The Importance of WHOIS — DNSimple Blog
WHOIS; the global catalog of domain ownership and controller information. When it was created it was likened to the white pages of the internet. It contains things such as who the domain is registered with, name, address, phone number, email, and name server information.
Here is a shortened example of all the information in WHOIS:
Domain Name: DNSIMPLE.COM
Registry Domain ID: 1591842594_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: www.enom.com
Updated Date: 2013–04–16T14:07:36.00Z
Creation Date: 2010–04–07T17:32:00.00Z
Registrar Registration Expiration Date: 2018–04–07T17:32:00.00Z Registrar: ENOM, INC.
Registrar IANA ID: 48
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: ANTHONY EDEN
Registrant Organization: DNSIMPLE
Registrant Street: 618 E SOUTH ST
Registrant Street: SUITE 500
Registrant City: ORLANDO
Registrant State/Province: FL
Registrant Postal Code: 32801
Registrant Country: US
Registrant Phone: +1.3215490222
Registrant Email: SUPPORT@DNSIMPLE.COM
Registry Admin ID:
Registry Tech ID:
Name Server: NS1.DNSIMPLE.COM
Name Server: NS2.DNSIMPLE.COM
Name Server: NS3.DNSIMPLE.COM
Name Server: NS4.DNSIMPLE.COM
Registrar Abuse Contact Email: firstname.lastname@example.org
Registrar Abuse Contact Phone: +1.4252982646
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
I’m confident to post all of this information in this blog since it’s completely public! Most computers have a WHOIS command line utility and there are several sites like https://dnsimple.com/WHOIS which can show you the public registry domain information on your domain. The information in WHOIS is considered the single source of truth for who truly owns and controls a domain as we will explore more.
Why do I need this?
The short answer is that the Internet Corporation for Assigned Names and Numbers (ICANN) requires that every domain has up-to-date and valid WHOIS information.
Actually the longer answer is that having up-to-date and valid WHOIS information is extremely important! The name and email fields of your contact information are used to validate your domain in many stages. This information is used in case any type of dispute arises about the domain name.
Since 2013, whenever you update your contact details on an existing domain, or purchase a new domain with a new contact, the registrar (the entity you register the domain through) is required to validate whether or not all the content is of valid format. Registrars are also required to send you an email at the WHOIS address that you must click through to verify.
If you do not verify your information the domain will be completely suspended and neither your email nor web page will work. We’ve seen a lot of great sites go down because of this, sometimes for extended periods of time, because re-instating this is not an instantaneous procedure and can often take your email out of commission; make sure to always check for this email when updating your contact information. For more information check out this article
Buying a certificate
An important part of SSL Certificates is not just encrypting your web traffic, but also validating that the website is who they claim to be. This is a major part HTTPS and SSL Certificates because of a flaw in validating the correctness of DNS on the client level; we’ll be writing more about this later when talking about DNSSEC in another article.
Most certificates require you to validate the purchase of the certificate beforehand by sending an email to either admin, hostmaster, or webmaster at yourdomain, or they can send an email to the contact in your WHOIS information. Since most people don’t actually use emails like admin, hostmaster, or webmaster it’s important to have your WHOIS data up-to-date so you can use a more convenient email. The validation email for an SSL Certificate can never just be sent to an arbitrary email address you give us — it has to be publicly verifiable. For lots more information check out this article.
Let’s Encrypt certificates don’t need this because they let you use domain level validation by making special DNS records on your domain that are used to validate domain ownership.
When there are issues with your domain, especially legal ones, then the contact information in your WHOIS information comes into play. For example, if there is a spam or copyright issue that needs to be addressed you are contacted via that data. Not replying to those can also cause your domain to be parked, or taken offline, which can result in a painfully long wait to resolve while your website and email are offline.
Many people have gone through the process of transferring a domain and know how much of a hassle it can be. This is all for good reasons though. Back in the early days of the internet domain theft was a really big deal. If someone were to steal your domain it would take serious legal action to get it back. Part of the domain transfer process is sending an email to the contact listed in the WHOIS information and getting them to verify that they do indeed approve this transfer of their domain.
What are the problems with WHOIS?
When you submit a change to us to update your contact information we instantly push that information up a chain where it has to go all the way up to the reigstry. While this isn’t very slow unto itself, there are a lot of places where your information could be cached. This means it can slow down resolution of already-in-place issues, like trying to get ssl certificates issued rapidly or transferring domains on a deadline.
Starting December 1st, 2016 registrars are required to lock a domain from transfer for 60 days after updating the contact information. This is designed as an extra safeguard to prevent domain theft. Now if someone gets access to your account, they lack the ability to rapidly drain out your domains and leave you to fight a legal battle to get them back. For more information see this article
However people sometimes don’t realize their contact information is not up to date until it’s time to make a transfer and now you are locked in for another 60 days!
Of course posting all of this information publicly is a problem itself for a lot of people. Who wants their address, phone number, and email public? We’ve personally seen and gotten a lot of reports of people who get flooded by spam and sometimes even calls or junk mail after buying new domains. Having this happen is the pits. However you can’t just put junk information in the WHOIS information as we have outlined; doing so may cause serious problems in the future.
This is why we have WHOIS Privacy Protection available for domains. WHOIS Privacy Protection is actually you hiring a proxy to catalogue your information and put in their own with a special identifier so that on request they can provide information on the true domain owner. This makes it much harder for spammers to get a hold of your information, while leaving it accessible to authorized parties.
However, this also means any time you need to take action on your domain for things like transfers and SSL Certificates you need to disable this momentarily so you can expose yourself as the true domain owner and get things done.
Not all top level domains support WHOIS Privacy either! Many TLDs have it written into their rules that proxies absolutely may not be used; be aware of this when picking out your domains if this is important to you.
Wrapping it all up
WHEW! That was a meaty one wasn’t it? But WHOIS information is more important than most people give it credit for; it’s used in many aspects of your domain management — from security to legal disputes. I think the biggest takeaway is to always make sure your contact information on all of your domains is up to date and valid at all times to help prevent getting snagged up with an outage. It’s also very important not just to pick a valid email but also one that you watch regularly to prevent problems.
Written by David Aronsohn. Originally published at blog.dnsimple.com.