
> whois.cavebear.com.     172800  IN      TXT     "address-2: Santa Cruz, CA 95060-1500"
> whois.cavebear.com.     172800  IN      TXT     "other-stuff: This site is operated by Karl Auerbach"
> whois.cavebear.com.     172800  IN      TXT     "address-3: USA"
> whois.cavebear.com.     172800  IN      TXT     "company-name: CaveBear"
>
> Some folks have adopted a more XML-like representation in the TXT records.
>
> The amount of text per name is limited, but with enough names and TXT
> records even large documents can be expressed.  For those who want to give
> it a whirl, run the following query and see what you get (expect about
> 525 lines of output).
>
>         dig @npax.cavebear.com mc.cavebear.com axfr
>
> The mechanism of putting the information into the zone itself lets the
> zone owner control exactly what is, or is not, published.
>
> The point of all of this is that there is no need of a public "whois" at
> all.  Sure, the registration businesses can keep their internal business
> records about who signed up for what and when they need to be rebilled to
> prevent the domain name remover from removing their domain names.  But
> those records need not be made available to the public, to those who mine
> data, or those who make claims they have special privleges to look.  And
> Trademark people can be, as they ought to be, required to demonstrate to a
> neutral magistrate that there is enough evidence of harm to the trademark
> owner's interests for them to have a peek at the registration data.
>
>                 --karl--
>
> --
> This message was passed to you via the ga@dnso.org list.
> Send mail to majordomo@dnso.org to unsubscribe
> ("unsubscribe ga" in the body of the message).
> Archives at http://www.dnso.org/archives.html

Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 129k members/stakeholders strong!)
================================================================
CEO/DIR. Internet Network Eng. SR. Eng. Network data security
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Contact Number: 214-244-4827 or 214-244-3801


--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html




<<< Chronological Index >>>    <<< Thread Index >>>