Network Working Group J. Klensin
Request for Comments: 2345 MCI
Category: EXPerimental T. Wolf
Dun & Bradstreet
G. Oglesby
MCI
May 1998
Domain Names and Company Name Retrieval
Status of this Memo
This memo defines an Experimental Protocol for the Internet
community. It does not specify an Internet standard of any kind.
Discussion and suggestions for improvement are requested.
Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1998). All Rights Reserved.
Abstract
Location of web information for particular companies based on their
names has become an increasingly difficult problem as the Internet
and the web grow. The use of a naming convention and the domain
name system (DNS) for that purpose has caused complications for the
latter while not solving the problem. While there have been several
proposals to use contemporary, high-capability, Directory service and
search protocols to redUCe the dependencies on DNS conventions, none
of them have been significantly deployed.
This document proposes a company name to URL mapping service based on
the oldest and least complex of Internet directory protocols, whois,
in order to explore whether an extremely simple and widely-deployed
protocol can succeed where more complex and powerful options have
failed or been excessively delayed.
1. Introduction and Context
In recent months, there have been many discussions in various
segments of the Internet community about "the top level domain
problem". Perhaps characteristically, that term is used by different
groups to identify different, and perhaps nearly orthogonal, issues.
Those issues include:
1.1. A "domain administration policy" issue.
1.2. A "name ownership" issue, of which the trademark issue may
constitute a special case.
1.3. An information location issue, specifically the problem of
locating the appropriate domain, or information tied to a
domain, for an entity given the name by which that entity is
usually known.
Of these, controversies about the first two may be inevitable
consequences of the growth of the Internet. There have been
intermittent difficulties with top level domain adminstration and
various attempts to use the domain registry function as a mechanism
for control of service providers or services from time to time since
a large number of such domains started being allocated. Those
problems led to the publication of the policy guidelines of
[RFC1591].
The third appears to be largely a consequence of the explosive growth
of the World Wide Web and, in particular, the exposure of URL formats
[URL] to the end user because no other mechanisms have been
available. The absence of an appropriate and adequately-deployed
directory service has led to the assumption that it should be
possible to locate the web pages for a company by use of a naming
convention involving that company's name or product name, i.e., for
the XYZ Company, a web page located at
http://www.xyz.com/
or
http://www.xyz-company.com/
has been assumed.
However, as the network grows and as increasing numbers of web sites
are rooted in domains other than ".COM", this convention becomes
difficult to sustain: there will be too many organizations or
companies with legitimate claims --perhaps in different lines of
business or jurisdictions-- to the same short descriptive names. For
that reason, there has been a general sense in the community for
several years that the solution to this information location problem
lies, not in changes to the domain name system, but in some type of
directory service.
But such directory services have not come into being. There has been
ongoing controversy about choices of protocols and Accessing
mechanisms. IETF has published specifications for several different
directory and search protocols, including [WHOIS++], [RWHOIS],
[LDAP], [X500], [GOPHER]. One hypothesis about why this has not
happened is that these mechanisms have been hard to select and deploy
because they are much more complex than is necessary. This document
proposes an extremely simple alternative.
2. Using WHOIS
The WHOIS protocol is the oldest directory access protocol in use on
the Internet, dating in published form to March 1982 and first
implemented somewhat earlier. The procotol itself is simple and
minimalist: the client opens a telnet connection to the WHOIS port
(43) and transmits a line over it. The server looks up the line in a
fashion that it defines, returns one or more lines of information to
the client, and closes the connection.
We suggest that modifications or add-ins be created to Web browsers
that would access a new, commercially-provided Whois server, sending
a putative company name and receiving back one or more lines, each
containing a URL followed by one or more blanks and then a matching
company name (that order was chosen to minimize parsing problems:
since URLs cannot contain blanks, the first blank character marks the
end of the URL and the next non-blank marks the beginning of the
company name). As is usual with Whois, the criteria used by the
server to match the incoming string is at the server's discretion.
