DENIC Limits Access to Domain Data
DENIC as registry for domains below .de provides several information systems, which can be used to find out whether a domain is already registered and if yes, to who. These services are heavily used. Since DENIC has recently increased its technical capacities about 6000 to 7000 requests are answered per minute. According to an analysis the registry more than 90% of these requests do not serve the purpose of determining the status of a domain or its owner once. Rather they are for checking continually in extremely short time intervals whether a certain domain is still registered, in order to register it immediately in the case of a deletion.
"We see less of a problem in overloading our systems, because we can handle the high number of requests technically without any difficulties. However, the excessive usage of the whois service by certain users causes costs, which at this point have to be shared between all domain holders", describes DENIC board member Andreas Bäß the background of these steps. "Another problem is the unlimited access to these directories in relation to the detection and prevention of Distributed Denial of Service Attacks. A limitation of the maximum number of requests from an address block solves both problems. Because then we can determine a threshold, upwards of which we assume an abuse of the services. However, we also want to motivate the intensive users to talk to us in order to mutually find an alternative way to satisfy their information needs."
Therefore, starting 1 July DENIC will regulate the usage of whois requests more strongly. In addition to the above mentioned limitation of the number of requests, the holder data will in the future be only accessible by way of additional parameters. For those requests the number of requests per time unit will be reduced further in order to better protect the domain holders from an automatic utilisation of their address data.