Norid is introducing a new lookup service for domain name data based on the new protocol RDAP. The RDAP protocol is an international standard for domain name information lookup. We plan for it to eventually replace our current whois service.
RDAP har a number of improvements over whois.
- The data transaction format is more formally specified, and easier to process mechanically.
- The character set is uniquely specified.
- The protocol supports 'layered access'. This means that privileged users can be authenticated and get better access to data than the anonymous users have. This could for example mean more detailed data or better lookup rate.
We have now opened an RDAP-service to our test system, rdap.test.norid.no. The service is still in development and changes to the format of requests and response data can be expected. We plan to open an RDAP service to our production system on November 27.
How does the service work
The service is available on the following URL:
https://rdap.test.norid.no
The service supports lookup on domain names, contact data (called entities) and nameservers. Some examples:
Domain name lookup:
https://rdap.test.norid.no/domain/norid-test.no
Contact data lookup, keyed on person handle:
https://rdap.test.norid.no/entity/XX35301R-NORID
Registrar lookup, keyed on registrar-id:
https://rdap.test.norid.no/entity/reg1-NORID
Nameserver lookup, keyed on nameserver handle:
https://rdap.test.norid.no/nameserver_handle/XX35301H-NORID
Search for nameservers by hostname:
https://rdap.test.norid.no/nameservers?name=ns1.norid-test.no
RDAP is designed as a web service. Queries are done as URLs which the server answers with data sets in the JSON format. RDAP uses the HTTP method 'GET' to lookup data for an object. The HTTP method 'HEAD' is used for querying whether an object exists.
Data lookup
Data lookup on an object (domain name, contact or nameserver) is done with the HTTP method 'GET'. This corresponds to a lookup in the whois protocol. The lookup is answered with return code '200 OK' and a set of JSON data if the object exists, and '404 Not found' if it does not exist.
Query on object existence
A query on whether an object (domain name, contact or nameserver) exists is done with the HTTP method 'HEAD'. This corresponds to a lookup in the DAS protocol. The query is answered with the return code '200 OK' if the object exists, and '404 Not found' if it does not exist.
Local adaptions
The RDAP protocol is an international standard, but it supports local extensions and adaptions. Norids RDAP server has a local extension which provides lookup of nameservers keyed on nameserver handle. Note that this is an extension which does not change the behaviour or data format of the standard queries. A general RDAP client will be able to use the standard queries without any compatibility problems.
Extension for nameserver lookup
The standard lookup for nameservers uses the nameserver hostname as key. In Norids registry system, such a lookup would not be unique since multiple nameserver objects may be registered with the same hostname. We have therefore made an extension for a lookup on nameservers keyed on nameserver handle:
https://rdap.test.norid.no/nameserver_handle/NSYO3H-NORID
The lookup returns a data object formatted in the same way as the standard lookup in RDAP for nameservers.
Rate limiting
The RDAP service has two rate limits, both of which limits the number of lookups from a unique IP address. One of the rate limits gives each IP address access to a maximum of 300 GET requests and 3000 HEAD requests per day in a sliding window. The other limit gives each IP address access to a maximum of ten requests (GET or HEAD) per minute. If one of these limits is exceeded, the request is answered with return code '429 Too many requests'.
Software for RDAP clients
RDAP is a web service, so any web client can be used as an RDAP client as long as it can receive and present JSON data. Command line clients such as wget and curl can for example be used for scripting RDAP lookups:
GET:
% curl https://rdap.test.norid.no/domain/norid-test.no
% wget -O - https://rdap.test.norid.no/domain/norid-test.no
HEAD:
% curl --head https://rdap.test.norid.no/domain/norid-test.no
% wget --method=HEAD https://rdap.test.norid.no/domain/norid-test.no
There are other more specialized clients available which present the JSON data in a more readable form. The following clients are available as open source:
https://www.openrdap.org
https://github.com/arineng/nicinfo
References
A detailed description of the RDAP protocol is available in the RFC specifications for RDAP:
https://tools.ietf.org/html/rfc7480
https://tools.ietf.org/html/rfc7481
https://tools.ietf.org/html/rfc7482
https://tools.ietf.org/html/rfc7483