These resources include domain names, IP address blocks and autonomous systems, but it is also used for a wider range of other information.

At the time of the emergence of the internet from the ARPANET, the only organization that handled all domain registrations was the Defense Advanced Research Projects Agency (DARPA) of the United States government (created during 1958.[6]).

UUNET began offering domain registration service; however, they simply handled the paperwork which they forwarded to the DARPA Network Information Center (NIC).

Then the National Science Foundation directed that commercial, third-party entities would handle the management of Internet domain registration.

Since the advent of the commercialized Internet, multiple registrars and unethical spammers, such permissive searching is no longer available.

[8] Between January 2005 and July 2006, the working name for this proposed new standard was Internet Registry Information Service (IRIS) [9][10] The initial IETF Proposed Standards RFCs for IRIS are: The status of RFCs this group worked on can be found on the IETF Tools site.

Meanwhile, ARIN and RIPE NCC managed to serve WHOIS data via RESTful web services.

The NICNAME/WHOIS protocol was first described in RFC 812 in 1982 by Ken Harrenstien and Vic White of the Network Information Center at SRI International.

WHOIS was originally implemented on the Network Control Protocol (NCP) but found its major use when the TCP/IP suite was standardized across the ARPANET and later the Internet.

On the modern Internet, WHOIS services are typically communicated using the Transmission Control Protocol (TCP).

WHOIS lookups were traditionally performed with a command line interface application, but now many alternative web-based tools exist.

WHOIS information can be stored and looked up according to either a thick or a thin data model: The thick model usually ensures consistent data and slightly faster queries, since only one WHOIS server needs to be contacted.

But with a thin registry, the contact information might not be available, and it could be difficult for the rightful registrant to retain control of the domain.

[18] If a WHOIS client did not understand how to deal with this situation, it would display the full information from the registrar.

Like most TCP/IP client–server applications, a WHOIS client takes the user input and then opens an Internet socket to its destination server.

This lets the WHOIS user making the query know that the detailed information resides on the RIPE server.

Some registries use DNS SRV records (defined in RFC 2782[25]) to allow clients to discover the address of the WHOIS server.

Some registry operators are wholesalers, meaning that they typically provide domain name services to a large number of retail registrars, who in turn offer them to consumers.

RWhois extends the concepts of WHOIS in a scalable, hierarchical fashion, potentially creating a system with a tree-like architecture.

[27] Lookups of IP address allocations are often limited to the larger Classless Inter-Domain Routing (CIDR) blocks (e.g., /24, /22, /16), because usually only the regional Internet registries (RIRs) and domain registrars run RWhois or WHOIS servers, although RWhois is intended to be run by even smaller local Internet registries, to provide more granular information about IP address assignment.

RWhois services are typically communicated using the Transmission Control Protocol (TCP).

Currently, the Internet Corporation for Assigned Names and Numbers (ICANN) broadly requires that the mailing address, phone number and e-mail address of those owning or administering a domain name to be made publicly available through the "WHOIS" directories.

The registrant's (domain owner's) contact details, such as address and telephone number, are easily accessible to anyone who queries a WHOIS server.

However, that policy enables spammers, direct marketers, identity thieves or other attackers to loot the directory for personal information about these people.

[32] Studies have shown that spammers can and do harvest plain-text email addresses from WHOIS servers.

ICANN stated in November 2017 that it would not reprimand "noncompliance with contractual obligations related to the handling of registration data" if registrars provide alternative solutions for compliance with its rules, until the WHOIS requirements are updated to take GDPR into account.

A WHOIS server and/or client cannot determine the text encoding in effect for the query or the database content.

As noted above, WHOIS creates a privacy issue which is also tied to free speech and anonymity.

However, WHOIS is an important tool for law enforcement officers investigating violations like spam and phishing to track down the holders of domain names.

As a result, law enforcement agencies have sought to make WHOIS records both open and verified:[37] The Expert Working Group (EWG) of the Internet Corporation for Assigned Names and Numbers (ICANN) recommended on 24 June 2013 that WHOIS should be scrapped.