Dear SIG members,
Here is the Secretariat impact assessment for proposal “prop-163: Enhancing
WHOIS Transparency and Efficiency Through Referral Server Implementation” and
the same is also published at:
https://www.apnic.net/community/policy/proposals/prop-163/
The Secretariat notes that this proposal suggests to implementing WHOIS
Referral Server support so that transferred resource queries (e.g., ASN or IP
addresses) are automatically redirected to the appropriate RIR database, NIR
allocations can be easily accessed using a hierarchical system, and downstream
allocation data can be accessible, enhancing transparency and traceability.
Questions/Comments:
* Using RDAP instead of Whois is one way to address the first issue in the
problem statement: the secretariat-provided RDAP service provides redirects for
resources that belong to other RIRs, including for resources transferred
between RIRs. There is currently up to a 2-day delay in redirects being issued
correctly after a transfer has been processed, but this is an implementation
issue that can be resolved easily.
* For the second issue, NIRs that maintain their own standalone Whois
databases are also required to send that information to APNIC for publication
via APNIC’s Whois service, subject to the regulatory/legal constraints under
which they operate. The ‘source’ attribute in the Whois service response can be
used to identify such information as being part of an NIR’s Whois database.
NIRs that do not maintain their own standalone Whois database publish
downstream delegation information via APNIC’s Whois database directly.
* For the third issue, account holders can use MyAPNIC or the registry API
to publish downstream delegation information via APNIC’s Whois database.
* In some instances, an account holder may want to avoid sending downstream
delegation information to APNIC, due to that data then being available publicly
via APNIC’s Whois service. As per the current policy, Section 5.3 of the APNIC
Internet Number Resource Policies, resource holders can register assignment
information and may choose whether to designate this information as ‘public’ or
‘private’, with ‘private’ information being visible to the APNIC secretariat
only. This ‘private’ option may address the concerns that some account holders
have about sending this information to APNIC.
* Assuming that there is a need for account holders to run standalone
services for downstream allocation information, RDAP is likely to be a better
technical basis for a solution. RDAP supports redirects, is simple, and is
already widely deployed. RWhois, by contrast, is a very complex protocol that
is not widely used and has several technical deficiencies (e.g. unencrypted
transport by default) that RDAP does not have.
* As stated in Section 3.2.1 of the APNIC Internet Number Resource
Policies, the Secretariat along with resource holders, must consider privacy
considerations of their customers when publishing such information and actively
encouraging more detailed downstream allocation information would require a
careful balance with such privacy considerations.
Implementation:
This proposal may require changes to APNIC systems. If this proposal reaches
consensus, implementation may be completed within twelve (12) months.
Regards,
Sunny
APNIC Secretariat
On 13/01/2025 2:03 pm, Bertrand Cherrier via SIG-policy wrote:
Dear SIG members,
A new proposal "prop-163-v001: Enhancing WHOIS Transparency and Efficiency
Through Referral Server Implementation" has been sent to the Policy SIG for
review.
It will be presented at the Open Policy Meeting (OPM) at APNIC 59 on Wednesday,
26 February 2025.
https://conference.apnic.net/59/programme/programme/index.html#/day/8/
We invite you to review and comment on the proposal on the mailing list before
the OPM.
The comment period on the mailing list before the OPM is an important part of
the Policy Development Process (PDP). We encourage you to express your views on
the proposal:
- Do you support or oppose this proposal?
- Does this proposal solve a problem you are experiencing? If so,
tell the community about your situation.
- Do you see any disadvantages in this proposal?
- Is there anything in the proposal that is not clear?
- What changes could be made to this proposal to make it more effective?
Information about this proposal is appended below as well as available at:
http://www.apnic.net/policy/proposals/prop-163
Regards,
Bertrand, Shaila, and Ching-Heng
APNIC Policy SIG Chairs
-----------------------------------------------------------------------------------
prop-163-v001: Enhancing WHOIS Transparency and Efficiency Through Referral
Server
Implementation
-----------------------------------------------------------------------------------
Proposer:
Tsungyi Yu ([email protected]<mailto:[email protected]>)
1. Problem statement
-------------------------
The current APNIC WHOIS system does not address the following issues:
1. Inconsistent queries after resource transfers:
When an ASN is transferred from APNIC to another RIR (e.g., RIPE NCC or ARIN),
the IANA database query still points to APNIC WHOIS. This results in missing or
incorrect data, requiring users to manually query the appropriate authoritative
WHOIS database.
