Menu

How to use RDAP to replace WHOIS and WHOIS2 protocols

The domain industry is going through a generational change to Registration Data Directory Services (RDDS) moving from the WHOIS protocol dating from 1982 to a modern JSON based protocol called RDAP. The term WHOIS is almost certain to outlive the protocol of its name and be applied to the equivalent data that comes from RDAP.

WHOIS replacement

WHOIS has well documented limitations, such as those listed by ICANN:

  • No standardised format.
  • Inability to authenticate users.
  • Lookup-only ability and no search support.
  • Lack of standardised redirection or reference.
  • No standardised way of knowing what server to query.
  • Inability to authenticate the server or encrypt data between server and client and therefore inherently insecure.

If you are a WHOIS user the time has come to upgrade utilise an RDAP client to consume RDDS data. There are a variety of RDAP clients around including both web and command line options, here are just a few to get started:

  1. Nominet Lookup is available at rdap.nominet.uk
  2. ICANN Lookup is available at lookup.icann.org
  3. A range of other RDAP clients, including for the command line are documented at https://rdap.rcode3.com/client_implementations/index.html

If you programatically utilise WHOIS, then you should look at utilising the RDAP standard instead.

WHOIS2 replacement

WHOIS2 was designed to allow a registrar to offer web based registration data query services for their customers on a centralised website.

It was an extension to WHOIS protocol where the registrar that was authorised to utilise it would pass through the IP address of the third-party querying the domain on the registrars website via what was otherwise a copy of the WHOIS protocol. The quotas of lookups were then applied to the pass-through IP address rather than the registrars IP address.

As the RDAP protocol works over HTTPS the service is queried direct from a web browser, a website must trigger an RDAP query direct from a users browser and not centralise checks. This ensures there is no need for variable quotas and the limits are applied to all IP addresses and subnets equally.

A website owner is in full control of the output they supply to their users; and whether that looks like traditional WHOIS or it takes a more modern approach.

You can find out more about RDAP here.

Minerva House, Edmund Halley Road, Oxford Science Park, OX4 4DQ, United Kingdom