DOCSLIB.ORG

DNS-Lexicon Release 3.7.0

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
DNS-Lexicon Release 3.7.0 DNS-Lexicon Release 3.7.0 Aug 09, 2021 Table of Contents 1 Introduction 1 1.1 Why using Lexicon?...........................................1 1.2 Supported providers...........................................2 2 User guide 5 2.1 Installation................................................5 2.2 Usage...................................................6 2.3 Configuration...............................................7 2.4 Integration................................................8 3 Configuration reference 9 3.1 Providers options.............................................9 3.2 Passing provider options to Lexicon................................... 16 3.3 Passing general options to Lexicon................................... 17 3.4 The auto provider............................................ 17 4 Developer guide 19 4.1 Potential providers............................................ 19 4.2 Setup a development environment.................................... 20 4.3 Adding a new DNS provider....................................... 20 4.4 Testing your provider........................................... 21 4.5 CODEOWNERS file........................................... 23 5 Provider specification 25 5.1 General.................................................. 25 5.2 API Operations.............................................. 25 i ii CHAPTER 1 Introduction 1.1 Why using Lexicon? Lexicon provides a way to manipulate DNS records on multiple DNS providers in a standardized way. Lexicon can be used as: • a CLI tool: # Create a TXT entry in domain.net zone hosted by CloudFlare lexicon cloudflare create domain.net TXT --name foo --content bar • or a Python library: # Create a TXT entry in domain.net zone hosted by CloudFlare from lexicon.client import Client from lexicon.config import ConfigResolver action={ "provider_name":"cloudflare", "action":"create", "domain":"domain.net", "type":"TXT", "name":"foo", "content":"bar", } config= ConfigResolver().with_env().with_dict(action) Client(config).execute() Lexicon was designed to be used in automation, specifically letsencrypt. • Generating Intranet & Private Network SSL Certificates using Lets Encrypt & Lexicon 1 DNS-Lexicon, Release 3.7.0 1.2 Supported providers Only DNS providers who have an API can be supported by lexicon. The current supported providers are: • Aliyun.com • AuroraDNS • AWS Route53 • Azure DNS • Cloudflare • ClouDNS • CloudXNS • ConoHa • Constellix • DigitalOcean • Dinahosting • DirectAdmin • DNSimple v1, v2 • DnsMadeEasy • DNSPark • DNSPod • Dreamhost • Dynu • EasyDNS • Easyname • EUserv • ExoScale • Gandi RPC (old)/ LiveAPI • Gehirn • Glesys • GoDaddy • Google Cloud DNS • Gransy (sites subreg.cz, regtons.com and regnames.eu) • Hover • Hurricane Electric DNS • Hetzner • Infoblox 2 Chapter 1. Introduction DNS-Lexicon, Release 3.7.0 • Infomaniak • Internet.bs • INWX • Joker.com • Linode • Linode v4 • LuaDNS • Memset • Mythic Beasts (v2 API) • Njalla • Namecheap • Namesilo • Netcup • NFSN (NearlyFreeSpeech) • NS1 • OnApp • Online • OVH • Plesk • PointHQ • PowerDNS • Rackspace • Rage4 • RcodeZero • RFC2136 • Sakura Cloud by SAKURA Internet Inc. • SafeDNS by UKFast • SoftLayer • Transip • UltraDNS • Vercel • Vultr • Yandex • Zilore • Zonomi 1.2. Supported providers 3 DNS-Lexicon, Release 3.7.0 4 Chapter 1. Introduction CHAPTER 2 User guide 2.1 Installation Warning: It is strongly advised with pip to install Lexicon in a Python virtual environment, in order to avoid interference between Python modules preinstalled on your system as OS packages and modules installed by pip (see https://docs.python-guide.org/dev/virtualenvs/). To use lexicon as a CLI application, do the following: $ pip install dns-lexicon Some providers (like Route53 and TransIP) require additional dependencies. You can install the provider specific dependencies separately: $ pip install dns-lexicon[route53] To install lexicon with the additional dependencies of every provider, do the following: $ pip install dns-lexicon[full] You can also install the latest version from the repository directly. $ pip install git+https://github.com/AnalogJ/lexicon.git and with Route 53 provider dependencies: $ pip install git+https://github.com/AnalogJ/lexicon.git#egg=dns-lexicon[route53] Note: As an alternative you can also install Lexicon using the OS packages available for major Linux distributions (see lexicon or dns-lexicon package in https://pkgs.org/download/lexicon). 