For over 40 years, WHOIS has been the go-to protocol for looking up domain registration data. But it’s showing its age. RDAP (Registration Data Access Protocol) is the modern replacement that ICANN has been rolling out since 2019.
If you manage domains, monitor domain expiration, or work with DNS infrastructure, here’s what you need to know about both protocols.
The Short Version
| Feature | WHOIS | RDAP |
|---|---|---|
| Created | 1982 | 2015 (RFC 7480-7484) |
| Response format | Free-form text | Structured JSON |
| Authentication | None | Optional (tiered access) |
| Standardization | Informal | IETF standards (RFC) |
| HTTPS support | No (port 43, plain text) | Yes (HTTPS by default) |
| Internationalization | Limited | Full Unicode support |
| Server discovery | Manual / hardcoded | IANA bootstrap registry |
| Status | Being phased out | Replacing WHOIS |
For everyday domain checks, both give you the same essential information: registration dates, expiry date, registrar, name servers, and status codes.
The main difference is reliability: RDAP returns structured data, so automated tools can parse it without breaking when a registrar changes their text format.
Why WHOIS Is Being Replaced
Problem 1: No Standard Format
WHOIS responses are plain text with no enforced structure. Every registrar can (and does) format their output differently:
Registrar A might return:
Domain Name: EXAMPLE.COM
Expiry Date: 2026-08-15T04:00:00Z
Registrar B might return:
domain: example.com
expires: 15-Aug-2026
Any tool that parses WHOIS data needs custom handling for hundreds of different formats. When a registrar changes their format (which happens without warning), parsing breaks.
Problem 2: No Authentication
WHOIS has no concept of user identity. Everyone gets the same data — or increasingly, no data at all.
After GDPR (2018), European registrars started redacting personal data from WHOIS responses. Without authentication, there’s no way to give different access levels to different users (law enforcement vs. general public, for example).
Problem 3: No Encryption
WHOIS runs on port 43 using plain TCP. Your queries and the responses are sent in cleartext. Anyone on the network can see what domains you’re looking up.
Problem 4: Server Discovery
To query WHOIS for a .com domain, you need to know that Verisign runs the .com WHOIS server. For .io, it’s a different server. For .co.uk, yet another. There’s no automatic way to find the right server — it’s essentially hardcoded knowledge.
How RDAP Solves These Problems
Structured JSON Responses
RDAP returns clean, standardized JSON. Every registrar returns data in the same format:
{
"objectClassName": "domain",
"handle": "EXAMPLE.COM",
"events": [
{
"eventAction": "registration",
"eventDate": "1995-08-14T04:00:00Z"
},
{
"eventAction": "expiration",
"eventDate": "2026-08-15T04:00:00Z"
}
],
"nameservers": [
{"ldhName": "NS1.EXAMPLE.COM"},
{"ldhName": "NS2.EXAMPLE.COM"}
]
}
This means automated tools can reliably parse data from any registrar without custom code per registrar.
HTTPS by Default
RDAP runs over HTTPS. Queries are encrypted. Responses are authenticated. This is basic security hygiene that WHOIS never had.
IANA Bootstrap Registry
RDAP has a centralized bootstrap mechanism. To find the right RDAP server for any TLD:
- Query the IANA bootstrap registry
- Get the RDAP server URL for that TLD
- Query the RDAP server directly
No hardcoded server lists needed. When a new TLD launches, the bootstrap registry is updated automatically.
Tiered Access
RDAP supports authentication, which enables different access levels:
- Public: Basic registration data (expiry date, registrar, name servers)
- Authenticated: Additional data for verified users
- Privileged: Full data for law enforcement / ICANN compliance
This balances privacy (GDPR compliance) with legitimate needs for domain data.
Which TLDs Support RDAP?
As of 2026, RDAP coverage is extensive:
Full RDAP support:
- All gTLDs (
.com,.net,.org,.info,.xyz,.dev,.io, etc.) - Most new gTLDs (
.app,.blog,.cloud, etc.) - Growing number of ccTLDs
WHOIS only (no RDAP yet):
- Some country-code TLDs (varies by country)
- Legacy TLDs managed by smaller registries
For the most common domains (.com, .net, .org, .io, .dev), RDAP works perfectly.
What This Means for Domain Monitoring
If you’re using a tool that monitors domain expiration, the protocol matters for accuracy:
- WHOIS-only tools may misparse data when registrars change format, giving you wrong expiration dates
- RDAP-first tools get structured data, reducing parsing errors significantly
- Dual-protocol tools (RDAP with WHOIS fallback) offer the best coverage
Upsonar’s domain monitoring uses RDAP as the primary protocol with WHOIS fallback for TLDs that don’t support RDAP yet. This gives you accurate expiration data regardless of which TLD your domain uses.
Should You Care?
If you’re a domain owner checking expiry dates: Not really. Use a tool that handles both protocols and focus on what matters — getting accurate alerts before your domain expires.
→ Check your domain expiry now
If you’re a developer building domain tools: Absolutely. RDAP is the future. ICANN has set deadlines for WHOIS-to-RDAP migration, and building on WHOIS-only is technical debt.
If you manage many domains: RDAP’s structured format means better automation. Tools built on RDAP can process domain data more reliably, which means fewer false alerts and more accurate monitoring.
Further Reading
- What Happens When Your Domain Expires — expiration timeline and prevention
- Domain Expiration Monitoring Guide — complete setup guide
- RFC 7480 — RDAP specification (technical)