[gnso-rds-pdp-wg] RDAP for Registration Data Service Upgrade?

Andrew Sullivan ajs at anvilwalrusden.com
Wed May 25 14:39:03 UTC 2016 

On Wed, May 25, 2016 at 02:15:38PM +0000, nathalie coupet via gnso-rds-pdp-wg wrote:
> Could we have a brief explanation of why RDAP is the better protocol of them all?

Sure.  See below.

> If we decide that an RDDS is needed, we’re going to have to find a way to provide that service using one of the options (WHOIS, WHOIS++, RWHOIS, IRIS, or RDAP) that are already available. RDAP is our best option.

Whois barely qualifies as a protocol.  It listens on port 43 for
input, and returns something.  It is not clear whether it can do
internationalization at all, and it was certainly created in a period
when ASCII was the norm on the network.  The output is intended to be
consumed by humans.  There is no authentication in the system, so only
anonymous query sources are possible.

Whois++ and rwhois were two different attempts to fix up whois to
support the multi-registrar system.  I could go into detail on this,
but you said "short" and it would take a long mail.  A sort of blend
of these two is what we use today.  The output is still intended to be
consumed by humans and there's still no authentication.  Rwhois is how
we ended up with breakage about where to start looking for the right
server -- the information had to be coded into the clients, and
clients hang around for years, so it became very easy to ask the wrong
server for information.

IRIS is a protocol from the early 2000s that the IETF developed in
response to a request by ICANN; it was basically intended to be the
"directory service" side of the then-new Extensible Provisioning
Protocol for registrations.  It is a failure: I know of exactly one
registry that ever implemented any part of it, and no registry that
did the whole thing.  It's complicated to implement because a
programmer of it needs to implement the low-level transport parts;
this is probably why it failed to get much traction.

RDAP is the most recent re-do of this effort.  It is JSON based so it
is parsable by computers as well as displayable to humans.  You get
authentication for free, because it's a RESTful system so it uses HTTP(S)
as its underlying protocol.  The RIRs are already deploying it.

The only one of these that is even a candidate is RDAP.  The whois
variants can't authenticate the source of the query, which means they
have no way to provide different responses to different people (and
therefore they can't provide richer data to those who actually need
it, and a default minimal data set for anonymous queries).  IRIS is a
failed protocol.  The idea that we need to analyse this or consider it
or anything of the kind is mind-boggling.

A


-- 
Andrew Sullivan
ajs at anvilwalrusden.com

More information about the gnso-rds-pdp-wg mailing list