5 DNS-Lexicon, Release 3.7.0 2.2 Usage $ lexicon -h usage: lexicon[-h][--version][--delegated DELEGATED] {cloudflare,cloudxns,digitalocean,dnsimple,dnsmadeeasy,dnspark, ,!dnspod,easydns,luadns,namesilo,nsone,pointhq,rage4,route53,vultr,yandex,zonomi} ... Create, Update, Delete, List DNS entries positional arguments: {cloudflare,cloudxns,digitalocean,dnsimple,dnsmadeeasy,dnspark,dnspod,easydns, ,!luadns,namesilo,nsone,pointhq,rage4,route53,vultr,yandex,zonomi} specify the DNS provider to use cloudflare cloudflare provider cloudxns cloudxns provider digitalocean digitalocean provider ... rage4 rage4 provider route53 route53 provider vultr vultr provider yandex yandex provider zonomi zonomi provider optional arguments: -h, --help show this help message and exit --version show the current version of lexicon --delegated DELEGATED specify the delegated domain $ lexicon cloudflare -h usage: lexicon cloudflare[-h][--name NAME][--content CONTENT][--ttl TTL] [--priority PRIORITY][--identifier IDENTIFIER] [--auth-username AUTH_USERNAME] [--auth-token AUTH_TOKEN] {create,list,update,delete} domain {A,AAAA,CNAME,MX,NS,SPF,SOA,TXT,SRV,LOC} positional arguments: {create,list,update,delete} specify the action to take domain specify the domain, supports subdomains as well {A,AAAA,CNAME,MX,NS,SPF,SOA,TXT,SRV,LOC} specify the entry type optional arguments: -h, --help show this help message and exit --name NAME specify the record name --content CONTENT specify the record content --ttl TTL specify the record time-to-live --priority PRIORITY specify the record priority --identifier IDENTIFIER specify the record for update or delete actions --auth-username AUTH_USERNAME specify email address used to authenticate --auth-token AUTH_TOKEN (continues on next page) 6 Chapter 2. User guide DNS-Lexicon, Release 3.7.0 (continued from previous page) specify token used authenticate specify the entry type optional arguments: -h, --help show this help message and exit --name NAME specify the record name --content CONTENT specify the record content --ttl TTL specify the record time-to-live --priority PRIORITY specify the record priority --identifier IDENTIFIER specify the record for update or delete actions --auth-username AUTH_USERNAME specify email address used to authenticate --auth-token AUTH_TOKEN specify token used authenticate Using the lexicon CLI is pretty simple: # setup provider environmental variables: export LEXICON_CLOUDFLARE_USERNAME="[email protected]" export LEXICON_CLOUDFLARE_TOKEN="cloudflare-api-token" # list all TXT records on cloudflare lexicon cloudflare list example.com TXT # create a new TXT record on cloudflare lexicon cloudflare create www.example.com TXT --name="_acme-challenge.www.example.com. ,!" --content="challenge token" # delete a TXT record on cloudflare lexicon cloudflare delete www.example.com TXT --name="_acme-challenge.www.example.com. ,!" --content="challenge token" lexicon cloudflare delete www.example.com TXT --identifier="cloudflare record id" 2.3 Configuration 2.3.1 Authentication Most supported DNS services provide an API token, however each service implements authentication differently. Lexicon attempts to standardize authentication around the following CLI flags: • --auth-username - For DNS services that require it, this is usually the account id or email address • --auth-password - For DNS services that do not provide an API token, this is usually the account password • --auth-token - This is the most common auth method, the API token provided by the DNS service You can see all the --auth-* flags for a specific service by reading the DNS service specific help: lexicon cloudflare -h 2.3. Configuration 7 DNS-Lexicon, Release 3.7.0 2.3.2 Environmental variables Instead of providing authentication information via the CLI, you can also specify them via environmental variables. Every DNS service and auth flag maps to an environmental variable as follows: LEXICON_{DNS Provider Name}_{Auth Type} So instead of specifying --auth-username and --auth-token flags when calling lexicon cloudflare ..., you could instead set the LEXICON_CLOUDFLARE_USERNAME and LEXICON_CLOUDFLARE_TOKEN en- vironmental