Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap-query-00.txt
Dave Piscitello <dave.piscitello@icann.org> Mon, 30 April 2012 16:01 UTC
Return-Path: <dave.piscitello@icann.org>
X-Original-To: weirds@ietfa.amsl.com
Delivered-To: weirds@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 650C321F85D1 for <weirds@ietfa.amsl.com>; Mon, 30 Apr 2012 09:01:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 589MjRSnb3Cb for <weirds@ietfa.amsl.com>; Mon, 30 Apr 2012 09:01:49 -0700 (PDT)
Received: from EXPFE100-1.exc.icann.org (expfe100-1.exc.icann.org [64.78.22.236]) by ietfa.amsl.com (Postfix) with ESMTP id B296F21F8594 for <weirds@ietf.org>; Mon, 30 Apr 2012 09:01:49 -0700 (PDT)
Received: from EXVPMBX100-1.exc.icann.org ([64.78.22.232]) by EXPFE100-1.exc.icann.org ([64.78.22.236]) with mapi; Mon, 30 Apr 2012 09:01:45 -0700
From: Dave Piscitello <dave.piscitello@icann.org>
To: "Hollenbeck, Scott" <shollenbeck@verisign.com>
Date: Mon, 30 Apr 2012 09:01:39 -0700
Thread-Topic: [weirds] I-D Action: draft-hollenbeck-dnrd-ap-query-00.txt
Thread-Index: Ac0m6oqC4O6kVAEmR/qNbquGtKh+4Q==
Message-ID: <82189D85-608F-4FC0-8DF4-51D343CF51C6@icann.org>
References: <831693C2CDA2E849A7D7A712B24E257F0D5F47A3@BRN1WNEXMBX01.vcorp.ad.vrsn.com> <831693C2CDA2E849A7D7A712B24E257F0D5F4898@BRN1WNEXMBX01.vcorp.ad.vrsn.com>
In-Reply-To: <831693C2CDA2E849A7D7A712B24E257F0D5F4898@BRN1WNEXMBX01.vcorp.ad.vrsn.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-pgp-agent: GPGMail 1.3.3
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "weirds@ietf.org" <weirds@ietf.org>
Subject: Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap-query-00.txt
X-BeenThere: weirds@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "WHOIS-based Extensible Internet Registration Data Service \(WEIRDS\)" <weirds.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/weirds>, <mailto:weirds-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/weirds>
List-Post: <mailto:weirds@ietf.org>
List-Help: <mailto:weirds-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/weirds>, <mailto:weirds-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Apr 2012 16:01:52 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 These would be interesting in a number of malicious registration/forensics scenarios. For example, think about DGAs that generate names across multiple registries (like Conficker). Now think about trying to pattern match to see if there is a common registrar being used or exploited. Since many information flows identify IP addresses initially and either resolve to names later or not at all, I suspect that this, too, would be valuable for any investigator. These would also be extremely valuable if consensus policy were to consider and add reseller objects to the data model. This is my personal opinion and speculative as well. My company and members of the broader community may think differently. On Apr 30, 2012, at 11:09 AM, Hollenbeck, Scott wrote: >> -----Original Message----- >> From: weirds-bounces@ietf.org [mailto:weirds-bounces@ietf.org] On >> Behalf Of Hollenbeck, Scott >> Sent: Monday, April 30, 2012 9:57 AM >> To: weirds@ietf.org >> Subject: [weirds] FW: I-D Action: draft-hollenbeck-dnrd-ap-query-00.txt >> >> FYI, all. This is the first cut at a draft to describe a query protocol >> for name registries. Another document (or documents) to describe >> response formats is in the works. > > I've received a private note from someone suggesting that queries for registrar objects by ID and hosts by IP address should be included in this draft. Does that sound reasonable? > > Scott > _______________________________________________ > weirds mailing list > weirds@ietf.org > https://www.ietf.org/mailman/listinfo/weirds -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJPnrdoAAoJEGwWiPOSXEFNexYH/2b7UdT43DojdsWGfzyqiW/A +I9RIEYrcj7cD2R1bFahVtzk9HkbEWLI2LVjPMSHNqH4WrWknP3c/6HpxYtPJL+F 7g3Pecgc8ZeNI6f852FQ6xc5q80lfuBb6+cJf0TQASj/cpLlAelYH6aiGiRLcTW+ yVGbbIQAUBDvqk1T+PNmgZNKk4rP9V1+sSUWVlvlWH14UL89qforx5fuCXKmg+1Z 8qbAqBOwHXs90ZDfihEqGYg7BpNBhyhUUa5aUGVlZVklYpBgZlKPgVoKYXHUp7Hk mliKx4dORwktr/6H0S5EgpNBv6v0vdrrz/8HWIpaVprWJB1HSFZGytyJiNVcbm8= =gKA9 -----END PGP SIGNATURE-----
- [weirds] FW: I-D Action: draft-hollenbeck-dnrd-ap… Hollenbeck, Scott
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Hollenbeck, Scott
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Andy Newton
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Francisco Obispo
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Dave Piscitello
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Eric Brunner-Williams
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Dave Piscitello
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Byron Ellacott
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… John Levine
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… John Levine
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Murray S. Kucherawy
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Murray S. Kucherawy
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… James Mitchell
