When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Under Googles proposal, CAs would no longer turn to WHOIS data domain ownership confirmation beginning in November 2024.
WhoIs Secure?
This is more than just a small technical decision.
They put the S for secure in the HTTPS protocol.
But, the report from watchTowr showed a big gap in the security of WHoIS.
The imposter WHOIS server successfully scored verification for links despite not owning the domains.
To counter this flawed security, Google charted a shift to other methods of verifying ownership.
A popular option on the forum is called Registration Data Access Protocol (RDAP).
It also works well with privacy laws implemented after WHOIS rolled out.
RDAP would be easier for companies operating under Europe’s General Data Protection Regulation (GDPR).
On the other hand, short-term costs would be significant, upsetting smaller businesses in particular.
The timeline is still under discussion as well.
Some have suggested pushing back thedeadline to April2025.
ViaArs Technica