The difference between this and the protocol as documented in [WHOIS]
is that exactly one company name is returned per line (see section 3
for details of syntax).
The client would then be expected to:
(i) If a single line (company name and URL) is returned, either
ask for confirmation or simply fetch the associated URL as if it
had been typed by the user.
(ii) If multiple lines (names) are returned, present the user with
a choice, presumably showing company names rather than (or
supplemented by) URLs, then fetch using the URL selected.
Obviously, while the most convenient use of the services contemplated
in this document would occur through a client that was part of, or
intimately connected with, a Web browser, a user without that type of
facility could utilize a traditional WHOIS client and paste or
otherwise transfer the relevant information into the target location
of a browser.
3. Formats, versions, and international character sets
Preliminary work with the approach suggested above suggests that some
specific conventions about syntax and variations would be useful.
3.1 Line sent from client to server.
These lines may take either of two forms:
(i) A simple 7-bit ASCII string, containing a "company name"
(ii) A string in the format (using the ABNF notation of RFC2234
[ABNF]):
Variation "/" 1*Octet
Variation :== "0" ( Non-zero-digit 1*Digit)
Non-zero-digit :== 1 2 3 4 5 6 7 8 9
Digit :== 0 Non-zero-digit
Where Octet is any eight-bit sequence, representing a prefixed
variation number.
The first form will be construed as equivalent to the second form
with the leading string "0/". Variation numbers are specified in
section 3.3.
In all cases, the interpretation of what "company name" might mean
and, in particular, what variations of form or spelling,
abbreviations, and so on, might be accepted is strictly up to the
interpretation of the server. If rules driving the server lead to
the conclusion that a string matches some company in its data, the
correctness or incorrectness of that decision is not covered by this
specification.
For variation 0 and, by default, for all others, any alphabetic text
in lines is to be construed in a case-insensitive fashion.
3.2 Lines sent from server to client.
The server is expected to return one or more lines to the client,
depending on its interpretation of the input string. In general,
each line will consist, as described above, of a URL, a space, and a
"company name". This document deliberately does not specify the
content or semantics of the "company name" string. It might be a
name, or a name and descriptive information such as location and type
of business, or other information at the option of the server. The
expectation, as mentioned above, is that the information will be
displayed by the client to aid users in selecting the appropriate
URL.
These lines, consistent with normal Internet practice, will be
terminated by a CR LF sequence (rather than one or the other of those
control characters).
When and if different variation numbers are introduced, their
specifications may include variations on what the server is expected
to return.
In lieu of "URL and company name" responses, the Server may also
return "error messages". These take the form of lines containing:
"///" SP String
where the String is 7-bit ASCII with no control characters other
than SP, unless the variation associated with the variation number
specifies otherwise. For this experiment, all "error messages" but
the following two are discouraged:
/// Not found
Indicating that the "company name" does not match
anything
/// Variation not supported
Indicating that the variation number supplied by the
client is not recognized by the server.
3.3. Registered variations
The following two variations are established as part of this
specification:
0/ Query and response are in 7-bit ASCII, no controls other
than SP, "Company name" separated from URL by one or more
SP characters.
1/ Query and response are in UTF-8, no controls other than
SP, "Company name" separated from URL by one or more SP
characters, no specification of language on either input or
output.
The IANA will maintain a registry of additional variations which it
is hoped will be very short. Requests for additional variations
should be sent via email to: iana@iana.org.
4. Alternatives not chosen
Few comments on the initial drafts of this document addressed the
basic model or protocol design for the service discussed. Instead,
they focused on inquiring about the decisions we didn't make and
about beliefs about the protocol specification that were not intended
by the authors. The latter have been, we hope, corrected. Questions
of the following three types predominated in the first category.
