ACSP Suggestion 2018.3: Automatically Redirect Whois Queries to Secure URL

Suggestion

Author: Anonymous   
Submitted On: 14 March 2018

Description: It appears possible to go to the insecure version of ARIN’s whois by going to http://whois.arin.net. Would ARIN be willing auto-redirect users to the secure version, https://whois.arin.net, and additionally, consider using HSTS for this site, too?

Value to Community: Secures all WHOIS lookups, which could sometimes be potentially sensitive. It’s also consistent with what ARIN has done with most of it’s other public-facing websites.

Timeframe: Not specified

Status: Open   Updated: 28 March 2018

Tracking Information

ARIN Comment

28 March 2018

Thank you for your suggestion, numbered 2018.3 upon confirmed receipt, requesting ARIN automatically redirect Whois queries to a secure URL.

We have reviewed your suggestion and understand that you are requesting ARIN automatically redirect user queries of Whois made from “http” to “https”, and that we also consider the use of HSTS for Whois queries. Noting there is interest from the community on this topic, and that a conversation on the arin-consult mailing list has already begun, we will open a formal community consultation for this suggestion. Feedback received during the consultation will help inform how ARIN will proceed in this area.

Thank you for participating in the ARIN Consultation and Suggestion Process. Your suggestion will remain open until we are able to provide a new update following the closure of the related community consultation.