ICANN's blog post details the transition from the legacy WHOIS protocol to the Registration Data Access Protocol (RDAP). RDAP offers several advantages over WHOIS, including standardized data formats, internationalized data, extensibility, and improved data access control through different access levels. This transition is necessary for WHOIS to comply with data privacy regulations like GDPR. ICANN encourages everyone using WHOIS to transition to RDAP and provides resources to aid in this process. The blog post highlights the key differences between the two protocols and reassures users that RDAP offers a more robust and secure method for accessing registration data.
The Internet Corporation for Assigned Names and Numbers (ICANN) blog post, "Evolution of WHOIS Protocol to RDAP - What You Need to Know," published on October 23, 2019, details the transition from the legacy WHOIS protocol to the Registration Data Access Protocol (RDAP) for accessing registration data related to domain names, IP addresses, and Autonomous System Numbers (ASNs). The post emphasizes that this shift represents a significant modernization effort, offering numerous advantages over the aging WHOIS system.
WHOIS, having served the internet community for many years, suffers from limitations in terms of data format standardization, internationalization support, and extensibility. This has led to inconsistencies in data presentation and accessibility, hindering efficient and reliable data retrieval. RDAP, designed as a successor to address these shortcomings, provides a structured, standardized, and extensible mechanism for accessing registration data. It leverages a RESTful web service, utilizing well-defined data formats like JSON and XML, allowing for more predictable and machine-readable responses. This facilitates automated data processing and integration with other systems, promoting greater efficiency in various applications.
A key advantage of RDAP is its inherent support for internationalization, accommodating different languages and scripts. This is a crucial improvement over WHOIS, which predominantly relied on ASCII text, often posing challenges for users and systems dealing with non-Latin characters. Furthermore, RDAP offers enhanced data access control mechanisms, enabling registrars and registries to implement specific access policies based on data types and user roles. This granular control enhances data privacy and security, addressing concerns associated with the open nature of WHOIS data.
The blog post highlights the gradual transition from WHOIS to RDAP, with ICANN encouraging stakeholders to adopt RDAP and progressively phase out reliance on the legacy system. It underscores the benefits of RDAP's structured data format, enabling more efficient querying and analysis, and its support for different data types, allowing for comprehensive access to registration information. The post also emphasizes the improved security and privacy features offered by RDAP through access control mechanisms, allowing for more granular control over data dissemination.
The post concludes by reiterating ICANN's commitment to facilitating the transition and providing resources to assist stakeholders in adopting RDAP. It encourages users to familiarize themselves with the protocol and its capabilities, recognizing it as the future of registration data access and a critical component of a more secure and efficient internet infrastructure. This transition represents a significant step forward in modernizing the management and access of critical internet resource registration information.
Summary of Comments ( 3 )
https://news.ycombinator.com/item?id=42998737
Several Hacker News commenters discuss the shift from WHOIS to RDAP. Some express frustration with the complexity and inconsistency of RDAP implementations, noting varying data formats and access methods across different registries. One commenter points out the lack of a simple, unified tool for RDAP lookups compared to WHOIS. Others highlight RDAP's benefits, such as improved data accuracy, internationalization support, and standardized access controls, suggesting the transition is ultimately positive but messy in practice. The thread also touches upon the privacy implications of both systems and the challenges of balancing data accessibility with protecting personal information. Some users mention specific RDAP clients they find useful, while others express skepticism about the overall value proposition of the new protocol given its added complexity.
The Hacker News post titled "Evolution of Whois Protocol to RDAP (2019)" has several comments discussing the transition from the legacy Whois protocol to the newer Registration Data Access Protocol (RDAP). Many commenters express frustration and skepticism about the supposed improvements of RDAP.
One recurring theme is the increased complexity of RDAP compared to Whois. Commenters point out that Whois, despite its flaws, was simple and easy to use, even scriptable. RDAP, with its structured data and reliance on specific query formats, is seen as more difficult to work with, particularly for casual users or those accustomed to the simplicity of Whois. This added complexity is viewed as a barrier to access, potentially hindering security research and transparency efforts.
Some commenters highlight the issue of rate limiting and access restrictions implemented by various registries. They argue that these limitations, often justified under the guise of privacy or abuse prevention, make it harder to gather information necessary for legitimate purposes like security research or investigating spam. The perception is that RDAP makes it easier for registrars to control and restrict access to registration data.
There's a sense of disappointment that RDAP hasn't delivered on its promise of improved privacy and security. While acknowledging that RDAP offers better privacy features in theory, commenters observe that many registrars still expose much of the same information, effectively negating the potential benefits. Some even argue that the added complexity of RDAP makes it harder to understand what data is being collected and shared.
The perceived lack of standardization in RDAP implementations is also a source of frustration. Commenters mention inconsistencies in data formats and query responses across different registries, making it difficult to develop tools that work universally. This lack of interoperability is seen as undermining the potential benefits of a standardized protocol.
Finally, several comments express cynicism about the motivations behind the transition to RDAP. Some speculate that it's driven more by the desire for greater control over data access and revenue generation rather than genuine improvements in privacy or security. The overall sentiment in the comments section leans towards viewing RDAP as a more complex and less accessible replacement for Whois, failing to deliver on its promised benefits and potentially hindering legitimate uses of registration data.