2. Challenges in querying NIR second-level allocations:
Some NIRs manage their resource allocation independently. When resources are
allocated to their members, the data may be stored only in the NIR’s local
system without corresponding updates in the APNIC database. The existing WHOIS
query mechanism cannot automatically redirect to the specific NIR WHOIS
database, reducing transparency and efficiency.
3. Lack of transparency for downstream allocations:
When resources are further allocated to end users (e.g., enterprises or other
organizations), the current WHOIS system cannot automatically provide this
allocation information. Redirecting queries to the customer-maintained servers
could significantly reduce communication overhead and improve accuracy.
2. Objective of policy change
----------------------------------
By implementing WHOIS Referral Server support:
- Queries for transferred resources (e.g., ASN or IP addresses) will be
automatically redirected to the appropriate RIR database.
- NIR allocations can be seamlessly queried through a hierarchical system.
- Downstream allocation information will become accessible, enhancing
transparency and traceability.
3. Situation in other regions
--------------------------------
AFRINIC: Does not yet support Referral Server functionality and relies on a
centralized WHOIS system.
ARIN: Partially supports referral functionality, allowing queries to redirect
to specific databases.
LACNIC: Operates a centralized WHOIS system without Referral Server support.
RIPE NCC: Implements similar hierarchical query capabilities and can
automatically redirect users to relevant databases.
4. Proposed policy solution
--------------------------------
Based on RFC 2167 (Referral WHOIS Protocol Version 1.5), the following
improvements are proposed:
1. Enable Referral WHOIS Protocol
Modify the APNIC WHOIS system to support a Referral Server mechanism as defined
by RFC 2167:
- Allow automatic query redirection to other RIR or NIR databases.
- Implement a hierarchical and distributed query mechanism to reduce the burden
on a single server.
2. Collaborate with NIRs for second-level allocations
Standardize interfaces for NIRs to register and expose their allocation data,
enabling direct query support.
3. Support downstream customer allocations
Encourage resource holders (e.g., ISPs) to register detailed downstream
allocation information, enabling transparent queries through the Referral
Server system.
5. Advantages / Disadvantages
------------------------------------
Advantages:
- Improved query consistency and accuracy: Users can directly access the most
updated and authoritative information.
- Increased efficiency: Eliminates the need for manual queries or multiple
redirections, enhancing user experience.
- Transparent allocation processes: Supports NIR and customer-level allocation
queries, increasing resource transparency.
Disadvantages:
- Implementation costs: Initial setup may require system upgrades and
architecture changes.
- Technical challenges: Compatibility among systems across different layers and
regions must be ensured.
6. Impact on resource holders
-----------------------------------
- APNIC’s WHOIS system would require technical upgrades to implement the
Referral Server functionality, incurring development and testing costs.
- Resource holders (ISPs, NIRs, etc.) may need to update their allocation data
and expose necessary query interfaces to support hierarchical management.
- This policy is expected to reduce the query burden on APNIC and facilitate
more efficient resource management.
7. References
----------------
RFC 2167: Referral Whois (RWhois) Protocol V1.5
https://www.rfc-editor.org/rfc/rfc2167
_______________________________________________
SIG-policy - https://mailman.apnic.net/[email protected]/
To unsubscribe send an email to
[email protected]<mailto:[email protected]>
--
I am sending this email at a time that suits me and the time zone I work in.
Please feel free to read, and act on or respond, at a time that suits you.
_______________________________________________________________________
Srinivas (Sunny) Chendi (he/him)
Senior Regional Advisor - Membership and Policy
Asia Pacific Network Information Centre (APNIC) | Tel: +61 7 3858 3100
PO Box 3646 South Brisbane, QLD 4101 Australia | Fax: +61 7 3858 3199
6 Cordelia Street, South Brisbane, QLD | http://www.apnic.net
_______________________________________________________________________
NOTICE: This email message is for the sole use of the intended recipient(s)
and may contain confidential and privileged information. Any unauthorized
review, use, disclosure or distribution is prohibited. If you are not the
intended recipient, please contact the sender by reply email and destroy all
copies of the original message.
_______________________________________________
SIG-policy - https://mailman.apnic.net/[email protected]/
To unsubscribe send an email to [email protected]