variables. If you’ve got a subdomain delegation configured and need records configured within that (eg, you’re try- ing to set test.foo.example.com where foo.example.com is configured as a separate zone), set LEXICON_DELEGATED to the delegated domain. LEXICON_DELEGATED=foo.example.com 2.3.3 TLD cache The tldextract library is used by Lexicon to find the actual domain name from the provided FQDN (eg. domain. net is the actual domain in www.domain.net). Lexicon stores tldextract cache by default in ~/ .lexicon_tld_set where ~ is the current user’s home directory. You can change this path using the LEXICON_TLDEXTRACT_CACHE environment variable. For instance, to store tldextract cache in /my/path/to/tld_cache, you can invoke Lexicon like this from a Linux shell: LEXICON_TLDEXTRACT_CACHE=/my/path/to/tld_cache lexicon myprovider create www.example. ,!net TXT ... 2.4 Integration Lexicon can be integrated with various tools and process to help handling DNS records. 2.4.1 Let’sEncrypt
Load more

Recommended publications
  • Ispconfig Documentation Ispconfig Documentation I
    ISPConfig Documentation ISPConfig Documentation I Table of Contents General...............................................................................................................................................1 1 What is ISPConfig?...............................................................................................................1 2 Terms and structure of the manual.......................................................................................1 3 Installation/Upgrade/Deinstallation.......................................................................................1 3.1 Installation....................................................................................................................1 3.2 Upgrade.......................................................................................................................1 3.3 Deinstallation................................................................................................................2 4 Login and Logout..................................................................................................................2 I Administrator Manual......................................................................................................................3 1 General.................................................................................................................................3 1.1 Login and Password.....................................................................................................3 1.2 ISPConfig Interface
    [Show full text]
  • Ispconfig 3 Manual]
    [ISPConfig 3 Manual] ISPConfig 3 Manual Version 1.0 for ISPConfig 3.0.3 Author: Falko Timme <[email protected]> Last edited 09/30/2010 1 The ISPConfig 3 manual is protected by copyright. No part of the manual may be reproduced, adapted, translated, or made available to a third party in any form by any process (electronic or otherwise) without the written specific consent of projektfarm GmbH. You may keep backup copies of the manual in digital or printed form for your personal use. All rights reserved. This copy was issued to: Thomas CARTER - [email protected] - Date: 2010-11-20 [ISPConfig 3 Manual] ISPConfig 3 is an open source hosting control panel for Linux and is capable of managing multiple servers from one control panel. ISPConfig 3 is licensed under BSD license. Managed Services and Features • Manage one or more servers from one control panel (multiserver management) • Different permission levels (administrators, resellers and clients) + email user level provided by a roundcube plugin for ISPConfig • Httpd (virtual hosts, domain- and IP-based) • FTP, SFTP, SCP • WebDAV • DNS (A, AAAA, ALIAS, CNAME, HINFO, MX, NS, PTR, RP, SRV, TXT records) • POP3, IMAP • Email autoresponder • Server-based mail filtering • Advanced email spamfilter and antivirus filter • MySQL client-databases • Webalizer and/or AWStats statistics • Harddisk quota • Mail quota • Traffic limits and statistics • IP addresses 2 The ISPConfig 3 manual is protected by copyright. No part of the manual may be reproduced, adapted, translated, or made available to a third party in any form by any process (electronic or otherwise) without the written specific consent of projektfarm GmbH.
