ICANN is transitioning from the WHOIS protocol to the Registration Data Access Protocol (RDAP) for accessing domain name registration data. RDAP offers improved access control, internationalized data, and a structured, extensible format, addressing many of WHOIS's limitations. While gTLD registry operators were required to implement RDAP by 2019, ICANN's focus now shifts to encouraging its broader adoption and eventual replacement of WHOIS. Although no firm date is set for WHOIS's complete shutdown, ICANN aims to cease supporting the protocol once RDAP usage reaches sufficient levels, signaling a significant shift in how domain registration information is accessed.
ICANN's blog post details the transition from the legacy WHOIS protocol to the Registration Data Access Protocol (RDAP). RDAP offers several advantages over WHOIS, including standardized data formats, internationalized data, extensibility, and improved data access control through different access levels. This transition is necessary for WHOIS to comply with data privacy regulations like GDPR. ICANN encourages everyone using WHOIS to transition to RDAP and provides resources to aid in this process. The blog post highlights the key differences between the two protocols and reassures users that RDAP offers a more robust and secure method for accessing registration data.
Several Hacker News commenters discuss the shift from WHOIS to RDAP. Some express frustration with the complexity and inconsistency of RDAP implementations, noting varying data formats and access methods across different registries. One commenter points out the lack of a simple, unified tool for RDAP lookups compared to WHOIS. Others highlight RDAP's benefits, such as improved data accuracy, internationalization support, and standardized access controls, suggesting the transition is ultimately positive but messy in practice. The thread also touches upon the privacy implications of both systems and the challenges of balancing data accessibility with protecting personal information. Some users mention specific RDAP clients they find useful, while others express skepticism about the overall value proposition of the new protocol given its added complexity.
Summary of Comments ( 273 )
https://news.ycombinator.com/item?id=43384069
Hacker News commenters largely express frustration and skepticism about the transition from WHOIS to RDAP. They see RDAP as more complex and less accessible than WHOIS, hindering security research and anti-abuse efforts. Several commenters point out the lack of a unified, easy-to-use RDAP client, making bulk queries difficult and requiring users to navigate different authentication mechanisms for each registrar. The perceived lack of improvement over WHOIS and the added complexity lead some to believe the transition is driven by GDPR compliance rather than actual user benefit. Some also express concern about potential information access restrictions and the impact on legitimate uses of WHOIS data.
The Hacker News post "Launching RDAP; sunsetting WHOIS" discussing ICANN's plan to replace WHOIS with RDAP has generated a moderate amount of discussion, with a focus on the practical implications and perceived shortcomings of the transition.
Several commenters express skepticism about RDAP's purported benefits, particularly regarding data accessibility. One user highlights the increased complexity of querying RDAP compared to WHOIS, noting the requirement for specific queries for each top-level domain (TLD) and the varied responses that can make parsing difficult. This complexity is contrasted with the simplicity of WHOIS, which offered a single point of access. The user expresses doubt that RDAP will be as widely adopted or as useful as WHOIS.
Building on this theme, another commenter points out the lack of a comprehensive, unified RDAP interface, leading to fragmentation and increased difficulty in obtaining domain information. They argue that this lack of a centralized system negates the benefits of a structured data format, making RDAP less practical than WHOIS for many users. They lament the potential loss of a useful tool and the added complexity introduced by RDAP.
Another commenter questions the actual improvements offered by RDAP, highlighting the potential for similar abuse and privacy issues despite the structured data format. They point to the existing challenges with WHOIS data accuracy and the possibility of similar inaccuracies persisting in RDAP.
One user expresses concern about the impact on security researchers and incident responders who rely on WHOIS data. They note the ease of automating WHOIS lookups and worry that the distributed nature of RDAP will hinder efficient data gathering for security purposes.
The discussion also touches upon the internationalization aspects of RDAP, with one user praising the support for internationalized domain names and other languages. However, another commenter questions the enforcement of accuracy in internationalized data, suggesting that this aspect might introduce further complexities.
Finally, a couple of comments reflect a more accepting stance towards the transition. One user simply acknowledges the change, while another points out the limited utility of WHOIS even before its deprecation, hinting at the potential for RDAP to offer improvements, albeit with challenges.
In summary, the comments on Hacker News largely express concerns about the practical usability and effectiveness of RDAP as a replacement for WHOIS. The primary themes include increased complexity, lack of a unified interface, potential for similar data accuracy issues, and the impact on security researchers. While some acknowledge the potential benefits of structured data and internationalization, the prevailing sentiment appears to be one of skepticism and apprehension regarding the transition.