hckrnws

I'm currently updating my organization's RDAP system up to the latest ICANN profile so please forgive me if I sound a little salty.

What ICANN aren't admitting is that while there was no formal RFC standard to the output of WHOIS ICANN themselves had mandated the output format of the WHOIS output. To go live with your shiny new gTLD you had to pass a test of your whois server output. It was strict enough that we had to remove an extra blank line is the disclaimer at the end of the output.

Every whois server I ever checked while writing my org's version supported UTF8.

The data has to be publicly available so authentication and encryption doesn't matter. In any case there is currently nothing requiring RDAP servers to authenticate anything.

The amount of search ability I've seen in most rdap servers so far is pretty limited.

The RDAP output is json but its complicated and there are so many options that realistically everyone is developing to pass the icann profile so no different to whois, and in the end we still live in a post GDRP world so all the useful data is redacted so none of this matters anyway.

fwiw, i recently had a need for checking the registration date of domains (to find the "age", for reputation purposes), and getting the information from rdap was pretty simple: a few http calls and parsing the response as json. i'll admit i didn't look at implementing whois (since it seems to be on the way out).

it works well, except that some cctlds (eg .io) don't provide an rdap service yet. i think the reason being that icann doesn't authority over cctlds.

i don't know how cctlds are run. i can imagine they would want to provide this service, it seems pretty core to their business. but perhaps there are reasons why rdap is hard for them to implement?

(aside: i'm wondering why the article was posted. it isn't recent, and is light on information).

I posted it a few days ago because the date specified to move from whois to rdap was recent, and I am learning about various network protocols at the minute and I found it interesting.

I’ve been using Whois every now and then to ban ip ranges outside the USA where there is suspicious activity coming from.

The variety of responses is a lot. And it seems like you’re not required to provide accurate information other than just one field (ipaddr or something like that). For example I’ll see an allocation that has over a million addresses but in their Whois text they say they’re a /24 network (256 addresses). This happens with Chinese networks every single time so I have to calculate the correct network…

(Sorry, commuting right now so I can’t show examples here)

The big problem there is no easy and consistent way to query RDAP because there are no clients in Debian or Ubuntu. There is one in the experimental stage [1] in Debian, so perhaps in Debian 14?

And yes, I know, there are Perl-Apps [2], Go-Apps [3] and so on which can be installed within minutes. But this extra step (including debugging which happens when compiling/installing from source) isn't going to help RDAP to get traction.

[1] https://packages.debian.org/experimental/rdap [2] https://metacpan.org/pod/App::rdapper [3] https://github.com/openrdap/rdap

The new icann directive is that they suggest we shutdown whois. So in theory at least there will be only RDAP. I'm guessing all the distros will add something soon.

On the other hand my employer and I imagine most other registries are not planning to shut off whois. Actual people in the real world still use it.