<html>
<head>
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p class="MsoNormal" style="margin: 6pt 0in; line-height: 18pt;
background: none repeat scroll 0% 0% white;"><span
style="font-family:Helvetica;mso-fareast-font-family:
"Times New Roman";mso-bidi-font-family:"Times New
Roman"">ARIN has issued its initial response to ACSP
Suggestion 2014.29. The suggestion and response text are
provided below. This suggestion remains open and is available
at: </span><span style="font-family: Times;"></span><span
style="font-family:Times;mso-fareast-font-family:"Times New
Roman";mso-bidi-font-family: "Times New Roman""></span><span
style="font-family: Helvetica;"><br>
</span></p>
<p class="MsoNormal"
style="margin-top:6.0pt;margin-right:0in;margin-bottom:6.0pt;
margin-left:0in;line-height:18.0pt;background:white"><span
style="font-family:Helvetica;mso-fareast-font-family:"Times
New Roman"; mso-bidi-font-family:"Times New
Roman""><a class="moz-txt-link-freetext" href="https://www.arin.net/participate/acsp/suggestions/2014-29.html">https://www.arin.net/participate/acsp/suggestions/2014-29.html</a></span><span
style="font-family:Times;mso-fareast-font-family:"Times New
Roman";mso-bidi-font-family: "Times New Roman""><br>
<br>
</span><span
style="font-family:Helvetica;mso-fareast-font-family:"Times
New Roman"; mso-bidi-font-family:"Times New
Roman"">Regards,</span><span style="font-family:
Times;mso-fareast-font-family:"Times New
Roman";mso-bidi-font-family:"Times New Roman""><br>
<br>
</span><span
style="font-family:Helvetica;mso-fareast-font-family:"Times
New Roman"; mso-bidi-font-family:"Times New
Roman"">Communications and Member Services</span><span
style="font-family:Times;mso-fareast-font-family:"Times New
Roman";mso-bidi-font-family: "Times New Roman""><br>
</span><span
style="font-family:Helvetica;mso-fareast-font-family:"Times
New Roman"; mso-bidi-font-family:"Times New
Roman"">American Registry for Internet Numbers (ARIN)</span><span
style="font-family:Times;mso-fareast-font-family:"Times New
Roman"; mso-bidi-font-family:"Times New Roman""><br>
<br>
</span><span
style="font-family:Helvetica;mso-fareast-font-family:"Times
New Roman"; mso-bidi-font-family:"Times New
Roman"">***</span><span style="font-family:
Times;mso-fareast-font-family:"Times New
Roman";mso-bidi-font-family:"Times New Roman""><o:p></o:p></span><b><span
style="font-family: Helvetica;mso-bidi-font-family:"Times
New Roman";color:black"><br>
Suggestion: </span></b><span
style="font-family:Arial;mso-bidi-font-family:"Times New
Roman";color:black"><o:p></o:p></span></p>
Description: SSL support for whois.arin.net (the web site) to fix
security warnings when initiating Whois searches from ARIN.NET.<br>
<br>
It seems out-of-character with the importance of this site on the
internet that whois.arin.net is <a class="moz-txt-link-freetext" href="http://">http://</a> instead of <a class="moz-txt-link-freetext" href="https://">https://</a>, thus
resulting in a security warning if somebody initiates a whois from
the SEARCH Whois box on the main ARIN home page.<br>
<br>
Value to Community: TRUST of users who use the ARIN.NET website to
find out essential information about the responsible parties for
ARIN-distributed resources.<span style="font-family:
Helvetica;mso-bidi-font-family:"Times New
Roman";color:black"></span><span
style="font-family:Arial;mso-bidi-font-family:"Times New
Roman";color:black"><o:p></o:p></span>
<p class="MsoNormal"
style="margin-top:6.0pt;margin-right:0in;margin-bottom:6.0pt;
margin-left:0in;line-height:18.0pt;background:white"><b><span
style="font-family: Helvetica;mso-bidi-font-family:"Times
New Roman";color:black">Response:</span></b><span
style="font-family:Arial;mso-bidi-font-family:"Times New
Roman";color:black"><o:p></o:p></span></p>
Thank you for submitting your suggestion, numbered 2014.29, on the
topic of enabling SSL support for whois.arin.net. ARIN agrees
implementing your suggestion would be very useful, and we intend to
do so.<br>
<br>
ARIN currently has a similar open suggestion to support HTTPS for
WHOIS-RWS (numbered 2014.4). Our comments stated for this earlier
suggestion apply to both the earlier suggestion and your newly
submitted suggestion. Here is the text from our response to the
earlier suggestion:<br>
<br>
Thank you for your suggestion, numbered 2014.4 upon receipt and
confirmation, requesting https support for Whois-RWS. ARIN agrees
that this would be a very useful, in fact we previously attempted to
provide a https solution approximately two years ago. We were unable
to complete the effort due to the operational issues described
below. In deploying new services for Whois-RWS, ARIN has three
requirements.<br>
<br>
1) Whois-RWS is fronted by load balancers. 2) The load balancers
must support ssl-offloading for effective throughput. 3) We must
have both IPv4 and IPv6 capability for any existing or new public
service.<br>
<br>
Unfortunately, we have found that our existing load balancers do not
support IPv6 adequately and become unreliable when the
ssl-offloading feature is enabled. Despite promises made by our
vendor following multiple requests that fix their systems to enable
feature parity between IPv4 and IPv6, they have indicated that they
will not support these features in a timely manner. Therefore, ARIN
is in the process of replacing these load balancers with a vendor
who can deliver IPv6 capability. We hope to have the new load
balancers deployed in Q4 of this year, which will permit us to
enable https support for Whois-RWS by Q1 of 2015.<br>
<br>
Our implementation for this new suggestion also requires the
replacement of our current load balancers to ones that reliably
support both IPv6 and SSL-offloading. This work is currently
underway and its completion will allow ARIN to implement solutions
in response to suggestion 2014.4 and 2014.29.<br>
<br>
Thank you again for your suggestion; it will remain open until this
work is completed.<span style="font-family:Helvetica;
mso-bidi-font-family:"Times New Roman";color:black"></span>
</body>
</html>