RDAP delivers registration data like Whois, but unlike Whois, it can support internationalization and secure, differentiated access. The gTLD RDAP Profile, developed by ICANN, registries, and registrars, meets the requirements of the Temporary Specification for gTLD Registration Data.
RDAP encompasses a set of uniform patterns for querying registration data using a RESTful web service that is implemented using the Hypertext Transfer Protocol (HTTP). RFC 7482 identified deficiencies of the Whois protocol and outlined how RDAP is meant to address the lack of:
- Standardized command structures:
- To develop an RDAP client, configure it to send HTTP requests to https://rdap.org/<type>/<object>, where <type> is the object type and <object> is the object identifier;
- Standardized output and error structures:
- HTTP Status Codes include
- 302 – occurs when RDAP.org knows of an RDAP service that is authoritative for the requested resource
- 400 – occurs when RDAP.org receives an invalid request
- 404 – occurs when RDAP.org doesn’t know of an RDAP service that is authoritative for the requested resource
- 429 – occurs if you have exceeded the rate limits
- 500 – occurs when RDAP.org is broken in some way
- 504 – occurs if RDAP.org needs to refresh the IANA bootstrap registry, but cannot;
- Support for internationalization, localization, user identification, authentication, and access control.
RDAP is specified as a suite Internet Request for Comments (RFC) documents.
- RFC 7480 – HTTP Usage in the Registration Data Access Protocol (RDAP)
- RFC 7481 – Security Services for the Registration Data Access Protocol (RDAP)
- RFC 7482 – Registration Data Access Protocol (RDAP) Query Format
- RFC 7483 – JSON Responses for the Registration Data Access Protocol (RDAP)
- RFC 7484 – Finding the Authoritative Registration Data (RDAP) Service
- RFC 7485 – Inventory and Analysis of WHOIS Registration Objects
The IETF purposefully avoided encompassing all of the methods employed in Whois and other RESTful web services used by RIRs and registries. IETF expects all registries to continue maintaining Whois and other RESTful web services based on their constituencies’ needs. RDAP is able to accommodate custom extensions, and its reliance on HTTP means it can accommodate mechanisms for servers to authenticate clients and for clients to authenticate servers. RFC 7481 describes such RDAP-supported authentication mechanisms.
The intent of RDAP is limited to offering a searchable directory of:
- networks by IP address,
- autonomous system numbers by number,
- reverse DNS metadata by domain,
- nameservers by name,
- registrars by name; and
- contacts information by identifier.
RDAP vs Whois
|data representation||machine-readable||generally read-only|
|query||Structured request and response semantics|
|scripts||ASCII and non-ASCII||ASCII|
|time frame||RFC in 2015, implemented in 2019||RFC in 1982 – present|
|IRRs||RPKI signed data model||RPSL model|
|deployment||100% at the RIR-level, but not ready for public listing services||100%|