Back

26 Whois

gTLDFull Legal NameE-mail suffixDetail
.streamdot Stream Limitedfamousfourmedia.comView
Q26
26.1 Introduction
The Applicant recognizes the importance of an accurate, reliable, and up-to-date WHOIS database to governments, law enforcement, intellectual property holders and the public as a whole and is firmly committed to complying with all of the applicable WHOIS specifications for data objects, bulk access, and lookups as defined in Specifications 4 and 10 to the Registry Agreement. The Applicant’s back-end registry services provider, Neustar, has extensive experience providing ICANN and RFC-compliant WHOIS services for each of the TLDs that it operates both as a Registry Operator for gTLDs, ccTLDs and back-end registry services provider. As one of the first “thick” registry operators in the gTLD space, Neustar’s WHOIS service has been designed from the ground up to display as much information as required by a TLD and respond to a very stringent availability and performance requirement.

Some of the key features of the solution include:

• Fully compliant with all relevant RFCs including 3912
• Production proven, highly flexible, and scalable with a track record of 100% availability over the past 10 years
• Exceeds current and proposed performance specifications
• Supports dynamic updates with the capability of doing bulk updates
• Geographically distributed sites to provide greater stability and performance
• In addition, the thick-WHOIS solution also provides for additional search capabilities and mechanisms to mitigate potential forms of abuse as discussed below.(e.g., IDN, registrant data).

26.2 Software Components
The WHOIS architecture comprises the following components:
• An in-memory database local to each WHOIS node: To provide for the performance needs, the WHOIS data is served from an in-memory database indexed by searchable keys.
• Redundant servers: To provide for redundancy, the WHOIS updates are propagated to a cluster of WHOIS servers that maintain an independent copy of the database.
• Attack resistant: To ensure that the WHOIS system cannot be abused using malicious queries or DOS attacks, the WHOIS server is only allowed to query the local database and rate limits on queries based on IPs and IP ranges can be readily applied.
• Accuracy auditor: To ensure the accuracy of the information served by the WHOIS servers, a daily audit is done between the SRS information and the WHOIS responses for the domain names which are updated during the last 24-hour period. Any discrepancies are resolved proactively.
• Modular design: The WHOIS system allows for filtering and translation of data elements between the SRS and the WHOIS database to allow for customizations.
• Scalable architecture: The WHOIS system is scalable and has a very small footprint. Depending on the query volume, the deployment size can grow and shrink quickly.
• Flexible: It is flexible enough to accommodate thin, thick, or modified thick models and can accommodate any future ICANN policy, such as different information display levels based on user categorization
• SRS master database: The SRS database is the main persistent store of the Registry information. The Update Agent computes what WHOIS updates need to be pushed out. A publish-subscribe mechanism then takes these incremental updates and pushes to all the WHOIS slaves that answer queries.

26.3 Compliance with RFC and Specifications 4 and 10
Neustar has been running thick-WHOIS Services for over 10+ years in full compliance with RFC 3912 and with Specifications 4 and 10 of the Registry Agreement. RFC 3912 is a simple text based protocol over TCP that describes the interaction between the server and client on port 43. Neustar built a home-grown solution for this service. It processes millions of WHOIS queries per day.
Table 26-1 describes Neustar’s compliance with Specifications 4 and 10.
Neustar ensures compliance with all RFCs through a variety of processes and procedures. Members from the engineering and standards teams actively monitor and participate in the development of RFCs that impact the registry services, including those related to WHOIS. When new RFCs are introduced or existing ones are updated, the team performs a full compliance review of each system impacted by the change. Furthermore, all code releases include a full regression test that includes specific test cases to verify RFC compliance.

26.4 High-level WHOIS System Description
26.4.1 WHOIS Service (port 43)
The WHOIS service is responsible for handling port 43 queries. Our WHOIS is optimized for speed using an in-memory database and master-slave architecture between the SRS and WHOIS slaves. The WHOIS service also has built-in support for IDN. If the domain name being queried is an IDN, the returned results include the language of the domain name, the domain name’s UTF-8 encoded representation along with the Unicode code page.

