Written by Ching Chiao, Head of APAC and Global Data Partnership & Alexandre François, Product Marketing Director
WhoisXML API

On January 28, 2025, ICANN (the Internet Corporation for Assigned Names and Numbers) will officially sunset the WHOIS Port 43 services. This decision marks a pivotal moment for the cybersecurity industry, domain registries, and anyone who relies on domain data for operational or investigative purposes. But what does this change mean, and how will it impact the broader ecosystem?

What Is WHOIS Port 43?

For decades, WHOIS Port 43 has been a cornerstone of domain name information retrieval. It provided a simple, text-based method for querying registrant data, domain creation and expiration dates, and other key details about registered domains. Originally designed in the early days of the internet, Port 43 enabled easy access to this information for cybersecurity professionals, researchers, and law enforcement.

However, the service has become increasingly outdated. It has struggled to adapt to evolving privacy regulations such as the GDPR (General Data Protection Regulation) and to meet the needs of a rapidly expanding and more complex internet. The introduction of the RDAP (Registration Data Access Protocol) was intended to address these challenges by providing a modern, secure, and scalable alternative.

What Is RDAP?

Developed by the Internet Engineering Task Force (IETF), RDAP, or Registration Data Access Protocol, is the next-generation system for accessing domain registration data. Unlike WHOIS Port 43, RDAP supports secure, encrypted connections and allows for role-based access control, ensuring that only authorized users can retrieve sensitive data. It also complies with modern privacy laws like GDPR by enabling fine-grained control over what information is shared and with whom. RDAP provides structured, machine-readable data, making it easier to integrate into modern cybersecurity tools and workflows.

What Is RDRS?

RDRS, or Registration Data Request Service, is another work-in-progress initiative designed to streamline access to domain registration data. It acts as a centralized system where users can submit requests for domain data and gain access based on their credentials and authorization levels. RDRS is expected to complement RDAP by offering an additional layer of structured and controlled access, particularly for law enforcement and other authorized entities needing sensitive information.

Will Port 43 Sunset for ccTLD Data Access?

The transition from WHOIS to RDAP will have the most significant implications for users relying on gTLD data (e.g., .com, .org, .net), as gTLDs are required to comply with ICANN’s policies. In contrast, the impact on ccTLD data (e.g., .uk, .de, .cn) may vary, as individual registry operators decide whether to adopt RDAP. As a result, access to gTLD data is expected to transition uniformly to the new protocol, while some ccTLDs may continue using the traditional WHOIS system.

Why Is ICANN Sunsetting Port 43?

ICANN’s decision to deprecate Port 43 is rooted in several factors:

• Compliance with Privacy Regulations: Privacy laws like GDPR have necessitated stricter controls over the sharing of personal data. Port 43's plaintext format made it difficult to enforce these regulations effectively.
• Security Concerns: Port 43 lacks encryption and authentication mechanisms, making it vulnerable to abuse and malicious activity.
• Modernization: RDAP offers a more flexible, secure, and standardized way to access domain registration data. It supports features like authentication, role-based access, and compliance with data protection laws, which are absent in Port 43.
• Scalability: As the number of domains continues to grow, RDAP’s design is better suited to handle the increased demand for domain registration data.

The Impact on the Cybersecurity Industry

For cybersecurity professionals, the sunsetting of Port 43 is both a challenge and an opportunity. Here’s how the shift is expected to impact the industry:

1. Increased Complexity in Data Access

Many security workflows and tools currently rely on Port 43 for quick WHOIS lookups. Transitioning to RDAP will require updates to these systems to accommodate the new protocol. While RDAP offers more features, the migration process may cause temporary disruptions for organizations that depend on seamless data access.

2. Enhanced Security

The adoption of RDAP is a step forward for secure data access. With its support for encryption and authenticated queries, RDAP reduces the risk of data misuse or exposure. This is particularly critical for investigators working on sensitive cybersecurity cases.

3. Improved Compliance

RDAP’s compliance with privacy regulations will help organizations align with global standards, reducing the risk of legal liabilities. However, stricter access controls may require cybersecurity teams to navigate additional layers of bureaucracy to obtain data.

4. Adaptation Challenges

Not all organizations have the resources to quickly adapt to RDAP. Smaller security firms and independent researchers might face hurdles in updating their systems or gaining access to authenticated RDAP services. RDAP services provided by each individual domain name registry and registrar have not been tested on a large scale. The stability and reliability of RDAP will be a question mark in the foreseeable future. 

How WhoisXML API Can Help During the Transition

The sunset of WHOIS Port 43 signals the end of a chapter in the history of the internet. While the transition to RDAP may pose challenges, it also represents an opportunity to embrace a more secure, modern, and privacy-compliant approach to domain data access. By preparing now, organizations can ensure they are ready to navigate this shift seamlessly and continue to protect the digital ecosystem effectively.

As a leading provider of domain data solutions, WhoisXML API is well-positioned to assist organizations during this critical period. Our data collection network and related services are being meticulously prepared for the sunset of WHOIS Port 43 and the RDAP adoption phase.

For instance, WHOIS API now supports RDAP data collection. Users who prefer to retrieve data from RDAP can specify it as a query parameter. The data will be delivered in the same API output format, minimizing disruption to their API-integrated applications and services. Please review the WHOIS API documentation for more details on specifying this parameter.

We are also conducting rigorous testing during this transition period, including large-scale experiments across multiple data sources and collection mechanisms. As a result, we may introduce new features and mechanisms to enhance the availability and accuracy of domain ownership data, as well as to improve overall system performance in the coming days or weeks. Our priority is to ensure timely access to this critical information across all applicable APIs and data feeds, maintaining service continuity and delivering a seamless experience for our clients.

Our team of experts is available to guide you through the transition, offering training, technical assistance, and tailored solutions to meet your specific needs. For more information, please contact your account manager or complete this form to get in touch with us.