Commentary by Mark Wahl, CISA
Organizing principles for identity systems:
Timeline of WHOIS, the original Internet social network service (20070824)
WHOIS is a very simple protocol, currently defined by Draft Standard RFC 3912 "WHOIS Protocol Specification" from September 2004. The client opens a TCP connection to a WHOIS server, sends a single line of text of a request (e.g., a name such as "Smith"), and receives back a human-readable text response. The original purpose of WHOIS, as it originated in 1982, was to allow anyone on the ARPANET network to search the list of the ARPANET's users, stored in the Network Information Center (NIC) database. This database was maintained by SRI International on behalf of the US Dept. of Defense:
[The Defense Communications Agency] requests that each individual ... who is capable of passing traffic across the ARPANET, be registered in the NIC Identification Data Base. To register, send full name, middle initial, U.S. mailing address (including mail stop and full explanation of abbreviations and acronyms), ZIP code, telephone (including Autovon and FTS, if available), and one network mailbox, via electronic mail to NIC@SRI-NIC.(RFC 812)
Privacy was not a significant concern at the time as the network was under single administrative control with fewer than 50 non-military computers attached to it.
Today, the WHOIS-accessible database is distributed and encompasses the registration details for second-level Internet domain names. Each domain has one or more points of contacts: people or organizations who have authority over the domain. Currently, these points of contacts are public: anyone can lookup a domain name and view the names, addresses and phone numbers of the contact people and/or organizations. As such, the database has been the subject of significant debate over its accuracy (updating obsolete or obviously bogus registration data) and privacy concerns (who should be permitted to view a registration, and under what circumstances?). Follow-on protocols have been developed to provide richer semantics than WHOIS, e.g. the RFC 3982 "Domain Registry Type for the Internet Registry Information Service" protocol defines queries such as findDomainsByContact.
The web site of the noncommercial users constituency (NCUC) of ICANN Generic Name Supporting Organization participating organizations has a mirror of a WHOIS timeline prepared by Dr. Milton Mueller and Mawaki Chango of the Syracuse University School of Information Studies. The timeline covers from the first publication of the WHOIS protocol in RFC 812 (March 1, 1982), to the contentious final outcomes report of the ICANN WHOIS Working Group 2007 (August 20, 2007), with links to relevant documents in the evolution of WHOIS-fronted data services.