Home / Blogs

The Utility Formerly Known As WHOIS

Matt Serlin

Muscle memory is a funny thing. We don't even think about it really, but when we do the same thing over and over again, it just becomes second nature to us. This is how we've come to use WHOIS over the past two decades to get contact information for registered domain names.

If you wanted to see who owned a domain, you'd simply do a WHOIS search. I've probably done hundreds of thousands of them during my time in the industry. Well as of this week, a major step in the retirement of WHOIS officially took place.

The replacement for WHOIS is known as RDAP (Registration Data Access Protocol), and ICANN required its registrars and registries to be up and running with their RDAP servers no later than August 26. RDAP provides for more structured data in its responses and also will enable different levels of access based on authentication in the future, if needed.

While registries and registrars do have to continue to support the WHOIS utility, for the time being, there will come a point in the future where they will only provide access to registration data via RDAP. The days of referring to WHOIS lookups will soon be over, and instead, we will need to refer to RDAP queries. It doesn't roll off the tongue in the same manner, but over time, that's what we'll all be saying.

Of course, happening in parallel to this change in the technology is the ongoing work at ICANN with the Expedited Policy Development Process (ePDP) on gTLD Registration Data. We are in Phase 2 of that work now with the Phase 1 recommendations moving into the implementation stages.

Phase 2 of the ePDP is focusing on a standardized access model to non-public registration data (i.e., contact information previously readily available in WHOIS) by third parties. The work has been ongoing for several months, and the team has put in countless hours already. Having said that though, it doesn't feel like meaningful progress has been made yet.

The team received the "zero draft" report which contains a number of building blocks which are planned to be used to create the actual policy. This early draft report will be discussed at length when the team gets together in person in Los Angeles this week. Without sound legal advice on many fundamental questions, it's unclear how useful this early draft will prove to be. The current workplan has an initial draft report being issued before the end of 2019.

Understandably, these very impactful changes to the domain name system have some questioning why the previous WHOIS system with open and unfettered access to personal data was torn down; hoping we can get back to that paradigm one day.

While I understand that muscle memory is strong after all these years, it's a simple fact that things won't go back to the way they were. The reality is that the privacy landscape is vastly different today compared to when WHOIS was created, and that creates angst amongst its most active users.

Let's hope that with RDAP moving forward and the ongoing ePDP work in process, that the system we create will be both grounded in sound legal reasoning and allow for legitimate third-party needs to be met.

By Matt Serlin, SVP, Client Services and Operations at Brandsight
Follow CircleID on
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

Good and well-balanced article Volker Greimann  –  Sep 26, 2019 1:31 AM PDT

This is a good outline of the status quo. We all need to work together to create a system for workable and legal disclosure that meets the requirements for legitimate requesters. To do that, we need to shed unrealistic expectations based on what has gone before.

Let's switch from this constant tug of war and all assemble on the same side of the rope and pull it across the finish line together.

To post comments, please login or create an account.

Related

Topics

DNS Security

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC

Cybersecurity

Sponsored byVerisign

Whois

Sponsored byWhoisXML API

Cybercrime

Sponsored byThreat Intelligence Platform

New TLDs

Sponsored byAfilias

Domain Names

Sponsored byVerisign