26.4.2 Web Page for WHOIS queries
In addition to the WHOIS Service on port 43, Neustar provides a web based WHOIS application. It is an intuitive and easy to use application for the general public to use. WHOIS web application provides all of the features available in the port 43 WHOIS. This includes full and partial search on:
• Domain names
• Nameservers
• Registrant, Technical and Administrative Contacts
• Registrars
It also provides features not available on the port 43 service.These include:
1. Redemption Grace Period calculation: Based on the registry’s policy, domains in pendingDelete can be restorable or scheduled for release depending on the date⁄time the domain went into pendingDelete. For these domains, the web based WHOIS displays “Restorable” or “Scheduled for Release” to clearly show this additional status to the user.
2. Extensive support for international domain names (IDN)
3. Ability to perform WHOIS lookups on the actual Unicode IDN
4. Display of the actual Unicode IDN in addition to the ACE-encoded name
5. A Unicode to Punycode and Punycode to Unicode translator
6. An extensive FAQ
7. A list of upcoming domain deletions

26.5 IT and Infrastructure Resources
As described above the WHOIS architecture uses a workflow that decouples the update process from the SRS.This ensures SRS performance is not adversely affected by the load requirements of dynamic updates. It is also decoupled from the WHOIS lookup agent to ensure the WHOIS service is always available and performing well for users. Each of Neustar’s geographically diverse WHOIS sites use:
• Firewalls, to protect this sensitive data
• Dedicated servers for MQ Series, to ensure guaranteed delivery of WHOIS updates
• Packetshaper for source IP address-based bandwidth limiting
• Load balancers to distribute query load
• Multiple WHOIS servers for maximizing the performance of WHOIS service.
The WHOIS service uses HP BL 460C servers, each with 2 X Quad Core CPU and a 64GB of RAM. The existing infrastructure has 6 servers, but is designed to be easily scaled with additional servers should it be needed.
Figure 26-1 depicts the different components of the WHOIS architecture.

26.6 Interconnectivity with Other Registry System
As described in Question 24 about the SRS and further in response to Question 31, “Technical Overview”, when an update is made by a registrar that impacts WHOIS data, a trigger is sent to the WHOIS system by the external notifier layer.The update agent processes these updates, transforms the data if necessary and then uses messaging oriented middleware to publish all updates to each WHOIS slave.The local update agent accepts the update and applies it to the local in-memory database. A separate auditor compares the data in WHOIS and the SRS daily and monthly to ensure accuracy of the published data.

26.7 Frequency of Synchronization between Servers Updates from the SRS, through the external notifiers, to the constellation of independent WHOIS slaves happens in real-time via an asynchronous publish⁄subscribe messaging architecture. The updates are guaranteed to be updated in each slave within the required SLA of 95% = 60 minutes. Please note that Neustar’s current architecture is built towards the stricter SLAs (95% = 15 minutes) of .BIZ. The vast majority of updates tend to happen within 2-3 minutes.

26.8 Provision for Searchable WHOIS Capabilities
Neustar will create a new web-based service to address the new search features based on requirements specified in Specification 4 Section 1.8. The application will include precautions to avoid abuse and will enable users to search the WHOIS directory using any one or more of the following fields:

• Domain name
• Registrar ID
• Contacts and registrant’s name
• Contact and registrant’s postal address, including all the sub-fields described in EPP (e.g., street, city, state or province, etc.)
• Name server name and name server IP address
• The system will also allow search using non-Latin character sets which are compliant with IDNA specification.

The user will choose one or more search criteria, combine them by Boolean operators (AND, OR, NOT) and provide partial or exact match regular expressions for each of the criterion name-value pairs. The domain names matching the search criteria will be returned to the user.
Figure 26-2 shows an architectural depiction of the new service.

To mitigate the risk of this powerful search service being abused by unscrupulous data miners, a layer of security will be built around the query engine which will allow the registry to identify rogue activities and then take appropriate measures. Potential abuses include, but are not limited to:
• Data Mining
• Unauthorized Access
• Excessive Querying
• Denial of Service Attacks
To mitigate the abuses noted above, Neustar will implement any or all of these mechanisms as appropriate:
• Username-password based authentication
• Certificate based authentication
• Data encryption
• CAPTCHA mechanism to prevent robo invocation of Web query
• Fee-based advanced query capabilities for premium customers.

The searchable WHOIS application will adhere to all privacy laws and policies of the Applicant’s registry.

26.9 Resourcing Plans
As with the SRS, the development, customization, and on-going support of the WHOIS service is the responsibility of a combination of technical and operational teams. The primary groups responsible for managing the service include:
• Development⁄Engineering – 19 employees
• Database Administration – 10 employees
• Systems Administration – 24 employees
• Network Engineering – 5 employees
Additionally, if customization or modifications are required, the Product Management and Quality Assurance teams will also be involved. Finally, the Network Operations and Information Security play an important role in ensuring the systems involved are operating securely and reliably. The necessary resources will be pulled from the pool of available resources described in detail in the response to Question 31. Neustar’s WHOIS implementation is very mature, and has been in production for over 10 years. As such, very little new development will be required to support the implementation of the Applicant’s registry. The resources are more than adequate to support the WHOIS needs of all the TLDs operated by Neustar, including the Applicant’s registry.
-end-
gTLDFull Legal NameE-mail suffixDetail
.soccerSoccer United Marketing, LLCMLSsoccer.comView
26.1 Introduction

