Advisory: Registrar Implementation of the 2013 RAA's Whois Requirements
This advisory is intended to help registrars understand which Whois fields must be populated pursuant to the 2013 Registrar Accreditation Agreement immediately upon their signing of the agreement and which are not required until 1 January 2014.
The 2013 Registrar Accreditation Agreement ("RAA"), like earlier forms of the registrar accreditation agreement, requires registrars to operate web-based and port 43 Whois services that provide public access to certain enumerated registration data fields. Section 3.3.1 of the RAA specifies required data fields, such as the name and address of the registered name holder, and name, address, email address, and phone number of the administration and technical contacts for each domain name (among other required data elements).
The 2013 RAA, unlike previous versions of the registrar accreditation agreement, also includes a Registration Data Directory Service (Whois) Specification which, among other things, describes a mandatory format registrars must use when publishing Whois data. This format includes a number of fields that were not required by earlier versions of the RAA. As examples, the Registration Data Directory Service (Whois) Specification requires registrars to include in their Whois output the email address and telephone number of the registrar's abuse point of contact as well as the IDs or handles used by the registry to identify the domain name and its contacts.
Because the 2013 RAA includes a number of new operational responsibilities for registrars that could reasonably take weeks or months to implement, the agreement also incorporates a Transition Addendum. The Transition Addendum describes a number of obligations for which ICANN will not require registrar compliance until 1 January 2014. By way of example, registrars are not required to fully implement an abuse point-of-contact (see section 3.18 of the RAA) until 1 January 2014.
Some registrars have asked ICANN to clarify whether they must immediately begin populating Whois data with fields, such as the abuse point-of-contact email address and telephone number, even though they are not yet required to comply with the underlying obligation.
Required Whois Fields
The Transition Addendum to the RAA explicitly references a list of RAA provisions for which registrar compliance is not required until 1 January 2014. The Registration Data Directory Service (Whois) Specification is not included within that list of provisions. Accordingly, registrars are immediately required to comply with obligations described in that specification, including the obligation to format Whois data as defined in the specification. Registrars are not, however, required to include in their Whois output, data elements that don't yet exist or are not already in the registrar's possession. This includes reference to the items for which compliance is not yet required.
To be clear, registrars who are subject to the 2013 RAA must continue to include all of the fields described in section 3.3.1 of the RAA in their Whois output and the data elements they have within their possession. Registrars are not, however, required to include the following fields in their Whois output until 1 January 2014 (although registrars may, and are encouraged to, comply earlier):
Registry Domain ID
Registrar Abuse Contact Email
Registrar Abuse Contact Phone
Registry Registrant ID
Registrant Phone Ext
Registrant Fax Ext
Registry Admin ID
Registry Tech ID
Last update of WHOIS database