Re: [DNSOP] Proposal: Whois over DNS
John Bambenek <jcb@bambenekconsulting.com> Tue, 09 July 2019 01:32 UTC
Return-Path: <jcb@bambenekconsulting.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA01D12024E for <dnsop@ietfa.amsl.com>; Mon, 8 Jul 2019 18:32:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bambenekconsulting.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cDZcY5DR5vQz for <dnsop@ietfa.amsl.com>; Mon, 8 Jul 2019 18:32:34 -0700 (PDT)
Received: from chicago.bambenekconsulting.com (chicago.bambenekconsulting.com [99.198.96.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89AF11202F8 for <dnsop@ietf.org>; Mon, 8 Jul 2019 18:32:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=bambenekconsulting.com; s=default; h=To:References:Message-Id: Content-Transfer-Encoding:Cc:Date:In-Reply-To:From:Subject:Mime-Version: Content-Type:Sender:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=O7XnpmhnS3ORaWsMXV5baUl1cxPmErHWbRiEbxxm/oM=; b=ETXmzkQ79FzAvlQYrUHmqsLaF AU6q3gy8xNe4pa5cUfFqMKhSmtPJYc9ujd9VBzqeoJgjfcnjtHa7roFW5+jGaFjjKtzUUCJXlO3XQ JUnDPwXg28Rfy7wNIq/EIb7PAQ70CH1lKGfQpj340Iix81x3Ke8rf4YYlohgzE/tutNog=;
Received: from c-67-167-98-187.hsd1.il.comcast.net ([67.167.98.187]:51341 helo=[192.168.11.181]) by chicago.bambenekconsulting.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92) (envelope-from <jcb@bambenekconsulting.com>) id 1hkezf-0008Kk-0W; Mon, 08 Jul 2019 21:32:31 -0400
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (1.0)
From: John Bambenek <jcb@bambenekconsulting.com>
X-Mailer: iPhone Mail (16F203)
In-Reply-To: <alpine.LRH.2.21.1907082043180.22495@bofh.nohats.ca>
Date: Mon, 08 Jul 2019 20:32:30 -0500
Cc: dnsop@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <2154CD79-6DE9-46C7-B754-112302FB61C5@bambenekconsulting.com>
References: <1CA7BF1B-DF50-443B-9219-55259835FE23@bambenekconsulting.com> <alpine.LRH.2.21.1907082043180.22495@bofh.nohats.ca>
To: Paul Wouters <paul@nohats.ca>
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - chicago.bambenekconsulting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bambenekconsulting.com
X-Get-Message-Sender-Via: chicago.bambenekconsulting.com: authenticated_id: jcb@bambenekconsulting.com
X-Authenticated-Sender: chicago.bambenekconsulting.com: jcb@bambenekconsulting.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/s5OPv9zHpr2FUfm82u_1n59RSDs>
Subject: Re: [DNSOP] Proposal: Whois over DNS
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jul 2019 01:32:38 -0000
Below — John Bambenek On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sales@bambenekconsulting.com for details On Jul 8, 2019, at 20:01, Paul Wouters <paul@nohats.ca> wrote: > On Mon, 8 Jul 2019, John Bambenek wrote: > > An interresting idea, but .... > >> Domain contact information over DNS provides a vehicle for >> exchanging contact information in a programmatic and reliable >> manner. DNS has a ubiquitous presence within the internet >> infrastructure and will act as a reliable publication method for >> contact information exchange. > > It's not really reliable in the case of malicious DNS. The point for me > for using whois is hardly ever to find a domain contact, but to find > a way to step beyond the malicious registrant. WHOIS/RDAP lets me jump > to the Registrar. Reliable for what use case? Creating benevolent data artificially is hard. Whois/rdap WOULD let you jump to the registrar, but all the data will be redacted and odds are we won’t get access at all anyway. > > In the case where you would want to reach the domain for non-malicious > purposes, a contact form on their website or using the SOA record email > address would (and does) work fine. > If the website is owned, the contact form can’t be trusted. I know of no one who uses SOA for anything other than tracking and correlating domains. Odds are for the overwhelming majority of domains, SOA points to registrar or a non-existent or unmonitored mailbox. > Appendix A and the Copyright notice at the top conflict or repeat. Will fix. > > As for some technical points: > > - The WHOIS/RDAP can be rate limited, DNS queries can't. This is a feature, not a bug. > - WHOIS can be recorderd historically, for DNS queries this is much > harder to do - especially if domains use a TTL=0 as default that > also applies to these records. Whois CAN be recorded historically, but that data is inaccessible until DomainTools came along. In response, the registrars and registries (who consider Domaintools a criminal operation but oddly the criminals using their service they regard as clients) have used the smoke of GDPR to simply redact everything in whois. > - One cannot know where zone cuts are (public suffix