4.1. Why didn't you use <insert-favorite-directory-protocol-here>?
Many notes raised the question of how much more could be done with a
higher-powered directory protocol rather than the extremely simple
WHOIS. Questions were raised about LDAP, X.500 DAP, CCSO, RWHOIS,
and WHOIS++. We had several reasons for avoiding them. The most
important has been a strong commitment to see how much can be done
with an extremely simplistic approach, and WHOIS represented the most
simplistic approach we could find. If it turns out to be too simple
in practice, things can always evolve to one or more of the more
advanced protocols. But, if we started with one of them, we would
never get that information. Other issues included:
* None of the existing directory proposals has really emerged as
the "right" solution with a large installed base. The deployed
base of WHOIS and WHOIS clients is huge, and using it avoids either
having to make a premature choice of "winner" or to become
embroiled in the debate.
* For the casual user, the mechanisms needed to activate the
extensive attribute-based directory searches of the stronger
protocols are just too complicated and may actually act as a
deterrent to effective use.
* Substantially since the dawn of the ARPANET, the Internet
experience has been that setting up a directory service is easy,
but that maintaining one and keeping the records up-to-date is
extremely difficult. The economics of operating an effective
directory service and keeping everything up to date may will
require a revenue-producing product. Use of a very simple protocol
for the basic service creates a situation in which basic service
can rationally be given away while more advanced service are
operated on a charge or subscription basis.
4.2 And why not use a Web search engine?
Web search engines are immensely effective and powerful, but address
a different problem than this protocol. The protocol model here does
involve a directory lookup, using a presumed company name as a key.
The quality of the result will depend on the quality of the
underlying directory and the editorial and research work that goes
into its construction (neither of which are matters for the protocol
itself -- we trust that marketplace pressures will separate good
servers from poor ones). Web search engines are often more effective
at locating information about companies than the specific company-
designated web pages.
4.3 Why not return a more highly structured information format
rather than a simple pair of URL and "company name"?
Again, the goal was to keep things extremely simple and, in
particular, permit minimal interpretation between the user's input
and the query and between the response and a display or action. Some
of the inquiries on this subject were due to misunderstandings about
the implications of the "company name" field; the semantics of that
field have been clarified above. We also wanted to avoid the level
of standardization implied by a tagging scheme: highly-structured
fields might lead either to interoperability problems or excessive
restriction on what might be returned.
5. Thoughts on Directory Providers
There is no technical reason why there should be only one provider of
company name to URL mapping services using this protocol, nor is
there any reason for registries of such providers. Presumably,
servers that provide the best-quality mappings will eventually
prevail in the marketplace. However, as with most traditional uses
of WHOIS, it is desirable for implementations of clients (or Web
browsers supporting this protocol) to allow for user choice of
servers through configuration options or the equivalent.
6. Demo Application
To illustrate the proposed functionality of this document, a
prototype of both the server and client have been made able for
demonstration purposes.
6.1 Server
The TLD-WHOIS demonstration server is available at
"companies.mci.net". The server contains a database of approximately
209,000 company entries provided by Dun and Bradstreet.
The server will generally respond back to a query within 15 seconds.
If the server has the response cached from a previous query, the
return time will be significantly shorter.
If 10 or more entries are found in the database for the query, only
the top 10 will be returned in the response.
For the purposes of this demonstration, there is no provision for
submitting additions or changes to the database. The authors and the
sponsoring companies are not responsible for the accuracy of the data
provided by this prototype. Our apologies if your company is not
listed.
6.2 Client
6.2.1 Download Location:
A demonstration client for the Windows 95/Nt platforms is available
for public download through anonymous FTP at:
ftp.mci.net/pub/ietf/company/demo.exe, or via the web:
ftp://ftp.mci.net/pub/ietf/company/demo.exe
File size is approximately 1.9 MB.
6.2.2 Setup Instructions:
a) Download the client installation software from the site mentioned
above to a local 32 bit Windows computer. The client installation
software has been compressed using the self-extracting archive
application from InstallShield The default name for the download
is "demo.exe".
b) Double click on the file through File Explorer or run the program
through the START menu.
c) Select "Setup" to allow InstallShield to uncompress the files
needed to install the demonstration client to a temporary
directory. InstallShield will then automatically launch the main
application Setup program.
d) The main setup program will install the demo application files and
make the necessary additions to the Windows Registry. No user
action is required.
e) Upon completion of installation you will be prompted to run the
application or to exit setup.
