[HN Gopher] Whois: Fragile, Unparseable, Obsolete
___________________________________________________________________
Whois: Fragile, Unparseable, Obsolete
Author : ementally
Score : 83 points
Date : 2022-09-24 15:14 UTC (7 hours ago)
(HTM) web link (www.netmeister.org)
(TXT) w3m dump (www.netmeister.org)
| LinuxBender wrote:
| Does anyone here run their own whois for their own domains using
| srv records? If so, how many hits per day do you get? I'm curious
| because I have never seen anyone request _srv _nicname_.tcp._
| from my nameservers.
| duskwuff wrote:
| > Does anyone here run their own whois for their own domains
| using srv records?
|
| I don't think that's possible. WHOIS, by design, is controlled
| by the domain registry, which may delegate it to registrars --
| the owner of the domain may have some limited control over the
| contents (like the registrant information), but they don't get
| to control it fully, and I've certainly never seen a registrar
| delegate WHOIS to the domain owner.
| LinuxBender wrote:
| Makes sense. I've only ever seen it delegated when I would
| swip out a cidr block to a b2b customer and even then the
| people I interacted with never asked to run their own whois,
| only custom PTR delegation.
|
| I can not find any whois clients that support this expired
| ietf draft [1] so I assume it was abandoned.
|
| [1] - https://datatracker.ietf.org/doc/html/draft-sanz-whois-
| srv-0...
| [deleted]
| cdubzzz wrote:
| Here's a random thing I made for RDAP a long long time ago. It
| has lots of bugs but has come in handy from time to time:
| https://rdap-explorer.chris-wells.net/
| indigodaddy wrote:
| Interesting, was not aware of RDAP, thank you.
| sedatk wrote:
| This IP address breaks the service: https://rdap-
| explorer.chris-wells.net/144.122.199.20/results...
| cdubzzz wrote:
| Lots of IPs break it haha. Maybe now I'll take some time to
| look in to that...
| zanethomas wrote:
| once upon a time i wrote a whois server
| Fileformat wrote:
| I ran into the same issue but worked around it slightly
| differently: have my code use RDAP, and then have an RDAP->WHOIS
| proxy [1]. There are usually rate-limits on WHOIS, so public
| instances won't survive long, but it works for me and you can run
| locally.
|
| I also hunted (s/whois/rdap/g) around for undocumented RDAP
| servers and found a few. There are still a lot of TLDs without
| RDAP though [2].
|
| [1] https://rdap.redirect2.me/ (source at
| https://github.com/redirect2me/rdap-proxy)
|
| [2] https://resolve.rs/domains/rdap-missing.html
| superkuh wrote:
| Whois was killed off by the European Union passing the GDPR. It
| really changed how I use the internet for the worse. In the old
| days I could always at least send an email to a domain hosting a
| service. Now there's no default contact information and
| everything is behind walled gardens.
|
| Email was the great communicator. Removing it from WHOIS made the
| web more fragile and broken. But whois doesn't have to be that
| way and the problems are not intrinsic to whois. They are
| stemming from political interference done with good intentions
| but bad outcomes.
| dredmorbius wrote:
| Mentioned in TFA FWIW:
|
| _the ICANN [contact disclosure] requirement now does indeed
| conflict with modern privacy laws, such as the EU 's GDPR,
| meaning all domains registered by European registries are in
| violation of either GDPR or ICANN's requirement._
| dvh wrote:
| In a similar way ftp clients are guessing what is filename when
| they parse the output of "dir" command.
| teddyh wrote:
| FTP solved this in 2007 with RFC 3659, which includes the MLST
| command.
| tptacek wrote:
| One of many reasons FTP is moribund.
| alexott wrote:
| Yes, 100%. I'm trying to use registration information for
| cybersecurity stuff, and it's a mess. Some TLDs just doesn't
| provide that information or provide it only to registered
| accounts or only inside their country. Parsing is a mess. Many
| have rate limits, like .au has 20 requests/day, .cz - 100 day,
| but with delay of 3 minutes between requests, ...
| gayn1gga wrote:
| cloudyporpoise wrote:
| It's sad we can't improve and build modern APIs that can support
| load and querying and exactly why companies exist whose main
| business function is scraping services like WhoIs, Social Media,
| or Sites behind cloudflare.
| tptacek wrote:
| As the article observes, we can and are doing that: that's what
| RDAP is.
| brightball wrote:
| A few years back I tried building my own Whois parser and you're
| right, it's a mess. Before you even factor in all the fun rate
| limiting.
| illuminerdy wrote:
| I can't get the page to load for some reason, but I don't think
| whois is obsolete. I used it via command line to search for
| available domains when I was creating my blog. It was simple and
| effective for that purpose.
| billpg wrote:
| Why do domains have WHOIS records anyway? I get why IP blocks
| have it because machines actually _do_ things from behind IP
| addresses, but the only thing I 'm _doing_ from a domain name is
| stopping other people from using it.
|
| Someone is hosting copyrighted content? Look up that machine's
| IP-WHOIS.
|
| Someone is trying to DDOS me? Look up that machine's IP-WHOIS.
|
| Someone is holding a domain I want? If their answer is going to
| be anything other than a straight "no", they'll happily provide a
| way to be contacted.
|
| Please tell me how I'm wrong.
| tooltower wrote:
| It probably made more sense in the pre-web Internet, when not
| all domains were necessarily serving web traffic. Or had any
| obvious or standardized way of serving a "contact us" page.
| akira2501 wrote:
| The DNS SOA record has an RNAME field that is available to
| convey this information.
| teddyh wrote:
| See also the RP (Responsible Person) record; RFC 1183:
| https://www.rfc-editor.org/rfc/rfc1183.html
| layer8 wrote:
| A single IP can host many domains, each of which may have
| separate technical and administrative contacts. Conversely,
| different subdomains (and MX for email) can live on different
| IPs. If I use dyndns, there isn't any fixed relation between IP
| and domain at all. I happen to own several domains, but I don't
| own the IPs where they are hosted.
| openasocket wrote:
| Once worked on a whois scraping project and ran into a bunch of
| issues.
|
| One particularly fun story is how we might have broken a whois
| server. It was the country TLD server for some West African
| nation, I think Senegal but I'm not sure. We hit their server
| with like a hundred queries in rapid succession (to test what
| rate limiting approach they used) and requests started hanging.
| We switched IP addresses ... and still requests were hanging. We
| tried multiple IP addresses in totally different networks, all of
| them hung or timed out, even for a single request. A day later we
| retried and all of a sudden it started working again! From that
| point on we made sure to never do more than a couple requests a
| second to that particular domain.
|
| Also, any queries to one cc TLD (either Egypt or Ukraine, can't
| remember which) just returned "we don't provide information in
| whois requests" or something to that effect.
|
| GoDaddy didn't do traditional rate limiting. If you exceeded
| whatever their limit was they didn't just return an error
| message, they would blacklist your IP and for any query say
| "visit our website for information", and their website gated
| things behind a captcha.
| indigodaddy wrote:
| Speaking of fragile perhaps..
___________________________________________________________________
(page generated 2022-09-24 23:00 UTC)