Back

26 Whois

gTLDFull Legal NameE-mail suffixDetail
.streamdot Stream Limitedfamousfourmedia.comView
Q26
26.1 Introduction
The Applicant recognizes the importance of an accurate, reliable, and up-to-date WHOIS database to governments, law enforcement, intellectual property holders and the public as a whole and is firmly committed to complying with all of the applicable WHOIS specifications for data objects, bulk access, and lookups as defined in Specifications 4 and 10 to the Registry Agreement. The Applicant’s back-end registry services provider, Neustar, has extensive experience providing ICANN and RFC-compliant WHOIS services for each of the TLDs that it operates both as a Registry Operator for gTLDs, ccTLDs and back-end registry services provider. As one of the first “thick” registry operators in the gTLD space, Neustar’s WHOIS service has been designed from the ground up to display as much information as required by a TLD and respond to a very stringent availability and performance requirement.

Some of the key features of the solution include:

• Fully compliant with all relevant RFCs including 3912
• Production proven, highly flexible, and scalable with a track record of 100% availability over the past 10 years
• Exceeds current and proposed performance specifications
• Supports dynamic updates with the capability of doing bulk updates
• Geographically distributed sites to provide greater stability and performance
• In addition, the thick-WHOIS solution also provides for additional search capabilities and mechanisms to mitigate potential forms of abuse as discussed below.(e.g., IDN, registrant data).

26.2 Software Components
The WHOIS architecture comprises the following components:
• An in-memory database local to each WHOIS node: To provide for the performance needs, the WHOIS data is served from an in-memory database indexed by searchable keys.
• Redundant servers: To provide for redundancy, the WHOIS updates are propagated to a cluster of WHOIS servers that maintain an independent copy of the database.
• Attack resistant: To ensure that the WHOIS system cannot be abused using malicious queries or DOS attacks, the WHOIS server is only allowed to query the local database and rate limits on queries based on IPs and IP ranges can be readily applied.
• Accuracy auditor: To ensure the accuracy of the information served by the WHOIS servers, a daily audit is done between the SRS information and the WHOIS responses for the domain names which are updated during the last 24-hour period. Any discrepancies are resolved proactively.
• Modular design: The WHOIS system allows for filtering and translation of data elements between the SRS and the WHOIS database to allow for customizations.
• Scalable architecture: The WHOIS system is scalable and has a very small footprint. Depending on the query volume, the deployment size can grow and shrink quickly.
• Flexible: It is flexible enough to accommodate thin, thick, or modified thick models and can accommodate any future ICANN policy, such as different information display levels based on user categorization
• SRS master database: The SRS database is the main persistent store of the Registry information. The Update Agent computes what WHOIS updates need to be pushed out. A publish-subscribe mechanism then takes these incremental updates and pushes to all the WHOIS slaves that answer queries.

26.3 Compliance with RFC and Specifications 4 and 10
Neustar has been running thick-WHOIS Services for over 10+ years in full compliance with RFC 3912 and with Specifications 4 and 10 of the Registry Agreement. RFC 3912 is a simple text based protocol over TCP that describes the interaction between the server and client on port 43. Neustar built a home-grown solution for this service. It processes millions of WHOIS queries per day.
Table 26-1 describes Neustar’s compliance with Specifications 4 and 10.
Neustar ensures compliance with all RFCs through a variety of processes and procedures. Members from the engineering and standards teams actively monitor and participate in the development of RFCs that impact the registry services, including those related to WHOIS. When new RFCs are introduced or existing ones are updated, the team performs a full compliance review of each system impacted by the change. Furthermore, all code releases include a full regression test that includes specific test cases to verify RFC compliance.

26.4 High-level WHOIS System Description
26.4.1 WHOIS Service (port 43)
The WHOIS service is responsible for handling port 43 queries. Our WHOIS is optimized for speed using an in-memory database and master-slave architecture between the SRS and WHOIS slaves. The WHOIS service also has built-in support for IDN. If the domain name being queried is an IDN, the returned results include the language of the domain name, the domain name’s UTF-8 encoded representation along with the Unicode code page.

