I idly do an RDAP lookup for one domain name and now I have 10 tabs open with the RDAP RFC and the Technical Implementation Guide and my brain is actively trying to eject itself from my head.

Is the "rel": "related" URL returned by the registry to link to the registrar supposed to be the base URL of the RDAP service, e.g. "https://rdap.registrar.example/rdap/", or is it supposed to be the complete URL including the domain name, e.g. "https://rdap.registrar.example/rdap/domain/EXAMPLE.EXAMPLE"?

Because it seems like Identity Digital does the former and every other registry does the latter and the ~2 RDAP clients I've tried don't like what Identity Digital does.

Compare an RDAP lookup for e.g. icann.org or infosec.exchange or identity.digital (all on Identity Digital) vs. infosec.space or icann-servers.net (on other registry backends).

I tried a third RDAP client and it doesn't follow referral links at all. C'est la vie.

Via https://www.icann.org/en/contracted-parties/registry-operators/registration-data-access-protocol/gtld-rdap-profile-01-01-2020-en :

https://itp.cdn.icann.org/en/files/registry-operators/rdap-technical-implementation-guide-15feb19-en.pdf#page=6 says:

A registry server RDAP response to a domain query MUST contain a links object as defined in [RFC7483] section 4.2., in the topmost JSON object of the response. The links object MUST contain the elements rel:related and href containing the Registrar's RDAP URL of the queried domain object if the Registrar's RDAP URL has been defined .

https://itp.cdn.icann.org/en/files/registry-operators/rdap-technical-implementation-guide-21feb24-en.pdf#page=5 similarly says:

If the Registrar's RDAP URL is registered in the IANA “Registrar IDs” registry ((https://www.iana.org/assignments/registrar-ids/registrar-ids.xhtml), a registry server RDAP response to a domain query MUST contain a links object as defined in [RFC9083] section 4.2., in the topmost JSON object of the response. The links object MUST contain the elements rel:related and href containing the Registrar's RDAP URL of the queried domain object and a value with the RDAP lookup path that generated the RDAP response.

"RDAP URL of the queried domain object" means not the base URL, right?

https://itp.cdn.icann.org/en/files/registry-operators/rdap-response-profile-redline-21feb24-en.pdf#page=7 says:

Registrar URL - The entity with the registrar role in the RDAP response MUST contain a links member [RFC9083]. The links object MUST contain the elements: value, identical to the the RDAP Base URL for the Registrar as provided in the IANA “Registrar IDs” registry (i.e., https://www.iana.org/assignments/registrar-ids); rel:about, and href containing the Registrar URL. Note: in cases where the Registry Operator acts as sponsoring Registrar (e.g., IANA Registrar ID 9999), the href shall contain a URL from the Registry.

But that is an entirely different element of the response.

@mnordhoff IMNSHO, `rel` as `related` is clearly defined as "Identifies a related resource" in RFC5988, and your first link example is not a resource, it is a bare link that by itself does not provide any content, where the second case is a real link to a specific resource, so for me that is the correct case.

@jpmens @mnordhoff That is the beauty(?) of extensible standards :-) Which is why there are ICANN profiles that ought to specify various things that need to be specified but then IETF never had a protocol police :-) FWIW there are still works going on in RDAP land right now, like for contacts description, etc.

@pmevzek Good point!

Identity Digital's own domain registrar, Name.com, does actually give an RDAP format response on the base URL: https://namerdap.systems/ redirects to https://namerdap.systems/help/ which returns the terms of service.

(Look up e.g. name.org.)

Most registrars seem to return a 4xx or even 5xx error.

I was trying to compare other registries, but GMO Registry's RDAP server returns "try again later (never)" from data center IP ranges (or every IP range, I don't know), and now https://lookup.icann.org/ wants me to solve recaptcha (even though this is the first query I tried to make since last night). Go to heck.

Okay what is AFNIC's RDAP service doing? .ovh and .museum don't return rel:related elements at all, but .ovh is weird (the registry is the only registrar) and .museum is an old Sponsored TLD.

Oh no, I think CIRA Fury (e.g. .kiwi) responds the same way as Identity Digital!

@mnordhoff
Hi Matt, you are interpreting the profile correctly. The link on the domain with a "related" relation is suppose to have an "href" pointing to the domain at the registrar and many clients (though not all) do follow it. The link on the registrar entity with the "about" relation is suppose to have a "value" with the RDAP base URL.

If you are having issues, you can send email to global-support@icann.org and they will look into it. Additionally or alternatively, there is also the gtld-tech mailing list: https://lists.icann.org/postorius/lists/gtld-tech.icann.org/

Amusingly, IANA's .int TLD also doesn't return a rel:related URL. I'm pretty sure it doesn't have registrars?

So far that's 7 8 registries that return the full URL (CORE/knipp, GoDaddy, Google, Nominet, Team Internet, Tucows, Verisign, ZDNS), 2 that return the registrar base URL (CIRA Fury, Identity Digital), 2 that don't return any rel:related (AFNIC, IANA) and 1 that is broken or blocks my IP (GMO).

@jpmens It has gotten a lot better over the past 9 months. If my presentation for ROW gets accepted, maybe I will show some stats on this.

@andy Hi! Thank you for the response and confirmation.

I'll send an email soon. I was almost done writing it before I found a second registry that returns the base URL and now I have to do rewrites. :D

YESTERDAY I WAS JUST TRYING TO LOOK UP THE EXPIRATION DATE OF 1 DOMAIN NAME BECAUSE THE REGISTRY IS GOUGING THE PRICE SOON!

NOW I'M WRITING AN EMAIL!

Finally sent an email. There was at least one horrible run-on sentence. I got 2 immediate autoresponses.

P.S. The first time I tried to use RDAP, a few years ago, the TLD was returning at least one of the timestamps in their local time zone but labeling it UTC.

Their whois service was correct.

RDAP was new so I'm not sure ICANN had any correctness requirements yet.

It's been fixed.

Third and final autoresponse arrived, yay.

Zero bounces, it's my lucky day!

@mnordhoff See also https://www.ietf.org/archive/id/draft-brown-rdap-referrals-02.html with an example of rel=related link in §3.1