Recent searches
Search options
Administered by:
Huh, didn’t know Whois is getting deprecated.
DNS just needs to die.
@SpaceLifeForm @TheGibson DNS and RDAP are on totally different planes.
More like, Whois and RDAP are on different planes.
Except, they are not.
It is still DNS under the hood.
@SpaceLifeForm @TheGibson No, I disagree. You can shutdown the whole DNS system, and both whois and RDAP will be fine, they will still work (ok yeah, you will need to know the IP of the servers, ok, ok) and serve a purpose. A domain can be registered (hence in registry DB and visible through whois/RDAP) yet be completely not in the DNS (no nameservers, specific statuses, etc.).
What is the use case for this scenario then?
Who would want to lookup a domain that they do not know about and/or provides no visible presence?
Maybe domain name squatters.
@SpaceLifeForm @TheGibson Ton of cases (including brands that want to secure their names but not necessarily use it). 1 to 2 % of all domains registered in a given TLD are not resolving in the DNS: no nameservers set at all (only a few registries require nameservers absolutely), domains on EPP `serverHold` or `clientHold` statuses (usually because of some kind of complaint/abuse/fraud/investigation going on)... and they can be nameservers with no content (besides SOA and NS) in zone as well.
@pmevzek @TheGibson
I would put more thought into how all of this can be attacked and/or abused.
It is always DNS. It is always BGP.
@SpaceLifeForm @TheGibson How what can be abused/attacked? You just repeat "it is always DNS" (when speaking about things totally unrelated like RDAP), now with BGP. Yeah of course everything is always everything and everything can be somehow abused and attacked, but not sure where this factually leads to, so I will stop here.
@SpaceLifeForm @TheGibson Trivial to see in RFCs as well. First(?) with whois is RFC812 in 1982 where the bible RFC1034/1035 (aka really as working protocol, and not just ideas/concepts) for DNS are from 1987. Whois existed far before. And RDAP far later, obviously.
@thegibson I'm not going to defend WHOIS very hard, but seeing yet another specific purpose protocol replaced with an HTTP API is a bit depressing.
@mike @TheGibson Whois had problems, it needed a successor. And nowadays everything is on HTTPS. There was IRIS proposed in the past for part of RDAP needs, but the fact it was XML, compressed, over UDP, didn't sell at all…
@thegibson Godaddy will still figure out how to put 12 pages of boilerplate in every authoritative query.
@phaysis @TheGibson They have to follow the ICANN RDAP profile like every registrar and registry, which severely restricts deviations…
@thegibson I'm disappointed that my .us domain doesn't show up.
@dmoonfire @thegibson Huh, my .radio does show, didn’t expect that!
@TheGibson Not "getting". Is deprecated. In gTLDs it will disappear because ICANN contracts now specifically removed it as a requirement for registries and registrars to run. For ccTLDs, it is unclear. You can see at https://data.iana.org/rdap/dns.json a couple dozens ccTLDs having an RDAP server (and some having one not listed there too), but far from 100%. There will be a long tail of whois servers out there of course, even after everyone has RDAP.