    [Show full text]
  • Civil Good: a Platform for Sustainable and Inclusive Online Discussion
    Civil Good: A Platform For Sustainable and Inclusive Online Discussion An Interactive Qualifying Project submitted to the faculty of Worcester Polytechnic Institute In partial fulfillment of the requirements for the degree of Bachelor of Science by: Steven Malis (Computer Science), Tushar Narayan (Computer Science), Ian Naval (Computer Science), Thomas O'Connor (Biochemistry), Michael Perrone (Physics and Mathematics), John Pham (Computer Science), David Pounds (Computer Science and Robotics Engineering), December 19, 2013 Submitted to: Professor Craig Shue, WPI Advisor Alan Mandel, Creator of the Civil Good concept Contents 1 Executive Summary1 1.1 Overview of Recommendations......................2 2 Authorship5 3 Introduction 10 3.1 Existing Work - Similar Websites.................... 11 4 Psychology 17 4.1 Online Disinhibition........................... 17 4.2 Format of Discussions.......................... 22 4.3 Reducing Bias with Self-Affirmation................... 28 4.4 Other Psychological Influences...................... 34 5 Legal Issues 38 5.1 Personally Identifiable Information................... 38 5.2 Intellectual Property........................... 42 5.3 Defamation................................ 45 5.4 Information Requests........................... 46 5.5 Use by Minors............................... 49 5.6 General Litigation Avoidance and Defense............... 51 6 Societal Impact 52 6.1 Political Polarization........................... 52 6.2 Minority Opinion Representation.................... 55 6.3 History and Political
    [Show full text]
  • Making Internet Security Accessible to Everyone
    CASE STUDY Making Internet Security Accessible to Everyone The Challenge Vital personal and business information flows over the Web more frequently than ever, and we don’t always know when it’s happening. HTTPS has been around for a long time but according to Firefox telemetry, only ~51% of website page loads used HTTPS at the end of 2016. That number should be 100% if the Web is to provide the level of privacy and security that people expect, and Let’s Encrypt is leading the way. ABOUT LET’S ENCRYPT Let’s Encrypt is a free, automated and open certificate In essence, everyone should use TLS (the successor to SSL) authority, run for the public’s benefit and is supported everywhere to protect their communications over the Web. Every organizationally by The Linux Foundation. The objective browser in every device supports it. Every server in every data of Let’s Encrypt is to help acheive 100% encryption on center supports it. the Web. Let’s Encrypt provides free domain-validated (DV) certificates through a simplified, automated process. However, until Let’s Encrypt there was a potentially significant These unique attributes make Let’s Encrypt ideal for large organizations, who need to alleviate financial burden and cost to administering server certificates. Let’s Encrypt is a free automate deployment at scale. Let’s Encrypt is also ideal certificate authority, built on a foundation of cooperation and for individual users, particularly those in underserved openness, that lets everyone be up and running with basic markets, who may lack funds and technical skill to server certificates for their domains through a simple one-click otherwise deploy HTTPS.
    [Show full text]
  • General 1 ¿Que Es Ispconfig?
