Recent Posts
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
- $2 million Christmas bonus for ICANN
- Another VW car dot-brand crashes out
- Largest back-end switch EVER as GoDaddy loses deal
- Yeah, we got phished, ICANN admits after crypto hack
- ICANN hacked to promote crypto scam
- Super Bowl a bit of a dud for .com?
- More gloom predicted for .com
- These are the .gov domains Trump has deleted so far
- Did Trump just create the world’s next ccTLD?
- $3,000 to do a Whois lookup?
- PIR to join GlobalBlock, but its crown jewel won’t
- LA wildfire victims get domain deletes delay
- .free domains to finally arrive as Amazon reveals three gTLD launches
- Six more gTLDs shown the door, five may be auctioned
- Registrar terminated after ignoring Whois transition
- $10 million ICANN giveaway winners picked
- Whois officially died today
- Typo left MasterCard open to hackers for years
- Could ICANN approve an R-word gTLD?
- These are the TLD growers and shrinkers of 2024 (part two)
- GoDaddy ordered to stop lying about crappy security
- These are the TLD growers and shrinkers of 2024 (part one)
- Dead terrorist domains for sale, just without the hyphens
- ICANN eyes more price hikes as it predicts dismal year for industry
- Meet the six people battling to join ICANN’s board
- New gTLD use cases not much use
- Defensive dot-brands are renewing, making ICANN millions
- Identity Digital offers free domain trials through LinkedIn
- Antisemitic remarks cost registrar dearly
- ICANN lawyers want to keep their clients secret
- Facebook cybersquatter asks ICANN to overturn UDRP ruling
- .xxx founder Stuart Lawley has died
- The new gTLD Next Round is really happening as two ICANN programs go live
- Verisign has much to be thankful for as .com contract renewed
- Another 40,000 .ai domains registered
- RDRS usage hits new low
- A dot-brand that was actually used is shutting down
- .id joins the million-domain club
- GoDaddy’s .xxx contract renewed
- Twitter clone Bluesky has one feature domain people should like
- ICANN confirms two bans on new gTLD gaming
- eBay slogan domain no longer has a BIN price
- Will Donald Trump be .io’s white knight?
- As customers flee legacy gTLDs, .org tops 11 million names
- Company accidentally puts porn domain on kids’ toys
- eBay’s new slogan looks like a $75,000 domain it doesn’t own
- Americans are deserting .com
- Weak Q3 for the domain universe, Verisign reports
- ICANN says it WILL raise its domain taxes soon
- Senator says domain industry “enables” Russian disinfo attacks
- bit.ليبيا? Libya to get its Arabic ccTLD
- Verisign gets eight more years running the root
- Two-horse race for open ICANN board seat
- Chinese say internet not ready for single-letter gTLDs
- Unloved INTA slams ICANN over new gTLDs
- Namecheap scores win in .org price-cap lawsuit
- Some Guy wants to take over .com and .net
- Second-shot gTLD bid rules revealed
- Nominet names directors after tight election
- Lawyer ban coming to ICANN
- Identity Digital to take over .ai
- ICA teams up with WIPO on UDRP reform
- Response to sex harassment lawsuit “inadequate”, say ICANN vets
- Unstoppable tops four million names
- Amazon readying fashion and book gTLDs
- Five times ICANN deleted a ccTLD, and what it means for .io
- Future of .io domains uncertain as UK hands over Chagos islands
- .ai now has over half a million names
- UK and Israel cut ICANN funding
- Twitter now up-to-date on linkification
- Moment of truth as .music domains finally go on sale
- ICANN fixes embarrassing “What is a Domain Name?” mistake
- Another ccTLD opens up its second level
- Reporter gains first access to .io island for decades
- .io sells $40 million of domains after massive uptick
- After five years, “useless” TLD has two web sites
- Verisign agrees to .com takedown rules
- New .com contract could see ALL domain prices go up
- Investing in .ad domains may be risky
- Plurals ban policy handed to ICANN board
- Three .now domains sell at premium EAP prices
- ICANN confirms new gTLD application fee
- New gTLD application fee rises by thousands after collision call
- Former .co registry defeated in $350 million contract fix case
- Is this the first Next Round new gTLD contention battle?