6.2.3 Paranoia:
What did you just do to my computer?
Files Copied:
companyname.exe Main program executable
whois.ocx WhoIs module from Mabry Software
led.ocx LED module from Mabry Software
msvbvm50.dll Microsoft Visual Basic 5.0 runtime file
stdole2.tlb Microsoft Visual Basic 5.0 runtime file
oleaut32.dll Microsoft Visual Basic 5.0 runtime file
olepro32.dll Microsoft Visual Basic 5.0 runtime file
comcat.dll Microsoft Visual Basic 5.0 runtime file
asyncfilt.dll Microsoft Visual Basic 5.0 runtime file
crtl3d32.dll Installshield control used for installation only
Registry Changes:
Created key under HKEY_CLASSES_ROOT called Who
This entry is used to enable the Microsoft Internet Explorer's
pluggable protocol handler. The key contains several sub-entries that
list the path and command to the companyname executable. The
pluggable protocol hander provides the necessary hooks to launch the
companyname application whenever the WHO:// URL is submitted in the
address line of Internet Explorer.
6.2.4 Using the Program
6.2.4.1 Standalone Operation:
From the Start Menu, select the Programs \ Companyname \ companyname.
Alternatively, it can be launched from Start:
Run c:\windows\companyname.exe
Enter the name of the company that you are attempting to locate and
press OK.
A status box will be displayed while the client is communicating with
the server until a response is returned. The possible returns are:
a) Message box saying that, "Your request was not found."
This means that the company information that was submitted was
not found in the database.
b) A list box containing 2 - 10 company names sorted high to
low by score. Highlight one of the names and press the launch
button. The program will launch the default web browser for
your computer and navigate to the site.
c) The default web browser launches and navigates to a site.
This means that only one match was found in the database and
that match is opened directly without user intervention.
6.2.4.2 Within Internet Explorer
From the Address Line within the web browser, enter "WHO://" followed
by the name of the company that you wish to search for and press the
enter key.
Note: Since the company name is entered within the URL space
of the browser, it can not contain spaces.
If you wish to send a search string that contains spaces, enter
"WHO://" with no company information. The application will display
the dialogue window as described in standalone mode for you to enter
the search criteria.
A status box will be displayed while the client is communicating with
the server until a response is returned. The possible returns are:
a) Message box saying that, "Your request was not found."
This means that the company information that was submitted was
not found in the database.
b) A list box containing 2 - 10 company names sorted high to
low by score. Highlight one of the names and press the launch
button. The program will launch the default web browser for
your computer and navigate to the site.
c) The default web browser launches and navigates to a site.
This means that only one match was found in the database and
that match is opened directly without user intervention.
6.2.5 Client Customization
The name of the Whois server is hardcoded within the application to
"companies.mci.net". No initialization file or registry keys are
needed for the default configuration. Realizing that some testers
may have proxy servers on their corporate systems and that others may
wish to test the client against a different Whois server, the client
supports a mechanism for changing the default server. To enable the
server customization, follow these steps:
a) Create a new directory in the root of the
C: Drive called "companyname"
b) Using Notepad or any text editor create a new file
called "whois.ini"
c) Add a new line to the file beginning with
"SERVER= <server name>". Do not include the double quotes
around the tag. <server name> would be the IP Address or DNS
name of the new Whois or proxy server.
d) End the line with a carriage return.
e) Save the file as a plain text file back to
"c:\companyname\whois.ini"
6.2.6 Client Limitations:
The demonstration software and database are provided "as is". No
warranties are stated or implied. Use at your own risk.
The demonstration client is supported only on 32 bit Intel Windows
platforms. It has been tested on Windows 95, Windows NT 4.0 and
Windows 98 beta RC0.
