I think, briefly, that we need to force Verisign and the registrars to be FAR more public about the backend process for WHOIS data and for the TLD zone data. Especially with .com, .net, and probably .org, and this latest failure of 'the system' and the obvious lack of information on 'the system.'
It's clearly broken, and needs to be put up for public review by 'the powers that be' so that it can be fixed. What's happening now feels close to a boiler room poker game, noone seems to know all the players, and even fewer know all the rules, so in the end everyone is a loser.
I know this is adding fuel to the proverbial fire, but apparently we need to burn out this thing so we don't get scorched by yet another unexpected fire.
[second posting attempt, apologies if the first
identical post ever arrives]
It's clearly broken, and needs to be put up for
public review by 'the powers that be' so that it can
be fixed. What's happening now feels close to a
boiler room poker game, noone seems to know all the
players, and even fewer know all the rules, so in the
end everyone is a loser.
i suspect part of the reason for it feeling this way
is because of the large amounts of money that are made
specifically off of the .com and the .net registries.
~$1.2 _billion_ for .com and ~$30 million for .net
annually (numbers from the following article). for
what? the actual costs involved in administering
these databases can't be anywhere near the revenue
generated. the public is being bled for the greed of
a few (as usual), imho.
anyhow, it also makes me wonder about the motivations
behind this incident coming so close to the
application deadline for administration of the .net
registry ($30 million/year x 6 years minimum =
$180,000,000). i dislike conspiracy theories but i'm
also a realpolitiker.
david
For what it is worth, some consider the .de whois server broken; see
below. Let's note that the new RFC (3912) doesn't mention the "help
methodology" anymore.
-------- Begin Quote --------
The .DE whois server is broken. I should be able to telnet to the
WHOIS server on the whois port, send it a domain, and get results. If
I do that, I get:
$ telnet whois.denic.de whois
Trying 81.91.162.7...
Connected to whois.denic.de.
Escape character is '^]'.
denic.de
domain: denic.de
status: connect
Connection closed by foreign host.
The only way to get "real" data out of the .DE whois server is to use
cryptic options:
$ telnet whois.denic.de whois
Trying 81.91.162.7...
Connected to whois.denic.de.
Escape character is '^]'.
-T dn,ace -C US-ASCII denic.de
% Copyright (c)2004 by DENIC
% Version: 1.00.0
%
% Restricted rights.
[.... snip ....]
Further, these options are not documented anywhere, because the usual
"help" methodology, as documented by the RFC, doesn't work:
$ telnet whois.denic.de whois
Trying 81.91.162.7...
Connected to whois.denic.de.
Escape character is '^]'.
?
domain: ?
status: invalid
Connection closed by foreign host.
lionel@mamane.lu (Lionel Elie Mamane) wrote:
> A nonprofit firm in Frankfurt, Denic eG, which manages Germany's
> eight million registered .de domain names, has also indicated that
> it is planning to bid.
For what it is worth, some consider the .de whois server broken; see
below. Let's note that the new RFC (3912) doesn't mention the "help
methodology" anymore.
And some call this not broken but necessary. I can explain off-list,
if you like.
The .DE whois server is broken. I should be able to telnet to the
WHOIS server on the whois port, send it a domain, and get results.
You are getting results.
$ telnet whois.denic.de whois
Trying 81.91.162.7...
Connected to whois.denic.de.
Escape character is '^]'.
denic.de
domain: denic.de
status: connect
Connection closed by foreign host.
Further, these options are not documented anywhere, because the usual
"help" methodology, as documented by the RFC, doesn't work:
http://www.denic.de/en/domains/technik/denic_whois-server/index.html
(Easily found by searching for "whois", first hit - yes, I know, it's ugly,
but you're still not telling the truth which is my point here)
$ telnet whois.denic.de whois
Trying 81.91.162.7...
Connected to whois.denic.de.
Escape character is '^]'.
?
domain: ?
status: invalid
Which is defined in what RfC?
If it is, I will gladly tell the folks to implement it.