- ICANN names its Supreme Court judges
- Who uses Sunrise nowadays? You might be surprised
- ICANN gunning for Tencent over abuse claims
- All the one-character .sk domains to be auctioned
- Straggler gTLD signs first ICANN contract for years
- GoDaddy likely to win relaxed .xxx deal
- Tonkin promoted to CEO at auDA
- ICANN hires new Ombuds from WIPO
- Big twist as ICANN bans new gTLD auctions
- ICANN to “strengthen” harassment rules as it picks another homophobic meeting host
- .my global relaunch starts slowly despite cheapo prices
- Hackers break .mobi after Whois domain expires
- The new gTLD next, next and next round
- Squarespace gets sweetened $7.2 billion takeover offer
- ICANN hit by DDoS attack
- Russia calls for ICANN to split from US
Registries have started shutting down Whois
Nominet seems to have become the first major registry services provider to start to retire Whois across its portfolio, already cutting off service for about 70 top-level domains.
Queries over port 43 to most of Nominet’s former Whois servers are no longer returning responses, and their URLs have been removed from the respective TLDs’ records on the IANA web site.
The move follows the expiration last month of ICANN’s contractual requirements to provide Whois in all gTLDs. Now, registries must use the successor protocol RDAP instead, with Whois optional.
A Nominet spokesperson tells us the shut-off, which affects large dot-brand clients including Amazon, happened after consultation with ICANN and clients on January 29.
TLDs Nominet was supporting under ICANN’s Emergency Back-End Registry Operator program are also affected.
The registry spokesperson said that the gTLDs .broadway, .cymru, .gop, .pharmacy, and .wales are still offering Whois, due to an interoperability issue:
“The sole reason for the retention of these gTLD WHOIS services is for interoperability with the Brand Safety Alliance (BSA) service integration, which does not yet support RDAP,” she said.
The BSA is the GoDaddy-backed project that offers the multi-TLD GlobalBlock trademark-blocking service.
Nominet’s flagship .uk is also still offering Whois, because Nominet discovered that some of its registrars were still using it, rather than EPP, to do domain availability checks.
The fact that a GoDaddy service and some .uk registrars still don’t support RDAP, even after a years-long ICANN transition plan, is perhaps revelatory.
I’ll admit the only reason I noticed Nominet’s Whois coverage was patchy was that I’d neglected to update one of my scripts and it started failing. Apparently I was not alone.
While RDAP can be fairly simple to implement (if I can do it…), actually finding each registry’s RDAP server is a bit more complicated than under the Whois regime.
All gTLD registries were obliged to offer Whois at whois.nic.[tld], and IANA would publish the URLs on its web site, but RDAP URLs are not standardized.
It’s not super obvious, but it seems instead you have to head over to IANA’s “Bootstrap Service” and download a JSON file containing a list of TLDs and their associated base RDAP URLs.
$3,000 to do a Whois lookup?
ICANN’s Registration Data Request Service cost hundreds, maybe even thousands, of dollars every time it was used in its first year, according to an analysis of official stats.
RDRS is the system designed to connect entities such as trademark owners, security researchers, and law enforcement with registrars, allowing them to request private domain registration data that is usually redacted in Whois records.
It’s running as a two-year pilot, in order to gauge demand and effectiveness, and its first full month of operation was December 2023.
ICANN has been publishing monthly transparency reports, including data such as number of requests and outcomes, and we know how much it cost the Org to develop and operate, so it should be possible to make some back-of-the-envelope calculations about how much each request costs the ICANN taxpayer.
The cost could range from about $300 to over $3,000 per request, even using some fairly generous assumptions.
RDRS cost $1,647,000 to develop, which is pretty much a shoestring by ICANN standards. Most of that was internal staffing costs, with some also being spent on external security testing services.
