The Linux Page

The split of the WHOIS registry

Rows and columns of boxes with a name... similar to a database of domain names.

History

At some point in 2017, the WHOIS registry was split in two.

Before that, WHOIS was all in one place (at least from what I understand) and thus a query would return all the info you could get.

Once in a while, I would receive an email from GoDaddy (which is not my favorite registrar anymore, although they still have excellent service.) That email would say "You have to update your information with ICANN."

This email has stopped for a couple of years now and that's in link with the split. You now register with your registrar and not ICANN so the updates have to be made at GoDaddy if your account is with them. They certainly still have to check on your info once a year, but they won't forward it to ICANN. It makes it possible to really hide your info that way (although your registrar still has it, it's not being shared with anyone else; well... not supposed to unless there is a lawsuit, etc.)

The New Organization

The new organization has limited data with ICANN whois registry (well, there are operators under ICANN that handle the actual technical work,) and the rest of the information is with the registrar WHOIS server.

The following ASCII drawing gives an idea of that organization. Note that there is your Registrar at the bottom, such as namecheap.com, VeriSign which handles the ICANN database, and ICANN itself at the top. By having a very few top operators, we can easily control that only one entity can purchase a given domain name.

  +-------+
  |       |
  | ICANN |
  |       |
  +---+---+
      |
      +--------------------------------+
      |                                |
      v                                v
+------------+                   +------------+
|            |                   |            |
|  VeriSign  |                   |    ...     |
|            |                   |            |
+-----+------+                   +------------+
      |
      +---------------+---------------+---...
      |               |               |
      v               v               v
+------------+  +------------+  +------------+
|            |  |            |  |            |
|   GoDaddy  |  | namecheap  |  |    ...     |
|            |  |            |  |            |
+------------+  +------------+  +------------+

WHOIS checks ICANN for the Registry Operators (a.k.a. VeriSign). This gives it a way to check for a domain name info.

Finding All The WHOIS Data

The contents of the WHOIS info on the Registry Operator includes one line which is:

Registrar WHOIS Server: <domain-name>

We need that name to actually query the registrar and get the details of the owner. This is done that way for various reasons, I can imagine that one reason is to alleviate the need for updating the ICANN records in the root because it certainly was becoming really large, especially with all the new top-level domain names such as .software or .lol.

So the first check for a domain name is going to be the usual whois command:

whois m2osw.com

From that we see the registrar, at the time of writing, it's GoDaddy:

Registrar WHOIS Server: whois.godaddy.com

With that additional information, we can access the full set of records as follow:

whois -h whois.godaddy.com m2osw.com

This last command shows us the name of the registrant and other details (address, phone number, etc.) In case of m2osw.com we see this:

Registrant Organization: Made to Order Software Corp.
Registrant State/Province: California
Registrant Country: US
Name Server: NS1.M2OSW.COM
Name Server: NS2.M2OSW.COM

In some cases, we see more and others less. It will now very much depend on the registrar. Plus, a registrar will now have the ability to let their customers choose what to show and not show (although I haven't seen any such choices at GoDaddy, there is only one step to get there.)

Locked Domains

For quite a few years now, Registrars have been asked to implement a locking mechanism to better prevent unauthorized domain name transfers.

Now a transfer requires two steps (in most cases, these two work in either order although a registrar may ask you to first initiate a transfer before you are allowed the ability to unlock the domain name):

1. Unlock domain

You will want to first unlock your domain. Your registrar will have some information of its own about this.

Note that a domain that was just purchased or transferred can't be transferred again for a month or so. Something to keep in mind if you were planning to do domain trading. It is not instantaneous like before when you could purchase a domain, create a website, and sell it on the next day. This is a relatively recent change to the domain name policies. It is supposed to prevent some abuse that we've seen happen over the years prior.

Next: Be patient.

The unlocking needs to be propagated. Some services cache the WHOIS data and this means it may take a little while before all those caches get updated with the new information, including the "unlocked" status.

You recognize the locked status by looking at the Domain Status field(s). For example, GoDaddy has the following four entries:

Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited

As we can see, all the statuses say "prohibited." I think the message is clear.

When unlocked, the Domain Status fields get replaced by another one. There is a copy of that field content:

Domain Status: ok http://www.icann.org/epp#ok

As we can see, when unlocked the Domain Status field says "ok" meaning that it will accept other people actions, such as a transfer to a third party registrar,

2. Get an Authorization Code

The registrar you are with at the moment will generate an authorization code when you tell it that you are transferring your domain name(s). You'll have to refer to their documentation to learn how to do that with them.

Remember that it takes some time for the unlock to be processed. Trying to use the authorization code too soon will result in an error. To see whether the lock was released, you can use WHOIS. However, the output of WHOIS is going to be cached by your destination registrar and possibly some intermediaries. Those caches are going to force you to wait for some time before you can safely transfer the domain name to its new registrar.

In most cases, registrars show the authorization code in your browser or send you an email. Copy that code and paste it where the destination registrar asks you to paste that code.

The new registrar may give you a discount for transferring. Watch out on those as the renewal the following you may not be what you expected it to be.

3. IMPORTANT POINT ABOUT TRANSFERS

The new rules give multiple chances to the owner of a domain name to prevent the transfer. As I just mentioned, you will need to unlock the domain name and then apply the transfer rules with that special authorization code.

Next, you will be asked at least once to accept the transfer by your registrar (source). Other registrars will give the current owner several days to cancel the transfer. In all cases, it is not unlikely that there will be another step or two before the transfer is complete. And, in the meantime, you may lose the domain name setup. So pay attention if you currently run a website.

This also means that you should not do it on the last day before renewal. The transfer should be planed about 1 month in advance to make sure that all the timings fit and the transfer is done before the domain payment on your old registrar lapses.

Another important point: when I initiated a transfer from GoDaddy, they sent me an email saying I had nothing more to do. Today I went back and my account and there they told me that I still had one more step to actually accept to complete the transfer. Soooo contradictory! Anyway, that meant I could actually transfer the domain name faster than I first thought, but you still want to initiate domain name transfers sooner rather than later to make sure you don't do it after you owe money to your current registrar.