Registration Data Access Protocol

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

The Registration Data Access Protocol (RDAP) is a computer network communications protocol standardized by a working group at the Internet Engineering Task Force in 2015, after experimental developments and thorough discussions. It is a successor to the WHOIS protocol, used to look up relevant registration data from such Internet resources as domain names, IP addresses, and autonomous system numbers.

While WHOIS essentially retrieves free text, RDAP delivers data in a standard, machine-readable JSON format.[1] In order to accomplish this goal, the output of all operative WHOIS servers was analyzed, taking a census of the labels they used.[2] RDAP designers, many of whom are members of number or name registries, strove to keep the protocol as simple as possible, since complexity was considered one of the reasons why previous attempts, such as CRISP, failed. RDAP is based on RESTful web services, so that error codes, user identification, authentication, and access control can be delivered through HTTP.[3]

The biggest delay in getting RDAP done turned out to be the bootstrap, figuring out where the server is for each top level domain, IP range, or ASN range. IANA agreed to host the bootstrap information in suitable registries, and publish it at a well-known location URLs in JSON format. Those registries started empty and will be gradually populated as registrants of domains and address spaces provide RDAP server information to IANA.[4][5] For number registries, ARIN set up a public RDAP service which also features a bootstrap URL, similar to what they do for WHOIS.[6] For name registries, ICANN requires RDAP compliance since 2013.[7][8]

Number resources[edit]

RDAP databases for assigned IP numbers are maintained by five Regional Internet registries. ARIN maintains a bootstrap database.[9] Thanks to the standard document format, tasks such as, for example, getting the abuse team address of a given IP number can be accomplished in a fully automated manner.[10]

Name resources[edit]

RDAP databases for registered names are maintained after ICANN agreement.[7] Name resources are much slower, as the number of registries under ICANN is huge. In addition, as the GDPR became enforceable, in May 2018, the problem of personal data divulged via WHOIS or RDAP slowed adoption further.[11]


  1. ^ Newton, Andrew; Hollenbeck, Scott (March 2015). JSON Responses for the Registration Data Access Protocol (RDAP). IETF. doi:10.17487/RFC7483. RFC 7483. Retrieved 2016-11-10. CS1 maint: discouraged parameter (link)
  2. ^ Zhou, L.; Kong, N.; Shen, S.; Sheng, S.; Servin, A. (March 2015). Inventory and Analysis of WHOIS Registration Objects. IETF. doi:10.17487/RFC7485. RFC 7485. Retrieved 2016-11-10. CS1 maint: discouraged parameter (link)
  3. ^ "Web Extensible Internet Registration Data Service (weirds)". IETF. 2015-03-25. Retrieved 2016-11-10.
  4. ^ John Levine (2014-09-10). "The replacement for WHOIS is surprisingly close". Retrieved 2016-11-10. CS1 maint: discouraged parameter (link)
  5. ^ Blanchet, Marc (March 2015). Finding the Authoritative Registration Data (RDAP) Service. IETF. doi:10.17487/RFC7484. RFC 7484. Retrieved 2016-11-10. CS1 maint: discouraged parameter (link)
  6. ^ "The Registration Data Access Protocol (RDAP)". ARIN. 2015-06-22. Retrieved 2016-11-10. CS1 maint: discouraged parameter (link)
  7. ^ a b "2013 Registrar Accreditation Agreement". ICANN. Archived from the original on 2017-06-07. Retrieved 2016-11-10. Following the publication by the IETF of a Proposed Standard, Draft Standard or Internet Standard and any revisions thereto (as specified in RFC 2026) relating to the web-based directory service as specified in the IETF Web Extensible Internet Registration Data Service working group, Registrar shall implement the directory service specified in any such standard (or any revision thereto) no later than 135 days after such implementation is requested by ICANN CS1 maint: discouraged parameter (link)
  8. ^ New gTLD Program Committee (NGPC) (2013-07-02). "New gTLD Agreement" (PDF). ICANN. Retrieved 2016-11-10. Registry Operator shall implement a new standard supporting access to domain name registration data (SAC 051) no later than one hundred thirty-five (135) days after it is requested by ICANN if: 1) the IETF produces a standard (i.e., it is published, at least, as a Proposed Standard RFC as specified in RFC 2026); and 2) its implementation is commercially reasonable in the context of the overall operation of the registry CS1 maint: discouraged parameter (link)
  9. ^ "RDAP at ARIN" (PDF). September 17, 2019.
  10. ^ "abuserdap".
  11. ^ Kieren McCarthy (October 23, 2019). "Haunted by Europe's GDPR, ICANN sharpens wooden stake to finally slay the Whois vampire". The Register.

External links[edit]