The original NICNAME/WHOIS protocol (RFC 954) was intended to provide a "netwide directory service to internet users". More recent versions of WHOIS (RFC 3912) concede that the protocol is not suited to provide directory services, and describe it as "widely used to provide information services to Internet users" but lacking "many of the protocol design attributes, for example internationalisation and strong security, that would be expected from any recently-designed IETF protocol".
Inglorious Bastards
The IETF decided to make no attempt to improve WHOIS, but instead considered a broader scope for Internet Registry Information Services (IRIS) and a Cross Registry Internet Service Protocol (CRISP). The decision to leave WHOIS as is was a correct one. The protocol is so minimalist in its approach that the difference between revising it and writing a new protocol is neglible. Additionally, the ad hoc manner in which WHOIS services have been deployed over two decades created an unpredictable and issue-ridden migration path. IRIS/CRISP, however, never materialized as a viable successor to WHOIS for a variety of reasons.
A Worthy Successor at Last
Inspired by the Whois-RWS service now in production at the American Registry for Internet Numbers (ARIN), staff at ICANN began experimenting with Representational State Transfer-based Web services for domain name registration data (a.k.a., "Whois data"), as did engineers at the RIPE Network Coordination Centre.
My colleagues Andy Newton, Beneditto Fiorelli, Steve Sheng and I have published an article in USENIX ;login magazine based on our experiences and findings from our respective research and development. In the article, we explain why we chose REST and explain what we see as the benefits of Representational State Transfer-based Web Services. We explain how we were able to use structured and type registration data to improve signaling and deliver metadata about the registration data (e.g., language). We describe how we can use structured data to implement search and generally improve legitimate automated access to registration data. We next describe our three implementations in sufficient detail to illustrate the benefits and corroborate our findings.
We are encouraged by our findings. Our REST-based directory services are able to "support internationalized registration data (and, generally, structured and typed data), provide unambiguous signaling, and improve error reporting . We are able to leverage existing client and server infrastructures and provide security services, including transport confidentiality and integrity checking, authentication, and data filtering, in an extensible manner, again with the prospect of being able to leverage implementations and Web infrastructure that makes use of security services today."
ARIN's Whois-RWS is in production today. Give it a try if you have not already done so. We hope that similar services will be deployed by other regional internet registries, and that the domain name community - ICANN gTLD registries and registrars as well as country TLD operators world wide - will consider a RESTful approach as well. To this end, we are participating in discussions at IETF meetings to further consideration of this work. We have submitted the following Internet-drafts for consideration:
Comments