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Antoin Verschuren
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Dave Piscitello
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Dave Piscitello
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Dave Piscitello
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Eric Brunner-Williams
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Andy Newton
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Patrick Vande Walle
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Don Blumenthal
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Murray S. Kucherawy
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Michael Young
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Michael Young
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Dave Piscitello
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Andrew Sullivan
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Andy Newton
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Arturo Servin
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Arturo Servin
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Kaveh Ranjbar
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… John R. Levine
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… John R. Levine
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… SM
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Dave Piscitello
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Eric Brunner-Williams
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Hollenbeck, Scott
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Antoin Verschuren
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Murray S. Kucherawy
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Andy Newton
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Arturo Servin
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Hollenbeck, Scott
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Arturo Servin
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Hollenbeck, Scott
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Arturo Servin
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Byron Ellacott
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… John Levine
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Linlin Zhou
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Eric Brunner-Williams
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Andrew Sullivan
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Ray Bellis
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Patrick Vande Walle
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Andrew Sullivan
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… John Levine
- Re: [weirds] I-D Action: draft-hollenbeck-dnrd-ap… Eric Brunner-Williams
- [weirds] Scope and guiding principles (was Re: I-… Francisco Arias
- [weirds] Lookups vs Searches (was Re: I-D Action:… Francisco Arias
- Re: [weirds] Scope and guiding principles (was Re… Marc Blanchet
- Re: [weirds] Scope and guiding principles (was Re… Eric Brunner-Williams
- Re: [weirds] Scope and guiding principles (was Re… Peter Koch
- Re: [weirds] Scope and guiding principles (was Re… Dave Piscitello
- Re: [weirds] Lookups vs Searches (was Re: I-D Act… Gavin Brown
- Re: [weirds] Scope and guiding principles (was Re… Murray S. Kucherawy
- Re: [weirds] Scope and guiding principles (was Re… Marc Blanchet
- Re: [weirds] Lookups vs Searches (was Re: I-D Act… Arturo Servin
- Re: [weirds] Scope and guiding principles (was Re… Arturo Servin
- [weirds] Query Parameters Hollenbeck, Scott
- Re: [weirds] Query Parameters Ray Bellis
- Re: [weirds] Scope and guiding principles (was Re… Eric Brunner-Williams
- Re: [weirds] Lookups vs Searches (was Re: I-D Act… Andy Newton
- Re: [weirds] Scope and guiding principles (was Re… Andy Newton
- Re: [weirds] Query Parameters Andy Newton
- Re: [weirds] Lookups vs Searches (was Re: I-D Act… Luis Diego Espinoza S.
- Re: [weirds] Query Parameters Eric Brunner-Williams
- Re: [weirds] Query Parameters Hollenbeck, Scott
- Re: [weirds] Query Parameters Andy Newton
- Re: [weirds] Query Parameters Hollenbeck, Scott
- Re: [weirds] Lookups vs Searches (was Re: I-D Act… Hugo Salgado
- Re: [weirds] Scope and guiding principles (was Re… John Levine
- Re: [weirds] Scope and guiding principles (was Re… John Levine
- Re: [weirds] Query Parameters John Levine
- Re: [weirds] Scope and guiding principles (was Re… Francisco Arias
- Re: [weirds] Query Parameters Francisco Arias
- Re: [weirds] Query Parameters Steve Sheng
- Re: [weirds] Query Parameters Eric Brunner-Williams
- Re: [weirds] Query Parameters Hollenbeck, Scott
- Re: [weirds] Query Parameters Frederico A C Neves
- Re: [weirds] Scope and guiding principles (was Re… Antoin Verschuren
- Re: [weirds] Query Parameters Antoin Verschuren
- Re: [weirds] Scope and guiding principles Jim Galvin
- Re: [weirds] Lookups vs Searches (was Re: I-D Act… Jim Galvin
- Re: [weirds] Scope and guiding principles (was Re… Eric Brunner-Williams