RDAP (Registration Data Access Protocol) is a new protocol that improves on the legacy WHOIS protocol by standardizing query and response formats. It allows for querying via RESTful JSON responses rather than simple text-based formats. RDAP also enables features like querying redirection, multilingual content, and viewing historical records. APNIC has implemented an RDAP-based web client and application called WHOWAS. Future work includes a full-featured RDAP client, incorporating additional languages, and working with the IETF and others on further RDAP standards and adoption.
2. Introduction
• How APNIC’s database works
• Why improve whois?
• Where did RDAP come from?
• What can be built with RDAP?
• What RDAP-related work is APNIC doing?
2
3. APNIC database and the Internet Routing
Registry (IRR)
• APNIC Whois Database
Two databases in one
• Public network management database
Whois information about networks and contacts (legal entity, incident
response teams, admin/tech contacts)
• Routing Registry (RR)
Contains routing information (routes, filters, peers and so forth)
APNIC RR is part of the global IRR
7. Whois Protocol
• whois
Query service on TCP port 43 (RFC 812, 1982)
Very simple. Send query key, get response
Query/Response formats not standardised
Character sets not standardised
If the queried server does not contain a record, it cannot redirect to a
server that can answer
10. History
• NICNAME/Whois (1982 rfc812, rfc3912)
• Rwhois (1994 rfc1714, 1997 rfc2167)
• IRIS/CRISP (2003-2009)
• WEIRDS working group (2012)
• RDAP (2015, rfc7480-7485)
11. RDAP Protocol
• Query: REST
Allows for service differentiation for public or authorised users
Rate limiting, public/privileged information sets
• Response: JSON
JavaScript Object Notation
Standardised text representation of structured data
Easily used by JavaScript/HTML5, Java, Perl, Python…
12. RDAP Protocol
• Standardised character set
UTF-8 encoded Unicode
Allows you to publish data in multiple languages, not just English
• Allows for query redirection to the best database
(https://data.iana.org/rdap/)
• Time-sequenced records allow things like WHOWAS
* Source: RDAP.org
20. Route policy extensions for RDAP
“The base JSON data model for RDAP contains objects for
domain name registries (DNRs) and Regional Internet
Registries (RIRs). It does not contain objects for Internet
Routing Registries (IRRs).
This document describes extensions to the RDAP data model
to express route policy.”
20
22. RDAP benefits
• Better way to represent customer assignments
• Tag data in your own language for LEA, publish in English for the rest of
the world
• Visibility into resource history, showing how resources were used in the
past. Quality Assurance for transfers
• Automation – JSON input to common programming languages
• Will auto-redirect to the right authoritative server
• Exploring an authentication model, to do away with request throttling
• Web protocol is CDN friendly
Serve local, via anycast or DNS redirection methods
Cacheable, survives DDoS longer since distributed
23. APNIC RDAP Status
• Achieved:
Web client implemented May 2015
WHOWAS implemented late 2016
• Goals:
Deployment of full-featured RDAP-based client
Including multilingual content
Work with NIRs on RDAP adoption and deployment
Work in IETF on RIR-specific RDAP standards
Work with NRO ECG on RDAP consistency
Improvement of APNIC training materials
So whois. The whois registry at APNIC is one basic service. It starts with a registry data base, which is actually maintained by APNIC behind the scenes, that's not the public database, but it's kind of the source of truth if you like, it's where we store the critical, original IP address registration data. We provide access to that through whois on port 43 and in our case, whois produces an answer, which is in RPSL format. That is routing policy specification language format. We've only got couple of standard ways to deliver or to use that information by a command line interface or web user interface.
In this case, the registry database can provide whois or it can provide RDAP. In our case actually, the RDAP is coming from whois, but in the future, will probably come straight from the registry database. What it produces is JSON data, this JavaScript Object Notation data and that data can then be used in all sorts of different ways. That's one of the useful things about RDAP is that it's much more useful data. Much better for various purposes. RDAP are results that you can see just by doing an HTTP get to the RDAP server.
The “use your favourite deserialiser” line is a joke.
Unfortunately, not much response so the work on IRR into RDAP was dropped.
https://mailarchive.ietf.org/arch/search/?q=draft-newton-weirds-route-policy
“Jake,
I can't remember why it didn't go anywhere. (and thanks for reminding me that I did it, I had forgotten that).
I think there will be renewed interest now that ARIN and LACNIC are implementing/re-implementing IRR.
-andy”
https://datatracker.ietf.org/meeting/90/materials/slides-90-weirds-2