LLMpediaThe first transparent, open encyclopedia generated by LLMs

WHOIS

Generated by DeepSeek V3.2
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: .uk Hop 4
Expansion Funnel Raw 81 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted81
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
WHOIS
NameWHOIS
CaptionA command-line interface query to a WHOIS server.
DeveloperElizabeth Feinler, Network Information Center
Introduced0 1982
Osi layerApplication layer
Port43/TCP
Based onName/Finger protocol

WHOIS is a query and response protocol used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block, or an autonomous system number. The protocol is defined in RFC 3912 and operates over TCP port 43. It provides a public directory service, allowing users to find information about the registrant of a second-level domain and the associated domain name registrar.

Overview

The WHOIS system originated in the early ARPANET era as a method for administrators to identify who was responsible for a given host or network. Its development is credited to researchers like Elizabeth Feinler at the Stanford Research Institute's Network Information Center. Initially, it served as a simple white pages directory for the nascent IETF community. As the IANA began delegating ccTLDs and gTLDs to entities like Network Solutions, the protocol evolved into the primary tool for querying domain name registration data. The system's architecture is decentralized, with each top-level domain registry, such as Verisign for .com and .net, or Public Interest Registry for .org, operating its own authoritative database.

Protocol and query structure

The WHOIS protocol follows a simple client–server model where a client sends a text-based query to a server on TCP port 43, and the server responds with human-readable information. While RFC 3912 standardizes the protocol, the format of queries and responses is not universally consistent, leading to variations between different RIRs like the ARIN and RIPE NCC, and registries like the CNNIC. A typical query for a domain involves connecting to the WHOIS server of the relevant gTLD or ccTLD registry. Specialized web-based query interfaces, such as those provided by ICANN's lookup service or companies like DomainTools, often parse this raw data into a more structured format.

Data elements and privacy concerns

A standard WHOIS record for a domain name typically includes data elements such as the registrant name, organization, and contact details, the administrative contact and technical contact, the name servers, and dates for creation, expiration date, and last update. This public disclosure, mandated by agreements between ICANN and accredited registrars like GoDaddy or Namecheap, has raised significant privacy and data protection issues. The European Union's GDPR has profoundly impacted this model, requiring the redaction of personal data in public WHOIS outputs, a change implemented by registrars and registry operators globally. Concerns about harassment, identity theft, and spam from the public availability of personal data have been long-standing topics at forums like the Internet Governance Forum.

Regulatory and policy framework

The operation and policy framework for WHOIS are heavily influenced by ICANN, which sets contractual requirements for gTLD registry operators and accredited registrars through its RAA. Key policy development occurs within the ICANN community, notably the GNSO and its EPDP on WHOIS. National laws, such as the United States' Truth in Domain Names Act, and regulations like the GDPR, directly conflict with traditional WHOIS obligations, creating a complex compliance landscape for entities like Verisign and Web.com. Law enforcement agencies, including the FBI and Europol, have argued for full access to data for combating cybercrime, while civil society groups advocate for stronger privacy protections.

WHOIS alternatives and evolution

In response to privacy regulations and technical limitations, new systems are being developed to replace or supplement the traditional WHOIS protocol. ICANN is implementing the RDAP, a successor protocol standardized in RFC 7480 through the IETF, which provides structured JSON responses, secure access, and differentiated access levels. The European Union's GDPR has accelerated the adoption of layered access models, where full registration data is only available to vetted parties like law enforcement or intellectual property lawyers through entities like the ICANN Contracted Parties Agreement. Other initiatives include the DoH-based query systems and centralized gateway services proposed by organizations like the ICANN to balance transparency, privacy, and security needs in the DNS ecosystem.

Category:Internet protocols Category:Domain Name System Category:Internet governance