26.4.2 Web Page for WHOIS queries
In addition to the WHOIS Service on port 43, Neustar provides a web based WHOIS application. It is an intuitive and easy to use application for the general public to use. WHOIS web application provides all of the features available in the port 43 WHOIS. This includes full and partial search on:
• Domain names
• Nameservers
• Registrant, Technical and Administrative Contacts
• Registrars
It also provides features not available on the port 43 service.These include:
1. Redemption Grace Period calculation: Based on the registry’s policy, domains in pendingDelete can be restorable or scheduled for release depending on the date⁄time the domain went into pendingDelete. For these domains, the web based WHOIS displays “Restorable” or “Scheduled for Release” to clearly show this additional status to the user.
2. Extensive support for international domain names (IDN)
3. Ability to perform WHOIS lookups on the actual Unicode IDN
4. Display of the actual Unicode IDN in addition to the ACE-encoded name
5. A Unicode to Punycode and Punycode to Unicode translator
6. An extensive FAQ
7. A list of upcoming domain deletions

26.5 IT and Infrastructure Resources
As described above the WHOIS architecture uses a workflow that decouples the update process from the SRS.This ensures SRS performance is not adversely affected by the load requirements of dynamic updates. It is also decoupled from the WHOIS lookup agent to ensure the WHOIS service is always available and performing well for users. Each of Neustar’s geographically diverse WHOIS sites use:
• Firewalls, to protect this sensitive data
• Dedicated servers for MQ Series, to ensure guaranteed delivery of WHOIS updates
• Packetshaper for source IP address-based bandwidth limiting
• Load balancers to distribute query load
• Multiple WHOIS servers for maximizing the performance of WHOIS service.
The WHOIS service uses HP BL 460C servers, each with 2 X Quad Core CPU and a 64GB of RAM. The existing infrastructure has 6 servers, but is designed to be easily scaled with additional servers should it be needed.
Figure 26-1 depicts the different components of the WHOIS architecture.

26.6 Interconnectivity with Other Registry System
As described in Question 24 about the SRS and further in response to Question 31, “Technical Overview”, when an update is made by a registrar that impacts WHOIS data, a trigger is sent to the WHOIS system by the external notifier layer.The update agent processes these updates, transforms the data if necessary and then uses messaging oriented middleware to publish all updates to each WHOIS slave.The local update agent accepts the update and applies it to the local in-memory database. A separate auditor compares the data in WHOIS and the SRS daily and monthly to ensure accuracy of the published data.

26.7 Frequency of Synchronization between Servers Updates from the SRS, through the external notifiers, to the constellation of independent WHOIS slaves happens in real-time via an asynchronous publish⁄subscribe messaging architecture. The updates are guaranteed to be updated in each slave within the required SLA of 95% = 60 minutes. Please note that Neustar’s current architecture is built towards the stricter SLAs (95% = 15 minutes) of .BIZ. The vast majority of updates tend to happen within 2-3 minutes.

26.8 Provision for Searchable WHOIS Capabilities
Neustar will create a new web-based service to address the new search features based on requirements specified in Specification 4 Section 1.8. The application will include precautions to avoid abuse and will enable users to search the WHOIS directory using any one or more of the following fields:

• Domain name
• Registrar ID
• Contacts and registrant’s name
• Contact and registrant’s postal address, including all the sub-fields described in EPP (e.g., street, city, state or province, etc.)
• Name server name and name server IP address
• The system will also allow search using non-Latin character sets which are compliant with IDNA specification.

The user will choose one or more search criteria, combine them by Boolean operators (AND, OR, NOT) and provide partial or exact match regular expressions for each of the criterion name-value pairs. The domain names matching the search criteria will be returned to the user.
Figure 26-2 shows an architectural depiction of the new service.

To mitigate the risk of this powerful search service being abused by unscrupulous data miners, a layer of security will be built around the query engine which will allow the registry to identify rogue activities and then take appropriate measures. Potential abuses include, but are not limited to:
• Data Mining
• Unauthorized Access
• Excessive Querying
• Denial of Service Attacks
To mitigate the abuses noted above, Neustar will implement any or all of these mechanisms as appropriate:
• Username-password based authentication
• Certificate based authentication
• Data encryption
• CAPTCHA mechanism to prevent robo invocation of Web query
• Fee-based advanced query capabilities for premium customers.

The searchable WHOIS application will adhere to all privacy laws and policies of the Applicant’s registry.

26.9 Resourcing Plans
As with the SRS, the development, customization, and on-going support of the WHOIS service is the responsibility of a combination of technical and operational teams. The primary groups responsible for managing the service include:
• Development⁄Engineering – 19 employees
• Database Administration – 10 employees
• Systems Administration – 24 employees
• Network Engineering – 5 employees
Additionally, if customization or modifications are required, the Product Management and Quality Assurance teams will also be involved. Finally, the Network Operations and Information Security play an important role in ensuring the systems involved are operating securely and reliably. The necessary resources will be pulled from the pool of available resources described in detail in the response to Question 31. Neustar’s WHOIS implementation is very mature, and has been in production for over 10 years. As such, very little new development will be required to support the implementation of the Applicant’s registry. The resources are more than adequate to support the WHOIS needs of all the TLDs operated by Neustar, including the Applicant’s registry.
-end-
gTLDFull Legal NameE-mail suffixDetail
.联通China United Network Communications Corporation Limitedchinaunicom.cnView
26.1 INTRODUCTION