problem), so > mis-redirection can happen Similar with whois today, no? > - Which is more secure/valuable, the topmost _whois entries or the lower > ones? eg _whois.toronto.nohats.ca or _whois.nohats.ca. Most specific, assuming you want toronto.nohats.ca as opposed to nohats.ca. But this is possible in DNS. It is not in whois. > > - Use example.com, not exampledomain.com (see RFC 2606) Ok will fix. > > - sub-types in TXT records > > You put everything under _whois.example.com but then use sub-typing > within the TXT record. Wouldn't it be better to use the prefix instead > of subtyping,eg: > > _name._admin._whois.example.com IN TXT "Dan Draper" > _tel._admin._whois.example.com IN TXT "+1-555-123-4567" > _name._billing._whois.example.com IN TXT "Peggy Olson" > _email._techical._whois.example.com IN TXT "staff@example.com" > > This would avoid awkward references to "aname" (which might become an > RRTYPE) or "tname", etc. Valid feedback. Submitting an I-D was the starting point to finalize a standard. It can be done any number if ways, in theory. The point is to come up with some consensus that makes sense. > > - The use of "all" is also a bit awkward. > Recommendation? > > In the end, I feel this effort shares most of its issues with the > "security.txt" efforts of https://tools.ietf.org/html/draft-foudil-securitytxt > which I also thought was not a good idea. See the various discussions > on the saag list there for details on trustworthiness of information, > and the multiple locations of information problem, which are problems > present here as well. > > Paul
- [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Bill Woodcock
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Steve Crocker
- Re: [DNSOP] Proposal: Whois over DNS Patrick Mevzek
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Bill Woodcock
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Bill Woodcock
- Re: [DNSOP] Proposal: Whois over DNS Patrick Mevzek
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Paul Wouters
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS william manning
- Re: [DNSOP] Proposal: Whois over DNS Vittorio Bertola
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Jim Reid
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Bjarni Rúnar Einarsson
- Re: [DNSOP] Proposal: Whois over DNS David Waitzman
- Re: [DNSOP] Proposal: Whois over DNS Joe Abley
- Re: [DNSOP] Proposal: Whois over DNS Ted Lemon
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Rubens Kuhl
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Paul Vixie
- Re: [DNSOP] Proposal: Whois over DNS Jim Reid
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Jim Reid
- Re: [DNSOP] Proposal: Whois over DNS Joe Abley
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Bjarni Rúnar Einarsson
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Ted Lemon
- Re: [DNSOP] Proposal: Whois over DNS Bjarni Rúnar Einarsson
- Re: [DNSOP] Proposal: Whois over DNS Jim Reid
- Re: [DNSOP] Proposal: Whois over DNS Steve Crocker
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Ted Lemon
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Ted Lemon
- Re: [DNSOP] Proposal: Whois over DNS Paul Wouters
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- [DNSOP] Proposal: Whois over DNS Steve Crocker
- Re: [DNSOP] Proposal: Whois over DNS Vittorio Bertola
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Bjarni Rúnar Einarsson
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Peter DeVries
- Re: [DNSOP] Proposal: Whois over DNS Ted Lemon
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Ted Lemon
- Re: [DNSOP] Proposal: Whois over DNS Jim Reid
- [DNSOP] dictionary of registration data elements Jim Reid
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Brian Dickson
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS George Michaelson
- Re: [DNSOP] Proposal: Whois over DNS Viktor Dukhovni
- Re: [DNSOP] Proposal: Whois over DNS Paul Vixie
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Paul Vixie
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Mark Andrews
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Philip Homburg
- Re: [DNSOP] Proposal: Whois over DNS Jim Reid
- Re: [DNSOP] Proposal: Whois over DNS Philip Homburg
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Philip Homburg
- Re: [DNSOP] Proposal: Whois over DNS Joe Abley
- Re: [DNSOP] Proposal: Whois over DNS David Conrad
- Re: [DNSOP] Proposal: Whois over DNS John Bambenek
- Re: [DNSOP] Proposal: Whois over DNS Michele Neylon - Blacknight
- Re: [DNSOP] Proposal: Whois over DNS Dr Eberhard W Lisse
- Re: [DNSOP] Proposal: Whois over DNS Michele Neylon - Blacknight