-
Notifications
You must be signed in to change notification settings - Fork 9
Compliance Code: ‐20101 ‐ RDAP Response Over HTTP
Andrew Newton edited this page Jul 11, 2024
·
1 revision
Section 1.4 of the 2024 ICANN RDAP Technical Implementation Guide states:
1.4. The RDAP service MUST be provided over HTTPS only as described in RFC9110 or its successors.
NOTE: This in section 1.2 of the 2019 TIG
This means that RDAP services for gTLD registries and registrars is only to be offered over HTTPS, and the URL for the RDAP service should use the "https" URI scheme. For gTLD registries, this means they are to provide HTTPS and only HTTPS to IANA to be placed in the RDAP bootstrap files.
If an HTTP URL is operational, it must redirect to the HTTPS URL even if the HTTP URL is not publicly known.