What is Whois and What is it for

Today we are going to talk about what Whois is , what it is for, all the keys of how it works and the protocols involved. Whois is a request and response based protocol that is used to query a database , which allows us to determine the owner of a domain name or an IP address on the Internet. Do you want to know in detail how Whois works and what information can you provide us?

Whois Story

The origin of the Whois system dates back to 1982, when the Internet Engineering Working Group (IETF) published a directory service protocol for ARPANET users. At the beginning, only the requested contact data was included in the directory to all the people who transmitted data through the ARPANET network. This Whois protocol was inherited by ICANN when it was created in 1998. In 1999, ICANN began allowing other entities to offer domain name registration services.

Over the years, ICANN modified the Whois service requirements through its agreements with registrars and registries. In 2003, the Whois data reminder policy was created, which means that at least once a year, registrars must send an email to domain owners to remind them to verify and update their Whois registration data.

In 2004, the restored name accuracy policy was created. This policy is in case the registrar has deleted a domain name because it contains incorrect data, or because he did not get answers to his requests for information from the domain owner, the domain name will be suspended until the domain owner provides updated Whois data and exact. Also in 2004 the Whois marketing restriction policy was created, this policy introduces two changes to the registrar accreditation agreement in order to try to ban the marketing and reuse of WHOIS data.

Since 2014, in accordance with RAA 2013, domain registrars must publish Whois data that includes the contact of the domain owner, to report cases of misuse.


The Whois service is a free and publicly accessible directory that contains the technical information and registration data of the registered domain owners. If someone wants to know who owns a domain that is in use, they can request that information through Whois. For that there are the registrars and records that are responsible for collecting and updating the data, so that they are available to anyone who requests it.

We have to be clear that Whois is not a single database with centralized management, but that the registration data is stored in different places and managed by multiple registries and registrars. These registrars must meet the minimum requirements agreed with ICANN.

We have to be clear that the Whois service consists of clients, servers, data repositories, and WHOIS data itself. That is why, when we use the term Whois we may be referring to one of the following questions:

  • They can be the data collected at the time of registering a domain name, or an IP address. Once these data have been collected, they are made through the Whois service available to anyone who requests it, and, in addition, the data will be updated during the validity of the domain.
  • We can also refer to document RFC 3912 that defines the Whois protocol.
  • Services that allow public access to domain name registration information generally implement the Whois protocol, or make use of a web interface.

It is for this question that when we refer to Whois there are problems in the evolution of metadata for naming, so ICANN, to try to solve this, has developed more precise terms, such as:

  • Domain Name Registration Data (DNRD): By this we mean the information that domain owners provide when registering a domain name.
  • Protocol for Access to Domain Name Registration Data (DNRD-AP): By this we refer to the elements of a communication exchange that make it possible to access the registration data. An example of this would be when the Whois protocol (RFC 3912) and the Hypertext Transfer Protocol (RFC 2616 and its updates) are used to allow public access to DNRDs.
  • Domain Name Registration Data Directory Service (DNRD-DS): By this we mean the service offered by registrars and registrars to provide access to domain name registration data.

Use of Whois

ISPs use the WHOIS service to identify people or companies responsible for the operation of a network or domain on the Internet. However, the main uses of Whois are:

  • Determine if a domain name is available or in use.
  • Contact network administrators for technical reasons.
  • Know the real identity, business address and contact information of the owner of the registered domain.
  • Being able to contact the owner of a domain name for any type of business.
  • Notify the domain owner of their obligation to maintain accurate registration data.
  • Contact the domain owner regarding issues that have to do with the protection and effective exercise of intellectual property rights
  • Be able to investigate unwanted emails.

As we can see, thanks to updated records, we can know who owns a web domain, and even take legal, commercial, or any other kind of measures thanks to this information.

Whois Requirements

Any person or company that wants to register a domain name must provide technical and contact information that will appear in the Whois database. Within a maximum period of 7 days, once the domain name is registered, all the corresponding Whois data must be provided. This is why they have to meet the following requirements:

  • Accuracy : Registration data connects people or companies with domain names, so accurate and true contact information must be provided. If, on the contrary, false data is given or is not provided within 7 days, or does not answer a query regarding the veracity of the data within fifteen days granted for consultations, the domain name could be suspended. or canceled
    • On the other hand, registrars must verify and validate certain Whois data fields, such as email addresses, postal addresses or telephone numbers. In addition, registrars are required to send annual notifications of data verification reminder to the domain owner.
  • Access : Registrars and registries have the obligation to facilitate access to Whois data. All this information must be accessible to the public.


