IETF Logo Mail Archive

Re: [DNSOP] Proposal: Whois over DNS

Paul Wouters <paul@nohats.ca> Tue, 09 July 2019 01:01 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A66C6120278 for <dnsop@ietfa.amsl.com>; Mon, 8 Jul 2019 18:01:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4rNkOVR0S_mj for <dnsop@ietfa.amsl.com>; Mon, 8 Jul 2019 18:01:52 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05CA812024E for <dnsop@ietf.org>; Mon, 8 Jul 2019 18:01:50 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 45jPCv1hZZzCv1; Tue, 9 Jul 2019 03:01:47 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1562634107; bh=IZnYWpXJdZlmumfJGNN8DAolUSYb4gy6ULoW/BwPUPQ=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=ZPnna+k19hVYLab1jUg90tt7HJl404fJS1JKfUzbTnMg4lAB19DdNOUfKd0hSrLpB hKwRBKZcBM9VAhS92MIKDXxI6H3zPBmAovErwDRIIpGkvW//iK/SKbeEg39FTh1fZQ gJ4dMq6rw6QncuECMXyt7cvX7DpOi7pL6yJpjClU=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id YtFQuLxY4E07; Tue, 9 Jul 2019 03:01:45 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Tue, 9 Jul 2019 03:01:44 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 4D5116D05; Mon, 8 Jul 2019 21:01:43 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 4D5116D05
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 2C32740B82BE; Mon, 8 Jul 2019 21:01:43 -0400 (EDT)
Date: Mon, 08 Jul 2019 21:01:43 -0400
From: Paul Wouters <paul@nohats.ca>
To: John Bambenek <jcb=40bambenekconsulting.com@dmarc.ietf.org>
cc: dnsop@ietf.org
In-Reply-To: <1CA7BF1B-DF50-443B-9219-55259835FE23@bambenekconsulting.com>
Message-ID: <alpine.LRH.2.21.1907082043180.22495@bofh.nohats.ca>
References: <1CA7BF1B-DF50-443B-9219-55259835FE23@bambenekconsulting.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/MscCqxCbXiKRoFf5M_rrO3Jx0us>
Subject: Re: [DNSOP] Proposal: Whois over DNS
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jul 2019 01:01:56 -0000

On Mon, 8 Jul 2019, John Bambenek wrote:

An interresting idea, but ....

>   Domain contact information over DNS provides a vehicle for
>   exchanging contact information in a programmatic and reliable
>   manner. DNS has a ubiquitous presence within the internet
>   infrastructure and will act as a reliable publication method for
>   contact information exchange.

It's not really reliable in the case of malicious DNS. The point for me
for using whois is hardly ever to find a domain contact, but to find
a way to step beyond the malicious registrant. WHOIS/RDAP lets me jump
to the Registrar.

In the case where you would want to reach the domain for non-malicious
purposes, a contact form on their website or using the SOA record email
address would (and does) work fine.

Appendix A and the Copyright notice at the top conflict or repeat.

As for some technical points:

- The WHOIS/RDAP can be rate limited, DNS queries can't.
- WHOIS can be recorderd historically, for DNS queries this is much
   harder to do - especially if domains use a TTL=0 as default that
   also applies to these records.
- One cannot know where zone cuts are (public suffix problem), so
   mis-redirection can happen
- Which is more secure/valuable, the topmost _whois entries or the lower
   ones? eg _whois.toronto.nohats.ca or _whois.nohats.ca.

- Use example.com, not exampledomain.com (see RFC 2606)

- sub-types in TXT records

You put everything under _whois.example.com but then use sub-typing
within the TXT record. Wouldn't it be better to use the prefix instead
of subtyping,eg:

 	_name._admin._whois.example.com IN TXT "Dan Draper"
 	_tel._admin._whois.example.com IN TXT "+1-555-123-4567"
 	_name._billing._whois.example.com IN TXT "Peggy Olson"
 	_email._techical._whois.example.com IN TXT "staff@example.com"

This would avoid awkward references to "aname" (which might become an
RRTYPE) or "tname", etc.

- The use of "all" is also a bit awkward.


In the end, I feel this effort shares most of its issues with the
"security.txt" efforts of https://tools.ietf.org/html/draft-foudil-securitytxt
which I also thought was not a good idea. See the various discussions
on the saag list there for details on trustworthiness of information,
and the multiple locations of information problem, which are problems
present here as well.

Paul

v2.23.0 | Report a Bug | By Email