For the .soccer TLD, Soccer United Marketing, LLC (“SUM”) recognizes the importance of an accurate, reliable, and up-to-date WHOIS database to governments, law enforcement, intellectual property holders and the public as a whole and is firmly committed to complying with all of the applicable WHOIS specifications for data objects, bulk access, and lookups as defined in Specifications 4 and 10 to the Registry Agreement. SUM’s back-end registry services provider, Neustar, has extensive experience providing ICANN and RFC-compliant WHOIS services for each of the TLDs that it operates both as a Registry Operator for gTLDs, ccTLDs and back-end registry services provider. As one of the first “thick” registry operators in the gTLD space, Neustar’s WHOIS service has been designed from the ground up to display as much information as required by a TLD and respond to a very stringent availability and performance requirement.

Some of the key features of the .soccer TLD solution include:

•Fully compliant with all relevant RFCs including 3912
•Production proven, highly flexible, and scalable with a track record of 100% availability over the past 10 years
•Exceeds current and proposed performance specifications
•Supports dynamic updates with the capability of doing bulk updates
•Geographically distributed sites to provide greater stability and performance
•In addition, the.soccer TLD’s thick-WHOIS solution also provides for additional search capabilities and mechanisms to mitigate potential forms of abuse as discussed below. (e.g., IDN, registrant data).

26.2 Software Components

The WHOIS architecture comprises the following components:

•An in-memory database local to each WHOIS node: To provide for the performance needs, the WHOIS data is served from an in-memory database indexed by searchable keys.
•Redundant servers: To provide for redundancy, the WHOIS updates are propagated to a cluster of WHOIS servers that maintain an independent copy of the database.
•Attack resistant: To ensure that the WHOIS system cannot be abused using malicious queries or DOS attacks, the WHOIS server is only allowed to query the local database and rate limits on queries based on IPs and IP ranges can be readily applied.
•Accuracy auditor: To ensure the accuracy of the information served by the WHOIS servers, a daily audit is done between the SRS information and the WHOIS responses for the domain names which are updated during the last 24-hour period. Any discrepancies are resolved proactively.
•Modular design: The WHOIS system allows for filtering and translation of data elements between the SRS and the WHOIS database to allow for customizations.
•Scalable architecture: The WHOIS system is scalable and has a very small footprint. Depending on the query volume, the deployment size can grow and shrink quickly.
•Flexible: It is flexible enough to accommodate thin, thick, or modified thick models and can accommodate any future ICANN policy, such as different information display levels based on user categorization.
•SRS master database: The SRS database is the main persistent store of the Registry information. The Update Agent computes what WHOIS updates need to be pushed out. A publish-subscribe mechanism then takes these incremental updates and pushes to all the WHOIS slaves that answer queries.

26.3 Compliance with RFC and Specifications 4 and 10

Neustar has been running thick-WHOIS Services for over 10+ years in full compliance with RFC 3912 and with Specifications 4 and 10 of the Registry Agreement.RFC 3912 is a simple text based protocol over TCP that describes the interaction between the server and client on port 43. Neustar built a home-grown solution for this service. It processes millions of WHOIS queries per day.
Table 26-1 describes Neustar’s compliance with Specifications 4 and 10.

Neustar ensures compliance with all RFCs through a variety of processes and procedures. Members from the engineering and standards teams actively monitor and participate in the development of RFCs that impact the registry services, including those related to WHOIS. When new RFCs are introduced or existing ones are updated, the team performs a full compliance review of each system impacted by the change. Furthermore, all code releases include a full regression test that includes specific test cases to verify RFC compliance.

26.4 High-level WHOIS System Description

26.4.1 WHOIS Service (port 43)
The WHOIS service is responsible for handling port 43 queries. Our WHOIS is optimized for speed using an in-memory database and master-slave architecture between the SRS and WHOIS slaves.
The WHOIS service also has built-in support for IDN. If the domain name being queried is an IDN, the returned results include the language of the domain name, the domain name’s UTF-8 encoded representation along with the Unicode code page.

26.4.2 Web Page for WHOIS queries
In addition to the WHOIS Service on port 43, Neustar provides a web based WHOIS application (www.whois.soccer). It is an intuitive and easy to use application for the general public to use. WHOIS web application provides all of the features available in the port 43 WHOIS. This includes full and partial search on:

•Domain names
•Nameservers
•Registrant, Technical and Administrative Contacts
•Registrars

It also provides features not available on the port 43 service. These include:

1. Redemption Grace Period calculation: Based on the registry’s policy, domains in pendingDelete can be restorable or scheduled for release depending on the date⁄time the domain went into pendingDelete. For these domains, the web based WHOIS displays “Restorable” or “Scheduled for Release” to clearly show this additional status to the user.

