[gnso-rds-pdp-wg] RDAP for Registration Data Service Upgrade?

Greg Aaron gca at icginc.com
Wed May 25 14:58:11 UTC 2016

Dear Nathalie:

One of the capabilities of RDAP is that it can handle internationalization needs.  (IDN domain names, and having international character sets appear in registration data fields.)  WHOIS can't do that.
According to our RDS WG charter, we must take internationalization requirements into consideration, specifically "Translation and Transliteration recommendations" from GNSO PDPs, if/when adopted by the GNSO Council and ICANN Board.

All best,

-----Original Message-----
From: gnso-rds-pdp-wg-bounces at icann.org [mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of Andrew Sullivan
Sent: Wednesday, May 25, 2016 10:39 AM
To: gnso-rds-pdp-wg at icann.org
Subject: Re: [gnso-rds-pdp-wg] RDAP for Registration Data Service Upgrade?

On Wed, May 25, 2016 at 02:15:38PM +0000, nathalie coupet via gnso-rds-pdp-wg wrote:
> Could we have a brief explanation of why RDAP is the better protocol of them all?

Sure.  See below.

> If we decide that an RDDS is needed, we’re going to have to find a way to provide that service using one of the options (WHOIS, WHOIS++, RWHOIS, IRIS, or RDAP) that are already available. RDAP is our best option.

Whois barely qualifies as a protocol.  It listens on port 43 for input, and returns something.  It is not clear whether it can do internationalization at all, and it was certainly created in a period when ASCII was the norm on the network.  The output is intended to be consumed by humans.  There is no authentication in the system, so only anonymous query sources are possible.

Whois++ and rwhois were two different attempts to fix up whois to
support the multi-registrar system.  I could go into detail on this, but you said "short" and it would take a long mail.  A sort of blend of these two is what we use today.  The output is still intended to be consumed by humans and there's still no authentication.  Rwhois is how we ended up with breakage about where to start looking for the right server -- the information had to be coded into the clients, and clients hang around for years, so it became very easy to ask the wrong server for information.

IRIS is a protocol from the early 2000s that the IETF developed in response to a request by ICANN; it was basically intended to be the "directory service" side of the then-new Extensible Provisioning Protocol for registrations.  It is a failure: I know of exactly one registry that ever implemented any part of it, and no registry that did the whole thing.  It's complicated to implement because a programmer of it needs to implement the low-level transport parts; this is probably why it failed to get much traction.

RDAP is the most recent re-do of this effort.  It is JSON based so it is parsable by computers as well as displayable to humans.  You get authentication for free, because it's a RESTful system so it uses HTTP(S) as its underlying protocol.  The RIRs are already deploying it.

The only one of these that is even a candidate is RDAP.  The whois variants can't authenticate the source of the query, which means they have no way to provide different responses to different people (and therefore they can't provide richer data to those who actually need it, and a default minimal data set for anonymous queries).  IRIS is a failed protocol.  The idea that we need to analyse this or consider it or anything of the kind is mind-boggling.


Andrew Sullivan
ajs at anvilwalrusden.com
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg at icann.org

More information about the gnso-rds-pdp-wg mailing list