The total operational cost for the first 10 months was $685,000. Before ICANN publishes its calendar Q4 financials later this month, we could extrapolate that the first 12 months of operation was around $800,000, but let’s be generous and stick with $685,000 for this particular envelope’s backside.
While there were 7,871 registered requesters at the end of November 2024, they had collectively only submitted 2,260 requests over the same period.
Only 2,057 of those requests had been closed at the end of the period, and only 23% of closed requests resulted in registrar approval and data being fully handed over to the requester.
That works out to 474 approved requests in the first year.
With the most-generous assumptions, $685,000 of ops costs divided by 2,260 requests equals $303 per request.
If we only count approved requests, we’re talking about $1,445 per successful Whois lookup equivalent.
But we should probably switch to an envelope with a larger rear end and include the $1.6 million development costs in our calculations too.
If we factor in half of those costs (it’s a two-year pilot), we’re looking at about $666 per request or $3,181 per successful request in the first 12 months.
If the system was more widely used, the per-request cost would of course fall under this calculation, but there’s no indication that usage is significantly on the increase just yet.
These are only the costs incurred to ICANN. Registrars on one side of the service and requesters on the other also bear their own costs of working with the service.
Dealing with RDRS is not the same as doing a Whois lookup. You have to deal with a much lengthier form, add attachments, make a reasoned legal case for your request, etc. It eats work-hours and staff need to be trained on the system.
It may seem that $3,181 to do a Whois lookup is too expensive for the ICANN taxpayer.
And maybe it is, if it’s being predominantly used to assist (say) Facebook’s trademark enforcement strategy.
But if those Whois lookups help law enforcement more quickly nail a gang of fentanyl dealers or child sexual abuse material distributors, maybe the costs are more than justified.
At the end of November the number of requests from law enforcement was 15.6% of the total, while IP holders accounted for 29.7%, ICANN stats show.
ICANN’s board of directors will decide towards the end of the year whether the RDRS pilot has been successful and whether it should continue indefinitely.
Whois officially died today
Domain registries and registrars are no longer obliged to offer Whois services as of today, the deadline ICANN set for formally sunsetting the protocol.
It’s been replaced by RDAP, the newer Registration Data Access Protocol, which offers a more structured way to deliver domain ownership information.
Under ICANN’s standard Registry Agreement and Registrar Accreditation Agreement, January 28 marks the end of the RDAP “ramp up period” and the moment Whois becomes purely optional.
I expect many registrars will offer Whois and RDAP in parallel for a while, so ingrained in internet architecture is the older protocol. Likewise, the term “Whois” will likely be used colloquially to refer to RDAP for some time.
The data delivered by RDAP is not substantially different to that delivered by Whois, and those who access Whois via a web interface, such as ICANN’s lookup.icann.org, probably won’t notice any difference.
The main headaches will likely be experienced by those using custom software to access Whois over port 43, who may find they have to tweak their code to parse incoming RDAP responses instead.
Importantly, the switch to RDAP does not mean users will get data that was already redacted in Whois. Privacy laws such as GDPR apply equally to RDAP.
The only way to obtain private data is contacting the relevant registrar, directly or via ICANN’s Registration Data Request Service, and crossing your fingers.
ICANN’s private Whois data request service goes live
ICANN has this evening gone live with its service that enables anyone to request private Whois data on any gTLD domain.
The Registration Data Request Service lets people request contact information on registrants that would otherwise be redacted in the public Whois due to laws such as the GDPR.
The press release announcing the launch seems to have come out an hour or two before the service actually became accessible, but it’s definitely live now and I’ve tried it out.
The system is defined largely by what it isn’t. It isn’t an automated way to get access to private data. It isn’t guaranteed to result in private data being released. It isn’t an easy workaround to post-GDPR privacy restrictions.
It is a way to request an unredacted Whois record knowing only the domain and not having to faff around figuring out who the registrar is and what their mechanisms and policies are for requesting the data.
