“Whois” can be difficult to define as it is both a protocol and a broader system of services and databases that provide responses to queries about domain name registrations. By looking up a domain in Whois, you can find its basic information, including when it was registered, which registrar it’s registered with, and often, how to contact the domain owner. This can be helpful in various situations.

Law enforcement agencies, for example, rely on Whois data to identify the appropriate domain registrar in cases where a domain is being used for phishing or illegal activities. Similarly, if you’re interested in purchasing a domain name that’s registered by someone else, performing a Whois search can be your first step in contacting the domain’s owner.

A quick history of Whois

“Whois” is a shorthand for the question, “Who is responsible for this domain?” That’s essentially what the protocol was designed to answer. Originally developed in the early 1980s, Whois served as a tool for network administrations to retrieve domain ownership and contact details, primarily for technical troubleshooting and system coordination.

It became the go-to method for accessing domain registration data. For decades, anyone could type a domain name into a Whois lookup tool and get back the registrant’s name, email, address, and phone number. This was standard operating procedure, as laid out by the Internet Corporation for Assigned Names and Numbers (ICANN), the non-profit responsible for coordinating many key Internet functions.

Over time, as data privacy regulations such as the General Data Protection Regulation (GDPR) came into effect, the model started to shift.

What information is available in Whois today?

Today, domain registrars and registries typically don’t display the domain registrant’s contact details in public Whois search results, unless the registrant requests it. However, querying a domain name in Whois returns a lot of other useful data, including:

  • An anonymous means to contact the domain registrant
  • When the domain was registered 
  • Its nameservers
  • Its registrar
  • A means to contact the registrar to report illegal activities associated with the domain name
  • In some cases, the domain reseller, if it wasn’t purchased directly through a registrar

RDAP and the future of Whois

While we’ll always have some way to look up domain registration data, and we’ll probably keep calling it “Whois” data, the actual Whois protocol is being phased out in favor of a more secure, standardized protocol known as RDAP (Registration Data Access Protocol). This protocol was developed to address several weaknesses in the Whois system, including the lack of encryption, inconsistent data formatting, and poor support for access controls. Here’s how RDAP improves on Whois:

  • Secure transmission: RDAP uses HTTPS (HyperText Transfer Protocol Secure), which encrypts the data during transmission. Whois, by contrast, sends data in plain text.
  • Structured data: RDAP responses are returned in machine-readable JSON (JavaScript Object Notation), making them easier to parse and integrate into systems.
  • Internationalization support: RDAP can handle characters beyond basic ASCII (American Standard Code for Information Interchange), which is an essential feature for global users and international accessibility.
  • Access control: RDAP supports differentiated access, meaning that registrars or registries can vary the data they return based on the requester’s identity or authorization level. This allows sensitive information to be shown only to trusted parties, while general users see limited details.

As of January 2023, ICANN began implementing a transition plan to phase out the Whois protocol in favor of RDAP. This plan includes a designated period for registries and registrars to adopt RDAP, with Whois services for gTLDs permitted to sunset any time after January 28, 2025.​ That said, some country-code top-level domains (ccTLDs) may continue to rely on the Whois protocol, as they are governed independently and are not bound by ICANN’s RDAP requirements.

Final thoughts

The shift from Whois to RDAP marks a big step forward in how domain data is handled. It’s part of a broader shift toward stronger security, better privacy, and more modern standards across the Internet. While this change might not impact your day-to-day domain management, it’s helpful to know what’s happening behind the scenes and how it’s working to keep your data safer and systems more reliable. Even with RDAP being the new standard, however, don’t be surprised if people keep calling it “Whois” for years to come—it’s a name that’s deeply rooted in the industry and probably isn’t going anywhere anytime soon.

If you’re exploring domain services, having the right provider can make all the difference in understanding the industry. Whether you’re managing domains for a handful of clients or scaling to support thousands, OpenSRS offers flexible, white-label solutions designed to grow with your business. As the world’s largest domain reseller platform, we empower service providers like website builders, hosting companies, MSPs, and digital agencies to register and manage domains under their own brand. Ready to get started? Find the best solution for your business.

Launching a new business or project of your own? Find and register the perfect domain at our sister company, hover.com.