WHOIS Replaced by RDAP - What That Means For Your Website

Let’s say you finally landed on your dream domain name. You went to purchase the domain but found that someone else already owns the domain

Instead of throwing up your hands and giving up in frustration, you could look up the domain registration information via WHOIS.

“Soon” Registration Data Access Protocol (RDAP) is slated to replace WHOIS. Don’t worry. This won’t change the way your website functions, just how to access information related to your domain. 

Below we’ll dive into why this change happened, and give you insight into what it means for your website and domain name. 

Note: the change to RDAP has been in process for a while, and the “go live” date was most recently slated for August 26, 2019. Keep up with current status here.

register domain name

The End of the WHOIS Era

WHOIS has been the primary way to lookup domain name registration information or IP address details for the past 35 years. It’s been pretty much the only game in town. 

Whether you wanted to know who owned a specific domain, or what the associated IP address was you would do a WHOIS lookup. You could do this through a website, or even via the command line. It was a simple and straightforward process. The data wasn’t always perfect, but the process worked. 

However, the internet, its purpose, and how it’s used is continually changing. What worked twenty, thirty, or even ten years ago, probably doesn’t function as well today. Just think of how different websites were just five years ago.

Recent changes and awareness of data privacy, brought to light via the GDPR legislation, have helped to propel the development of RDAP. 

Although WHOIS suited the needs of the internet population 35 years ago, it’s starting to show its age. Below we get into the limitations of WHOIS that RDAP seeks to address. 

Limitations of WHOIS

Like most technologies that were started decades ago, they’re going to be a little dated. This was especially true regarding the domain name system. Currently, there are over 350 million domain names that are registered. That’s a lot of domain name data that needs to be managed.

The original WHOIS protocol definitely wasn’t engineered with this future in mind.

Below we look at the biggest drawbacks of the existing WHOIS protocol that are fixed with the RDAP protocol. 

  1. No standardized format. The output data is text-based and will have a different result depending on each registry. This makes data parsing very difficult. 
  2. Lack of data authentication. There is no authentication for who is accessing the data, so privacy issues might arise. RDAP seeks to address this.
  3. No international support. As it currently stands there’s no way to make sense of different country/language data. 
  4. Lack of security protocols. Security standards across the web are rising. Data obtained from WHOIS isn’t very secure, as there were no verification, encryption, or authentication protocols in place. 

What is RDAP?

RDAP stands for Registration Data Access Protocol. It will eventually fully replace the existing WHOIS protocol. The change won’t happen instantly, but the rollout is taking place as we write this article. Over time, RDAP will be the only way to access domain registration and IP address information, and WHOIS will fully be a thing of the past.

RDAP will deliver domain registration information just like WHOIS has done in the past, but it will do so in a different format (which we highlight below) that’s also more standardized across the board. 

Right out of the gate RDAP has certain advantages over WHOIS, such as providing a secure way to access and request data, support for international data formats, and the ability to provide differentiated access to registration data.

On the surface, not much changes with the implementation of RDAP. Since RDAP will just return data, and it’s up to the registrar how that information will be displayed, so it could look exactly the same as the WHOIS source you’re used to.  

Core Features of RDAP

RDAP was designed to help solve the existing problems of WHOIS. As it stands now here are some of the core features provided by RDAP:

  • Built-in security. Connections will be forced over HTTPS, so it’s automatically more secure. Authentication is also built-in to the protocol.  
  • Standardized query, response, and error messages. All data that’s delivered will be in a standard format, the display of the information will be done on the end of the registrar. 
  • Authoritative server access. The protocol will quickly find the correct and most authoritative server, so the resulting data should be higher quality.  

Why is RDAP Being Implemented?

The existing WHOIS system worked for a while, but due to the vast changes in how the internet functions, along with increased security and privacy being a must today, it no longer serves the purpose it once did.

The issues with WHOIS have been known for over a decade, but replacing such a widespread system takes time. Deficiencies like no international support, lack of secure data access, lack of differentiated access, and no support for a standardized query, response, or error responses have been known for some time.

In 2011, the Internet Corporation for Assigned Names (ICANN) was advised to evaluate and adopt a replacement protocol. The Internet Engineering Task Force (IETF) was the organization that began to create the replacement protocol. 

Recently, ICANN has been working with registrars to implement RDAP. Since there are so many different registrars across the globe, adopting this new protocol will take a while, but it is currently underway.

If all the above acronyms and organization names were confusing, here’s a quick rundown:

  1. WHOIS has been around for so long it’s not as effective, and there are glaring drawbacks.
  2. ICANN has known about these issues since 2011 and was working towards the alternative.
  3. The alternative RDAP is now being implemented with registrars across the globe.

What This Change Means for Website Owners

For most website owners, this change won’t mean a lot. Your website and domain name will function the exact same way as they used to. Think of this as a behind the scenes change that doesn’t directly affect your website in its present form.

This is a much different situation than the recent GDPR rollout, which did impact websites and how they dealt with and stored data.

The only thing the move to RDAP will change is the type of data that you’re able to access. In the past, you would use WHOIS to lookup registration data associated with a given domain. Now, the process is the same, but you’ll have access to higher quality data that’s more secure. You’ll still access domain registration and IP address information the same way.

The only type of websites that this does affect are existing registrars. If you’re running a domain registrar, you would have known about this change a long, long time ago. But since it’s a protocol, it won’t change any data that’s currently being stored. It’s just a new way to access the data. The only thing that might change is how the resulting data might display, but this format will be more user-friendly anyways.

As you can see, the changes that RDAP brings into effect don’t really change much on the surface. Think of it as an upgrade to how domain registration and user data is accessed, making it much more secure and standardized moving into the future. 

Kevin Wood writes about technology and human potential. You can find him at his virtual homes Wooden Writing and Counter Culturist.