Use of the WHO:// URL moniker from within the web browser is
supported only under Microsoft Internet Explorer.
TCP Port 43 must be cleared through firewalls for client to
communicate with the server. Refer to the section on client
customization if you need to utilize a proxy server to traverse a
firewall.
When using the Address Line entry method within Microsoft Internet
Explorer, spaces are not permitted within the search string.
7. References
[ABNF] Crocker, D., and P. Overell, Eds., "Augmented BNF for Syntax
Specifications: ABNF", RFC2234, November 1997.
[RFC1591] Postel, J., "Domain Name System Structure and Delegation",
RFC1591, March 1994.
[GOPHER] Anklesaria, F., McCahill, M., Lindner, P., Johnson, D.,
John, D., Torrey, D., and B. Alberti, "The Internet Gopher Protocol
(a distributed document search and retrieval protocol)", RFC1436,
March 1993.
[LDAP] Yeong, W., Howes, T., and S. Kille, "Lightweight Directory
Access Protocol", RFC1777, March 1995.
[RWHOIS] Williamson, S., and M. Kosters, "Referral Whois Protocol
(RWhois)", RFC1714, December 1994.
[URL] Berners-Lee, T., Masinter, L., and M. McCahill, "Uniform
Resource Locators (URL)", RFC1738, December 1994.
[WHOIS] Feinler, E., Harrenstien, K., and M. Stahl, "NICNAME/WHOIS",
RFC954, October 1985.
[WHOIS++] Deutsch, P., Schoultz, R., Faltstrom, P., and C. Weider,
"Architecture of the WHOIS++ service", RFC1835, August 1995.
[X500] Wright, R., Getchell, A., Howes, T., Sataluri, S., Yee, P.,
and W. Yeong, "Recommendations for an X.500 Production Directory
Service", RFC1803, June 1995.
[Z39.50] Lynch, C., "Using the Z39.50 Information Retrieval Protocol
in the Internet Environment", RFC1729, December 1994.
8. Security Considerations
This suggested use of the WHOIS protocol adds no significant security
risks to those of traditional applications of the protocol which is
one of the most widely-deployed applications on the Internet. As
usual, servers should expect to use the string sent to them as an
information retrieval key, not as a function to be executed in some
way. A more significant risk would arise if the server supporting
the translation function were somehow spoofed; in that case, an
incorrect URL might be returned for a particular company. As with the
possibility of finding an incorrect page using naming conventions,
the best protection against the risks that could then occur is
careful attention to certificates, signatures, and other
authenticity-indicating information.
9. IANA Considerations
As provided in section 3.3, above, this experiment requests that IANA
maintain a registry of query variation forms and that the registry be
initialized with the two values specified in that section.
10. Acknowledgements
This memo was inspired by a many discussions over the last few years
about the status and uses of the domain name system, information
location using conventions about domain names, exposure of URLs to
end users, and convergence of directory and search protocols. While
the people involved are too numerous to attempt to list, the authors
would like to acknowledge their contributions and comments.
Martin Hamilton, Keith Moore, Tom Thornbury and Ed Trembicki-Guy made
important suggestions that have contributed to the revision of this
memo.
11. Authors' Addresses
John C. Klensin
MCI Internet Architecture
800 Boylston St, 7th floor
Boston, MA 02199
USA
Phone: +1 617 960 1011
EMail: klensin@mci.net
Ted Wolf, Jr.
Electronic Commerce
Dun & Bradstreet Information Services
3 Sylvan Way
Parsippany, NJ 07054
USA
Phone: +1 201 605 6308
EMail: ted@usa.net
Gary W. Oglesby
MCI Internet Architecture
842 N. Ahoy Dr.
Gilbert, AZ 85234
USA
Phone: +1 415 538 1100
EMail: gary@mci.net
12. Full Copyright Statement
Copyright (C) The Internet Society (1998). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.