After scaling back the extremely complex and expensive original community recommendations for a post-GDPR Whois service, ICANN based the RDRS on its now decade-old Centralized Zone Data Service, which acts as an intermediary between registries and people like myself who enjoy sniffing around in zone files.
The RDRS merely connects Whois data requestors — the default settings in the interface suggest that ICANN thinks they’ll mostly be people with court orders — with the registrars in charge of the domains they are interested in.
Anyone who has used CZDS will recognize the interface, but the requesting process is longer, more complex, and requires accepting more disclaimers and Ts&Cs. That said, it’s not particularly confusing.
At first glance, it looks fine. Slick, even. I’ve used it to submit a test request with GoDaddy for my own Whois data, specifying that whoever deals with the request is free to ignore it. Let’s see what happens.
ICANN signs Whois’ death warrant in new contracts
Whois as we have known it for decades will be phased out of gTLDs over the next couple of years, after ICANN approved changes to its contracts at the weekend.
The board of directors signed off on amendments to the base Registry Agreement and Registrar Accreditation Agreement after they were approved by the requisite majority of registries and registrars earlier this year.
The changes outline how registries and registrars must make the move away from Whois, the technical specification, toward the functionally similar RDAP, the Registration Data Access Protocol.
After the amendments go into effect, contracted parties will have about 18 months to make the migration. They’ll be allowed to run Whois services in parallel if they wish after the transition.
People will in all likelihood carry on referring to such services as “Whois”, regardless, rather than the official replacement term “Registration Data Directory Services” or RDDS.
The RAA amendment will also require registrars to provide full RDAP output, rather than relying on “thick” registries to do it for them.
None of the changes affect how much personal information is returned for domain ownership lookups.
New ICANN contracts chart the death throes of Whois
Whois is on its death bed, and new versions of ICANN’s standard contracts put a timeline to its demise.
The Org has posted proposed updates to its Registrar Accreditation Agreement and Registry Agreement, and most of the changes focus on the industry-wide transition from the Whois standard to the newer Registration Data Access Protocol.
We’re only talking about a change in the technical spec and terminology here. There’ll still be query services you can use to look up the owner of a domain and get a bunch of redactions in response. People will probably still even refer to it as “Whois”.
But when the new RAA goes into effect, likely next year, registrars and registries will have roughly 18 months to make the transition from Whois to RDAP.
Following the contract’s effective date there’ll be an “RDAP Ramp-up Period” during which registrars will not be bound by RDAP service-level agreements. That runs for 180 days.
After the end of that phase, registrars will only have to keep their Whois functioning for another 360 days, until the “WHOIS Services Sunset Date”. After that, they’ll be free to turn Whois off or keep it running (still regulated by ICANN) as they please.
ICANN’s CEO and the chair of the Registrars Stakeholder Group will be able to delay this sunset date if necessary.
Most registrars already run an RDAP server, following an order from ICANN in 2019. IANA publishes a list of the service URLs. One registrar has already lost its accreditation in part because it did not deploy one.
There’ll be implementation work for some registrars, particularly smaller ones, to come into compliance with the new RAA, no doubt.
There’ll also be changes needed for third-party software and services that leverage Whois in some way, such as in the security field or even basic query services. Anyone not keeping track of ICANN rules could be in for a sharp shock in a couple of years.
The contracted parties have been negotiating these changes behind closed doors for almost three years. It’s been almost a decade since the last RAA was agreed.
The contracts are open for public comment until October 24.
ICANN adds another six months to Whois reform roadmap
ICANN says that its preparatory work for possible Whois reforms will take another six months.
The Operational Design Phase for the System for Standardized Access and Disclosure will now conclude “by the end of February 2022”, ICANN said this week.
That’s after the Org missed its original September deadline after six months of work.
ICANN program manager Diana Middleton said at ICANN 72 last week that ODP had been delayed by various factors including surveys taking longer than expected and throwing up more questions than they answered.
A survey of Governmental Advisory Committee members due September 17 was extended until the end of October.
