[ppml] Directory Services - Take 2

william(at)elan.net william at elan.net
Fri Jun 10 13:15:40 EDT 2005

On Fri, 10 Jun 2005 Michael.Dillon at btradianz.com wrote:

>>        ARIN shall publish the APID in the following methods using
>>        industry standard practices:
>>            - Via the WHOIS protocol.
>>            - Via a query form accessible via the HTTP protocol.
>>            - Via FTP to users who complete the bulk data form.
>>            - Via CDROM to users who complete the bulk data form.
>>            - Via the RWHOIS protocol.
> This just sucks.
> The RWHOIS protocol is an ancient creaking unmaintained
> and unsupported protocol which is sorely in need of retirement.
> It should be dropped from this document.

It can be dropped later on when replacement for it is readily available.

So when CRISP/IRIS is implemented and multiple open-source and commercial
IRIS servers are avaialble for providing ip database data over then next
then ARIN can start to retire RWHOIS.

> The "query form accessible via the HTTP protocol" is
> excessively vague. Is this XML-RPC, SOAP, REST? Or
> yet another crude PHP hack?

That is fair but only to the point that HTTP is being reused by other
protocols. When its one of those other protocols - they should not really
be considered HTTP at all should have done as IPP and SIP as officially
separate protocols.

So far as I'm concerned HTTP means accessible to users using normal HTML 
web browser that is able so support POST or GET. As to if the POST or GET
are processing by pre-compiled "C" cgi, perl, php or asp script, servlet 
that is implementation detail and whatever ARIN wants it will use.

> The FTP and CDROM ideas are not all that bad, but the
> wording implies that anyone who completes the form
> gets the data. If Osama Bin Laden fills out the form
> and says he needs it to evaluate potential attack
> targets, this wording says that he gets his CDROM
> just like everyone else. Also, why do we need to
> specify media type? Does this mean ARIN can't use
> a DVD-R?

In my original text from Whois AUP Policy it was "CDROM or other media"
implying that anything similar (like DVD) could be supported as well.
The reason for CDROM first is that everyone can read CDs but DVDs still
require newere computers.

> And whatever happened to the IETF standard directory
> access protocol, namely Lightweight Directory Access
> Protocol (LDAP)?

That protocol was considered for whois (ip or domain) data during
CRISP WG and rejected there after the vote (BTW - I voted for LDAP).
You should have been active at LDAP if you wanted it that much....

> And even though the IETF hasn't finished working on
> IRIS, ARIN should at least support XML-encoding of the
> whois data.

In what form? You want ARIN to create its own standard?

BTW - I think IRIS needs to be explicitely mentioned in the proposed
policy - by the time policy is approved (probably within a year if not 
longer) and then implemented, it'd be IETF proposed standard fore sure.

William Leibzon
Elan Networks
william at elan.net

More information about the ARIN-PPML mailing list