    ISPConfig Documentation ISPConfig Documentation I Table de Contenidos General...............................................................................................................................................1 1 ¿Que es ISPConfig?.............................................................................................................1 2 Términos y estructura del manual.........................................................................................1 3 Instalación/Actualización/Desinstalación..............................................................................1 3.1 Instalación....................................................................................................................1 3.2 Actualización................................................................................................................1 3.3 Desinstalación..............................................................................................................2 4 Login y Finalizar....................................................................................................................2 I Manual del Administrador...............................................................................................................3 1 General.................................................................................................................................3 1.1 Login y contraseña "Password"...................................................................................3 1.2 El interfaz para administradores
    [Show full text]
  • Dreamhost Refer a Friend
    Dreamhost Refer A Friend Christopher is overflowingly hortative after redivivus Terrence clapboards his destructs tropically. Instructive Christos swigging inequitably. When Stanwood valorising his singing wants not repressively enough, is Sim prevenient? Every time very simple and provide training, can end user reviews to affiliate will get paid to a dreamhost Speeds and upgrades can change your referred by us know about any way if you get more money by that they feel like twitter, where various online. Please share how much does dreamhost does this change a friend connected to refer and referring. This can we may be able to dreamhost was either way is slow, dreamhost refer a friend programs reward arm to a calendar etc to. Best though all the fun, running in very bias and wiki away and on powweb experience of other words, perl or employer pay? Build fun way you refer a friend to make money referring today to refuse all product specs, forced matrix and private. Cares act provisions that this stage is a try enterprise plans with a big way you for the time you know we need to obtain employees are! Want to dreamhost has sent within your friend to join using a small businesses, hostgator myself which was friendly team. How these things like the. Out your behavior is one among others you ever is useful to finish up for when weighed against all in this page? But dreamhost been a friend and refer different portfolios. They refer friends to dreamhost server that speaks spanish. No further options available in new affiliates, as possible to use a lifestyle gaming brand consistency is laid out for.
    [Show full text]
  • Godaddy Account Change Instructions
    Godaddy Account Change Instructions Bubbling and perfectionist Waylen lath while pectinate Archibold wrought her snigger famously and palisading beyond. Bellying Eddy summers: he plucks his ballup resolutely and apomictically. Teensy Harvie still convinced: sludgier and subvertical Richmond rejuvenises quite forebodingly but overspecializing her skin-pops pensively. You a godaddy account and website for emails get to follow these articles can add a new change of stock text with Please enter the instructions on your customers book appointments and individual orders and closed for godaddy account change instructions. You can step the following morning for instructions on how to flight your. Does it is where we buy your last name? This lets you groove your emails to another email account. Luckily it's adultery to use Gmail with your own domain name free That way warrant can have my best outcome both worlds a record domain email with the convenience of Gmail's interface You also don't have these log food to different platforms to enjoy your personal and business emails. This includes confirmation emails instructions to unsubscribe and middle text you the email. How property Transfer phone to Another GoDaddy Account with. Not change of account changes have instructions. GoDaddy How we retrieve EPP Domain Transfer QTHcom. The Easy surveillance to accompany up Gmail with a rich Domain of Free. This those not position your ability to nature the forwarding again in building future you. The shoulder will already be challenging if you should our step-by-step instructions. That matches your domain purchased the instruction without a great read through gmail, tap on your specific interface.
    [Show full text]
  • Nasazení Systému Pro Správu Projektových Úložišť a Webových Serverů
    Mendelova univerzita v Brně Provozně ekonomická fakulta Nasazení systému pro správu projektových úložišť a webových serverů Bakalářská práce Vedoucí práce: Barbora Smejkalová Ing. Jiří Balej Brno 2017 Čestné prohlášení Prohlašuji, že jsem tuto práci: Nasazení systému pro správu projektových úložišť a webových serverů vypracovala samostatně a veškeré použité prameny a informace jsou uvedeny v se- znamu použité literatury. Souhlasím, aby moje práce byla zveřejněna v souladu s § 47b zákona č. 111/1998 Sb., o vysokých školách ve znění pozdějších předpisů, a v souladu s platnou Směrnicí o zveřejňování vysokoškolských závěrečných prací. Jsem si vědoma, že se na moji práci vztahuje zákon č. 121/2000 Sb., autorský zákon, a že Mendelova univerzita v Brně má právo na uzavření licenční smlouvy a užití této práce jako školního díla podle § 60 odst. 1 Autorského zákona. Dále se zavazuji, že před sepsáním licenční smlouvy o využití díla jinou osobou (subjektem) si vyžádám písemné stanovisko univerzity o tom, že předmětná licenč- ní smlouva není v rozporu s oprávněnými zájmy univerzity, a zavazuji se uhradit případný příspěvek na úhradu nákladů spojených se vznikem díla, a to až do jejich skutečné výše. Brno 19. května 2017 ................................................................ Poděkování Ráda bych touto cestou poděkovala Ing. Jiřímu Balejovi za vedení této baka- lářské práce. 4 Abstract Smejkalová, B. Choosing suitable control panel to manage servers and storage space of web projects. Bachelor thesis. Brno: Mendel University, 2017. This thesis deals with installation and testing selected control panels which will fulfil the requirements of Mendel University. Selected panel will contain test data and required functions are going to be configured to match the conditions.
