What is Whois?

  General Questions

Whois is a protocol used to find information about networks, domains and hosts. The whois records normally include data on the organizations and the contacts associated with these networks and domains.

Whois services operate through a whois server. Anyone can connect to a whois server and send a query. The whois server will then respond to the query and close the connection. Anyone can run a whois server. For example a company can run a whois server that provides information about its various departments and employees.

The most common use of whois is for finding information about domain names.

A Whois research provides information regarding a domain name, such as example.com. It may include information, such as domain ownership, where and when registered, expiration date, and the nameservers assigned to the domain name.

There are many free websites that allow you to perform a WHOIS search, the following two are the ones we recommend using:

http://whois.icann.org

https://www.namecheap.com/domains/whois.aspx

You can also perform a Whois research using a whois command in the shell:

whois example.com

The contact details are to be valid and up-to-date, this is the main requirement of ICANN (The Internet Corporation for Assigned Names and Numbers is a nonprofit organization that is responsible for the coordination of maintenance and methodology of several databases of unique identifiers related to the namespaces of the Internet, and ensuring the network’s stable and secure operation).

Although WHOIS details must be valid, it is sometimes allowed to hide the domain owner’s details in public WHOIS. This tool is called Whois privacy protection, or a domain privacy tool. Domain registrars replace the registrant contact information with the info of their privacy protection service.

It is provided in order to protect you from potential spam or identity theft, as your personal information is not available on the Internet.

Whois details are important during the validation process of certificates.

As the validation procedure differs depending on the validation types of certificates, the importance of Whois information varies as well.

Domain Validation certificates:

For this type of certificates Whois email address can be used to determine an approval email. If Whois information does not comprise any administrative email addresses needed for validation, a certificate can be approved via generic email addresses:

admin@example.com

administrator@example.com

hostmaster@example.com   

webmaster@example.com

postmaster@example.com .

Any other information (for instance, contact details) should be actual and valid as it can be checked, especially, if the certificate is set for a manual review (brand validation) by Comodo (now Sectigo).

Organization Validation or Extended Validation certificates:

As the domain ownership is verified for all Comodo (now Sectigo) certificates, the certificates can be validated via email (Whois and 5 generic email addresses).

However, Whois information may be checked manually, so it is necessary to ensure that the information is accurate and up-to-date.