Anyway, I see your point in that server being somewhat problematic if
you need more than "free/used"; yet the information is there, and
someone who really needs more info has no hard time finding the docs.
Yours,
Elmar.
RFC 954, which has recently (September 2004) been obsoleted by RFC
3912, which doesn't mention it anymore.
lionel@mamane.lu (Lionel Elie Mamane) wrote:
>> $ telnet whois.denic.de whois
>> Trying 81.91.162.7...
>> Connected to whois.denic.de.
>> Escape character is '^]'.
>> ?
>> domain: ?
>> status: invalid
> Which is defined in what RfC?
RFC 954, which has recently (September 2004) been obsoleted by RFC
3912, which doesn't mention it anymore.
Yes, one could have seen that. I'll take the issue to the people involved.
Yours,
Elmar.
(Btw: "HELP" works...)
> > eight million registered .de domain names, has also indicated that
> > it is planning to bid.
>
> For what it is worth, some consider the .de whois server broken; see
> below. Let's note that the new RFC (3912) doesn't mention the "help
> methodology" anymore.
And some call this not broken but necessary. I can explain off-list,
if you like.
Why off-list? Just tell that you want to support multi-lingual domain names.
> Further, these options are not documented anywhere, because the usual
> "help" methodology, as documented by the RFC, doesn't work:
http://www.denic.de/en/domains/technik/denic_whois-server/index.html
(Easily found by searching for "whois", first hit - yes, I know, it's ugly,
but you're still not telling the truth which is my point here)
I believe he meant that URL should be presented as part of normal whois
answer. While me and others who "care" have already found it long ago,
you can't expect that of people who might do one denic lookup per year
> $ telnet whois.denic.de whois
> Trying 81.91.162.7...
> Connected to whois.denic.de.
> Escape character is '^]'.
> ?
> domain: ?
> status: invalid
Which is defined in what RfC?
If it is, I will gladly tell the folks to implement it.
? should produce documentation on how to use your whois server and what
options it supports. However I've not seen many implement it and it
and in fact recent RFC3912 on whois does not even mention it any more.
But please don't take it that you should not implement it, if its no
big deal (and for most its not), then please present text-only copy
of documentation for most important options. And in general because
most people do not even know about "?", please just present URL to
documentation in all other queries.
Hi William,
> And some call this not broken but necessary. I can explain off-list,
> if you like.
Why off-list? Just tell that you want to support multi-lingual domain names.
There are a couple more reasons, and I'm not sure it's NANOG business 
I believe he meant that URL should be presented as part of normal whois
answer. While me and others who "care" have already found it long ago,
you can't expect that of people who might do one denic lookup per year
True. But if this lookup is so important, they are easily willing to try
the website. Of course, it's not nice, giving no hint at all. I've told
the folks here, maybe they'll insert a comment or something.
But please don't take it that you should not implement it, if its no
big deal (and for most its not), then please present text-only copy
of documentation for most important options. And in general because
most people do not even know about "?", please just present URL to
documentation in all other queries.
"Be generous in what you accept..." Yup 
Yours,
Elmar.
PS: Btw, "HELP" works...
a message of 61 lines which said:
Further, these options are not documented anywhere,
In the man page of GNU whois
When querying \fIwhois.denic.de\fP for domain names, the program will
automatically add the flags \fI-T dn,ace -C US-ASCII\fP.
.P
Remember that the whois protocol is a mess. May be IRIS will fix that.
For those concerned with IRIS, please take time to review the documents listed at the bottom of this page:
http://www.ietf.org/html.charters/crisp-charter.html
RFCs 3981, 3982, 3983 represent the review of the entire IETF (tacitly by most). Although these are "permanent" documents, it is never too late to read and comment on them. Revisions happen.
The document for the RIR's (ARIN, et.al.) hasn't completed its review, it can be seen at:
http://www.ietf.org/internet-drafts/draft-ietf-crisp-iris-areg-09.txt
and there's a related draft at:
http://www.ietf.org/internet-drafts/draft-ietf-crisp-iris-areg-urires-00.txt
It's never too late to comment on a protocol, although it maybe too late to comment on a document.