    [Show full text]
  • Spamexperts Incoming Email Filter a Powerful Solution to Safeguard Networks from Inbound Spam and Malware, Helping Web Hosts Save Time and Money
    DATASHEET SpamExperts Incoming Email Filter A powerful solution to safeguard networks from inbound spam and malware, helping web hosts save time and money. Inbound spam, ransomware, and phishing attempts can put any internet service provider at risk. N-able™ SpamExperts helps web hosts and ISPs/telcos strengthen email protection. Services include affordable inbound filtering driven by a continuously updated Intelligent Protection & Filtering Engine to meet emerging threats. The solution can be deployed in a redundant cloud environment or on premises. How it works: N-able SpamExperts incoming spam filter is an email gateway solution. Activation is done with a simple DNS adjustment. Once the MX records are changed, all inbound email goes to our system first, where it is filtered and then relayed to the unchanged destination mail servers of your clients. It provides first-level defense running in front of your mail infrastructure and separates legitimate from unsolicited email with the help of advanced filtering algorithms and spam pattern detection methods. It offers full inbox protection with a nearly 100% accuracy rate. Potentially harmful messages are queued in quarantine and can be managed by end users. Helps save resources and money • Protects networks against the latest email-based threats. • Saves network resources with an efficient first-level incoming filter defense. • Helps save money with competitive and affordable licenses. Offers dual deployment options and integrates with a broad range of tools • Cloud or on-premises deployment. • Free add-ons to integrate with the most popular control panels and other email collaboration tools. • Multiple branding options available. Global statistics Gives customers and users visibility and control over their email flows • Empowers users to manage their email flows and gain real-time visibility into threats.
    [Show full text]
  • Understanding and Analyzing Malicious Domain Take-Downs
    Cracking the Wall of Confinement: Understanding and Analyzing Malicious Domain Take-downs Eihal Alowaisheq1,2, Peng Wang1, Sumayah Alrwais2, Xiaojing Liao1, XiaoFeng Wang1, Tasneem Alowaisheq1,2, Xianghang Mi1, Siyuan Tang1, and Baojun Liu3 1Indiana University, Bloomington. fealowais, pw7, xliao, xw7, talowais, xm, [email protected] 2King Saud University, Riyadh, Saudi Arabia. [email protected] 3Tsinghua University, [email protected] Abstract—Take-down operations aim to disrupt cybercrime “clean”, i.e., no longer involved in any malicious activities. involving malicious domains. In the past decade, many successful Challenges in understanding domain take-downs. Although take-down operations have been reported, including those against the Conficker worm, and most recently, against VPNFilter. domain seizures are addressed in ICANN guidelines [55] Although it plays an important role in fighting cybercrime, the and in other public articles [14, 31, 38], there is a lack of domain take-down procedure is still surprisingly opaque. There prominent and comprehensive understanding of the process. seems to be no in-depth understanding about how the take-down In-depth exploration is of critical importance for combating operation works and whether there is due diligence to ensure its cybercrime but is by no means trivial. The domain take-down security and reliability. process is rather opaque and quite complicated. In particular, In this paper, we report the first systematic study on domain it involves several steps (complaint submission, take-down takedown. Our study was made possible via a large collection execution, and release, see SectionII). It also involves multiple of data, including various sinkhole feeds and blacklists, passive parties (authorities, registries, and registrars), and multiple DNS data spanning six years, and historical WHOIS informa- domain management elements (DNS, WHOIS, and registry tion.
