Enhancing WHOIS Updates with DNSSEC, ASPLAIN, and Abuse Contact Implementation

Explore the latest updates in WHOIS, including DNSSEC deployment, ASPLAIN support, and abuse contact policies. Learn about DNSSEC deployment plans, ASPLAIN formats, and recommendations for abuse handling. Stay informed on domain security and network contact protocols.

• WHOIS Updates
• DNSSEC Deployment
• ASPLAIN Support
• Abuse Contact Policy
• Domain Security

lash_9 Follow

Uploaded on Sep 15, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. WHOIS UPDATES

2. Three Main Updates - DNSSEC Deployment - Full support for ASPLAIN - Abuse Contact Implementation

3. DNSSEC

4. DNSSEC - One part of DNSSEC deployment plan - Minor change in WHOIS - ds-rdata attribute - Two methods for updating this field - Via MyAfrinic (with verification) - auto-dbm@afrinic.net (without verification)

5. DNSSEC Domain Object template

6. DNSSEC Reverse Delegation on MyAFRINIC

7. DNSSEC Example of Domain object on WHOIS

8. ASPLAIN

9. ASPLAIN - Full Support for 4-Byte ASN - Scrap out the dot format - <high order 16 bit value in decimal>.<low order 16 bit value in decimal> - 4-byte AS Number of value 65546 (decimal) would be identified as "1.10 - Both WHOIS and Myafrinic support this format

10. ASPLAIN Example of previously AS5.1 in plain format

11. Abuse contact Policy

12. Abuse Contact Policy AFPUB-2010-GEN-006 Recommendations: For abuse reports to reach the correct network contact Create a new or uses an already existing object A unique reference by inetnum, inet6num and aut-num Contains 2 email attributes: "e-mail:" for personal communication "abuse-mailbox:" for automatic report handling

13. Abuse Contact Policy - Use existing Incident Response Team Object

14. Abuse Contact Policy IRT Object - - Field: abuse-mailbox Abuse Contact email address Mandatory Multiple whois -i abuse-mailbox <email> - Field: email Abuse Contact email address Mandatory Multiple

15. Abuse Contact Policy IRT Object Field: auth Authentication credentials Password or PGP Key Used when adding or removing a reference to inetnum, inet6num or aut-num objects Mandatory Multiple whois -i auth <email>

16. Abuse Contact Policy IRT Object Field: irt-nfy Notify email address Optional Multiple whois -i irt-nfy <email>

17. Abuse Contact Policy ]

18. Abuse Contact Policy INETNUM Object Field: mnt-irt Reference an IRT object Optional Multiple whois -i mnt-irt <IRT ID> Similarly in INET6NUM and AUT-NUM

19. Abuse Contact Policy Referencing an IRT Object IRT OBJECT INETNUM s maintainer authentication AND IRT object s authentication (Password / PGP Key) INETNUM referencing an IRT Object INETNUM OBJECT

20. WAY FORWARD

21. - we are closely following the WEIRDS mailing list - dev-team is looking into technologies to build RESTFUL services around whois

22. THANK YOU AFRINIC DEV-TEAM