But she added that ICANN intends to throw its first draft of the output — an Operational Design Assessment — at its technical writers by the end of the month, with a document going before the board of directors in early February.
SSAD is the proposed system that would funnel requests for private Whois data through ICANN, with a new veneer of red tape for those wishing to access such data.
The ODP is ICANN’s brand-new process for deciding how it could be implemented, how much it would cost, and indeed whether it’s worthwhile implementing it at all.
It’s also being used to prepare for the next round of new gTLDs, with a 13-month initial deadline.
The longer the current ODP runs, the greater the cost to the eventual SSAD user.
Whois rule changes that nobody likes get approved anyway
ICANN’s Generic Names Supporting Organization Council has approved a handful of changes to Whois policy, despite the fact that pretty much nobody was fully on-board with the proposals and how they were made.
The new recommendations call for a new field in Whois records to flag up whether the registrant is a private individual, whose privacy is protected by law, or a legal entity like a company, which have no privacy rights.
But the field will be optional, with no obligation for registries or registrars to use it in their Whois services, which has angered intellectual property interests, governments and others.
The working group that came up with the recommendations also declined to find that Whois records should come with an anonymized registrant email address as standard. This absence of change was also adopted by the Council, causing more disappointment.
In short, nothing much is happening to Whois records for the foreseeable future as a result of these policy changes.
But the process to arrive at this conclusion has highlighted not just the deep divisions in the ICANN community but also, some argue, deficiencies in the ICANN process itself.
The Expedited Policy Development Process working group that has since 2018 been looking at the interaction between Whois and privacy protection law, primarily the European Union’s General Data Protection Regulation, had been asked two final questions earlier this year, to wrap up its long-running work.
First, should registrars and registries be forced to distinguish between legal and natural persons when deciding what data to publish in Whois?
Second, should there be a registrant-based or registration-based anonymized email published in Whois to help people contact domain owners and/or correlate ownership across records?
The answer on both counts was that it’s up to the registry or registrar to decide.
On legal versus natural, the EPDP decided that ICANN should work with the technical community to create a new field in the Whois standard (RDAP), but that there should be no obligation for the industry to use it.
On anonymized email addresses, the working group recommendations were even hand-wavier — they merely refer the industry to some legal advice on how to implement such a system in a GDPR-compliant way.
While this phase of the EPDP’s work was super-fast by ICANN standards (taking about nine months) and piss-weak with its output, it nevertheless attracted a whole lot of dissent.
While its tasks appeared straightforward to outsiders, it nevertheless appears to have inherited the simmering tensions and entrenched positions of earlier phases and turned out to be one of the most divisive and fractious working groups in the modern ICANN period.
Almost every group involved in the work submitted a minority statement expressing either their displeasure with the outcome, or with the process used to arrive at it, or both. Even some of the largely positive statements reek of sarcasm and resentment.
EPDP chair Keith Drazek went to the extent of saying that the minority statements should be read as part and parcel of the group’s Final Report, saying “some groups felt that the work did not go as far as needed, or did not include sufficient detail, while other groups felt that certain recommendations were not appropriate or necessary”.
This Final Report constitutes a compromise that is the maximum that could be achieved by the group at this time under our currently allocated time and scope, and it should not be read as delivering results that were fully satisfactory to everyone.
The appears to be an understatement.
The Intellectual Property Constituency and Business Constituency were both the angriest, as you might expect. They wanted to be able to get more data on legal persons, and to be able to reverse-engineer domain portfolios using anonymous registrant-baed email addresses, and they won’t be able to do either.
The Governmental Advisory Committee and Security and Stability Advisory Committee both expressed positions in line with the IPC/BC, dismayed that no enforceable contract language will emerge from this process.
Councilor Marie Pattullo of the BC said during the GNSO Council vote last Wednesday that the work “exceeds what is necessary to protect registrant data” and that the EPDP failed to “preserve the WHOIS database to the greatest extent possible”.
