shadom.co
Start Free

RDAP vs WHOIS: What's Actually Different?

WHOIS has been around for 40+ years. RDAP is its modern replacement. Here's what changed and why you should care.

The Short Version

WHOIS and RDAP do the same basic job: they tell you who registered a domain and when. The difference is how they do it. WHOIS spits out unstructured text that varies wildly between registrars. RDAP returns clean JSON with a standardized format.

If you've ever tried to parse WHOIS data programmatically, you know the pain. One registrar calls it "Creation Date," another calls it "Created On," and a third uses "Registration Date." RDAP fixes this by defining exactly what fields exist and how they're formatted.

What WHOIS Gets Wrong

WHOIS was created in 1982. The internet looked very different back then. Nobody anticipated that domain registration data would need to be parsed by automated systems at scale. Here's what we're stuck with:

  • Plain text responses - No structure, just key-value pairs separated by colons. Sometimes. Other times the format is completely different.
  • No standardization - Each registrar and registry can format their WHOIS output however they want. And they do.
  • Character encoding chaos - ASCII? UTF-8? Latin-1? Good luck figuring out which one you're dealing with.
  • No authentication - Anyone can query WHOIS servers, which is great for transparency but bad for abuse prevention.
  • Inconsistent rate limits - Some WHOIS servers let you query freely. Others block you after a few requests. The limits aren't documented anywhere.

How RDAP Fixes These Problems

RDAP (Registration Data Access Protocol) was designed by ICANN specifically to address WHOIS's shortcomings. Here's what you get:

Structured JSON Output

Every RDAP response follows the same structure. Field names are consistent. Date formats are standardized. If you can parse one RDAP response, you can parse them all. This is a massive improvement for anyone building tools that consume registration data.

Internationalization Built In

RDAP was designed for a global internet. It handles international domain names (IDNs) properly and supports non-ASCII characters in contact information without the encoding guesswork that plagues WHOIS.

Access Control

RDAP supports authentication, which means registries can show different information to different users. Law enforcement might see full contact details. The general public might see redacted information. This is how GDPR compliance actually works in practice.

Secure by Default

RDAP runs over HTTPS. Your queries are encrypted. WHOIS runs over a raw TCP connection on port 43, meaning anyone watching network traffic can see exactly which domains you're looking up.

A Real Example

Here's what you get when you look up a domain via WHOIS vs RDAP:

WHOIS Response (abbreviated):

Domain Name: EXAMPLE.COM
Registry Domain ID: 2336799_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.iana.org
Registrar URL: http://www.iana.org
Updated Date: 2023-08-14T07:01:38Z
Creation Date: 1995-08-14T04:00:00Z

RDAP Response (abbreviated):

{
  "objectClassName": "domain",
  "ldhName": "example.com",
  "events": [
    {
      "eventAction": "registration",
      "eventDate": "1995-08-14T04:00:00Z"
    },
    {
      "eventAction": "last changed",
      "eventDate": "2023-08-14T07:01:38Z"
    }
  ]
}

The RDAP version is actually longer, but it's machine-readable. You don't have to write regex patterns to extract the registration date. It's just there, in a predictable location, every single time.

Which One Should You Use?

If you're manually looking up a single domain, it doesn't matter much. Most WHOIS lookup websites will give you the information you need either way.

If you're building automated systems or monitoring domains at scale, RDAP is clearly better. The standardized format means less parsing code, fewer edge cases, and more reliable data extraction.

The catch: not all TLDs support RDAP yet. Most major TLDs do (.com, .net, .org, most country-codes), but some smaller registries still only offer WHOIS. A good monitoring tool should handle both protocols and normalize the data into a consistent format regardless of the source.

The Transition Timeline

ICANN has been pushing for RDAP adoption since 2019, when they required all gTLD registries and registrars to implement it. The transition is happening, but slowly.

WHOIS won't disappear overnight. Too many systems depend on it. But new features and improvements are going into RDAP, not WHOIS. If you're building something new, use RDAP. If you're maintaining an existing system, start planning your migration.

How shadom.co Handles Both

shadom.co queries both WHOIS and RDAP endpoints, depending on what's available for each TLD. The data gets normalized into a consistent format, so you get clean change alerts regardless of which protocol provided the information.

You don't have to think about whether a domain uses WHOIS or RDAP. Just add it to your watchlist and you'll get notified when anything changes.