Selecting a Registry Data Access Model for RDAP

As the 2026 new gTLD program introduces a new generation of top-level domains into the global Domain Name System, registry operators are required to implement the Registration Data Access Protocol (RDAP) as the successor to the legacy WHOIS protocol. RDAP offers a modern, secure, and extensible framework for delivering domain registration data while providing mechanisms to support differentiated access, data redaction, authentication, and compliance with data protection laws such as the GDPR. One of the most critical decisions facing a new registry operator is the selection of an appropriate data access model within RDAP that balances transparency, privacy, operational complexity, and regulatory expectations.

The RDAP framework is built to support several models of data disclosure, ranging from completely open access to highly restricted, tiered systems requiring user authentication and purpose-based data access. Choosing the right model depends on the registry’s operational goals, the nature of the TLD, the sensitivity of the data involved, and the legal jurisdictions in which the registry operates. While ICANN establishes baseline RDAP requirements through the Base Registry Agreement and the Interim Registration Data Policy, each registry retains flexibility in implementing additional layers of access control consistent with those requirements.

At the most basic level, an RDAP implementation must support public access to non-sensitive data such as domain status, registrar information, nameservers, and DNSSEC details. However, personal contact data—including registrant names, email addresses, phone numbers, and postal addresses—is generally redacted or protected by default due to privacy regulations. The first decision a registry must make is whether to maintain a fully redacted model for all users, or whether to support a differentiated access model that grants authorized parties—such as law enforcement agencies, intellectual property rights holders, and cybersecurity researchers—greater visibility into registration data upon verification.

A fully redacted public RDAP model is the simplest to operate and poses the lowest legal risk, particularly for registries serving jurisdictions with stringent privacy laws. It minimizes the need for user authentication infrastructure, access management workflows, or data disclosure logging. However, this model can frustrate stakeholders who rely on timely access to registrant data for purposes such as combating DNS abuse, enforcing intellectual property rights, or investigating fraud. Registries choosing this model may face criticism from stakeholder groups and must be prepared to explain how alternate data disclosure mechanisms, such as court orders or registrar-level requests, can be used instead.

A more complex but increasingly adopted approach is the differentiated or tiered access model. This model enables certain classes of users to access non-public RDAP data based on their role, purpose, or legal authorization. Implementing this model requires registries to build or integrate with an authentication and authorization system, often based on federated identity frameworks. ICANN’s initiative to develop a Standardized Access/Disclosure (SSAD) system, although not fully implemented globally, has informed the structure and expectations for these systems. In 2026, many registries will consider implementing their own localized or industry-specific access models that incorporate secure login, request justification, and audit trails for all data disclosures.

To deploy a differentiated access model effectively, registry operators must design robust policies and procedures for evaluating access requests. This includes defining the categories of eligible users, such as trademark enforcement agents, accredited security researchers, or governmental authorities, and establishing the documentation required to validate those roles. Automated decision engines can be used for repeat requestors, while manual review processes may be necessary for infrequent or complex access scenarios. The registry must also maintain logs of access requests and data disclosures to demonstrate accountability and support compliance audits.

An additional consideration is the use of anonymized or proxy-disclosed data in RDAP responses. Some registries may opt to publish proxy contact information that routes communication through a protected system without revealing the underlying registrant details. This model preserves the ability for third parties to contact domain holders while maintaining compliance with privacy laws. Implementing such a proxy communication system requires careful integration with email routing or form-based messaging platforms, and must include abuse prevention mechanisms to avoid misuse by spammers or malicious actors.

From a technical perspective, RDAP implementations must support secure HTTPS communication, structured JSON data formats, and standardized response fields as defined by RFCs 7480 through 7484. Registries must ensure that their RDAP servers meet ICANN’s SLA requirements, including availability, response time, and data freshness. For differentiated access models, the use of OAuth 2.0 or other secure authentication protocols is typically required to support authenticated sessions and encrypted data transmission.

Interoperability is another factor in selecting an RDAP access model. Registries must ensure that their implementation is compatible with ICANN’s specifications, registrars’ systems, and, where applicable, regional or industry data sharing frameworks. Registries participating in federated access schemes must coordinate with identity providers and ensure that tokens, roles, and access scopes are properly managed across platforms. This coordination effort can be resource-intensive but offers scalability and improved user experience for authorized requestors who interact with multiple registries.

Selecting an RDAP access model is not a one-time decision but an evolving policy and technical challenge that must adapt to changing laws, stakeholder expectations, and security threats. Registry operators must regularly review their access policies, monitor abuse, collect stakeholder feedback, and participate in ICANN’s ongoing policy development processes to ensure alignment with the broader internet governance landscape. Additionally, transparency is essential—registries should publish clear documentation of their RDAP policies, access criteria, and procedures for requesting disclosure, providing clarity to users and enhancing accountability.

The 2026 gTLD round presents an opportunity for registries to demonstrate leadership in data protection and responsible access. Those who thoughtfully implement an RDAP access model that balances privacy with legitimate use cases will not only comply with ICANN’s requirements but also contribute to a more trustworthy and functional DNS. Whether opting for a minimalist approach or a sophisticated differentiated access system, registry operators must place data stewardship and user transparency at the core of their RDAP strategy, recognizing that the integrity of their namespace depends not just on technical resilience, but on ethical and compliant data governance.

You said:

As the 2026 new gTLD program introduces a new generation of top-level domains into the global Domain Name System, registry operators are required to implement the Registration Data Access Protocol (RDAP) as the successor to the legacy WHOIS protocol. RDAP offers a modern, secure, and extensible framework for delivering domain registration data while providing mechanisms…