China Unicom recognizes the importance of an accurate, reliable, and up-to-date WHOIS database to governments, law enforcement, intellectual property holders and the public as a whole and is firmly committed to complying with all of the applicable WHOIS specifications for data objects, bulk access, and lookups as defined in Specifications 4 and 10 to the Registry Agreement. .联通ʹs back-end registry services provider, Neustar, has extensive experience providing ICANN and RFC-compliant WHOIS services for each of the TLDs that it operates both as a Registry Operator for gTLDs, ccTLDs and back-end registry services provider. As one of the first thick registry operators in the gTLD space, Neustarʹs WHOIS service has been designed from the ground up to display as much information as required by a TLD and respond to a very stringent availability and performance requirement.

Some of the key features of .联通ʹs solution include:

- Fully compliant with all relevant RFCs including 3912

- Production proven, highly flexible, and scalable with a track record of 100% availability over the past 10 years

- Exceeds current and proposed performance specifications

- Supports dynamic updates with the capability of doing bulk updates

- Geographically distributed sites to provide greater stability and performance

- In addition, .联通ʹs thick-WHOIS solution also provides for additional search capabilities and mechanisms to mitigate potential forms of abuse as discussed below. (e.g., IDN, registrant data).



26.2 SOFTWARE COMPONENTS

The WHOIS architecture comprises the following components:

- An in-memory database local to each WHOIS node: To provide for the performance needs, the WHOIS data is served from an in-memory database indexed by searchable keys.

- Redundant servers: To provide for redundancy, the WHOIS updates are propagated to a cluster of WHOIS servers that maintain an independent copy of the database.

- Attack resistant: To ensure that the WHOIS system cannot be abused using malicious queries or DOS attacks, the WHOIS server is only allowed to query the local database and rate limits on queries based on IPs and IP ranges can be readily applied.

- Accuracy auditor: To ensure the accuracy of the information served by the WHOIS servers, a daily audit is done between the SRS information and the WHOIS responses for the domain names which are updated during the last 24-hour period. Any discrepancies are resolved proactively.

- Modular design: The WHOIS system allows for filtering and translation of data elements between the SRS and the WHOIS database to allow for customizations.

- Scalable architecture: The WHOIS system is scalable and has a very small footprint. Depending on the query volume, the deployment size can grow and shrink quickly.

- Flexible: It is flexible enough to accommodate thin, thick, or modified thick models and can accommodate any future ICANN policy, such as different information display levels based on user categorization.

- SRS master database: The SRS database is the main persistent store of the Registry information. The Update Agent computes what WHOIS updates need to be pushed out. A publish-subscribe mechanism then takes these incremental updates and pushes to all the WHOIS slaves that answer queries.



26.3 COMPLIANCE WITH RFC AND SPECIFICATIONS 4 AND 10

Neustar has been running thick-WHOIS Services for over 10+ years in full compliance with RFC 3912 and with Specifications 4 and 10 of the Registry Agreement.RFC 3912 is a simple text based protocol over TCP that describes the interaction between the server and client on port 43. Neustar built a home-grown solution for this service. It processes millions of WHOIS queries per day.

Table 26-1 attached describes Neustarʹs compliance with Specifications 4 and 10.

Neustar ensures compliance with all RFCs through a variety of processes and procedures. Members from the engineering and standards teams actively monitor and participate in the development of RFCs that impact the registry services, including those related to WHOIS. When new RFCs are introduced or existing ones are updated, the team performs a full compliance review of each system impacted by the change. Furthermore, all code releases include a full regression test that includes specific test cases to verify RFC compliance.



26.4 HIGH-LEVEL WHOIS SYSTEM DESCRIPTION


26.4.1 WHOIS SERVICE (PORT 43)

The WHOIS service is responsible for handling port 43 queries. Our WHOIS is optimized for speed using an in-memory database and master-slave architecture between the SRS and WHOIS slaves.

The WHOIS service also has built-in support for IDN. If the domain name being queried is an IDN, the returned results include the language of the domain name, the domain nameʹs UTF-8 encoded representation along with the Unicode code page.



26.4.2 WEB PAGE FOR WHOIS QUERIES

In addition to the WHOIS Service on port 43, Neustar provides a web based WHOIS application (www.whois. .联通). It is an intuitive and easy to use application for the general public to use. WHOIS web application provides all of the features available in the port 43 WHOIS. This includes full and partial search on:

- Domain names

- Nameservers

- Registrant, Technical and Administrative Contacts

- Registrars


It also provides features not available on the port 43 service. These include:

1. Redemption Grace Period calculation: Based on the registryʹs policy, domains in pendingDelete can be restorable or scheduled for release depending on the date⁄time the domain went into pendingDelete. For these domains, the web based WHOIS displays Restorable or Scheduled for Release to clearly show this additional status to the user.

