ACSP Suggestion 2014.4: Support https for whois-rws
- Heather Schiller
- Submitted On:
- 13 February 2014
ARIN should support https for whois-rws. It's important not just to protect the privacy of people querying the whois db, but more importantly to ensure the integrity of answers from ARIN.
- 14 February 2014
28 February 2014
Thank you for your suggestion, numbered 2014.4 upon receipt and confirmation, requesting https support for Whois-RWS. ARIN agrees that this would be a very useful, in fact we previously attempted to provide a https solution approximately two years ago. We were unable to complete the effort due to the operational issues described below. In deploying new services for Whois-RWS, ARIN has three requirements.
1) Whois-RWS is fronted by load balancers.
2) The load balancers must support ssl-offloading for effective
3) We must have both IPv4 and IPv6 capability for any existing or new public
Unfortunately, we have found that our existing load balancers do not support IPv6 adequately and become unreliable when the ssl-offloading feature is enabled. Despite promises made by our vendor following multiple requests that fix their systems to enable feature parity between IPv4 and IPv6, they have indicated that they will not support these features in a timely manner. Therefore, ARIN is in the process of replacing these load balancers with a vendor who can deliver IPv6 capability. We hope to
Have the new load balancers deployed in Q4 of this year, which will permit us to enable https support for Whois-RWS by Q1 of 2015.
Thank you for your suggestion; it will remain open until this work is completed.
28 March 2014
Implementation Estimate: It will take us 2 person months to configure, install, test, and push into production new load balancers to support this option for both IPv4 and IPv6.
Please note that these are good-faith, general estimates to include development, testing, and implementation; as such they are subject to change.