The next generation of WHOIS is born

Today marks a milestone in the decades-long effort to improve how domain name ownership data is structured and processed. Replacing traditional Port 43 WHOIS, the Registration Data Access Protocol (RDAP) is the new mechanism by which domain name ownership information will be shown going forward.

Where did this come from?

Domain name registration data, commonly called WHOIS, has been the subject of policy discussions in various forms at ICANN for decades. Working groups at ICANN have labored over developing policies around which data should be required of domain name registrants, whether domain name registration data should be allowed to be private, and how accessible the data should be. Separate and distinct from these divisive and often politically charged conversations, the broader ICANN community has long agreed that regardless of the outcome of these policy conversations, domain name registration data should at least be formatted consistently.

While the conversation began as early as 2002, as of August 26th 2019 domain name registries and registrars are finally required to utilize RDAP as their registration data output protocol.

What’s happening?

The existing protocol to deliver registration data over Port 43 WHOIS is still required for now. However, ICANN and “contracted parties” (domain name registries and registrars) have already begun conversations around the proper timeline to sunset this protocol, which is likely to be as early as 2020.

The name of this data set is also changing away from WHOIS (which looks like an acronym but isn’t), a term that did double-duty as shorthand for the access protocol, as well as for the data itself. While RDAP replaces WHOIS as the new protocol, there is not yet a catchy acronym for the data. Many in the ICANN community have adopted the descriptive nomenclature “registration data,” and surprisingly even ICANN seems to have given up on establishing a catchy acronym. Instead, ICANN is redirecting whois.icann.org to its new registration data lookup site at https://lookup.icann.org

What are the advantages?

Benefits of this new protocol include the consistent labeling and display of all the various data fields.

Going forward, the country data field will always appear as, for example, “US” (emphasis added). Port 43 WHOIS on the other hand allowed for free-form data, which could have resulted in the country field being listed as US, USA, United States, or otherwise depending on each individual registrar’s preferred syntax. This problem was compounded by the potential for geopolitical factors to complicate questions of sovereignty.

RDAP on the other hand requires the country code output to match the ISO 3166-1 alpha-2 standard, which is conveniently also used for ccTLD assignment. Consistent data syntax in this and other registration data fields will make it far easier for brand owners and cybersecurity professionals to identify trends in cybersquatting, phishing, botnets, and other threat actors, and eventually to join multiple domain names in a consolidated UDRP case.

A more technical improvement is that there is now a defined referral mechanism from registry to registrar (known as “bootstrapping”). This means that queries to a registry should follow the referral to the registrar to pull back the authoritative data from that registrar. This will be the case for “thin” registries which do not store registration data today.

Other improvements brand owners will appreciate include that RDAP also includes support for internationalization, secure data transmission, and the technical ability to facilitate “differentiated access,” should future policy allow or require it. This differentiated access has the potential to be the technical underpinnings of a future System for Standardized Access/Disclosure of registration data (also commonly called the Unified Access Model, Standardized Access Model, or Accreditation and Access Model), depending on the outcome of the EPDP Phase 2 policy work.

What do brand owners need to do?

After Port 43 WHOIS is retired, organizations and individuals that process WHOIS data today will need to build or use an existing RDAP client to access this data. Some browsers already parse RDAP outputs into a more human-friendly format. For example, go to the following link in the Firefox browser: https://rdap.markmonitor.com/rdap/domain/markmonitor.org

Brand owners as domain name registrants do not need to do anything for their own registration data, as RDAP compliance is now the responsibility of registries and registrars. Registrants could review the IANA registrar list to see whether their registrar has published its RDAP server address and ensure their registrar is up to date on the new protocol and in compliance with their contractual obligation.

MarkMonitor’s Senior Domain Product Manager, Justin Mack, continues to participate in the ICANN RDAP Pilot group to contribute to this important change in the domain name system. The working group is an example of registries and registrars working together to implement policy for the benefit of the community. For any questions, or to get more involved, please feel free to contact either of us or your MarkMonitor CSM.