WHOIS vs RDAP: What's Replacing WHOIS
By Nathan Cole, Security Researcher · Updated 2026-06-02Part of our guide to WHOIS Explained: How to Look Up Who Owns a Domain.
RDAP is the modern replacement for WHOIS. It answers the same question, who registered a domain and when, but it returns clean, machine-readable JSON over HTTPS instead of the loose text WHOIS has produced for decades. If you have read our WHOIS explained guide, think of RDAP as the same lookup wearing a better-fitting suit: same data, far more predictable shape.
The shift matters because WHOIS was never really designed for the web we have now. RDAP fixes the structural problems while keeping the lookup familiar. For a refresher on parsing the older format by hand, see how to read a WHOIS record; this guide focuses on what changes when the protocol underneath swaps out.
What RDAP is and why it exists
The Registration Data Access Protocol grew out of a simple frustration. WHOIS hands back a wall of text, and every registry formats that text differently. One uses "Registry Expiry Date", another writes "expire:", a third buries the date in a footer. Tools end up guessing. RDAP standardizes the query and the response so a parser written once works everywhere.
Two specifications define the core behavior. The query format, covered in RFC 9082, describes exactly how you ask for a domain, an IP range, or a registrar over HTTPS. The response format, defined in RFC 9083, pins down the JSON structure that comes back: named fields, nested objects, consistent date formats. Because RDAP rides on HTTPS, it inherits TLS encryption, caching, redirects, and authentication for free, none of which legacy WHOIS offered.
WHOIS vs RDAP at a glance
| Capability | WHOIS | RDAP |
|---|---|---|
| Response format | Unstructured free text | Structured JSON |
| Transport | Plain TCP, port 43 | HTTPS |
| Access control | None; all or nothing | Supports authentication and tiered access |
| Internationalization | Inconsistent, often ASCII only | Native Unicode and IDN support |
| Query format | Registry-specific conventions | Standardized across registries |
| Differential access | Not possible | Different data for different requesters |
The differential access row is the quiet revolution. Under WHOIS, anyone got the same blob. RDAP can return a trimmed public record to anonymous users and a fuller record to verified, authorized parties such as law enforcement or accredited registrars. That single feature does more for privacy compliance than years of WHOIS patches managed.
Why ICANN is moving to RDAP
ICANN coordinates the generic top-level domain system, and it has set RDAP as the standard registration data service for gTLDs. The push came from several directions at once. Privacy regulation, especially GDPR, made the old "publish everything to everyone" model untenable; registries needed a way to gate sensitive contact data. Internationalized domain names needed proper Unicode handling that WHOIS bolted on awkwardly. And the broader ecosystem wanted reliable automation rather than fragile screen-scraping.
So the legacy WHOIS protocol requirement is being sunset. Registries and registrars now run RDAP endpoints as the authoritative source, and the contractual obligation to operate the old port-43 service is winding down. WHOIS data has not vanished overnight, but the protocol that served it is no longer the system of record.
What this means in practice
For most people typing a domain into a lookup tool, nothing visible changes. You still get a registrar, creation and expiry dates, and name servers. Underneath, good tools have already switched their queries to RDAP and simply present the JSON in a readable layout. The difference shows up in reliability: fewer parsing errors, consistent date formats, and proper handling of non-Latin domains.
For developers and analysts, the change is larger and mostly welcome. A few practical notes:
- You can hit a registry RDAP endpoint and parse a known JSON schema instead of writing regex against unpredictable text.
- Bootstrap files published by IANA tell you which RDAP server is authoritative for a given TLD or IP block, so you query the right source directly.
- Expect some fields to be redacted in anonymous responses; that is by design, not a bug, and reflects the differential-access model.
- Rate limits and authentication may apply, so build retries and credential handling into automated jobs.
If you maintain scripts that scrape port 43, plan the migration now rather than waiting for the old service to disappear from a registry you depend on. The query is different, but the JSON is genuinely easier to work with once you adjust.
The headline is straightforward. WHOIS gave us decades of useful, messy data; RDAP keeps the data and drops the mess, with privacy controls and internationalization built in from the start. Treat RDAP as the authoritative source going forward and treat WHOIS as the legacy view that still works for now.
Want to see current registration data for a domain you care about? Run a free WHOIS lookup at domainintel.app and get the parsed record in seconds.
Frequently asked questions
What is RDAP?
RDAP is the Registration Data Access Protocol, the JSON-based successor to WHOIS for querying domain and IP registration data over standard HTTPS.
What is the difference between WHOIS and RDAP?
WHOIS returns unstructured free text over a plain TCP port. RDAP returns structured JSON over HTTPS and adds access control, internationalization, and standardized query formats.
Is WHOIS being shut down?
ICANN has set RDAP as the standard for gTLDs and is sunsetting the legacy WHOIS protocol requirement, so RDAP is now the authoritative source for registration data.