1 / 22

WHOIS UPDATES

This update highlights three significant changes in WHOIS management, including the deployment of DNSSEC to enhance security, full support for ASPLAIN format to accommodate 4-byte AS numbers, and the new implementation of abuse contact policies for proper incident reporting. DNSSEC is part of a broader deployment plan that introduces a minor change in WHOIS data structure, allowing easier updating of the ds-rdata attribute. The abuse contact policy enhances communication for reports, ensuring they reach the appropriate network contacts effectively.

hashim
Télécharger la présentation

WHOIS UPDATES

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WHOIS UPDATES

  2. Three Main Updates • DNSSEC Deployment • Full support for ASPLAIN • Abuse Contact Implementation

  3. DNSSEC

  4. DNSSEC • One part of DNSSEC deployment plan • Minor change in WHOIS • ds-rdata attribute • Two methods for updating this field • Via MyAfrinic (with verification) • auto-dbm@afrinic.net (without verification)

  5. DNSSEC Domain Object template

  6. DNSSEC Reverse Delegation on MyAFRINIC

  7. DNSSEC Example of Domain object on WHOIS

  8. ASPLAIN

  9. ASPLAIN • Full Support for 4-Byte ASN • Scrap out the dot format • <high order 16 bit value in decimal>.<low order 16 bit value in decimal> • 4-byte AS Number of value 65546 (decimal) would be identified as "1.10” • Both WHOIS and Myafrinic support this format

  10. ASPLAIN Example of previously AS5.1 in plain format

  11. Abuse contact Policy

  12. Abuse Contact Policy • AFPUB-2010-GEN-006 • Recommendations: • For abuse reports to reach the correct network contact • Create a new or uses an already existing object • A unique reference by inetnum, inet6num and aut-num • Contains 2 email attributes: • "e-mail:" for personal communication • "abuse-mailbox:" for automatic report handling

  13. Abuse Contact Policy - Use existing Incident Response Team Object

  14. Abuse Contact Policy • IRT Object • Field: abuse-mailbox • Abuse Contact email address • Mandatory • Multiple • whois-i abuse-mailbox <email> • Field: email • Abuse Contact email address • Mandatory • Multiple

  15. Abuse Contact Policy • IRT Object • Field: auth • Authentication credentials • Password or PGP Key • Used when adding or removing a reference to inetnum, inet6num or aut-num objects • Mandatory • Multiple • whois -iauth <email>

  16. Abuse Contact Policy • IRT Object • Field: irt-nfy • Notify email address • Optional • Multiple • whois -iirt-nfy <email>

  17. Abuse Contact Policy ]

  18. Abuse Contact Policy • INETNUM Object • Field: mnt-irt • Reference an IRT object • Optional • Multiple • whois -imnt-irt <IRT ID> • Similarly in INET6NUM and AUT-NUM

  19. Abuse Contact Policy Referencing an IRT Object IRT OBJECT INETNUM referencing an IRT Object INETNUM’s maintainer authentication AND IRT object’s authentication (Password / PGP Key) INETNUM OBJECT

  20. WAY FORWARD

  21. - we are closely following the WEIRDS mailing list - dev-team is looking into technologies to build RESTFUL services around whois

  22. THANK YOU AFRINIC DEV-TEAM

More Related