When Will WHOIS Finally Be Replaced?
For decades, WHOIS has been the standard protocol for querying domain registration data. However, it is widely regarded as outdated, insecure, and non-compliant with modern data protection regulations. In response to growing privacy concerns and the need for a more flexible system, the Internet Corporation for Assigned Names and Numbers (ICANN) has been steadily phasing out WHOIS in favor of the Registration Data Access Protocol (RDAP). But when will WHOIS truly be gone? Let’s explore the current status, industry sentiment, and the adoption progress of RDAP across domain zones.
The Position of ICANN and Registrars
ICANN has made its stance on WHOIS deprecation increasingly clear in recent years. In 2019, ICANN officially mandated that all generic top-level domain (gTLD) registries and registrars implement RDAP to provide registration data. RDAP is designed to address the core shortcomings of WHOIS, including:
- Standardized data output (JSON format instead of free-text).
- Support for access control and user authentication.
- Internationalization with UTF-8 encoding support.
- Privacy compliance with regulations like GDPR.
While WHOIS queries are still available for many registrars, ICANN’s position is clear: RDAP is the future, and registrars are expected to support it fully. Some registrars have already started limiting WHOIS access, especially for privacy-sensitive data, in preparation for the eventual cutoff.
According to ICANN's Global Domain Division, the long-term goal is to sunset WHOIS entirely. However, there is no fixed “shutdown date.” Instead, the transition is happening in phases, and registrars are encouraged to redirect users and tools toward RDAP endpoints.
Which Domain Zones Have Already Transitioned to RDAP?
Many domain zones — particularly gTLDs — have already moved to RDAP. The following table outlines the current adoption status for popular domain zones:
| Domain Zone | WHOIS Support | RDAP Support | Notes |
|---|---|---|---|
| .com | Yes (limited) | Yes | RDAP active; WHOIS deprecation expected |
| .net | Yes | Yes | Full RDAP support via Verisign |
| .org | Yes | Yes | RDAP preferred for compliance |
| .info | Yes | Yes | WHOIS data increasingly masked |
| .dev | No | Yes | Fully RDAP-compliant; WHOIS disabled |
| .io | Yes | Yes | Limited WHOIS; RDAP encouraged |
| .xyz | Yes | Yes | Actively supports both protocols |
| .uk | Yes | Yes | Nominet supports both; RDAP gaining ground |
Most modern gTLDs and several country-code TLDs (ccTLDs) have implemented RDAP, either in parallel with WHOIS or as a complete replacement. New domain zones introduced in recent years often skip WHOIS entirely in favor of RDAP from the beginning.
RDAP: The New Standard
RDAP is not just a replacement — it’s a complete redesign. Its structure allows for richer metadata, access control layers, and better compliance with regional data laws. Unlike WHOIS, which simply outputs a block of text, RDAP returns structured JSON responses, making it far more suitable for machine-to-machine integration.
Key features that make RDAP the preferred protocol going forward include:
- Security: All RDAP queries are served over HTTPS.
- Extensibility: The protocol supports extensions for new use cases.
- Rate limiting and access control: Helps prevent abuse and aligns with registrar policies.
- Support for pagination and filtering: Useful for querying bulk domain datasets.
With these capabilities, RDAP isn’t just a regulatory fix — it’s a future-proof solution that can scale with the evolving needs of the internet ecosystem.
How Soon Will WHOIS Disappear Completely?
The complete deprecation of WHOIS will not happen overnight. The protocol is deeply embedded in legacy systems, third-party tools, and countless scripts used by security researchers, marketers, and domain investors. However, the shift is undeniably underway.
ICANN and registry operators are taking a phased approach, gradually limiting WHOIS access while improving RDAP availability. Over time, as more systems adopt RDAP and users adjust their workflows, WHOIS will become obsolete — not by force, but by natural attrition.
If you are still relying on WHOIS in your organization, now is the time to begin transitioning. Update your tools, integrate with RDAP endpoints, and prepare for a more secure and structured future of domain data access.