    [Show full text]
  • How Indirect Intermediaries Shape Online Speech
    Mitchell 1 Anna Mitchell Professor Nate Persily INTLPOL 323 December 16, 2018 Hidden Censors: How Indirect Intermediaries Shape Online Speech 1. Introduction “Literally, I woke up in a bad mood and decided someone shouldn’t be allowed on the internet. No one should have that power.” After a whirlwind five days of social media protests and internal tension, Matthew Prince, the CEO of Cloudflare, an Internet-services company, decided to terminate its contract with The Daily Stormer. The Internet’s most popular neo-Nazi website had vanished from the Web.1 Cloudflare’s content distribution network (CDN), improving the Stormer’s performance and protecting it from distributed denial of service (DDoS) attacks, had allowed the site to stay afloat for months or years. But that changed in 2017 during a period of tense racial relations in the United States. From August 11 to 12, the Daily Stormer helped organize the white supremacist Unite the Right rally in Charlottesville, Virginia. Soon after, it published articles calling murdered protestor Heather Heyer a “sloppy lard ass” and labeling her death an accidental heart attack.2 Reaction was swift. The next day, activist Amy Suskind tagged web hosting service GoDaddy in a Twitter post: “@GoDaddy you host The Daily Stormer - they posted this on their site. Please retweet if you think this hate should be taken down & banned.”3 Within 24 hours, GoDaddy responded by withdrawing hosting services. When the Stormer tried to switch to Google, it soon followed suit.4 Zoho refused to provide email service,5 and Twitter shut down Mitchell 2 associated accounts.6 With multiple major companies withdrawing services, it became increasingly difficult for the Stormer to host and propagate content.
    [Show full text]
  • From WHOIS to WHOWAS: a Large-Scale Measurement Study of Domain Registration Privacy Under the GDPR
    From WHOIS to WHOWAS: A Large-Scale Measurement Study of Domain Registration Privacy under the GDPR Chaoyi Lu∗†, Baojun Liu∗†¶B, Yiming Zhang∗†, Zhou Li§, Fenglu Zhang∗, Haixin Duan∗¶B, Ying Liu∗, Joann Qiongna Chen§, Jinjin LiangY, Zaifeng ZhangY, Shuang Hao∗∗ and Min Yang†† ∗Tsinghua University, †Beijing National Research Center for Information Science and Technology, flcy17, zhangyim17, zfl[email protected], flbj, [email protected], [email protected] §University of California, Irvine, fzhou.li, [email protected], ¶Qi An Xin Group, Y360 Netlab, fliangjinjin, [email protected], ∗∗University of Texas at Dallas, [email protected], ††Fudan University, m [email protected] Abstract—When a domain is registered, information about the [39], online advertising [55], [96], [103], [102] and usability registrants and other related personnel is recorded by WHOIS of privacy notices [104], [78], [79], [90], [50], [49], [27], [72]. databases owned by registrars or registries (called WHOIS providers jointly), which are open to public inquiries. However, Due to its broad scope, not only does the GDPR protect due to the enforcement of the European Union’s General Data normal users browsing websites, users setting up websites and Protection Regulation (GDPR), certain WHOIS data (i.e., the the associated infrastructure are also protected. One example records about EEA, or the European Economic Area, registrants) is domain registration. After a user registers a domain name, needs to be redacted before being released to the public. Anec- e.g., example.com, its sponsoring registrar and upper-stream dotally, it was reported that actions have been taken by some registry will store his/her personal information like name and WHOIS providers.
    [Show full text]