The “optional differentiation between legal and natural persons is inadequate”, she said, resulting in “a significant number of records being needlessly redacted or otherwise being made unavailable”. The approved policies contain “no real policy and places no enforceable obligations on contracted parties”, she said.
IPC councilor John McElwaine called the EPDP “unfinished work” because the working group failed to reach a consensus on the legal/natural question. The IPC minority statement had said:
Requiring ICANN to coordinate the technical community in the creation of a data element which contracted parties are free to ignore altogether falls far short of “resolving” the legal vs. natural issue. And failing to require differentiation of personal and non-personal data fails to meet the overarching goal of the EPDP to “preserve the WHOIS database to the greatest extent possible” while complying with privacy law.
But McElwaine conceded that “a minority of IPC members did favor these outputs as being minor, incremental changes that are better than nothing”.
The BC and IPC both voted against the proposals, but that was not enough to kill them. They would have needed support from at least one councilor on the the other side of the GNSO’s Non-Contracted Parties House, the Non-Commercial Stakeholders Group, and that hand was not raised.
While the NCSG voted “aye”, and seemed generally fine with the outcome, it wasn’t happy with the process, and had some stern words for its opponents. It said in its minority statement:
The process for this EPDP has been unnecessarily long and painful, however, and does not reflect an appreciation for ICANN’s responsibility to comply with data protection law but rather the difficulty in getting many stakeholders to embrace the concept of respect for registrants’ rights…
With respect to the precise issues addressed in this report, we have stressed throughout this EPDP, and in a previous PDP on privacy proxy services, that the distinction between legal and natural is not a useful distinction to make, when deciding about the need to protect data in the RDS. It was, as we have reiterated many times, the wrong question to ask, because many workers employed by a legal person or company have privacy rights with respect to the disclosure of their personal information and contact data. The legal person does not have privacy rights, but people do.
While welcoming the result, the Registrars Stakeholder Group had similar concerns about the process, accusing its opponents of trying to impose additional legal risks on contracted parties. Its minority statement says:
it is disappointing that achieving this result was the product of significant struggle. Throughout the work on this Phase, the WG revisited issues repeatedly without adding anything substantially new to the discussion, and discussed topics which were out of scope. Perhaps most importantly, the WG was on many occasions uninterested in or unconcerned with the legal and financial risks that some proposed obligations would create for contracted parties in varying jurisdictions or of differing business models, or the risks to registrants themselves.
The Registries Stakeholder Group drilled down even more on the “out of scope” issue, saying the recommendation to create a new legal vs natural field in Whois went beyond what the working group had been tasked with.
They disagreed with, and indeed challenged, Drazek’s decision that the discussion was in-scope, but reluctantly went ahead and voted on the proposals in Council in order to finally draw a line under the whole issue.
The question of whether the legal vs natural question has been in fact been resolved seems to be an ongoing point of conflict, with the RySG, RrSG and NCSG saying it’s finally time to put the matter to bed and the IPC and BC insisting that consensus has not yet been reached.
The RySG wrote that it is “well past time to consider the issue closed” and that the EPDP had produced a “valuable and acceptable outcome”, adding:
The RySG is concerned that some have suggested this issue is not resolved. This question has been discussed in three separate phases of the EPDP and the result each time has been that Contracted Parties may differentiate but are not required to do so. This clearly demonstrates that this matter has been addressed appropriately and consistently. A perception that this work is somehow unresolved could be detrimental to the ICANN community and seen as undermining the effectiveness of the multistakeholder model.
Conversely, the BC said the report “represents an unfortunate failure of the multistakeholder process” adding that “we believe the record should state that consensus opinion did not and still does not exist”.
The IPC noted “a troubling trend in multistakeholder policy development”, saying in a clear swipe at the contracted parties that “little success is possible when some stakeholders are only willing to act exclusively in their own interests with little regard for compromise in the interest of the greater good.”
So, depending on who you believe, either the multistakeholder process is captured and controlled by intransigent contracted parties, or it’s unduly influenced by those who want to go ultra vires to interfere with the business of selling domains in order to violate registrant privacy.