2. Extensive support for international domain names (IDN)

3. Ability to perform WHOIS lookups on the actual Unicode IDN

4. Display of the actual Unicode IDN in addition to the ACE-encoded name

5. A Unicode to Punycode and Punycode to Unicode translator

6. An extensive FAQ

7. A list of upcoming domain deletions



26.5 IT AND INFRASTRUCTURE RESOURCES

As described above the WHOIS architecture uses a workflow that decouples the update process from the SRS. This ensures SRS performance is not adversely affected by the load requirements of dynamic updates. It is also decoupled from the WHOIS lookup agent to ensure the WHOIS service is always available and performing well for users. Each of Neustarʹs geographically diverse WHOIS sites use:

- Firewalls, to protect this sensitive data

- Dedicated servers for MQ Series, to ensure guaranteed delivery of WHOIS updates

- Packetshaper for source IP address-based bandwidth limiting

- Load balancers to distribute query load

- Multiple WHOIS servers for maximizing the performance of WHOIS service.


The WHOIS service uses HP BL 460C servers, each with 2 X Quad Core CPU and a 64GB of RAM. The existing infrastructure has 6 servers, but is designed to be easily scaled with additional servers should it be needed.

Figure 26-1 attached depicts the different components of the WHOIS architecture.



26.6 INTERCONNECTIVITY WITH OTHER REGISTRY SYSTEM

As described in Question 24 about the SRS and further in response to Question 31, Technical Overview, when an update is made by a registrar that impacts WHOIS data, a trigger is sent to the WHOIS system by the external notifier layer. The update agent processes these updates, transforms the data if necessary and then uses messaging oriented middleware to publish all updates to each WHOIS slave. The local update agent accepts the update and applies it to the local in-memory database. A separate auditor compares the data in WHOIS and the SRS daily and monthly to ensure accuracy of the published data.


26.7 FREQUENCY OF SYNCHRONIZATION BETWEEN SERVERS

Updates from the SRS, through the external notifiers, to the constellation of independent WHOIS slaves happens in real-time via an asynchronous publish⁄subscribe messaging architecture. The updates are guaranteed to be updated in each slave within the required SLA of 95%, less than or equal to 60 minutes. Please note that Neustarʹs current architecture is built towards the stricter SLAs (95%, less than or equal to 15 minutes) of .BIZ. The vast majority of updates tend to happen within 2-3 minutes.


26.8 PROVISION FOR SEARCHABLE WHOIS CAPABILITIES

Neustar will create a new web-based service to address the new search features based on requirements specified in Specification 4 Section 1.8. The application will enable users to search the WHOIS directory using any one or more of the following fields:

- Domain name

- Registrar ID

- Contacts and registrantʹs name

- Contact and registrantʹs postal address, including all the sub-fields described in EPP (e.g., street, city, state or province, etc.)

- Name server name and name server IP address

- The system will also allow search using non-Latin character sets which are compliant with IDNA specification.

The user will choose one or more search criteria, combine them by Boolean operators (AND, OR, NOT) and provide partial or exact match regular expressions for each of the criterion name-value pairs. The domain names matching the search criteria will be returned to the user.

Figure 26-2 attached shows an architectural depiction of the new service.

To mitigate the risk of this powerful search service being abused by unscrupulous data miners, a layer of security will be built around the query engine which will allow the registry to identify rogue activities and then take appropriate measures. Potential abuses include, but are not limited to:

- Data Mining

- Unauthorized Access

- Excessive Querying

- Denial of Service Attacks


To mitigate the abuses noted above, Neustar will implement any or all of these mechanisms as appropriate:

- Username-password based authentication

- Certificate based authentication

- Data encryption

- CAPTCHA mechanism to prevent robo invocation of Web query

- Fee-based advanced query capabilities for premium customers.


The searchable WHOIS application will adhere to all privacy laws and policies of the .联通 registry.



26.9 RESOURCING PLANS

As with the SRS, the development, customization, and on-going support of the WHOIS service is the responsibility of a combination of technical and operational teams.The primary groups responsible for managing the service include:

- Development⁄Engineering 19 employees

- Database Administration 10 employees

- Systems Administration 24 employees

- Network Engineering 5 employees

Additionally, if customization or modifications are required, the Product Management and Quality Assurance teams will also be involved. Finally, the Network Operations and Information Security play an important role in ensuring the systems involved are operating securely and reliably. The necessary resources will be pulled from the pool of available resources described in detail in the response to Question 31.Neustarʹs WHOIS implementation is very mature, and has been in production for over 10 years.As such, very little new development will be required to support the implementation of the .联通 registry. The resources are more than adequate to support the WHOIS needs of all the TLDs operated by Neustar, including the .联通 registry.