2. Extensive support for international domain names (IDN)

3. Ability to perform WHOIS lookups on the actual Unicode IDN

4. Display of the actual Unicode IDN in addition to the ACE-encoded name

5. A Unicode to Punycode and Punycode to Unicode translator

6. An extensive FAQ

7. A list of upcoming domain deletions

26.5 IT and Infrastructure Resources

As described above the WHOIS architecture uses a workflow that decouples the update process from the SRS. This ensures SRS performance is not adversely affected by the load requirements of dynamic updates. It is also decoupled from the WHOIS lookup agent to ensure the WHOIS service is always available and performing well for users. Each of Neustar’s geographically diverse WHOIS sites use:

•Firewalls, to protect this sensitive data
•Dedicated servers for MQ Series, to ensure guaranteed delivery of WHOIS updates
•Packetshaper for source IP address-based bandwidth limiting
•Load balancers to distribute query load
•Multiple WHOIS servers for maximizing the performance of WHOIS service.

The WHOIS service uses HP BL 460C servers, each with 2 X Quad Core CPU and a 64GB of RAM. The existing infrastructure has 6 servers, but is designed to be easily scaled with additional servers should it be needed.
Figure 26-1 depicts the different components of the WHOIS architecture.

26.6 Interconnectivity with Other Registry System

As described in Question 24 about the SRS and further in response to Question 31, “Technical Overview”, when an update is made by a registrar that impacts WHOIS data, a trigger is sent to the WHOIS system by the external notifier layer. The update agent processes these updates, transforms the data if necessary and then uses messaging oriented middleware to publish all updates to each WHOIS slave. The local update agent accepts the update and applies it to the local in-memory database. A separate auditor compares the data in WHOIS and the SRS daily and monthly to ensure accuracy of the published data.

26.7 Frequency of Synchronization between Servers
Updates from the SRS, through the external notifiers, to the constellation of independent WHOIS slaves happens in real-time via an asynchronous publish⁄subscribe messaging architecture. The updates are guaranteed to be updated in each slave within the required SLA of 95% ≤ 60 minutes. Please note that Neustar’s current architecture is built towards the stricter SLAs (95% ≤ 15 minutes) of .BIZ. The vast majority of updates tend to happen within 2-3 minutes.

26.8 Provision for Searchable WHOIS Capabilities
Neustar will create a new web-based service to address the new search features based on requirements specified in Specification 4 Section 1.8. The application will enable users to search the WHOIS directory using any one or more of the following fields:

•Domain name
•Registrar ID
•Contacts and registrant’s name
•Contact and registrant’s postal address, including all the sub-fields described in EPP (e.g., street, city, state or province, etc.)
•Name server name and name server IP address
•The system will also allow search using non-Latin character sets which are compliant with IDNA specification.

The user will choose one or more search criteria, combine them by Boolean operators (AND, OR, NOT) and provide partial or exact match regular expressions for each of the criterion name-value pairs. The domain names matching the search criteria will be returned to the user.
Figure 26-2 shows an architectural depiction of the new service.

To mitigate the risk of this powerful search service being abused by unscrupulous data miners, a layer of security will be built around the query engine which will allow the registry to identify rogue activities and then take appropriate measures. Potential abuses include, but are not limited to:

•Data Mining
•Unauthorized Access
•Excessive Querying
•Denial of Service Attacks

To mitigate the abuses noted above, Neustar will implement any or all of these mechanisms as appropriate:

•Username-password based authentication
•Certificate based authentication
•Data encryption
•CAPTCHA mechanism to prevent robo invocation of Web query
•Fee-based advanced query capabilities for premium customers.

The searchable WHOIS application will adhere to all privacy laws and policies of the .soccer registry.

26.9 Resourcing Plans
As with the SRS, the development, customization, and on-going support of the WHOIS service is the responsibility of a combination of technical and operational teams. The primary groups responsible for managing the service include:

•Development⁄Engineering – 19 employees
•Database Administration – 10 employees
•Systems Administration – 24 employees
•Network Engineering – 5 employees

Additionally, if customization or modifications are required, the Product Management and Quality Assurance teams will also be involved. Finally, the Network Operations and Information Security play an important role in ensuring the systems involved are operating securely and reliably. The necessary resources will be pulled from the pool of available resources described in detail in the response to Question 31. Neustar’s WHOIS implementation is very mature, and has been in production for over 10 years. As such, very little new development will be required to support the implementation of the .soccer registry. The resources are more than adequate to support the WHOIS needs of all the TLDs operated by Neustar, including the .soccer registry.