And in either case the multistakeholder model is at risk — either “agree to disagree” counts as a consensus position, or it’s an invitation for an infinite series of future policy debates.
Business as usual at the GNSO, in other words.
DI Leaders Roundtable #2 — Should we kill off “Whois”?
Should we stop using the word “Whois” to describe registration data lookup services?
That’s the question I posed for the second DI Leaders Roundtable.
I’m sure you’re all very well aware that the Registration Data Access Protocol (RDAP) is the imminent replacement for the Whois protocol, as the technical method by which domain registrant contact information is stored, transmitted and displayed.
ICANN also regularly refers to Registration Data Directory Services (RDDS) as a protocol-independent blanket term covering the concept of looking up Whois or RDAP data.
You may also recall that ICANN, which is ostensibly a technical body, appears to bedeprecating the word “Whois” in favor of “Lookup” on its own web-based query service.
ICANN has a track record of introducing new acronyms to describe already well-understood functions. The IANA has technically been called “Public Technical Identifiers” for years, but does anyone actually call it “PTI”? No, everyone still talks about “IANA”.
So I wanted to know:
Should we continue to call it “Whois” after the technical transition to RDAP is complete? Will you continue to refer to “Whois”? Should we change to a different word or acronym? Should the industry standardardize its language one way or the other?
There seems to be a general consensus that “Whois” ain’t going anywhere.
The responses, in no particular order.
Jothan Frakes, Executive Director, Domain Name Association
The term WHOIS won’t quickly leave the zeitgeist due to the decades of its use as a description of the lookup process. Lookup is somewhat confusing, as there is DNS Query lookup that works across the resolution system, and WHOIS Lookup that works to find registrant info via the registration system. As far as the term “Lookup” as the label for the new normal that is poised to replace WHOIS? It is better than the acronym “RDDS”. The general public probably would not assume that RDDS is a way to find out about a domain owner or registration information, because it sounds like it involves dentistry (DDS) if one is not following the ICANN world as close as insiders. Despite the evolutionary path the basic function seems to be on, it is likely that WHOIS continues to be what the nickname for the lookup process called, regardless of the support technology layers below it not literally being WHOIS.
Frank Schilling, CEO, Uniregistry
WHOIS IS DEAD, LONG LIVE WHOIS.
The echo of “Whois” will live long after Whois is dead and gone. The very nature of its replacement word “Lookup” ensures that the information hungry public will expect more fulsome data than ICANN intends the word to provide. There will continue to be services who try to engineer a Whois hack and provide accurate underlying data for paying customers. Whois is going to outlive all of us. Even those who diet, exercise, and eat organic food.
Dave Piscitello, Partner, Interisle Consulting Group
Just as most of the world isn’t familiar with new TLDs, most have no appreciation for the differences between Whois and RDAP. The term “Whois” is convenient, memorable, and embedded. It also represents a service to most users, not a protocol, so if we do “standardize” we should use “RDS”. While we sort out the disastrous effects of ICANN’s Temp Spec policy on both investigators and victims of DNS abuse, most parties involved with educating policy makers and legislators should continue to use Whois for consistency’s sake.
Christa Taylor, CMO, MMX
As the old adage goes, “Don’t fix what’s not broken.” While “Whois” may have lost some of its luster due to GDPR I prefer to retain the term — it’s simple, representative of the information it provides and avoids adding any confusion especially for people outside of ICANN. Employing standardized language is, of course, logical and after twenty years of using “Whois” it is the accepted term both inside and outside the industry.
Sandeep Ramchamdani, CEO, Radix Registry
First up, the transition to the RDAP system is much needed given the fundamental flaws of Whois.
It would help in placing some guardrails around customers’ privacy while still providing agencies such as law enforcement authenticated access that they need to do their work.
Whois is a major cause of spam and in the age where privacy is top currency, public, unauthenticated availability of personal data is unacceptable.
It should also smooth out inter-registrar transfers and lower customer frustration while moving out to a different service provider.
