[dns-operations] registry policies on rate-limiting whois

Jim Reid jim at rfc1035.com
Sat Jun 10 13:58:23 UTC 2017


On 10 Jun 2017, at 13:59, John Levine <johnl at taugh.com> wrote:
> 
> In article <09BD6BB0-00AA-43B7-BC8B-BECF6F3FA4C0 at rfc1035.com> you write:
>> For instance, drop-catchers are known to make zillions of whois lookups to find out when domain names expire. Other
>> scumbags in the registrar business do this to mount phishing attacks at renewal time. Now these botttom feeders
>> could swamp the registry with EPP queries. But many don’t. They just use whois to harvest that data.
> 
> Since the information is not secret, there's no rule against
> drop-catching, and drop-carchers are not going away, how about coming
> up with a way to provide the info efficiently?

There are rules against that in ccTLD-land. Well, at least at some of these registries. They have to enforce local policy or legal obligations. I know of a few ccTLDs that have registration rules which prevent any sort of secondary market or speculation or trading in domain names. Their whois servers take a pounding too.

Even when more efficient ways of providing registration data are provided, it doesn’t necessarily stop the bottom feeders from continuing to hammer whois. For instance, a (sub-)reseller probably won’t have a signed a contract with the registry => no direct EPP channel to the registry or access to whatever more efficient ways might be provided by that registry => they wouldn't know or care about anything besides whois as a means of trawling for registration data.

> You don't have to like them, but you do have to live with them.

Well I don’t like infectious diseases. That doesn’t mean I should just give up and have to live with them. When they can’t be eliminated, I can choose to take precautions to avoid them or mitigate their impact.

In the context of domain name registrations those precautions can include national law, registry policies to prevent unsavoury behaviour like drop-catching and warehousing, rate limiting whois and EPP queries, locally agreed codes of conduct, etc, etc.

FWIW I have no opinion on whether any of these measures are a Good or Bad Thing.

[BTW apologies for a meaningful and relevant Subject: header.]





More information about the dns-operations mailing list