  • Obligations of resellers : When we acquire a domain through any web hosting, these hostings are usually domain resellers. In this case, these types of websites have the obligation to comply with the same obligations as a Whois registrar that we have commented previously.
  • Obligations of those who grant domain names : They are responsible for providing their own complete contact information, and, in addition, they must also provide and update the technical and administrative information of any problem that may arise in relation to the registered name. Finally, the company that grants the domain name will be responsible for the damage caused by the improper use of said name, unless you report the contact information and identity of the owner of the registered domain within 7 days of being notified of evidence of any legal damage.
  • Data custody : ICANN requires registrars to submit an electronic copy of the registrar’s database, which must include Whois data. This electronic copy must be delivered to a trusted data custody provider.
  • Centralized WHOIS : The RAA specifies that if the Whois service implemented by registrars does not have reliable and convenient access to accurate and up-to-date data, ICANN can establish a centralized database.
  • Privacy : It may be the case that people or companies do not want their contact information to be available to anyone. That is why there are two ways to hide this data:
    • Privacy service: This service allows us to publish alternative and reliable contact data in the Whois system, such as the address or telephone number, however, the domain owner is maintained as a user beneficiary of the domain name.
    • Proxy representation service: In this service, the provider registers the domain name and grants a license to its client. That is, the contact information of the service provider is published instead of the customer contact information.

If we use this last option we have to be clear that the proxy service provider will be responsible for the damage caused by the improper use of the domain name, unless it discloses the identity of the real owner of the domain.

Benefits and responsibilities

All registrars (companies that register domains) are required to publish on their website the conditions on benefits and responsibilities of people who register their domain and / or include a link to access this document.

The rights of people who register a domain are:

  • Detailed instructions that clearly explain the processes to register, manage, transfer, renew and restore domain name registrations.

The responsibilities of people who register a domain are:

Provide all the information required for domain registration that is accurate and real for publication in WHOIS directories, and also update this information immediately when it is modified for any reason.

Domain Name Management

In addition to all of the above, Whois is used to carry out specific functions such as supporting the transfer or deletion of a domain name, facilitating administrative procedures related to the resolution of trademark disputes.

What happens if there is a dispute


The uniform dispute resolution policy stipulates that the Whois system be used to identify the owner of a domain, which will be the defendant in the UDRP claim. In addition, it will also determine the appropriate jurisdiction for any judicial proceeding relating to a case. Also determine if the domain registrar has successfully blocked the domain.

We must be clear that, once a claim is received under the UDRP, the domain registrar must block the domain to avoid any data entry or entry while the claim is pending.


The Uniform Rapid Suspension system is used in trademark claims. Its task is to identify the owner of the domain that will be designated as the accused. Also confirm the URS block, which consists of once a claim is initiated, the domain provider must send a notification of the claim to the addresses listed in the WHOIS contact information, along with an electronic copy of the claim, information about the blocking, and the possible consequences for the owner in case of doing nothing before the claim.

Once the notification has been made, the following steps can occur:

  • Notification of non-compliance: If it is confirmed that there is a breach of the regulations, a notification of non-compliance will be sent to the contact addresses indicated in the WHOIS data.
  • Confirmation of URS suspension: If this occurs, the WHOIS record will be updated to indicate that no transfer, deletion or modification of the name of the affected domain can be made.


As we have seen, when we register a web domain or an IP address, the owner has the obligation to provide all contact information before seven days have passed. In addition, you also have the obligation to update them at least once a year or immediately report any changes to your data. On the other hand, companies that register domains have the obligation to verify that the data provided by the domain owner is authentic, and, at least once a year that the data is updated by the domain owner.

On the other hand, we have the option for people or companies that do not want their data to be public, to use two options of services that we have detailed before, but it must be clear that the true owner will be the hosting, but in case of Some responsibility may provide the data of the client who contracted the service.

Finally, we must be very careful about the claims, since the minimum that can happen is that the domain is suspended, but it can also bring the matter in judicial matters. If you have any questions about Whois, do not hesitate to ask us in the comments.