When it comes to its name, calling it “RDAP” or “Lookup” would be a branding error. It would cause some confusion and for those not intimately involved in the industry, who may find it hard to discover the new system.
In my mind, keeping the original nomenclature “Whois”, while making it clear that it’s a newer avatar of the same solution would be the way to go.
Can’t think of a better term than “Whois 2.0”.
Very easy to understand that it’s a newer, more advanced iteration of the same product.
Michele Neylon, CEO, Blacknight
Whois was originally a simple little protocol that allowed network operators to contact each other to address technical issues. It predates the usage of domain names or the “web”.
When domains were introduced the same concept was simply transposed over to the new identifiers.
However over the past 20 plus years the way that people viewed Whois has morphed dramatically. The first time I spoke at an ICANN meeting 12 years ago was on the subject of Whois!
Now the term is used both to talk about the technical protocol, which is being replaced in the gTLD space and the data that it is used to store and possibly display. We talk about “Thin Whois”, “Thick Whois” and so many other services and issues linked back to it.
Whois as a protocol is far from perfect, which is why replacing the technical side of it makes a lot of sense.
So with the world slowly moving towards a new technical method for processing domain registration data then maybe we should come up with another word for it. However I’m not sure if there’s much to be gained by doing that.
We are all used to the floppy disk icon to save a document, even if floppy disks are no longer used. With the term “Whois” being part of people’s vocabulary for the nearly a quarter of a century. it’d be pretty hard to find a simple replacement and have people adopt it widely. Sure, in the more technical conversations it makes sense to use more accurate terms like “RDAP”, but the average punter just wants to be able to use a term that they can understand.
Those of us who work with domains and internet technology in our day jobs might care about the “correct” terminology, but we’re in a minority. We all get excited when the mainstream media picks up on a story involving domain names or the DNS and even gets half of it right! If we conjure up some new term that we think is accurate it’ll take years before anyone outside our bubble is comfortable with it. So I don’t think we should.
We should simply accept that “Whois” is a term used to refer to domain registration data no matter what technology under the hood is used to handle it.
Rick Schwartz, domain investor
Hate to give the same basic answer to two questions in a row, but who cares?
Really!! Who cares? Nobody!
This is inside baseball that doesn’t affect anyone on the entire planet except for a handful of domain investors and ICANN etc.
Call it whatever you like just make sure it’s public info.
ICANN enters talks to kill off Whois for good
Whois’ days are numbered.
ICANN is to soon enter talks with accredited registrars and contracted gTLD registries with the aim of naming a date to finally “sunset” the aging protocol.
It wants to negotiate amendments to the Registrar Accreditation Agreement and Registry Agreement with a view to replacing obligations to publish Whois with obligations to publish Registration Data Access Protocol data.
In letters to the chairs of its registrar and registry constituencies this week, ICANN CEO Göran Marby wrote:
The primary focus of the amendment is to incorporate contractual requirements for the Registration Data Access Protocol (RDAP) into the Registration Data Directory Services. This should include definition of the plan and provisions to sunset the obligations related to the WHOIS protocol as we transition Registration Data Services to RDAP.
For avoidance of doubt, people will still be able to look up the contact information for domain name owners after the change, but the data they see (very likely redacted for privacy reasons nowadays) will be delivered over a different protocol.
The contract amendment processes involve both registry and registrar constituencies to nominate a few people to engage in talks with ICANN negotiators, which is expected to conclude within 90 days.
When they come up with mutually acceptable language, the amendments will be open for both public comment and a vote of registries and registrars, before going to the ICANN board of directors for final approval.
The voting process is complex, designed to avoid capture by the largest registrars, and based on a balance of the number of voting registrars and the number of domains they collectively manage.
The contractual changes will come as no surprise to contracted parties, which have been on-notice for years that Whois is on its way out in favor of RDAP.
Most registrars already operate an RDAP server in parallel to their old Whois service, following an ICANN deadline in August.
We could be looking at the death of Whois within a year.
Recent Comments