whois Query with Signed Data Output
The DENIC system offers you the option to obtain a signed output of a domain's holder data in response to a whois query.
What is the benefit of a signed data output?
You can use a signed whois information to prove beyond doubt who was the holder of the domain at the time when the query was made, for example, when you want to sell your domain or if the date is legally relevant. The advantage of a query with signed information output is that the received data is reliable, confirmed and bears a time stamp. To avoid that the signed data is accidentally falsified, (e.g. character encodings, white spaces), the data is written directly into a file. Your browser offers you this file (file name: smime.p7s) for saving.
What do I have to do to verify the signed data?
The smime.p7s file contains the holder data signed by DENIC. You can read the file with any common text editor. It may happen that some characters are displayed incorrectly in your text editor. This is only a problem of presentation of your editor. It does not affect the correctness of the signed data. You can forward the file (smime.p7s) to a third party (e . g. your provider) for the purpose of verification, i. e. to prove to this party that you are the holder of the domain. Upon request, you can further verify the signed data yourself by means of OpenSSL or similar software.
Which requirements must I meet to verify the data?
To verify the signed data, OpenSSL or comparable software that is able to check cryptographic signatures must be installed on your system. You find information how to install and use OpenSSL on the OpenSSL website. The software you use must know the root certificate of T-Systems. If this certificate is not included in the "Trusted Certificates Directory", you can download it from the T-Systems website and add it to the directory. Note: The downloaded certificate has the "DER" format. You might have to convert it into the "PEM" format.